In this episode of Hack Dissection, host Mike Lisi sits down with Brandon Finton, MS, CISSP, CISM, President of Orion Secure, to unpack the evolving landscape of cybersecurity for businesses. From the early days of Cyber Defense Institute to the launch of Orion Secure, Brandon shares his journey and the shift from training to professional services. Together, Mike and Brandon dive into: 🔒 Why Written Information Security Policies (WISP) are the foundation of any program 💡 The difference between compliance reviews and real risk assessments 👩‍⚕️ Why no one—not even doctors, lawyers, or CEOs—should get a pass on MFA 📑 Governance, risk, and compliance (GRC) as living documents 🤖 How AI and chatbots are reshaping security—and the risks of giving them too much authority ⚠️ Real-world stories from penetration tests, ransomware cases, and phishing assessments Whether you’re a small business owner, IT leader, or simply curious about the state of cybersecurity, this episode sheds light on the challenges organizations face—and the practical steps they can take to strengthen their defenses.

In this episode of Hack Dissection, Mike Lisi is joined by cyber operations expert Paul Marco for a deep dive into the true purpose—and power—of tabletop exercises. From crisis simulations that reveal communication breakdowns to the uncomfortable truths leaders often overlook, Paul shares real-world stories that highlight the human factor in cybersecurity.

You’ll hear why most organizations get tabletop exercises wrong, what really matters in the heat of a cyber crisis, and how to build muscle memory that actually holds up under pressure. Plus, Paul and Mike discuss the need for chaos, iteration, and yes—even a little embarrassment—to prepare your team for the moment the alarms go off.

Whether you’re building your first incident response plan or you’ve lived through the fire, this episode offers practical insights, blunt truths, and a refreshing perspective on what real cybersecurity preparedness looks like.

In this episode of Hack Dissection, hosts Mike Lisi and Graham O'Donnell sit down with red teamer, educator, and co-author of Redefining Hacking — Wesley Thurner. What starts as a light-hearted conversation about soldering badges at Cactus Con quickly dives deep into red team tactics, AI exploitation, and the culture of CTF (Capture the Flag) competitions.

Wesley shares real-world stories from his time in the military, his role on red teams at Amazon and Intuit, and his work organizing large-scale CTF events through ThreatSim and Red Team Village. From session hijacking and model poisoning to building MVP command-and-control tools with LLMs, this episode is packed with insights from the front lines of ethical hacking.

Whether you're a cybersecurity pro, CTF player, or curious about how AI is reshaping the red team playbook, this conversation offers a rare look behind the curtain — with humor, humility, and a whole lot of practical wisdom.

Topics covered:

• Creative red team engagements involving AI platforms
• How tainted training data can derail machine learning models
• The evolving power (and danger) of prompt engineering
• CTF design philosophy and community-first organizing
• Why the simplest hacks still work in complex systems

📕 Redefining Hacking is available now — and you might even catch Wesley signing copies at DEF CON’s Red Team Village.