エピソード

  • The Access‑Trust Gap: Why security can’t see what work depends on

    The Access‑Trust Gap: Why security can’t see what work depends on
    2025/12/18
    In our final episode of 2025, Dave Lewis, global advisory CISO for 1Password, joins Greg Otto to unpack the “access‑trust gap”: the growing mismatch between what employees (and tools like AI assistants) can access at work and what security teams can actually see, verify, and control. Dav explains how this gap shows up in everyday ways—logins that bypass intended controls, personal devices used for work, and teams adopting apps or AI tools faster than IT can govern them—and why that combination creates quiet but serious risk. You’ll hear practical advice on narrowing the gap with stronger identity checks, smarter device trust, cleaner SaaS governance, and simple guardrails for safe AI use that don’t crush productivity.
    続きを読む 一部表示
    33 分
  • How AI has complicated enterprise mobile security

    How AI has complicated enterprise mobile security
    2025/12/11
    In this episode of Safe Mode, Jim Dolce, CEO of Lookout, reveals that 40% of phishing attacks now target mobile devices—yet CISOs are drastically underspending on mobile security compared to email protection. Jim demonstrates how AI-powered attacks have become devastatingly effective, showing how his team created a voice-cloning impersonation attack in 15 minutes that fooled over half their employees into surrendering credentials, bypassing even multi-factor authentication. He explains why credential theft is now the #1 attack vector, costing $4-5 million per breach, and how modern smishing attacks use scraped social media data to craft hyper-personalized messages that are nearly impossible for humans to detect. Jim's urgent message: enterprises must protect mobile devices with the same rigor as email systems, using AI-powered defenses to combat AI-powered threats.
    続きを読む 一部表示
    39 分
  • Breaking down the latest era of Chinese cyberespionage with Booz Allen's Nate Beach-Westmoreland

    Breaking down the latest era of Chinese cyberespionage with Booz Allen's Nate Beach-Westmoreland
    2025/12/04
    In this episode, we sit down with Nate Beach-Westmoreland, Head of Strategic Cyber Threat Intelligence at Booz Allen, to explore the evolving sophistication of Chinese cyber operations and their implications for U.S. national security. Our guest breaks down how the PRC leverages trusted-relationship abuse, network edge exploitation, and AI-powered influence campaigns to infiltrate critical infrastructure, evade detection, and operate below escalation thresholds that limit allied responses. From supply chain compromises to the weaponization of artificial intelligence in information warfare, this conversation reveals the strategic chess game playing out in cyberspace—and what the U.S. and its allies must do to regain the advantage.
    続きを読む 一部表示
    30 分
  • How Visa's CISO turns a 'paranoid and pessimisitic mindset' into positive security outcomes

    How Visa's CISO turns a 'paranoid and pessimisitic mindset' into positive security outcomes
    2025/11/20
    Visa CISO Subra Kumaraswamy joins Safe Mode to discuss the global scale and complexities of cybersecurity at Visa, from managing a billion transactions daily to maintaining a resilient, “paranoid” defensive posture. Subra reveals how his team blends innovation, threat intelligence, and layered security architectures—not just to protect Visa, but to uplift the wider payment ecosystem—including strategies for defending against supply chain attacks, leveraging AI, and preparing for deepfakes and post-quantum computing. The episode provides a look behind the scenes at how Visa is working to ensure trust and reliability in payments for its global network of cardholders, partners, and merchants.
    続きを読む 一部表示
    46 分
  • What security teams should do to prepare for the quantum computing future

    What security teams should do to prepare for the quantum computing future
    2025/11/13
    Rebecca Krauthamer, CEO of QSecure, joins Safe Mode to delve into the rapidly shifting landscape of quantum computing and cybersecurity. The conversation covers the latest government and industry responses to the quantum threat, the urgency of adopting post-quantum encryption, and practical metrics for agencies and organizations. Listen in as the complexities and urgency of preparing for “Q-Day” are unpacked, offering key insights for policy makers, technologists, and anyone concerned with data security’s future.
    続きを読む 一部表示
    40 分
  • How MSP's are dealing CISA changes

    How MSP's are dealing CISA changes
    2025/11/06
    On this week’s Safe Mode, Greg welcomes Jason Pufahl, VP of Security Services at Vancord. Jason shares deep insights into the evolving managed security landscape, focusing on challenges faced by small and mid-sized businesses and the practical fundamentals they need for strong cybersecurity. He also discusses the evolving role of CISA and the importance of making threat intelligence and resources broadly accessible to help organizations of all sizes strengthen their cybersecurity posture.
    続きを読む 一部表示
    33 分
  • Mobilizing Main Street: Inside the Cyber Civic Engagement Program

    Mobilizing Main Street: Inside the Cyber Civic Engagement Program
    2025/10/30
    In this episode of Safe Mode, Betsy Cooper, founding director of the Aspen Institute’s Policy Academy, details a new initiative designed to mobilize ordinary citizens as cybersecurity policy advocates. The Cyber Civic Engagement program, supported by Craig Newmark Philanthropies’ Take9 campaign, offers virtual training sessions to equip participants with effective communication techniques, policy writing know-how, and access to one-on-one advocacy coaching. As digital threats multiply, Cooper argues that community storytelling and grassroots engagement are essential tools for prompting government action and ensuring critical local services are protected.
    続きを読む 一部表示
    30 分
  • A reset on information sharing

    A reset on information sharing
    2025/10/23
    Kevin Greene, chief cybersecurity technologist for the public sector at BeyondTrust, joins Greg to unpack the fallout from the recent lapse of the CISA information sharing bill and what it means for both public and private sector cyber defenses. The conversation dives into how the threat landscape has shifted since the bill’s original passage, the limitations of relying solely on indicators of compromise, and the need for more proactive, behavior-based analytics. Kevin shares insights on identity management—including the challenges of both human and machine identities—and emphasizes that meaningful information sharing must be modernized to stay relevant.
    続きを読む 一部表示
    35 分