CYBR.SEC.CAST

Hosted by CYBR.SEC.Media

TechnologyInterviews guests

Website RSS feed

Episodes

Latest episode

Jun 2026

Language

EN-US

About the show

Join CYBR.SEC.CON. cofounders Michael and Sam each week as they chat with conference speakers about the latest topics and trends in the cybersecurity space.

Listen to episodes

60 recent

June 8, 2026Episode 6937 min

CYBR.SEC.CAST Episode 69: Crush Security

In Episode 69 of CYBR.SEC.CAST, hosts Michael Farnum and Sam Van Ryder sit down with Crush Security CEO Joshua Jones, CTO Josh Johnson, and JB Poindexter & Co. CISO John Barrow to explore a growing problem facing security leaders: the inability to effectively evaluate, compare, and manage cybersecurity products at scale. SHOW NOTES:Things Mentioned:Crush Security website: https://www.crushsecurity.com/Upcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzProceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.EPISODE 69 Timestamps:00:00 – Introduction and Sponsor DisclosureMichael Farnum introduces Crush Security as the episode sponsor and frames the discussion around real-world CISO challenges involving cybersecurity purchasing and vendor management.05:00 – Joshua Jones' Cybersecurity JourneyJones recounts entering cybersecurity during the early days of MFA, building global sales and consulting organizations, and eventually identifying inefficiencies in the reseller ecosystem that inspired Crush Security.09:15 – Josh Johnson's Path from Digital Forensics to AIJohnson discusses his background in computer forensics, incident response, consulting, and cybersecurity leadership before co-founding Crush Security.11:45 – John Barrow's Evolution from Military Intelligence to CISOBarrow explains how his nontraditional background became a leadership advantage, helping him bridge communication gaps between security teams and executive leadership.17:00 – The Hidden Cost of Security Tool SprawlThe group examines how organizations accumulate overlapping technologies, duplicate capabilities, and unnecessary spending while struggling to understand what they actually own.21:30 – Why Traditional VAR Models Fall ShortJones argues that too many reseller relationships remain transactional and fail to provide the strategic guidance security leaders need.24:30 – Using AI to Evaluate Security ProductsJohnson explains how Crush maps cybersecurity products, controls, compliance frameworks, and capabilities to help organizations identify gaps, overlaps, and alternatives.29:00 – The Coming Explosion of Security CategoriesThe panel discusses how AI is enabling vendors to rapidly expand into adjacent markets, creating even more confusion for buyers evaluating security platforms.33:30 – Crush Security's Vision for a 'Super VAR'Jones outlines the company's vision of combining AI, security architecture, contract intelligence, and procurement guidance into a unified platform for security leaders.35:20 – Final ThoughtsThe panel closes by reflecting on why cybersecurity procurement remains largely unsolved and why data-driven decision making may finally change that reality.Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport or apply to our Scholarship Program:TAB Cyber FoundationSubscribe to the podcast: AppleSpotifyIn this episode:Host: Michael FarnumHost: Sam Van RyderGuests: Josh Jones, Josh Johnson, John BarrowProduction and editing: Bill BrennerMusic by: August Honey

April 7, 2026Episode 6626 min

CYBR.SEC.CAST Episode 66: Wendy Nather

Cybersecurity has built its learning model around breaches, but as Wendy Nather explains, the real value lies in the incidents that almost happened. In this CYBR.SEC.CAST episode with hosts Michael Farnum and Sam Van Ryder, she makes the case for shifting focus to near-misses: the attacks stopped by a single decision, control, or moment of awareness. These unseen saves reveal how defenses actually work in real time, yet they rarely get shared due to trust, legal, and cultural barriers. Until the industry starts capturing and learning from these quieter wins, it will continue optimizing for failure instead of understanding success.SHOW NOTES:Things Mentioned:The Security Poverty Line: https://www.scrut.io/post/risk-grustlers-ep-20-the-security-poverty-line1Password talks and expo activity during RSAC 2026: https://1password.com/blog/rsa-2026-leading-the-way-to-secure-agentic-aiUpcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.EPISODE 66 Timestamps:00:00 – 01:30 – Intro, guest setup, and Wendy Nather background01:30 – 07:00 – CyberSecCon announcements and community initiatives07:00 – 09:30 – Wendy’s early career: liberal arts → sysadmin → Switzerland09:30 – 12:30 – Transition into cybersecurity and global security leadership12:30 – 15:30 – Analyst career, Duo Security, Cisco, and 1Password15:30 – 18:30 – Career philosophy: ditching the ladder, focusing on impact18:30 – 22:00 – Current role: advising, speaking, training, and strategy work22:00 – 25:30 – RSA talk intro: “Less Blood, More Bits” concept25:30 – 31:00 – The power of near-miss stories and why they matter31:00 – 36:00 – Real-world near-miss examples and lessons learned36:00 – 41:00 – Threat intelligence sharing challenges and trust barriers41:00 – 45:00 – ISACs vs. informal “steak and ale” intelligence sharing45:00 – 49:00 – Why scaling trust and sharing remains unsolved49:00 – End – Wrap-up and closing thoughtsDo you have a question for the hosts? Reach out to us at media@cscgroupllc.com

March 24, 2026Episode 6531 min

ICIT’s Val Moon: Fixing Cybersecurity’s Workforce Problem is Essential for National Security

In this episode, hosts Michael Farnum and Sam Van Ryder sit down with Valerie Moon, Executive Director of the Institute for Critical Infrastructure Technology (ICIT) for a wide-ranging discussion about cybersecurity policy, workforce development, and the growing threats facing critical infrastructure.Things Mentioned:Website for ICIT: https://www.icitech.org/Upcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport CYBR.SEC.Careers Non-Profit EffortsCYBR.SEC.CareersApply to the CYBR.SEC.Careers ScholarshipTaylor Austin Broussard Memorial ScholarshipListen to our other show:CYBR.HAK.CASTThank you to our Media Partners:CYBR.SEC.CON. and OT.SEC.CON. OGGN (Oil & Gas Global Network)UtilSecCYBR.SEC.CON. and CYBR.HAK.CON. BarCode PodcastCyber Distortion Podcast

March 19, 2026Episode 6433 min

Episode 64: Rob Lee

Dragos CEO and U.S. National Guard Lt. Col. Rob Lee joins hosts Michael Farnum and Sam Van Ryder to discuss why he returned to military service, the growing cyber threats to critical infrastructure, and the role exercises like Cyber Fortress play in preparing both government and private sector operators for real-world cyber incidents. SHOW NOTES:Things Mentioned:Cyber Fortress 2026: https://va.ng.mil/Cyber-Fortress/Upcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.Episode 64 Timestamps:6:48 – Why Lee returned to military serviceLee explains how calls from government and military leaders prompted him to return to the National Guard to help address unresolved questions around defending operational technology (OT) during conflict.9:33 – Role in the 91st Cyber BrigadeLee describes his position as executive officer and the mission of the Army National Guard’s cyber brigade.14:52 – Cyber Fortress exercise explainedLee walks through the origins of Cyber Fortress and how it evolved from a state-level exercise into a broader operational technology training environment.17:53 – How Cyber Fortress worksThe exercise combines training, red-team simulations, and participation from infrastructure operators to practice responding to real OT cyber incidents.20:10 – Cyber conflict and civilian infrastructureLee discusses the growing risk of state actors targeting hospitals, utilities, and other civilian infrastructure.24:23 – Cyber attacks that lead to loss of lifeLee argues the cybersecurity community must acknowledge that cyber operations have already contributed to real-world deaths.27:04 – The role of cyber in modern warfareThe discussion explores how cyber capabilities are increasingly intertwined with traditional military conflict.Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com

March 10, 2026Episode 6324 min

From Cyberstalking to Cybersecurity Leadership: Kelley Misata’s Mission to Protect Nonprofits

In this episode of CYBR.SEC.CAST, the hosts sit down with Dr. Kelley Misata, CEO of Sightline Security, to explore the often-overlooked cybersecurity challenges facing nonprofit organizations. Misata shares her powerful origin story — how a personal experience with cyberstalking led her to pursue a PhD in cybersecurity and ultimately launch a nonprofit dedicated to helping mission-driven organizations assess and improve their security posture.She also discusses the misconceptions surrounding nonprofit cybersecurity, the communication gap between security professionals and nonprofit leaders, and why “nonprofit” is simply a tax designation, not a reflection of an organization’s sophistication or risk exposure. Misata also explains how Sightline Security’s Kickstart program, built around a simplified interpretation of the NIST Cybersecurity Framework, helps nonprofits identify practical security priorities and build sustainable cyber resilience.SHOW NOTES:Things Mentioned:Website for Sightline Security: https://sightlinesecurity.org/ Kickstarter program: https://sightlinesecurity.org/kickstartUpcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/ CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9 Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.EPISODE 63 Timestamps:4:14 – Kelley Misata’s origin storyDr. Misata explains how she unexpectedly entered cybersecurity after being the victim of cyberstalking while working at a technology company.5:25 – Turning a personal crisis into a cybersecurity PhDInstead of retreating from the experience, Misata pursued a PhD in cybersecurity to better understand how the technology behind the attacks worked.6:09 – Early work with the Tor Project and open source securityHer research journey led to working with the Tor Project and later serving as president of the Open Information Security Foundation.6:27 – Researching cybersecurity risks facing nonprofitsMisata describes her doctoral research studying nonprofits that assist domestic violence and human trafficking victims, focusing on how organizations protect both their operations and the people they serve.8:44 – The moment she realized nonprofits cared about cybersecurityHer dissertation survey received far more responses than expected, revealing that nonprofit organizations were eager to engage on cybersecurity issues.9:00 – From dissertation to mission: founding Sightline SecurityEncouraged by colleagues, Misata launched Sightline Security in 2018 to help nonprofits understand and assess their cybersecurity posture.12:00 – Debunking the “security poverty line” mythMisata explains that nonprofits aren’t necessarily under-resourced—they simply operate under different financial and operational models than traditional businesses.14:24 – The communication gap between security pros and nonprofitsShe shares an example where security practitioners assumed nonprofits lacked basic controls, but the real issue was simply a language mismatch around security terminology.16:09 – The wide range of nonprofit cybersecurity maturityNonprofits span the entire spectrum—from small volunteer organizations to large institutions with enterprise-level infrastructure and IT teams.19:57 – Why “nonprofit” is just a tax designation

February 25, 2026Episode 6229 min

Disorder, Destruction, and Disruption with John Dickson

This week Michael and Sam are talking to Bytewhisper CEO and previous HOU.SEC.CON. speaker, John Dickson! They discuss his journey from the Air Force into cybersecurity, his long-standing passion for application security, and why AI security testing isn’t fundamentally separate from traditional penetration testing. Things Mentioned:John’s 2024 talk: https://youtu.be/_dYQ2aFOxGA?si=s8fK04WhUJDCutV6John’s 2025 talk: https://youtu.be/WF9nle1BppE?si=bUbRtpXeQbU6mxWWDo you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport CYBR.SEC.Careers Non-Profit EffortsCYBR.SEC.Careers Apply to the CYBR.SEC.Careers ScholarshipTaylor Austin Broussard Memorial ScholarshipSubscribe to the podcast: AppleSpotifyListen to our other show:CYBR.HAK.CASTIn this episode:Host: Michael FarnumHost: Sam Van RyderGuest: John DicksonProduction and editing: Lauren AndrusMusic by: August Honey

February 11, 2026Episode 6142 min

Doing Cool Stuff with Dr. Dustin Sachs

In this episode, Michael and Sam sit down with Dr. Dustin Sachs (DCS), CEO and founder of Psybercog Labs, to explore why humans - not technology - are often the limiting factor in cybersecurity. They dive into cognitive overload, bias, and decision fatigue, and how these hidden forces shape security outcomes. Dustin also shares his unconventional path into cyber and explains how Psybercog Labs uses behavioral science to uncover decision-making blind spots and help organizations execute smarter, more effective security strategies.Things Mentioned:AI-Assisted Cybersecurity Team Discovers 12 OpenSSL Vulnerabilities, Claims Humans are the Limiting Factor – Some Vulnerabilities have been Around for Decades - https://www.tomshardware.com/tech-industry/cyber-security/ai-assisted-cybersecurity-team-discovers-12-openssl-vulnerabilities-claims-humans-are-the-limiting-factor-some-vulnerabilities-have-been-around-for-decadesNoise: A Flaw in Human Judgement by Daniel Kahneman - https://en.wikipedia.org/wiki/Noise:_A_Flaw_in_Human_JudgmentPsybercog Labs - https://www.psybercog.com Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagram Check out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport CYBR.SEC.Careers Non-Profit EffortsCYBR.SEC.CareersApply to the CYBR.SEC.Careers ScholarshipTaylor Austin Broussard Memorial ScholarshipListen to our other show:CYBR.HAK.CASTIn this episode:Host: Michael FarnumHost: Sam Van RyderGuest: Dr. Dustin SachsProduction and editing: Lauren AndrusMusic by: August Honey

January 28, 2026Episode 6032 min

OT.SEC.CAST – The OT.SEC.CON. Podcast with Mike Holcomb

This week, Michael and Sam chat with educator, founder, and OT.SEC.CON. opening keynote speaker Mike Holcomb! They discuss his free, in-person training coming up on March 31 in Houston, how - like many others - the movie War Games played a role in his journey into the cybersecurity industry, and how his focus has shifted toward OT/ICS security education.Things Mentioned:Mike’s site - https://www.mikeholcomb.com/Mike’s YouTube Channel - https://www.youtube.com/@utilsecBSides ICS - https://www.bsidesics.org/Sign up for Mike’s free class on March 31, 2026 when you sign up for OT.SEC.CON. - https://www.xcdsystem.com/cybrseccommunity/attendee/index.cfm?ID=DwWuEm5Register for Jeremiah Grossman's Webinar - https://www.cybrsecmedia.com/webinar/Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport or apply to our Scholarship Program:TAB Cyber FoundationSubscribe to the podcast: AppleSpotifyListen to our other show:CYBR.HAK.CAST In this episode:Host: Michael FarnumHost: Sam Van RyderGuest: Mike HolcombProduction and editing: Lauren AndrusMusic by: August Honey

January 14, 2026Episode 5936 min

Making the Blogger List with Bill Brenner

Michael and Sam are talking to the new VP and Editor-in-Chief of CYBR.SEC.Media, Bill Brenner! They discuss his extensive 20+ year career journey from traditional journalism to cybersecurity media, the importance of supporting the mental health of cyber defenders, and his vision for CYBR.SEC.Media. Things Mentioned:Bill’s Letter from the Editor - https://www.cybrsecmedia.com/letter-from-the-new-editor-in-chief-of-cybr-sec-media/ Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagram Keep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User Group Support or apply to our Scholarship Program:TAB Cyber FoundationSubscribe to the podcast: AppleSpotifyIn this episode:Host: Michael FarnumHost: Sam Van RyderGuest: Bill BrennerProduction and editing: Lauren AndrusMusic by: August Honey

December 31, 2025Episode 5838 min

Combating Burnout with Jessvin Thomas

We’re wrapping up 2025 with a special episode! Michael and Sam are talking to Jessvin Thomas, CEO of Auguria and winner of CYBR.SEC.CON.’s first pitch competition for cybersecurity startups! They discuss the evolving challenges in cybersecurity, the importance of root cause analysis, and how AI and context are shaping the future of SOC operations. Discover insights on burnout, data-driven defense, and building resilient security teams.Things Mentioned:Root Causes of Security Breaches Remain Elusive, Jeopardizing Resilience - https://www.csoonline.com/article/4093403/root-causes-of-security-breaches-remain-elusive-jeopardizing-resilience.htmlWhen Good People Struggle: The Human Side of Security Misalignment - https://www.cybrsecmedia.com/when-good-people-struggle-the-human-side-of-security-misalignment/Learn more about Auguria - https://auguria.io/ Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport or apply to our Scholarship Program:TAB Cyber FoundationSubscribe to the podcast: AppleSpotifyIn this episode:Host: Michael FarnumHost: Sam Van RyderGuest: Jessvin ThomasProduction and editing: Lauren AndrusMusic by: August Honey