Episodes

  • RSA CEO Rohit Ghai on the promise and peril of passkeys

    RSA CEO Rohit Ghai on the promise and peril of passkeys
    Jun 12 2025
    Greg Otto talks with RSA CEO Rohit Ghai on the global shift toward passkeys and passwordless authentication. Together, they explore pressing issues including the differences between consumer and enterprise solutions, infrastructure vulnerabilities, regulatory challenges, and how emerging threats are evolving as passwordless adoption accelerates. The discussion also covers the complexities practitioners face as they navigate credential transitions in a rapidly changing security landscape. In the reporter chat, Greg talks with Matt Kapko about the attack on a top grocery distributor in the United States.
    Show More Show Less
    41 mins
  • MIND’s Eran Barak

    MIND’s Eran Barak
    Jun 5 2025
    Greg Otto talks with Eran Barak, CEO and co-founder of MIND, on the dramatic rise of insider threats in cybersecurity, exploring recent high-profile cases and the factors fueling this surge. He discusses which industries and data types are most at risk, how insider tactics have evolved, and practical strategies for organizations to detect and prevent internal threats. In our reporter chat, Greg talks with Derek Johnson on how vibe coding can be secure as it grows into a practice that software developers rely on for their work. LINK: https://cyberscoop.com/vibe-coding-ai-cybersecurity-llm/
    Show More Show Less
    34 mins
  • Bishop Fox’s Rob Ragan and Iron Man Suit for pen testers

    Bishop Fox’s Rob Ragan and Iron Man Suit for pen testers
    May 29 2025
    Greg Otto talks with Rob Ragan, Principal Technology Strategist at Bishop Fox, as he shares his vision of building an “Iron Man suit” for human security testers that is shaping how AI is used in offensive cybersecurity. Rob dives into lessons learned from developing adaptive AI tools, the unique challenges and risks facing modern AI systems, and effective strategies for safeguarding against adversarial attacks and data leakage. Discover how ethical frameworks, innovation, and industry collaboration can drive responsible offensive security, what organizations often get wrong about AI threats, and what’s needed to secure the future as AI transforms the cybersecurity landscape. In our reporter chat, Greg Otto talks with Matt Kapko about a new wave of zero-days impacting Ivanti products.
    Show More Show Less
    30 mins
  • Olivia Rose on why the CISO role may not be the pinnacle of security work

    Olivia Rose on why the CISO role may not be the pinnacle of security work
    May 22 2025
    In this episode, Greg sits down with Olivia Rose, Founder and CISO of the Rose CISO Group, to talk about her role in "CISO: The Worst Job I Ever Wanted," a groundbreaking cybersecurity docuseries that reveals the real experiences of Chief Information Security Officers. This podcast uncovers the pressures, sleepless nights, and personal sacrifices these leaders endure while making critical decisions and shouldering the responsibility of defending the digital world. Through honest and compelling stories, listeners gain a rare glimpse into the human side of one of the most challenging and misunderstood roles in technology. In our reporter chat, Greg Otto talks with Derek Johnson and Tim Starks about their deep dives into why Salt Typhoon may never be out of U.S. telecom systems.
    Show More Show Less
    45 mins
  • Semperis CEO Mickey Bresman on the power of tabletop exercises

    Semperis CEO Mickey Bresman on the power of tabletop exercises
    May 15 2025
    In this episode, Greg sits down with Semperis CEO Mickey Bresman to explore how organizations can proactively prepare for cyber crises before they strike. The conversation centers on the power of tabletop exercises—simulated attack scenarios that test response plans, reveal hidden vulnerabilities, and build muscle memory across teams. Together, Greg and Mickey discuss why preparation is far more than a technical checklist, how effective tabletop exercises bridge the gap between policy and real-world action, and what practical steps leaders can take to protect their organizations from the inside out. In our reporter chat, Greg Otto talks with Cynthia Brumfield about the future of the CVE program.
    Show More Show Less
    35 mins
  • Expel CEO Dave Merkel on the impact of AI & Automation in modern SOCs

    Expel CEO Dave Merkel on the impact of AI & Automation in modern SOCs
    May 8 2025
    In this episode, we sit down with Dave Merkel, CEO of Expel to take an honest, practical look at how AI and automation are reshaping the modern Security Operations Center (SOC). Our discussion covers the most tangible changes in daily SOC operations since AI adoption, cutting through industry hype to reveal which claims deserve skepticism and which use cases have delivered meaningful, measurable value. Dave also gives insights into quantifying unique workloads, shaping policies, and fostering understanding between tech teams and business leaders are also addressed, along with the unintended risks AI can introduce to analyst workflows. In our reporter chat, Greg Otto talks with Tim Starks about a jury verdict that compels NSO Group to pay $168M in damages to WhatsApp over spyware infections.
    Show More Show Less
    32 mins
  • Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team

    Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team
    May 1 2025
    In this episode, Greg talks with Alexander Leslie, Threat Intelligence Analyst for Recorded Future’s Insikt Group and his research on “Marko Polo” – a notorious cybercriminal empire that orchestrates an array of scams, primarily using infostealer malware. Discover how this sophisticated syndicate has victimized tens of thousands worldwide and raked in millions in illicit revenue. Our guest breaks down the inner workings of these elusive "traffer teams," exploring their adaptable tactics, relentless persistence, and the insidious underground economy they fuel. Greg Otto breaks down his biggest takeaways from the RSAC 2025 Conference.
    Show More Show Less
    33 mins
  • Verizon’s Alex Pinto on the takeaways from the 2025 DBIR

    Verizon’s Alex Pinto on the takeaways from the 2025 DBIR
    Apr 24 2025
    On this episode of Safe Mode, Greg talks with Alex Pinto, Associate Director of Threat Intelligence at Verizon Business, as we unpack the key findings from this year’s Data Breach Investigations Report (DBIR). Pinto offers expert analysis on the most pressing cybersecurity trends impacting organizations worldwide—including ransomware’s dramatic spike, shifting attacker tactics, and evolving victim responses. We explore why ransomware now features in 44% of breaches, what’s driving a surge in exploited vulnerabilities and zero-day attacks on edge devices, and why small and mid-sized businesses are seeing more frequent and devastating impacts. Pinto sheds light on the motivations behind declining ransom payments, the rise of third-party risks, and the complex challenge of timely patching and remediation. In our reporter chat, Greg talks with Derek Johnson on one company’s security testing of OpenAI’s newest GPT model.
    Show More Show Less
    39 mins