Security by Default

Joseph Carson

0.0 (0)
TECHNOLOGY

Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

17 HRS AGO

The Cyber Hero Adventure - Making Security Engaging and Fun with Gary Berman

Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent. Chapters 00:00 Welcome to the Cybersecurity Chaos 02:32 From Fear to Fun in Cybersecurity 05:27 The Journey of a Cyber Advocate 08:09 The Importance of Community and Collaboration 10:45 Bringing Laughter Back to Cybersecurity 13:13 Rebranding Cybersecurity for New Talent 16:00 The Power of Words in Cybersecurity 18:43 Innovative Approaches to Cyber Awareness 21:29 Lessons from Kids: Simplifying Cybersecurity 24:39 The Inner Child and Cognitive Dissonance 26:40 Gamification and Learning Innovations 28:19 Storytelling in Cybersecurity 29:15 Cybersecurity Starts at Home 30:36 Community Engagement and Employee Connection 32:14 The Importance of Acknowledgment 34:13 Finding Joy in Everyday Life 35:11 Humor as a Coping Mechanism 40:04 The Power of Positive Thinking 45:02 Mission Accomplished: Fun and Safety Resources Cyber Heroes Comics - https://cyberheroescomics.com/ Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/

47 min
MAR 17

Inside the Digital Battlefield: Cybersecurity in Geopolitical Conflicts with Chris Kubecka

Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers. Key Topics Cybersecurity in critical infrastructure Geopolitical cyber threats and hybrid warfare Evolving landscape of digital threats and resilience Sound bites "GPS jamming has been a massive challenge." "Digital Empires: China, Europe, and the US." "Radio communications are a vital fallback." Chapters 00:00 Introduction and Background of Chris Kubecka01:37 Cybersecurity Challenges in Critical Infrastructure03:37 Evolving Nature of Cyber Threats05:45 The Role of Drones in Modern Warfare07:25 Hybrid Warfare and Global Diplomacy10:10 The Shift in Global Cybersecurity Dynamics12:18 The Importance of International Cooperation14:33 Privacy and Ethics in Cybersecurity16:50 Historical Context and Regional Cooperation18:55 Cyber Attacks on Civilian Infrastructure22:04 Personal Experiences in Estonia24:10 Geopolitical Tensions and Cybersecurity25:52 Challenges in Maritime Connectivity28:16 Critical Infrastructure Vulnerabilities30:22 The Role of Radio in Authoritarian Regimes33:43 International Maritime Law and Cybersecurity37:46 Recent Projects and Activism in Cybersecurity39:51 Staying Informed in a Rapidly Changing Landscape Resources Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/ Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ

45 min
MAR 3

How Gamification and Community Help Beginners Break Into Cloud and AI Security

In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration. Key Takeaways Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.His journey in cybersecurity began with help desk roles and evolved into penetration testing.Creating content is a great way to learn and contribute to the community.Cloud security presents unique challenges that require ongoing education and adaptation.Gamification in training enhances engagement but should not overshadow practical learning.Community involvement is crucial for personal and professional growth in cybersecurity.Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.Continuous learning is essential in the fast-paced cybersecurity landscape.Mentorship can significantly impact career development and confidence.Cloud security is a growing field with increasing demand for skilled professionals. sound bites "Learning is a great way to learn." "Community is a powerful thing." "Cloud is hard to secure." Chapters 00:00 Introduction to the Podcast and Guest 00:40 Ian Austin's Journey in Cybersecurity 06:40 Transitioning into Security Roles 10:54 Evolution of Learning in Cybersecurity 16:19 The Importance of Community in Learning 22:58 Challenges in Cloud Security 28:46 Staying Updated in the Cybersecurity Field Resources: https://pwnedlabs.io/ https://www.linkedin.com/in/ian-austin/

33 min
FEB 17

Cracking Passwords and the Future of Passwords with Evil Mog

In this episode of the Security by Default podcast, host Joe Carson welcomes Evil Mog, an expert in password cracking and cybersecurity. They discuss the importance of Hacker Jeopardy in making cybersecurity fun, the ongoing challenges with passwords, and the evolving role of AI in password cracking. The conversation also touches on incident response, the significance of documentation, and the future trends in cybersecurity, including the shift towards passwordless authentication and the impact of AI on both attackers and defenders. Takeaways Hacker Jeopardy is a fun way to engage with cybersecurity.Teaching others helps reinforce your own knowledge.Passwords will remain a necessary evil in security.AI is enhancing password cracking methodologies.Documentation is crucial in incident response.The cost of hacking is increasing due to advanced techniques.Collaboration between red and blue teams is essential.Insider threats are on the rise in cybersecurity.Password management is fundamentally an asset management issue.Future trends indicate a shift towards passwordless authentication. Sound bites "Teaching helps you learn better." "Security is about enabling the business." "The cost of hacking is rising." Chapters 00:00 Introduction to Evil Mog and Hacker Jeopardy02:37 The Importance of Community and Teaching in Cybersecurity05:22 Password Security: The Louvre Incident07:59 The Evolution of Authentication Methods10:35 Challenges in Asset Management and Password Management13:15 Operational Technology (OT) Security Challenges15:53 The Role of Documentation in Cybersecurity18:42 AI in Cybersecurity: Automation and Password Recovery21:52 AI in Password Cracking24:56 Enhancing Human Capabilities with AI27:18 The Evolution of Cybercrime30:02 Trends and Predictions for Cybersecurity34:41 Collaboration in Cybersecurity37:24 The Future of Cybercrime and AI40:59 Connecting with Evil Mog

42 min
FEB 3

Exploring Identity Security Trends with Charles Chase

In this episode of the Security by Default podcast, host Joe Carson speaks with Charles Chase about his journey into the cybersecurity field, focusing on identity security and privilege access management. They discuss the evolving trends in identity security, the importance of maintaining identity hygiene, and the impact of regulations like NIST 2 and DORA on organizational practices. The conversation also covers the shift towards passwordless security, the role of AI in identity management, and resources for those looking to enter the field. The episode concludes with reflections on the importance of identities in business and society. Takeaways Charles Chase fell into cybersecurity from a military background.The importance of understanding what you don't know in identity security.Organizations often have dormant accounts that pose security risks.Regulatory bodies are pushing organizations to improve their identity security practices.The shift towards passwordless security is gaining momentum.AI is becoming a valuable tool in identity management.Identity hygiene is crucial for reducing risks in organizations.The commoditization of identity solutions allows smaller businesses to implement security measures.Engaging with customers is key to understanding their unique identity security needs.The future of identity management is focused on user experience and automation. Sound bites "What do I not know?" "It's a learning tool." "It's a fun industry." Chapters 00:00 Introduction to the Podcast and Guest00:47 Charles Chase's Journey into Cybersecurity02:22 Trends in Identity Security and Best Practices05:54 Understanding Dormant Accounts and Their Risks09:54 The Shift Towards Passwordless Security12:45 The Role of AI in Identity Management18:35 The Importance of Digital Identity in Society26:45 Resources for Entering the Identity Space30:49 Conclusion and Final Thoughts Keywords cybersecurity, identity security, privilege access management, trends, best practices, passwordless security, AI in identity management, regulatory impact, identity hygiene, resources for cybersecurity

30 min
JAN 20

Cyber Ops and OSINT with the Grugq

In this episode of the Security by Default podcast, host Joseph Carson engages with the Grugq, a cybersecurity expert and PhD student, discussing his journey into the field, the evolution of cybersecurity practices, and the complexities of information warfare. The Grugq shares insights on anti-forensics, the importance of understanding human behavior in cybersecurity, and the current landscape of cyber warfare, particularly in the context of the ongoing conflict in Ukraine. The conversation highlights the challenges and changes in the cybersecurity field, emphasizing the need for clarity and understanding in a chaotic information environment. Takeaways The Grugq's journey into cybersecurity began with a Unix book.He transitioned from internships to freelancing in cybersecurity.Moving to Thailand helped reduce living costs while consulting.Understanding anti-forensics is crucial for effective cybersecurity.The rules of cyber warfare differ significantly from peacetime operations.Information warfare involves changing how people interpret information.The Grugq emphasizes the importance of human behavior in cybersecurity.Staying updated in cybersecurity requires monitoring current events and engaging with experts.The evolution of cybersecurity tools has made it easier for new actors to operate.The Grugq's PhD research focuses on the realities of cyber warfare. Additional Resources: https://x.com/thegrugq https://github.com/grugq

46 min
JAN 6

From Prosecutor to CSO: Joe Sullivan on Cybersecurity Leadership, Crisis, and Resilience

In this episode of the Security by Default podcast, host Joseph Carson interviews Joe Sullivan, a prominent figure in cybersecurity. They discuss Joe's journey from a federal prosecutor to the Chief Security Officer at Facebook, exploring the challenges and expectations in transitioning from government to private sector roles. The conversation delves into the evolving landscape of cybersecurity, the impact of ransomware, and the importance of crisis management and preparedness. Joe shares valuable lessons for aspiring security executives and highlights the significance of understanding technology in leadership roles. The episode concludes with Joe's current projects, including his nonprofit initiative, Ukraine Friends, which provides laptops to children affected by the war in Ukraine. Takeaways Security is possible for everyone.Joe Sullivan's journey reflects a unique path into cybersecurity.Transitioning from government to private sector presents challenges.Understanding corporate culture is crucial for success.Measuring success in cybersecurity requires clear metrics.Ransomware has fundamentally changed the cybersecurity landscape.Security leaders are increasingly reporting to CEOs.Crisis management is essential for organizational resilience.Aspiring security executives should focus on business understanding.Giving back to the community is a vital part of the cybersecurity profession. Sound bites "Security is possible for everyone.""I got an MBA through osmosis.""The expectations were so high." Chapters 00:00 Introduction to Security by Default Podcast01:02 Joe Sullivan's Journey into Cybersecurity05:10 Transition from Government to Private Sector11:06 Navigating the Corporate Landscape15:48 Measuring Success in Security20:04 The Impact of Ransomware on Cybersecurity28:01 The Evolving Role of Security Leaders30:57 Understanding Business Strategy in Security32:59 Risk Management and Business Partnership33:52 Navigating Technology Risks35:54 The Race for AI Innovation38:03 Crisis Management and Preparedness39:59 Building Resilience in Security Teams42:16 The Importance of Response Training44:10 Lessons from Emergency Services47:41 Community Impact through Technology Additional Resources: https://www.joesullivansecurity.com/about https://ukrainefriends.org/ https://www.linkedin.com/in/joesu11ivan/ https://en.wikipedia.org/wiki/Joe_Sullivan_(cybersecurity)

48 min
2025-12-23

Laughing with Cyber - A Standup Comedy Special with Ian

In this episode of the Security by Default podcast, host Joseph Carson welcomes Ian Murphy, a cybersecurity expert and stand-up comedian. They discuss Ian's unconventional journey into cybersecurity, his experiences at the MOD and Symantec, and his transition to self-employment and comedy. Ian shares insights on the importance of storytelling in both cybersecurity awareness and comedy, as well as navigating online criticism and audience interactions. The conversation highlights the need for humor in serious industries and the value of real human connections. Takeaways Ian's journey into cybersecurity was unplanned and unconventional.The importance of storytelling in both cybersecurity and comedy.Self-employment offers freedom but comes with challenges.Humor can be a powerful tool in serious industries.Navigating online criticism requires thick skin and perspective.Comedy is subjective, and not everyone will appreciate it.Real human interactions are essential in today's digital age.Learning from experiences is crucial for growth in any field.Networking and peer relationships are vital for success.Life is better when you find joy and laughter in everyday situations. Titles From Cybersecurity to Comedy: Ian Murphy's Journey The Power of Storytelling in Cybersecurity and Comedy Sound bites "I wanted to be a footballer." "Comedy is subjective." "You need to grow the fuck up." Chapters 00:00 Introduction to the Podcast and Guest00:56 Ian's Origin Story and Journey into Cybersecurity06:29 Experiences at MOD and Symantec10:44 Transitioning to Self-Employment and Freedom14:27 The Switch to Stand-Up Comedy22:05 The Impact of Humor in Cybersecurity Awareness30:06 Audience Feedback and Social Media Interaction31:54 The Power of Audience Engagement34:49 Navigating Controversy in Comedy37:43 The Art of Timing and Response40:47 Comedy as a Reflection of Life43:44 The Evolution of Comedy and Storytelling49:53 Learning and Growth Through Comedy53:50 Connecting with the Audience

57 min

Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

Creator

Joseph Carson
Years Active

2025 - 2026
Episodes

27
Rating

Explicit
Copyright

© Copyright 2026 Joseph Carson
Show Website

Security by Default