Data Security Decoded

Rubrik
  • 0.0 (0)
  • TECH NEWS
  • EVERY TWO WEEKS

Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.

  1. The Terrorist Designation: A New Red Line for Ransomware with Cynthia Kaiser

    6 DAYS AGO

    The Terrorist Designation: A New Red Line for Ransomware with Cynthia Kaiser

    In this episode, host⁠ ⁠Caleb Tolin⁠⁠ explores the battlefield of enterprise defense, which has moved from simple data theft to ultra heinous crimes that put patient outcomes at risk. Guest⁠ ⁠Cynthia Kaiser⁠⁠ shares Battlefield Stories from her time at the FBI and her current work as SVP of the Ransomware Research Center at⁠ ⁠Halcyon⁠⁠, illustrating how the industrialization of cybercrime has reached a tipping point. They dive into the alarming reality of modern dwell times, specifically looking at how groups like Akira move from initial access to full encryption in as little as one hour. The conversation challenges the industry to face the inconvenient truths of cybercrime and ransomware. Kaiser shares case studies of how modern cybercriminals are adopting multilateral techniques to gain access to and exploit your network. By adopting an Assume Breach mindset, elite defenders can build the defense in depth required to combat malicious threat actors who follow their own rules to cause disruption and destruction. Resources House Homeland Security Committee Testimony: ⁠Online Scams, Crypto Fraud, and Digital Extortion⁠ Halcyon Analysis: ⁠Akira Ransomware Attacks in Under an Hour⁠ Halcyon: ⁠Sicarii Ransomware Encryption Key Handling Defect⁠ Previous Episode Referenced: ⁠Downtime in Healthcare is Fatal: Achieving Resilience in Health & Life Sciences What You’ll Learn Why designating ransomware as terrorism helps influence adversary target selection. The impact of Akira's accelerated dwell time on traditional incident response. How AI enables clumsy amateur "wannabes" to conduct messy attacks. The critical role of phishing resistant MFA in securing the identity perimeter. Why Assume Breach necessitates deep defense in depth strategies. The overestimation of readiness among CISOs compared to actual red team performance Episode Highlights [00:00] - The Case for Designating Ransomware as Terrorism [04:20] - Modern Extortion and the Shortening of Dwell Time [08:30] - Ransomware Recovery in Interconnected Cloud Environments [11:45] - The Impact of AI on the "Wannabe" Attacker [17:45] - Three Actionable Steps for Modern Defenders [21:30] - Inconvenient Truths for Government and Private Sector

    29 min
  2. The Three-Layer Strategy for Autonomous Agent Governance with Joe Hladik and Amit Malik

    21 APR

    The Three-Layer Strategy for Autonomous Agent Governance with Joe Hladik and Amit Malik

    The race for AI dominance has created a dangerous imbalance between business velocity and cyber resilience. In this episode, host Caleb Tolin is joined by Joe Hladik, Head of Rubrik Zero Labs, and Staff Security Researcher Amit Malik to break down the findings of their latest report on agentic adoption. The discussion centers on the Agentic Paradox. This is the technical reality that tools designed to automate high-level tasks are inherently built to find the most efficient path around obstacles, including existing security policies. A primary focus is implementing a three-layer framework for AI Operations. This model targets the Tool Layer, where agents interact with databases; the Cognitive Layer, which serves as the LLM brain; and the critical Identity Layer. The conversation explores stories in which agents, without malicious intent, have caused catastrophic data loss simply by following an optimized logic path. These instances prove that agents need not be sentient to be destructive when they lack proper human-in-the-loop checkpoints. Technical hurdles of Identity Resilience are also addressed, specifically the explosion of non-human identities that spin up and down like elastic cloud infrastructure. The episode examines the fear index regarding job security, noting that 92% of leaders fear for their roles post-breach. Joe and Amit join Caleb to explore the evolution of personal liability for CISOs and the urgent need to move from basic visibility to deep observability. This is a forward-looking briefing for leaders who recognize that, in an era of autonomous routines, the human must remain the ultimate command-and-control center. What You’ll Learn Define the agentic paradox to understand why AI efficiency naturally compromises traditional security guardrails. Implement a three-layer framework to secure the tool, cognitive, and identity components of AI. Transition from basic visibility to deep observability to track autonomous decision-making in real time. Mitigate prompt injection risks by auditing the input and output flows of the cognitive layer. Utilize ephemeral containers to sandbox agentic tools and prevent unauthorized database alterations. Manage the elasticity of non-human identities to maintain control over rapidly spinning AI agents. Anchor AI operations with human-in-the-loop checkpoints to ensure integrity during high-stakes executions. Episode Highlights Defining the Agentic Identity and Autonomous Routines Revenue vs. Resilience: The Drivers of AI Urgency The Three-Layer Framework for Agentic Defense Shadow AI and the Rise of Invisible Insider Threats The Context Gap: Why Rolling Back AI Actions is Hard The CISO Fear Index and Personal Liability Post-Breach Visibility vs. Observability in Elastic Identity Environments

    32 min
  3. Downtime in Healthcare is Fatal: Achieving Resilience in Health & Life Sciences

    7 APR

    Downtime in Healthcare is Fatal: Achieving Resilience in Health & Life Sciences

    Cybersecurity in healthcare is undergoing a critical shift. What was once viewed as a back-office IT concern is now directly tied to patient safety and clinical outcomes. In this episode of Data Security Decoded, host Caleb Tolin sits down with John Fokker, Vice President of Threat Intelligence Strategy at Trellix, to explore new findings that reveal a significant increase in inpatient mortality rates following cyberattacks on hospitals, reframing cybersecurity as a life-or-death issue. The conversation dives into how attackers infiltrate healthcare environments, often through familiar entry points like email, before moving laterally across interconnected systems. From HVAC units to supply chain logistics, even nonclinical systems can disrupt care delivery when compromised. The discussion highlights how adversaries blend into hospital networks using legitimate tools, making detection increasingly difficult. We also examine the alarming dwell times seen in healthcare environments and what defenders can do to identify subtle anomalies before they escalate. The episode outlines practical strategies, including stronger email defenses, network segmentation, and proactive threat hunting. Finally, we confront two uncomfortable truths: apolitical healthcare and humanitarian organizations remain prime targets, and AI introduces both powerful defenses and new risks. The takeaway is clear. Cyber resilience is not optional. It is essential to maintain trust, ensure continuity, and ultimately save lives. What You’ll Learn Why cyberattacks in healthcare directly impact patient mortality How nonclinical systems can disrupt critical care delivery What long dwell times reveal about attacker behavior How threat actors use legitimate tools to evade detection The most effective ways to reduce healthcare attack surfaces Why email remains the primary entry point for attackers How to reframe cybersecurity as a patient safety priority Episode Highlights 00:00 – A Shocking Statistic A 29 percent increase in mortality reframes cyber risk 02:30 – From IT to Patient Safety Why CISOs now have a stronger voice at the board level 05:10 – The Backdoor Problem Nonclinical systems and third parties as attack vectors 09:00 – Living in the Network Understanding long dwell times and stealthy attackers 13:45 – Spotting the Signals Key behavioral indicators defenders should watch 18:20 – Three Steps to Resilience Email security, segmentation, and attack surface reduction 23:10 – Two Inconvenient Truths AI risk and the myth of healthcare immunity 27:00 – Final Takeaway Cybersecurity as operational resilience

    25 min
  4. AI Takes Over RSAC Conference (Now What?) with Dave Bittner.

    31 MAR

    AI Takes Over RSAC Conference (Now What?) with Dave Bittner.

    In this RSAC Conference recap, Dave Bittner, Host of The CyberWire Daily, joins Data Security Decoded host Caleb Tolin from the guest seat to unpack the biggest theme dominating the conference: artificial intelligence, and, more specifically, agentic AI. From wall-to-wall AI messaging across San Francisco to in-depth conversations with security leaders and analysts, one thing became clear: the industry has moved past debating whether AI will take hold. It already has. Now, the focus has shifted to making it safe. Dave shares insights from discussions with vendors, researchers, and intelligence professionals, highlighting a growing consensus around the need for strong guardrails, identity controls, and governance frameworks. As organizations begin deploying AI agents capable of acting autonomously, concerns around misuse, manipulation, and “machine-speed” attacks are accelerating. The conversation also explores the rise of “shadow AI,” where employees use AI tools outside official oversight, and why banning these tools may backfire. Instead, organizations must embrace visibility and collaboration to manage risk effectively. Ultimately, this episode captures a pivotal moment for cybersecurity: a transition from experimentation to operational reality. The tools are powerful, the risks are real, and the path forward requires balancing innovation with control while, as Dave puts it, doing everything possible to “limit the blast radius.” What You’ll Learn Why AI adoption in cybersecurity has shifted from optional to inevitable What “agentic AI” means and why it’s a game changer How identity is becoming the core security layer for AI systems Why “machine speed” is forcing defenders to rethink workflows The real risks of AI misuse, including manipulation and prompt injection How “shadow AI” is emerging inside organizations—and why it matters Practical ways companies are thinking about AI guardrails and governance Episode Highlights [00:00] – Role Reversal at RSA Dave steps into the interviewee seat and kicks things off with a lighthearted karaoke discussion. [02:15] – RSA Energy Check Why this year’s conference felt more optimistic despite industry uncertainty. [04:10] – AI Everywhere From billboards to conversations—AI dominates RSA. [06:00] – Agentic AI Arrives Why autonomous AI agents are no longer theoretical. [08:30] – Guardrails & Identity How security leaders are thinking about controlling AI behavior. [11:15] – When AI Goes Wrong A real-world example of AI being manipulated—and what it reveals. [14:00] – Machine-Speed Threats Why defenders must move faster than ever before. [17:30] – The Big Shift AI is inevitable—now the focus is containment. [19:30] – Shadow AI Risk Why employees using AI outside oversight is a growing concern.

    16 min
  5. Your Backups Are Talking — Are You Listening?

    17 MAR

    Your Backups Are Talking — Are You Listening?

    Security teams spend enormous effort chasing the latest threats, yet often overlook one of the most revealing sources of truth already in their environment: backups. In this episode of Data Security Decoded, host Caleb Tolin sits down with Kyle Fiehler, Transformation Analyst at Rubrik Zero Labs, to explore why backup data has become a critical — and largely ignored — form of security telemetry. Kyle explains how secure, immutable backups act as a historical record of attacks that evaded traditional detection tools, capturing digital fingerprints left behind by sophisticated adversaries. From hypervisor-level threats to long-dwell state-backed actors, backups often reveal what endpoint and network tools miss. And attackers know it. As Kyle outlines, ransomware groups like Evil Corp and Storm-0501 deliberately target backups and identity infrastructure to maximize leverage and accelerate payouts. The conversation also challenges how organizations think about recovery and Mean Time to Response (MTTR). Rather than treating MTTR as a single metric, Kyle advocates breaking recovery into phases — scoping compromise, validating clean recovery, and restoring identity — to pinpoint where resilience actually breaks down. The result is a more actionable, operational view of cyber readiness. This episode offers a clear message for security and IT leaders alike: resilience isn’t just about preventing attacks. It’s about using every available signal, drilling recovery before incidents occur, and recognizing that backups are no longer passive insurance — they’re active intelligence. What You’ll Learn Why secure backups function as a record of threats other tools miss How ransomware groups deliberately target backups and identity systems Where organizations commonly fail to extract security value from backup data How to rethink MTTR by breaking recovery into measurable phases Why identity infrastructure is central to modern recovery strategies Three concrete steps to operationalize backup intelligence today Episode Highlights [00:00] Backups as Digital Fingerprints Why immutable backups reveal threats that evade traditional security tools. [04:30] The Telemetry Everyone Ignores How organizations overlook backups as a source of threat intelligence. [07:45] Who Owns Backup Security? The growing shift from IT ownership to security accountability. [10:30] MTTR Is Broken Why recovery metrics fail — and how phased recovery fixes that. [12:45] Threat Actors Targeting Backups How groups like Evil Corp and Storm-0501 maximize leverage. [15:00] Three Actions Security Teams Can Take Today Practical steps to extract real value from backup data.

    17 min
  6. AI Moves Fast. Privacy Has to Move Faster.

    3 MAR

    AI Moves Fast. Privacy Has to Move Faster.

    AI promises speed, scale, and efficiency—but it also magnifies privacy risk in ways many organizations aren’t prepared for. In this episode, Caleb Tolin welcomes Ojas Rege of OneTrust for a practical, wide-ranging conversation on how data privacy and governance must evolve alongside enterprise AI adoption. Ojas explains why AI fundamentally changes the privacy conversation: the same systems that enable organizations to move faster can also cause harm faster when guardrails aren’t in place. From agentic AI systems that dynamically repurpose data to general-purpose models that blur traditional notions of “intended use,” the challenge isn’t just compliance—it’s trust. The discussion dives deep into purpose limitation under GDPR and the EU AI Act, clarifying where organizations commonly misunderstand consent and where AI training introduces entirely new risks. Ojas emphasizes a simple but powerful test: are you using personal data for the same purpose you originally received consent for—or has AI quietly expanded that purpose? The conversation then shifts to cloud and data sovereignty, particularly for European organizations navigating geopolitical uncertainty. Ojas outlines why data mapping, prioritization, and software supply chain visibility matter more than ever—and why perfection is less realistic than smart prioritization. Ultimately, this episode reframes governance as an enabler. When privacy and data governance are embedded early, organizations can innovate faster, build lasting trust, and deploy AI with confidence in an increasingly complex global environment. What You’ll Learn Why AI scales privacy risk just as fast as business value How purpose limitation breaks down with general-purpose AI models When AI use requires new consent—and when it doesn’t Why transparency is foundational to long-term customer trust How data sovereignty concerns extend beyond cloud providers Where software supply chains create hidden privacy blind spots How good governance can accelerate, not block, AI deployment Episode Highlights [00:02:00] AI Scales the Good—and the Bad How AI accelerates both innovation and privacy harm. [00:04:00] Purpose Limitation Meets AI Reality Why general-purpose models challenge traditional consent frameworks. [00:06:30] Trust as a Business Risk Why transparency matters as much as legal compliance. [00:07:30] Cloud & Data Sovereignty Explained What European organizations can do today to reduce risk. [00:10:30] The Software Supply Chain Blind Spot Why third parties make sovereignty harder in the AI era. [00:12:30] Data as Economic Power How nations now view citizen data as an AI asset. [00:14:00] Governance That Enables Speed Why governing early helps organizations move faster later.

    25 min
  7. The Real Risks of Agentic AI in the Enterprise

    17 FEB

    The Real Risks of Agentic AI in the Enterprise

    As enterprises race to adopt AI, many are discovering that traditional security models no longer hold. In this episode of Data Security Decoded, host Caleb Tolin is joined by Camille Stewart-Gloster, CEO of CAS Strategies and former Deputy National Cyber Director, to unpack how AI is redefining cyber risk at every layer of the organization. Camille explains why identity-based attacks are so effective and how non-human identities (from APIs to AI agents) are quietly expanding the attack surface. She emphasized how critical MFA is for organizations to enable as they scale up AI operations., and why conditional access and governance must be foundational, not optional. The conversation also tackles ethical AI head-on. Camille argues that AI ethics and AI security are inseparable, and that removing humans from the loop introduces both legal and operational risk. From shadow AI to agent autonomy, she offers a clear-eyed framework for deploying AI systems that augment human teams rather than replace them. This episode is a practical guide for security leaders and learners navigating AI adoption, focused on resilience, trust, and long-term enterprise readiness. What You’ll Learn Why identity has become the dominant attack surface How AI agents and non-human identities increase risk Where EDR falls short in Identity-driven attacks Why AI ethics is foundational to AI security How governance enables secure AI deployment When AI should augment—not replace—security teams Episode Highlights [00:03:00] Cyber offense and the evolving national strategy [00:07:30] Identity eclipses malware as the primary threat [00:10:00] AI systems as high-value targets [00:12:30] Human judgment vs. automated response [00:14:00] The ethics–security connection [00:15:30] Why AI governance can’t be an afterthought

    27 min
  8. When Hacktivists Target Water Utilities

    3 FEB

    When Hacktivists Target Water Utilities

    Russian-aligned hacktivist groups are increasingly targeting industrial control systems and OT environments—and sometimes it’s shockingly easy. In this episode, Daniel dos Santos, VP of Research at Forescout, walks through how his team used a honeypot to observe an attack against a simulated water treatment facility. We explore attacker motivations, common entry points, and what defenders must prioritize now. What You’ll Learn How honeypots can uncover real-world hacktivist tactics and behaviors Why exposed HMIs remain one of the weakest entry points in OT environments How Telegram has become a primary platform for hacktivist attack claims The evolving motivations behind Russian-aligned hacktivist groups Why visibility across all networked devices is critical to defense How opportunistic attacks differ from targeted nation-state operations Practical steps to avoid becoming “easy prey” for attackers Episode Highlights 00:02:30 – How the Attack Was Discovered Spotting the honeypot activity through Telegram claims00:04:00 – The Entry Point Explained Default credentials and exposed HMIs00:06:45 – Hacktivist Motivation Shift From activism to geopolitics and profit00:10:50 – Why OT Attacks Are Hard to Eradicate Hidden devices and lateral movement 00:14:20 – The Core Defensive Takeaway Don’t ignore opportunistic threats Episode Resources Forescout Research ReportsTelegram (hacktivist communications platform)Canadian Government OT Security Alert Shodan (internet-exposed asset scanning tool)

    20 min
See All (52)

About

Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.

Information

  • Creator
    Rubrik
  • Years Active
    2024 - 2026
  • Episodes
    52
  • Rating
    Clean
  • Copyright
    Copyrights © 2024 All Rights Reserved by Rubrik 794942
  • Show Website
    Data Security Decoded
  • Provider

You Might Also Like