Data Security Decoded

Rubrik
  • 0,0 (0)
  • ACTUALITÉS TECHNOLOGIQUES
  • TOUTES LES 2 SEMAINES

Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.

  1. Your Backups Are Talking — Are You Listening?

    -19 H

    Your Backups Are Talking — Are You Listening?

    Security teams spend enormous effort chasing the latest threats, yet often overlook one of the most revealing sources of truth already in their environment: backups. In this episode of Data Security Decoded, host Caleb Tolin sits down with Kyle Fiehler, Transformation Analyst at Rubrik Zero Labs, to explore why backup data has become a critical — and largely ignored — form of security telemetry. Kyle explains how secure, immutable backups act as a historical record of attacks that evaded traditional detection tools, capturing digital fingerprints left behind by sophisticated adversaries. From hypervisor-level threats to long-dwell state-backed actors, backups often reveal what endpoint and network tools miss. And attackers know it. As Kyle outlines, ransomware groups like Evil Corp and Storm-0501 deliberately target backups and identity infrastructure to maximize leverage and accelerate payouts. The conversation also challenges how organizations think about recovery and Mean Time to Response (MTTR). Rather than treating MTTR as a single metric, Kyle advocates breaking recovery into phases — scoping compromise, validating clean recovery, and restoring identity — to pinpoint where resilience actually breaks down. The result is a more actionable, operational view of cyber readiness. This episode offers a clear message for security and IT leaders alike: resilience isn’t just about preventing attacks. It’s about using every available signal, drilling recovery before incidents occur, and recognizing that backups are no longer passive insurance — they’re active intelligence. What You’ll Learn Why secure backups function as a record of threats other tools miss How ransomware groups deliberately target backups and identity systems Where organizations commonly fail to extract security value from backup data How to rethink MTTR by breaking recovery into measurable phases Why identity infrastructure is central to modern recovery strategies Three concrete steps to operationalize backup intelligence today Episode Highlights [00:00] Backups as Digital Fingerprints Why immutable backups reveal threats that evade traditional security tools. [04:30] The Telemetry Everyone Ignores How organizations overlook backups as a source of threat intelligence. [07:45] Who Owns Backup Security? The growing shift from IT ownership to security accountability. [10:30] MTTR Is Broken Why recovery metrics fail — and how phased recovery fixes that. [12:45] Threat Actors Targeting Backups How groups like Evil Corp and Storm-0501 maximize leverage. [15:00] Three Actions Security Teams Can Take Today Practical steps to extract real value from backup data.

    17 min
  2. AI Moves Fast. Privacy Has to Move Faster.

    3 MARS

    AI Moves Fast. Privacy Has to Move Faster.

    AI promises speed, scale, and efficiency—but it also magnifies privacy risk in ways many organizations aren’t prepared for. In this episode, Caleb Tolin welcomes Ojas Rege of OneTrust for a practical, wide-ranging conversation on how data privacy and governance must evolve alongside enterprise AI adoption. Ojas explains why AI fundamentally changes the privacy conversation: the same systems that enable organizations to move faster can also cause harm faster when guardrails aren’t in place. From agentic AI systems that dynamically repurpose data to general-purpose models that blur traditional notions of “intended use,” the challenge isn’t just compliance—it’s trust. The discussion dives deep into purpose limitation under GDPR and the EU AI Act, clarifying where organizations commonly misunderstand consent and where AI training introduces entirely new risks. Ojas emphasizes a simple but powerful test: are you using personal data for the same purpose you originally received consent for—or has AI quietly expanded that purpose? The conversation then shifts to cloud and data sovereignty, particularly for European organizations navigating geopolitical uncertainty. Ojas outlines why data mapping, prioritization, and software supply chain visibility matter more than ever—and why perfection is less realistic than smart prioritization. Ultimately, this episode reframes governance as an enabler. When privacy and data governance are embedded early, organizations can innovate faster, build lasting trust, and deploy AI with confidence in an increasingly complex global environment. What You’ll Learn Why AI scales privacy risk just as fast as business value How purpose limitation breaks down with general-purpose AI models When AI use requires new consent—and when it doesn’t Why transparency is foundational to long-term customer trust How data sovereignty concerns extend beyond cloud providers Where software supply chains create hidden privacy blind spots How good governance can accelerate, not block, AI deployment Episode Highlights [00:02:00] AI Scales the Good—and the Bad How AI accelerates both innovation and privacy harm. [00:04:00] Purpose Limitation Meets AI Reality Why general-purpose models challenge traditional consent frameworks. [00:06:30] Trust as a Business Risk Why transparency matters as much as legal compliance. [00:07:30] Cloud & Data Sovereignty Explained What European organizations can do today to reduce risk. [00:10:30] The Software Supply Chain Blind Spot Why third parties make sovereignty harder in the AI era. [00:12:30] Data as Economic Power How nations now view citizen data as an AI asset. [00:14:00] Governance That Enables Speed Why governing early helps organizations move faster later.

    25 min
  3. The Real Risks of Agentic AI in the Enterprise

    17 FÉVR.

    The Real Risks of Agentic AI in the Enterprise

    As enterprises race to adopt AI, many are discovering that traditional security models no longer hold. In this episode of Data Security Decoded, host Caleb Tolin is joined by Camille Stewart-Gloster, CEO of CAS Strategies and former Deputy National Cyber Director, to unpack how AI is redefining cyber risk at every layer of the organization. Camille explains why identity-based attacks are so effective and how non-human identities (from APIs to AI agents) are quietly expanding the attack surface. She emphasized how critical MFA is for organizations to enable as they scale up AI operations., and why conditional access and governance must be foundational, not optional. The conversation also tackles ethical AI head-on. Camille argues that AI ethics and AI security are inseparable, and that removing humans from the loop introduces both legal and operational risk. From shadow AI to agent autonomy, she offers a clear-eyed framework for deploying AI systems that augment human teams rather than replace them. This episode is a practical guide for security leaders and learners navigating AI adoption, focused on resilience, trust, and long-term enterprise readiness. What You’ll Learn Why identity has become the dominant attack surface How AI agents and non-human identities increase risk Where EDR falls short in Identity-driven attacks Why AI ethics is foundational to AI security How governance enables secure AI deployment When AI should augment—not replace—security teams Episode Highlights [00:03:00] Cyber offense and the evolving national strategy [00:07:30] Identity eclipses malware as the primary threat [00:10:00] AI systems as high-value targets [00:12:30] Human judgment vs. automated response [00:14:00] The ethics–security connection [00:15:30] Why AI governance can’t be an afterthought

    27 min
  4. When Hacktivists Target Water Utilities

    3 FÉVR.

    When Hacktivists Target Water Utilities

    Russian-aligned hacktivist groups are increasingly targeting industrial control systems and OT environments—and sometimes it’s shockingly easy. In this episode, Daniel dos Santos, VP of Research at Forescout, walks through how his team used a honeypot to observe an attack against a simulated water treatment facility. We explore attacker motivations, common entry points, and what defenders must prioritize now. What You’ll Learn How honeypots can uncover real-world hacktivist tactics and behaviors Why exposed HMIs remain one of the weakest entry points in OT environments How Telegram has become a primary platform for hacktivist attack claims The evolving motivations behind Russian-aligned hacktivist groups Why visibility across all networked devices is critical to defense How opportunistic attacks differ from targeted nation-state operations Practical steps to avoid becoming “easy prey” for attackers Episode Highlights 00:02:30 – How the Attack Was Discovered Spotting the honeypot activity through Telegram claims00:04:00 – The Entry Point Explained Default credentials and exposed HMIs00:06:45 – Hacktivist Motivation Shift From activism to geopolitics and profit00:10:50 – Why OT Attacks Are Hard to Eradicate Hidden devices and lateral movement 00:14:20 – The Core Defensive Takeaway Don’t ignore opportunistic threats Episode Resources Forescout Research ReportsTelegram (hacktivist communications platform)Canadian Government OT Security Alert Shodan (internet-exposed asset scanning tool)

    20 min
  5. How Rubrik Zero Labs Uses LLMs to Analyze Malware at Machine Speed

    20 JANV.

    How Rubrik Zero Labs Uses LLMs to Analyze Malware at Machine Speed

    AI is changing how malware is built—and how it’s caught. In this episode, Caleb Tolin is joined by Amit Malik, Staff Security Researcher at Rubrik Zero Labs, to unpack how large language models are transforming malware analysis, enabling defenders to sift through thousands of samples and surface truly novel threats. From Chameleon malware abusing WSL to AI-generated attack code, this conversation explores what real data resilience looks like in an AI-driven threat landscape. What You’ll Learn How LLMs help analysts move from syntax-level review to intent-based malware analysis Why processing thousands of samples daily requires AI-assisted triage and clustering How attackers are abusing WSL and cloud-native environments to evade detection What AI-generated, dynamically delivered malware code means for traditional defenses Where LLMs excel—and where human validation remains essential Why resilience matters more than speed in AI-driven security operations Episode Highlights [00:00] AI-generated malware and shrinking attacker footprints [03:30] Why Rubrik Zero Labs built an LLM-driven malware analysis system [05:45] Scaling from 6,000 samples to 20 worth investigating[07:40] Extracting malware “business logic” before sending code to LLMs [10:05] Chameleon malware abusing Windows Subsystem for Linux [13:00] APT-linked Linux RATs and what sophistication signals intent [15:00] LLM hallucinations and the need for human verification Episode Resources Rubrik Zero Labs Research Reports

    24 min
  6. Ransomware, Remote Access, and the OT Reality Check

    6 JANV.

    Ransomware, Remote Access, and the OT Reality Check

    In this episode of Data Security Decoded, Cybersecurity veteran Dawn Cappelli joins host Caleb Tolin to unpack the rapidly evolving threat landscape facing operational technology environments. With decades of experience spanning CERT, Rockwell Automation, and now Dragos, Dawn breaks down how geopolitical conflicts, empowered hacktivists, and ransomware are reshaping OT risk. She shares the five critical ICS controls every organization should prioritize and discusses why community-driven defense models are now essential for resilience. A must-listen for leaders responsible for critical infrastructure, manufacturing, and industrial cybersecurity. What you'll learn: How global conflicts have dissolved previous norms that protected critical infrastructure from cyber retaliation. Why hacktivist groups are becoming more dangerous — and how state actors quietly support them. The five highest-impact ICS security controls and where most organizations fail. Why OT environments remain decades behind IT security — and what leaders must immediately address. How ransomware operators target manufacturing and critical infrastructure for maximum leverage. The risks of insecure remote access and unmanaged third-party connections. How OT-CERT and community defense can uplift organizations with limited resources. Episode Highlights: 00:00 – Opening + Guest Introduction Caleb introduces Dawn and frames her decades of OT and insider threat leadership. 02:00 – Dawn’s Early Journey into OT and Security How nuclear engineering, the CDC bioterrorism portal, and 9/11 sparked her cybersecurity mission. 05:00 – Founding the CERT Insider Threat Center Inside the origin story and its impact on insider risk theory. 07:00 – Moving to Rockwell: The Hidden OT Backdoor Risk Why insider sabotage in OT environments was a turning point in her career. 08:00 – The Geopolitical Shift in OT Threats How Russia–Ukraine changed everything about attacking critical infrastructure. 10:00 – The Rise of State-Aligned Hacktivists Why groups like Cyber Avengers now have real disruption capability. 13:00 – The SANS Five ICS Controls Dawn breaks down the controls that prevent and detect most attacks. 17:00 – Ransomware Trends in OT Why manufacturing is a prime target and how attacks are evolving. 19:00 – The Promise and Peril of Agentic AI in OT Why autonomous agents could cause catastrophic outcomes. 21:00 – OT-CERT: Free Global Resources How Dragos is empowering organizations worldwide with practical support. Episode Resources: Information on OT-CERT: OT-CERT Register for OT-CERT: Register for Dragos OT-CERT | Dragos Information on Community Defense Program: Community Defense Program | Dragos Register for Community Defense Program: Register for Dragos Community Defense Program | Dragos SANS Five ICS Cybersecurity Critical Controls: The Five ICS Cybersecurity Critical Controls

    28 min
  7. The Hidden Risk in Your Stack

    16/12/2025

    The Hidden Risk in Your Stack

    In this episode of Data Security Decoded, host Caleb Tolin sits down with Hayden Smith, CEO of Hunted Labs, as he breaks down how software supply chain attacks really work, why open source dependencies create unseen exposure, and what modern threat actors are doing to exploit trust at scale. Caleb and Hayden dive deep into real-world attacks, emerging TTPs, AI-powered threat hunting, and what organizations must do today to keep pace. Listeners walk away with a clear picture of the problem—and a practical blueprint for reducing supply chain risk. What You’ll Learn  How modern attackers infiltrate open source ecosystems through fake accounts and counterfeit package contributions. Why dependency chains dramatically amplify both exposure and attacker leverage. How to use threat intelligence and threat hunting to proactively evaluate upstream packages before adoption. Where AI-powered code analysis is changing the ability to discover hidden vulnerabilities and suspicious patterns. Why dependency pinning, SBOM discipline, and continuous monitoring now define a strong supply chain posture. Episode Highlights 00:00 — Welcome + Why Software Supply Chain Risk Matters 02:00 — Hayden’s Non-Cyber Passion + Framing Today’s Topic 03:00 — Why Open Source Powers Everything—and Why That Creates Exposure 06:00 — The Real Attack Vector: Contribution as Initial Access 08:00 — Inside the Indonesian “Fake Package” Campaign 10:30 — How to Evaluate Code + Contributor Identity Together 12:00 — Threat Hunting and AI-Enabled Code Interrogation 15:00 — The Challenge of Undisclosed Vulnerabilities in Widely Used Components 16:30 — How Recovery Works When Malware Is Already in Your Stack 19:00 — Continuous Monitoring as the Foundation of Modern Supply Chain Security 22:00 — Pinning, Maintainer Analysis, and Code Interrogation Best Practices 24:00 — Where to Learn More About Hunted Labs Episode Resources Hunted Labs — https://huntedlabs.com Hunted Labs Entercept Hunted Labs “Hunting Ground” research blog Open Source Malware (Paul McCarty)

    27 min
  8. Top CISO Priorities and Global Digital Trust with Morgan Adamski

    02/12/2025

    Top CISO Priorities and Global Digital Trust with Morgan Adamski

    Welcome to Data Security Decoded. Join host Caleb Tolin in conversation with Morgan Adamski who leads Cyber, Data, and Tech Risk at PwC and is a former US national security leader who spent 16 years tracking nation-state threats inside the US government. Coming out of a career spent inside secure facilities without windows or phones and working to address China’s prepositioning in US critical infrastructure, Morgan shares a direct view of how geopolitics is now shaping cyber risk decisions in boardrooms. What You'll Learn: Why only 24% invest in proactive defense, even while 60% call cyber a top priority How AI agents are cutting breach timelines to under 80 days Why cyber insurance is now a hygiene scorecard, not just financial protection The real reason leaders lack confidence in resilience Where legacy systems and supply chain dependencies expose blind spots How public–private collaboration changed the response to China’s infrastructure campaign What CISOs must confront now to avoid being blindsided by the next crisis The conversation gives security leaders and decision-makers a clear view of where current strategies fall short and the choices required to build real resilience before the next crisis forces it. Episode Highlights: [03:43] Why China prepositions inside US critical infrastructure to trigger disruption and panic in a crisis [04:20] Collective defense in action: how victims and industry exposed the campaign [09:27] The truth behind cyber budgets: only 24% invest in proactive defense [11:57] How AI agents are shortening breach lifecycles to under 80 days [13:07] Why cyber insurance is now a security scorecard, not a safety net Episode Resources Caleb Tolin on LinkedIn Morgan Adamski on LinkedIn PwC’s 2026 Global Digital Trust Insights report

    24 min
Tout afficher (47)

À propos

Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.

Informations

  • Création
    Rubrik
  • Années d’activité
    2024 - 2026
  • Épisodes
    47
  • Classification
    Tous publics
  • Copyright
    Copyrights © 2024 All Rights Reserved by Rubrik
  • Site web de l’émission
    Data Security Decoded
  • Fournisseur

Vous aimeriez peut‑être aussi