Phishing For Answers

Joshua Crumbaugh, Founder & CEO of PhishFirewall
  • 0.0 (0)
  • Management
  • Updated Weekly

“Phishing for Answers” brings you insider knowledge from the front lines of cybersecurity. Listen in as we speak with seasoned professionals about overcoming phishing attacks, managing user training, and implementing solutions that work. From practical insights to actionable strategies, this podcast is your guide to strengthening security awareness across your organization.

  1. 1d ago

    Phishing 4 Answers: Jay McKickle on Extreme Cyber Defense

    Send us Fan Mail When your office ranges from the bottom of the ocean to the vacuum of space, cybersecurity is about protecting life and critical infrastructure. In this episode of Phishing 4 Answers, Joshua Crumbaugh sits down with Jay McKickle, Chief Information Security Officer of Oceaneering. Jay is responsible for the digital resilience of a global leader in subsea robotics, maritime technology, and aerospace engineering. We dive into the complexities of securing operational technology (OT), managing global supply chain risks, and the unique challenges of remote-piloted offshore operations. Join us as we explore what it takes to defend a technology stack that operates where others can't follow. Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    36 min

  2. 1d ago

    Phishing for Answers: The CISO on the Razor's Edge

    Send us Fan Mail A conversation with Steve Tout, author of The CISO on the Razor's Edge, about what it really takes to lead cybersecurity in today's complex environment. Steve draws from systems thinking, game theory, and real-world advisory experience across high tech and financial services to reframe cybersecurity as a leadership challenge — not just a tech problem. We dig into the pressures reshaping the modern CISO, why alignment beats control, how to navigate chaos with clarity, and why too many security leaders burn out under impossible expectations. If you've ever felt like you're leading from the edge, this episode is for you. Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    39 min

  3. Jun 10

    Social Engineering for Good: How Psychology Beats Technology

    Send us Fan Mail Psychology has become the new firewall in our digital world. When sophisticated security systems block 99.9% of attacks, hackers focus on the fraction that reaches humans – making your brain the ultimate cybersecurity tool. Cybersecurity expert Tate Jaro shares his journey from Army infantry officer to Secret Service special agent investigating major financial crimes like the JP Morgan intrusion case, which compromised over 100 million records. Through these experiences, he developed a critical insight: while technical defenses are essential, human behavior ultimately determines whether an organization stays secure. The conversation reveals how traditional security awareness approaches often fail because they focus on compliance rather than behavior change. Most people want to be secure but struggle with complexity, lack of immediate consequences, and competing priorities. The solution? Treating security awareness like marketing – focusing on influencing behaviors and capturing attention through psychology rather than technical jargon. "We're not hacking systems, we're hacking behaviors," explains Jaro, highlighting how simple changes like enabling captions on training videos can improve effectiveness by 35%. Controversial practices like "gotcha" phishing simulations that trick employees often backfire by creating distrust and fear rather than building security confidence. Building a security-minded culture requires creating social proof – demonstrating that security awareness is valued and expected within an organization. When employees who report potential threats are celebrated, vigilance becomes part of the organizational identity. Equally important is destigmatizing security mistakes by discussing incidents openly, removing the shame that prevents people from reporting problems. Want to strengthen your personal digital defenses? Check out onlinesafety.substack.com for weekly, actionable privacy and security tips from a true expert. Remember that small improvements in your security habits create ripple effects across both your personal and professional digital life. Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    54 min

  4. Jun 10

    Click Bait: Why Even Tech Experts Fall for Social Engineering

    Send us Fan Mail Dive into the fascinating world of social engineering with Joshua Crumbaugh and his guest Arnaud Lucas, CTO at Cambridge Mobile Telematics. This eye-opening conversation reveals why human psychology, not technology, sits at the heart of cybersecurity defenses. From Arnaud's childhood journey into coding (when his father refused to buy him a gaming console and challenged him to code his own games) to his development of security-first approaches at major companies, the discussion explores how technical leaders can build truly effective security cultures. You'll discover why role-based security training dramatically outperforms generic awareness programs, with studies showing it's 15 times more effective when contextual to daily work. The conversation tackles the counterintuitive truth that the best security measures don't add friction—they remove it, making secure options simpler than insecure alternatives. The most chilling segment explores the rapid evolution of AI-enabled threats, particularly deepfakes that can clone voices and create hyper-targeted attacks. While technology has its place in defense, Arnaud and Joshua agree that organizational culture, robust processes, and employee empowerment provide the strongest protection. Whether you're a security professional, developer, or business leader, you'll walk away with actionable insights on securing your organization through simplicity rather than complexity. Because as Joshua reminds us, "We're not hacking systems, we're hacking behaviors"—and understanding this principle is your best defense. Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    42 min
  5. Level Up Your Cybersecurity Awareness

    Jun 10

    Level Up Your Cybersecurity Awareness

    Send us Fan Mail Dive into an enlightening discussion focused on the intersection of social behavior and cybersecurity with Eric Harris, CISO of the Charlie Norwood VA Medical Center. In this episode, we explore how human interactions, particularly through social media, create vulnerabilities that cybersecurity measures must address. Eric sheds light on the often-overlooked role of the human element in cybersecurity, asserting that the frontline of defense resides in employee awareness and actions. We tackle how platforms like LinkedIn, despite their professional intent, can inadvertently expose individuals and organizations to significant risks. Eric emphasizes the necessity of developing targeted security awareness programs rooted in historical data and current vulnerabilities. Our conversation also delves into the importance of maintaining a balance between encouraging compliance through positive reinforcement and addressing violations with a more stringent approach when necessary. Moreover, as we navigate the evolution of AI in cybersecurity, Eric's perspective on the need for continuous and integrated training resonates deeply in our current tech landscape. Join us in understanding how to foster a security-oriented culture that empowers every employee to contribute to the organization's overall defense strategy. Your engagement is key—subscribe to stay updated, share the episode with your network, and help broaden the conversation around cybersecurity awareness. Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    39 min

  6. Jun 10

    Psychology Is the New Firewall: How Human Insight Trumps Every Trick

    Send us Fan Mail Pete Gibson, former CIO at companies like Alamo, Wyndham Hotel Group, and Friendly's, shares his journey from liberal arts major to cybersecurity leader and discusses how psychology has become the new firewall in today's threat landscape. • Started in technology after joining the Navy, eventually managing the Tomahawk cruise missile program • Maintained impressive staff retention rates (up to 100%) through three company bankruptcies by focusing on treating people fairly • Advocates transparent risk communication to executives through heat maps and best practice comparisons • Shares how his team recovered from a ransomware attack without paying ransom due to network segmentation • Emphasizes building a security culture where everyone contributes rather than relying on a few specialists • Encourages security training that connects to employees' personal lives to create lasting behavioral change • Uses rewards like gift cards to celebrate security improvements, not just perfect performance • Believes in combining the "carrot" approach with occasional "stick" consequences for repeat offenders • Recommends tailored training approaches for chronic clickers rather than one-size-fits-all policies • Suggests including security awareness in new employee orientation to establish expectations from day one Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    51 min

  7. Jun 2

    Brain Over Bytes: Your Mind Is The Ultimate Security Tool

    Send us Fan Mail What if your strongest cybersecurity defense wasn't a firewall, but your people? That provocative question forms the foundation of our fascinating conversation with Dr. Justin Uber, adjunct professor at Marymount University and component CISO at the US Department of Transportation. Dr. Uber shares his remarkable journey from Army medic serving three tours in Iraq to cybersecurity leader, bringing a unique perspective shaped by psychology, medicine, and technical expertise. Together, we explore the groundbreaking B=MAP formula (Behavior = Motivation × Ability × Prompting) and how it transforms security awareness from a compliance exercise into a cultural cornerstone. The discussion reveals why traditional approaches fail and what actually works in changing human security behaviors. We unpack how contextual, role-based training delivers 15 times more effectiveness than generic awareness programs, and why breaking training into 30-second micro-sessions twice weekly outperforms annual hour-long trainings while using the same time budget. Dr. Uber shares tactical insights from his experience creating security champions through storytelling and open forums where employees can discuss security incidents without fear of judgment. Perhaps most compelling is the concept of "Social Engineering for Good" - using the same psychological principles attackers exploit, but harnessing them to strengthen defenses. By encouraging employees to share security knowledge with family members, they transform into security experts within their personal circles, fundamentally changing how they approach threats at work. Whether you're a security professional struggling with end-user behaviors or a leader wondering how to strengthen your human firewall, this episode delivers practical strategies you can implement immediately. Subscribe now and discover why the best defense truly is in your mind. Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    40 min

  8. May 26

    Phishing 4 Answers: Real-World Risk in the AI Era

    Send us Fan Mail AI is moving fast. Is your security keeping up? ⚡ I’m thrilled to announce our next guest for Phishing 4 Answers: Rohit Parchuri, SVP & CISO at Yext. Rohit isn't just managing security for a public tech giant; he’s pioneering how enterprises actually govern AI. From vendor risk to data amplification, he’s seen it all. We’re going to discuss the practical frameworks Yext uses to stay secure while leading the market in AI-driven search. If you’re a leader trying to balance innovation with ironclad security, you need to be in the room for this one. Join us LIVE: 🗓️ Tuesday, May 12th ⏰ 10:00 A.M. CTJoshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations. PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

    37 min
See All (55)

About

“Phishing for Answers” brings you insider knowledge from the front lines of cybersecurity. Listen in as we speak with seasoned professionals about overcoming phishing attacks, managing user training, and implementing solutions that work. From practical insights to actionable strategies, this podcast is your guide to strengthening security awareness across your organization.

Information

  • Creator
    Joshua Crumbaugh, Founder & CEO of PhishFirewall
  • Years Active
    2024 - 2026
  • Episodes
    55
  • Rating
    Clean
  • Copyright
    © 2026 Phishing 4 Answers
  • Show Website
    Phishing For Answers