Secure Talk Podcast

Justin Beals

Secure Talk reviews the latest threats, tips, and trends on security, innovation, and compliance. Host Justin Beals interviews leading privacy, security and technology executives to discuss best practices related to IT security, data protection and compliance. Based in Seattle, he previously served as the CTO of NextStep and Koru, which won the 2018 Most Impactful Startup award from Wharton People Analytics. He is the creator of the patented Training, Tracking & Placement System and the author of “Aligning curriculum and evidencing learning effectiveness using semantic mapping of learning assets,” published in the International Journal of Emerging Technologies in Learning (iJet). Justin earned a BA from Fort Lewis College.

  1. The Insider Threat: How a US Soldier Planned for Years to Kill His Own Unit

    4 DAYS AGO

    The Insider Threat: How a US Soldier Planned for Years to Kill His Own Unit

    The most dangerous threats don't break down the door - they already have the keys. March 23, 2003, Kuwait: Command Sergeant Major Bart Womack was loading ammunition and watching Tiger Woods play golf at 1 AM when a grenade rolled into his tent. What followed was every leader's worst nightmare - discovering that one of your own had been planning to destroy you all along. This isn't just a military story. It's a threat to security we face everywhere. In today's world of workplace shootings, corporate espionage, and school violence, the statistics are terrifying: • Insider threats cause 60% of all security breaches • From Sandy Hook to Fort Hood - trusted insiders inflict maximum damage • Corporate employees steal billions in trade secrets annually • The average insider threat goes undetected for 85 days What makes this episode essential viewing: Real Combat Experience: CSM Womack survived two Bronze Star combat situations, including a firefight with North Korean forces in the DMZ The Diary Revelations: The attacker's own writings revealed: "Destroying America was my plan as a child" - written YEARS before joining the Army Life-Saving Strategies: The 6 proactive methods that could prevent workplace violence, school shootings, and corporate sabotage Universal Application: These hard-learned lessons apply to offices, schools, places of worship, and anywhere people gather The Shocking Truth: While 5,000 soldiers searched for "insurgents," the real enemy was wearing the same uniform, had taken the same oath, and was sleeping in the tent next door. Why This Matters to YOU: Whether you're a parent worried about school safety, a manager responsible for employee welfare, or simply someone who wants to protect your community - the warning signs are the same. Political polarization, social media radicalization, and workplace tensions create the perfect storm for insider threats. What You'll Learn: ✅ The "Trust No One" philosophy (and what it really means) ✅ How to implement "Observe, Listen, Report" in your environment   ✅ Why your gut instinct is your strongest security tool ✅ The evolution from belief → radicalized → extreme ✅ Real warning signs that leaders consistently miss CSM Bart Womack transformed his traumatic experience into a mission: preventing others from experiencing what he and his soldiers endured. His insights have protected countless workplaces, schools, and communities. The Bottom Line: In an era where conspiracy theories fuel real violence, where workplace tensions explode into tragedy, and where trusted insiders become active threats - these lessons could save your life. 🎖️ 29-year Army veteran, 101st Airborne Division 📖 Author of "Embedded Enemy"  🎤 Professional security consultant and keynote speaker 🔒 Insider threat prevention expert This episode contains discussions of violence and may not be suitable for all audiences. #InsiderThreat #WorkplaceSafety #SchoolSecurity #Cybersecurity #MilitaryStory #SecurityAwareness #ThreatPrevention #CorporateSecurity #NationalSecurity #CrisisManagement #SecurityLeadership #RiskManagement #EmergencyPreparedness #SafetyTraining #SecurityEducation Subscribe for more real-world security insights that could save lives. Your safety depends on what you don't see coming.

    55 min
  2. Machines Running Amok: We've Created More Than We Can Secure with Oded Hareven

    15 JUL

    Machines Running Amok: We've Created More Than We Can Secure with Oded Hareven

    Machines Running Amok: We've Created More Than We Can Secure Twenty years ago, you could count the servers in your data center. Today, we've unleashed an army of digital entities that's spiraling beyond our control. For every human employee, there are 50-100 machine identities operating in your environment—containers, serverless functions, and automated processes that spawn and disappear by the minute. We've created more computing power than we have the ability to secure, and the machines are running amok. In this episode of SecureTalk, we dive deep into the invisible crisis affecting 91% of organizations: machine identity breaches. Join host Justin Beals and cybersecurity expert Oded Hareven, CEO of Akeyless, as they explore why password rotation is dead, how ephemeral computing is breaking traditional security models, and what revolutionary approaches like distributed fragment cryptography mean for the future of cybersecurity. What You'll Learn: • Why 85% of identity breaches now come from compromised machines, not humans • The fundamental mismatch between static security and dynamic infrastructure • How military-grade cybersecurity innovations are transforming commercial applications • Why the AI-quantum computing convergence is forcing us to rethink encryption • Practical steps toward "SSO for machines" and ephemeral security models Key Topics: Machine identity management at scaleZero-knowledge cryptographyQuantum-resistant security architecturesThe evolution from static → rotation → ephemeral securityBuilding security that matches cloud-native infrastructure Guest: Oded Hareven, Co-founder & CEO of Akeyless. Timestamps:  00:00 Introduction to Cybersecurity and Machine Identities 04:37 The Evolution of Security Paradigms 09:30 Akeyless and Machine Identity Management 13:53 Zero Trust and Ephemeral Security 18:36 The Impact of AI and Quantum Computing on Security 23:19 Future Trends in Cybersecurity and Akeyless's Vision Resources: Akeyless: https://akeyless.ioSecureTalk Podcast: www.securetalkpodcast.com #Cybersecurity #CloudSecurity #MachineLearning #QuantumComputing #DevSecOps #IdentityManagement #ZeroTrust

    45 min
  3. Open Source vs Commercial: How "Winning Culture" Has Made Us More Vulnerable | Greg Epstein

    8 JUL

    Open Source vs Commercial: How "Winning Culture" Has Made Us More Vulnerable | Greg Epstein

    Open Source vs Commercial: How "Winning Culture" Has Made Us More Vulnerable | Greg Epstein Silicon Valley's shift from collaborative open-source principles to winner-take-all commercial dominance hasn't just changed business models—it's made us fundamentally more vulnerable. When companies prioritize winning everything over building secure, collaborative ecosystems, we all pay the price. But there's a profound irony: the more desperately these leaders chase absolute victory, the more they reveal themselves as losers of the most important game—building meaningful human communities. In this episode, Harvard and MIT Humanist Chaplain Greg Epstein explores how tech's false prophets have led us astray and, more importantly, how we might find our way back to building human-centered security that actually works. The strongest security has never come from building higher walls—it comes from creating ecosystems where everyone's success strengthens the whole. When we understand how to work together better, we all create better security. What You'll Learn: • How winner-take-all thinking creates systemic vulnerabilities • Why collaborative open-source principles build more resilient systems • The hidden security costs of commercial dominance • Practical strategies for building multi-stakeholder security • How to shift from competition to collaboration in your organization Watch this episode to discover how changing your approach to teamwork and partnerships can dramatically improve your security posture. About Greg M. Epstein: Greg serves as Humanist Chaplain at Harvard University and MIT, and spent 18 months at TechCrunch exploring the ethics of companies shifting our definition of humanity. He's the author of "Tech Agnostic: How Technology Became the World's Most Powerful Religion, and Why it Desperately Needs a Reformation." Timestamps: Chapters 00:00 The Corruption of Winning Culture02:39 The Role of Community in Security05:44 Navigating the Media Landscape08:20 The Algorithmic Influence on Information11:01 The Cult of Personality in Tech13:44 The Messianic Figures in Technology16:24 The Fall of Tech Prophets19:15 The Importance of Losing21:44 The Future of Technology and Humanity24:29 The Need for Ethical Technology26:56 The Role of Men in Modern Society29:39 The Impact of AI on Society32:15 The Cult-like Nature of Tech Culture34:54 The Importance of Human Connection37:43 The Future of Humanism in Tech40:11 The Path Forward for Technology and Humanity #TechEthics #CommunityBuilding #DigitalSecurity #TechCulture #HumanistChaplain #SiliconValley #TechReformation

    1 hr
  4. Securing AI at Enterprise Scale: Lessons from Walmart's Transformation with Tobias Yergin

    1 JUL

    Securing AI at Enterprise Scale: Lessons from Walmart's Transformation with Tobias Yergin

    When one of the world's largest enterprises deploys AI across 10,000+ developers, the security challenges are unlike anything most organizations have faced. In this episode of SecureTalk, we explore the critical security and strategic considerations for deploying AI tools at enterprise scale with Tobias Yergin, who led AI transformation initiatives at Walmart. Key Topics Covered: Why traditional security rules fail with probabilistic AI systemsThe exponential risk of scaling AI agents from dozens to thousandsBuilding secure data foundations for enterprise AI deploymentProtecting AI agents that operate beyond your firewallStrategic approaches to AI implementation that balance innovation with riskThe ontological framework for mapping AI capabilities to business tasksFirst principles thinking for AI security architecture Tobias brings over two decades of experience in digital transformation, having held senior leadership roles at Intel, VMware, Panasonic, and Citrix Systems. His practical insights from implementing AI at Walmart's massive scale offer invaluable guidance for CISOs and security professionals navigating the complexities of enterprise AI adoption. Perfect for: CISOs, Security Architects, IT Leaders, Enterprise Risk Managers, and anyone responsible for securing AI implementations in large organizations.

    44 min
  5. Special Episode: The Secure Talk Security Awareness Training 2025 (With HIPAA!)

    24 JUN

    Special Episode: The Secure Talk Security Awareness Training 2025 (With HIPAA!)

    SecureTalk 2025 Security Awareness Training | Complete Compliance Guide Welcome to SecureTalk's comprehensive 2025 Security Awareness Training video! This annually updated training is designed to help organizations meet their security compliance requirements while building a strong security culture. 🎯 What You'll Learn: Social Engineering & AI-Enhanced Threats Advanced phishing detection in the AI eraVoice and video deepfake attack recognitionFinancial verification protocols to prevent fraudHealthcare data protection against social engineering Cloud Security & Infrastructure Common cloud misconfigurations and preventionSecure AI model development and deploymentFinancial data protection in cloud environmentsPackage dependency management and vulnerability scanning Supply Chain & Third-Party Risk Vendor security assessment frameworksZero Trust architecture implementationHIPAA compliance for business associatesAI vendor risk evaluation checklists Insider Threats & Hybrid Work Security Behavioral analytics for threat detectionEnvironment-adaptive security controlsData loss prevention in remote work settingsSegregation of duties in digital workflows Regulatory Compliance & Automation 2025-2026 regulatory calendar overviewControl-centric compliance approachContinuous monitoring and automation strategiesMulti-framework compliance alignment Building Security Culture Security mindset vs. rule-following approachPositive reinforcement security programsOrganizational security maturity modelsLeadership's role in security culture 💼 Compliance Frameworks This Training Addresses: SOC 2 Type I & IIISO 27001HIPAA & Healthcare SecurityPCI DSSCMMC (Cybersecurity Maturity Model Certification)GDPR & EU AI ActAI Accountability ActNIST Cybersecurity FrameworkState privacy laws (CCPA, CPRA, etc.) 🏆 Perfect For: Annual security awareness training requirementsCompliance audit preparationNew employee onboardingSecurity culture developmentMulti-framework compliance programs 🎓 Certification Available: Complete the training and receive a certification of completion for your compliance documentation.     https://4dont.share.hsforms.com/2EVBbDWdBQyKG5Udaaj0baA 📺 About SecureTalk: SecureTalk explores critical information security innovation and compliance topics. Hosted by Justin Beals, founder and CEO of StrikeGraph, featuring expert insights from cybersecurity professionals across finance, healthcare, engineering, and compliance. 🔔 Subscribe for more security insights and compliance guidance! Chapters: 0:00 Introduction & Training Overview 3:18 Social Engineering with Steven Ferrell (IT Compliance Expert) 15:00 Advanced Threats with Kenneth Webb (CISA, CISSP) 30:30 Cloud Security with Josh (Head of Engineering) 44:55 Insider Threats with Elmy Peralta (Assessments Manager) 49:09 Regulatory Compliance with Micah Spieler (Chief Product Officer) 1: 01:42 Security Culture with Juliett Eck (CFO) #CybersecurityTraining #SecurityAwareness #ComplianceTraining #SOC2 #HIPAA #ISO27001 #SecurityCulture #StrikeGraph #SecureTalk

    1h 11m
  6. The Security Leader Who Predicted AI Would Replace His Own Team (And Why He's Right) with Satyam Patel

    17 JUN

    The Security Leader Who Predicted AI Would Replace His Own Team (And Why He's Right) with Satyam Patel

    🌙 THE MIDNIGHT SECURITY GUARDIAN: A CISO'S ORIGIN STORY At 2 AM, most people are dreaming. Satyam Patel is wide awake, sending texts to his security team: "Are we secure? Did we patch that server? Is MFA enabled on that service account?" This isn't insomnia—it's the origin story of how a "big firewall guy" transformed into one of cybersecurity's most forward-thinking leaders, and why his journey from infrastructure skeptic to AI evangelist mirrors the entire industry's evolution. 📖 THE THREE-ACT TRANSFORMATION: Act I: The Infrastructure Skeptic's Awakening Watch Satyam's journey from traditional "firewall and load balancer guy" to realizing that employees can't be forced behind VPNs anymore. The moment he discovered that flexibility doesn't mean vulnerability—it means evolution. Learn how this mindset shift led him from protecting perimeters to protecting people. Act II: The Culture Shock That Changed Everything Picture this: After years of doing "security roadshows" and begging for budget, Satyam walks into Kandji and experiences reverse culture shock. Instead of chasing people for security buy-in, they come to HIM asking, "What does security think?" Witness the CEO moment that flipped his world: "It's not a request—it's a mandate to protect our company at ANY cost." Act III: The AI Prophet's Dilemma The heated boardroom debate that keeps CISOs awake: Replace human SOC analysts with AI, or keep the human element? Follow Satyam's internal struggle as he weighs 10,000 daily AI-analyzed calls against human intuition, leading to his bold prediction about "Minority Report" style predictive cybersecurity. 🎭 CHARACTER-DRIVEN MOMENTS: The Paranoid Father: Why Satyam forces his family to use alphanumeric passwords and what Tom Cruise's "Minority Report" taught him about threat prediction. The Reformed Skeptic: How a career infrastructure guy learned to embrace endpoint security and why he now believes MDM is the new perimeter. The Reluctant Prophet: His uncomfortable realization that automation will replace thousands of cybersecurity jobs—and why he's helping it happen. ⚡ PLOT TWISTS YOU WON'T SEE COMING: The university graduate's graduation post that led to complete identity theftWhy 99% security equals 100% vulnerability (and the math that proves it)The Signal app scandal that changed how he thinks about mobile security 🎬 THE SUPPORTING CAST: Adam (Kandji CEO): The leader who gave unlimited security budgetThe Development Team: Who learned to ask security questions firstThe 2 AM Security Team: Who actually appreciate the paranoid textsThe AI SOC Analyst: The non-human teammate changing everything 🚀 MEET THE PROTAGONIST: Satyam Patel isn't your typical CISO. He's the guy who went from customer to C-suite, from skeptic to believer, from infrastructure defender to AI advocate. With 25+ years of plot twists, failed budgets, successful breaches prevented, and one very understanding family who puts up with alphanumeric phone passwords. #CISOStory #CyberSecurityJourney #AIvsHuman #ZeroTrust #SecurityLeadership #ThreatDetection #Kandji #EndpointSecurity #ParanoidCISO #CyberStory #SecurityCulture #TechTransformation This isn't just another security interview—it's a cybersecurity thriller with real-world consequences. Subscribe for more stories from the digital frontlines! 🎬🔐

    42 min
  7. Can Cybersecurity be "Agile"? with Brian Wagner

    10 JUN

    Can Cybersecurity be "Agile"? with Brian Wagner

    Can Security be “Agile”? with Brian Wagner In this comprehensive interview, Brian Wagner, CTO at Revenir and former AWS security executive, shares insights from his new book "Redefining Information Security" and explains why the cybersecurity industry needs a fundamental shift in approach. With over 20 years of experience leading security transformations across enterprise organizations, Wagner presents a practical framework for moving beyond reactive security models. About the Guest: Brian Wagner brings extensive C-suite experience from Amazon Web Services, Moody's RMS, Bulletproof, and Defense.com. Based in London, he speaks globally on cloud security, AI-driven solutions, and security transformation. His latest book "Redefining Information Security" introduces a three-level maturity framework that's gaining attention from security leaders worldwide. Key Discussion Points: The Security Maturity Framework: Wagner outlines his three-level approach—Reactive, Proactive, and Adaptive security—explaining how organizations can assess their current position and plan strategic improvements. He emphasizes that most companies remain stuck in reactive mode, responding to threats after damage occurs.From Cybersecurity to Information Safety: The conversation explores Wagner's concept of treating security as "information safety" rather than traditional cybersecurity. This cultural shift makes digital protection everyone's responsibility, transforming potential vulnerabilities into defensive assets.AI in Security Applications: Drawing from his work at Revenir, where the company handles sensitive financial and personal data across international borders, Wagner discusses practical AI implementations for pattern recognition, fraud detection, and compliance monitoring. He explains why AI excels at identifying normal versus abnormal patterns in security contexts.Security as Business Enabler: Wagner demonstrates how security can function as a competitive advantage rather than a cost center. He shares strategies for communicating security value to go-to-market teams and integrating security features into product development cycles.Compliance vs. Security Balance: The discussion addresses the relationship between regulatory compliance and actual security, with Wagner explaining how compliance represents minimum standards while effective security requires ongoing investment and adaptation.Open Source and Democratic Security: Wagner advocates for open source collaboration in cybersecurity, arguing that community-based approaches provide more transparent and accessible security solutions, especially important given recent changes in vulnerability disclosure programs. Practical Implementation:  The conversation includes real-world examples, from detecting sophisticated employment fraud schemes to integrating security practices into agile development workflows. Wagner emphasizes incremental improvements and measurable outcomes. Book Recommendation: "Redefining Information Security" offers a strategic approach to security leadership, focusing on cultural transformation and business alignment rather than purely technical solutions. The book provides frameworks for security professionals and business leaders looking to modernize their approach to digital protection. Link to the book: https://www.koganpage.com/risk-compliance/redefining-information-security-9781398620018 This interview provides valuable insights for cybersecurity professionals, technology leaders, and anyone interested in understanding how AI and modern approaches are reshaping enterprise security practices. #Cybersecurity #InformationSecurity #AI #SecurityMaturity #AWS #CloudSecurity #CTO #CISO #ThreatDetection #SecurityCulture #CyberThreats #SecurityLeadership

    46 min
  8. The AI Creator's Confession: "I Built Google Translate to Unite People. It's Now Tearing Us Apart" with De Kai

    3 JUN

    The AI Creator's Confession: "I Built Google Translate to Unite People. It's Now Tearing Us Apart" with De Kai

    What happens when you realize your life's work is being used to destroy what you hoped to create? Meet De Kai - the man who helped build Google Translate, Siri, and modern AI systems. In 1990s Hong Kong, he dreamed of AI that could bridge cultural divides. Thirty years later, he experienced his "Oppenheimer moment" - the same machine learning he pioneered to unite people was dividing humanity through social media algorithms. The Reality Check: We don't just have 8 billion humans anymore. We have 800 billion AI systems learning our behavior 24/7 - "digital children" growing up without parental guidance. 🎯 KEY INSIGHTS: • The Translation Paradox: How unity technology became division engines • The Blind Men & Elephant: Ancient parable explaining why we misunderstand AI • Digital Parenting Crisis: Why we're raising 800 billion unguided AI systems • The Psychology of Manipulation: How AI exploits cognitive weaknesses • Four Futures Scenario: Humanity's possible paths with AI 🧠 AI MANIPULATION TACTICS REVEALED: Anchoring attacks that shape your thinkingBelief perseverance traps that backfire fact-checkingHow algorithms turn gossip into social weapons📖 ABOUT "RAISING AI": De Kai's book explores the question we should be asking: Not "Will AI replace us?" but "How do we raise AI ethically?" Written by Google's AI Ethics Council founding member, it reveals why current AI needs 15 million times more data than human children and provides a framework for ethical AI development. 🔬 DE KAI'S CREDENTIALS: • AI pioneer & Founding Fellow in computational linguistics • Independent Director of AI ethics think tank The Future Society • One of 8 inaugural members of Google's AI Ethics Council • Joint appointment at HKUST Computer Science & Berkeley's International Computer Science Institute • Electronic musician exploring AI creativity 💭 QUESTIONS ANSWERED: How translation tech became social manipulation?What makes AI behave like "unparented teenagers"?How to be a good "AI parent" in organizations?Why human-AI merger might be our best survival strategy? The Timeline is Accelerating. 99% of people are "frozen like deer in headlights" facing humanity's most disruptive transformation. Organizations ignoring AI governance face competitive extinction within five years. This isn't academic theory - it's a confession and warning from someone who helped create the systems now shaping global culture. Book: Raising AI: An Essential Guide to Parenting Our Future #AIEthics #GoogleTranslate #ArtificialIntelligence #MachineLearning #RaisingAI #TechnologyLeadership #AIGovernance #DigitalTransformation #FutureOfWork #AIStrategy #Innovation #TechLeadership #AICompliance #BusinessStrategy

    44 min
See All (232)

About

Secure Talk reviews the latest threats, tips, and trends on security, innovation, and compliance. Host Justin Beals interviews leading privacy, security and technology executives to discuss best practices related to IT security, data protection and compliance. Based in Seattle, he previously served as the CTO of NextStep and Koru, which won the 2018 Most Impactful Startup award from Wharton People Analytics. He is the creator of the patented Training, Tracking & Placement System and the author of “Aligning curriculum and evidencing learning effectiveness using semantic mapping of learning assets,” published in the International Journal of Emerging Technologies in Learning (iJet). Justin earned a BA from Fort Lewis College.

Information

  • Creator
    Justin Beals
  • Years Active
    2018 - 2025
  • Episodes
    232
  • Rating
    Clean
  • Copyright
    © All rights reserved
  • Show Website
    Secure Talk Podcast

You Might Also Like