DTF Cyber Podcast

Cyber Podcast
  • 5.0 (2)
  • TECH NEWS
  • UPDATED WEEKLY

Damian, Troy, and Fern break down the week’s biggest hacks, breaches, and zero-days with zero corporate filter. Expect strong opinions, dark humor, and actionable intel from three pros who’ve been in the trenches. New episodes drop when the news is too wild to ignore.

  1. The True Cost of AI Hidden Token Costs and Cloud Charges| #DTF044

    5D AGO

    The True Cost of AI Hidden Token Costs and Cloud Charges| #DTF044

    Are you caught between a bedrock and a hard place with your organization's cloud budget? In Episode 44 of the DTF Cyber Podcast, Damian, Troy, and Fern break down the massive, unexpected financial and operational risks of enterprise AI deployments. From unmonitored AI agents creating a 100,000 "recursive loop" bill overnight to non-technical employees "vibe coding" insecure software with hardcoded secrets, the team looks past the AI hype to expose the real logistics of Day 2 operations. They also dive into the invisible data lake "IO tax," the legal pitfalls of building side projects on corporate tenants, and recent procurement data from Tropic revealing an automatic 20% to 30% "AI tax" on SaaS contract renewals. Don't let runaway token costs erode your profit margins. Hit that subscribe button, leave a thumbs up, and learn how to implement the hard engineering and financial guardrails your business needs today! TIMESTAMPS 00:00:10 - Recursive Loops & The $100,000 Bill Surprise 00:01:14 - Job Security vs. Downsizing Human Capital 00:03:03 - Vibe Coding & Bursting Credit Card Limits 00:07:42 - Model Right-Sizing: Avoiding Over-Compute 00:09:50 - The Invisible Data Lake Tax 00:10:48 - Evaluating Hidden AI Compute Fees in SaaS 00:13:29 - Token Bloat and the Field of Haystacks 00:17:28 - The Cascading Effects of Pay-Per-Use Metering 00:19:19 - The Rise of "Shadow Developers" 00:23:18 - Side Projects & Corporate Intellectual Property Traps 00:25:04 - Implementing Shadow AI Discovery & Security Tools 00:32:18 - The Startup Compliance Dilemma (The Lack of SOC 2) 00:33:21 - Secure Coding Vulnerabilities & AI Hardcoded Secrets 00:41:21 - Tropic's Procurement Insights: Navigating the SaaS AI Tax 00:51:01 - Engaging Finance in AI Strategy & Enforcing Guardrails http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1 hr
  2. Agentic SOC: Machine Speed vs. Human Liability| #DTF043

    MAY 11

    Agentic SOC: Machine Speed vs. Human Liability| #DTF043

    The hackers are already moving at light speed. If you’re still waiting for a human to click "Approve," you’ve already lost the company. But if your autonomous AI nukes a production server during a board meeting, who stands in front of the regulators? In Episode 43, the DTF crew dives into the massive 2026 shift from automated playbooks to Agentic AI. Damian argues that traditional SOAR is dead, Troy warns of the audit trail of a ghost, and Fern wonders if we’re all just vibe coding our way into an existential crisis.In this episode, we cover: - Why Human-in-the-loop is becoming a security vulnerability. - The difference between automation (scripts) and agency (reasoning). - How to govern a fleet of "Digital Interns" without losing control. - Why this technology might finally let you fire your underperforming MSP. Timestamps: 0:00 – Machine speed vs. Human approval 0:37 – The 2026 SOC Reality 2:37 – Fern’s Tesla Nightmare: The terror of Full Self-Driving 5:58 – Defining the 2026 SOC: Automation vs. Agency 10:01 – Why SOAR is officially "Legacy Tech" 15:04 – Reasoning Chains: How AI invents its own playbooks 20:23 – The Digital Intern Analogy: Scaling Tier 1 27:15 – Troy’s Reality Check: Can you audit a ghost? 33:00 – The Model Armor: Wrapping AI in Governance 40:45 – Boardroom Conflict: Who is liable for an AI mistake? 45:20 – The Kill Switch Necessity: Who holds the keys? 50:15 – Killing the MSP: Bringing the SOC back in-house 56:30 – Existential Crisis: Vibe Coding and the future of cyber jobs 1:04:50 – The Bottom Line: Transitioning to an AI Orchestrator 1:09:20 – Final Verdict: Don't be scared, be efficient #CyberSecurity #CISO #AI #AgenticAI #SOC #InfoSec #TechPodcast #DTFcyber http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 12m
  3. 200,000 Laptops Wiped in Minutes: The Stryker Attack & The Match Group Leak| #DTF042

    MAY 4

    200,000 Laptops Wiped in Minutes: The Stryker Attack & The Match Group Leak| #DTF042

    In this episode of the DTF Cyber Podcast, Damian, Troy, and Fern tackle the terrifying reality of 2026: Identity is the new weapon of mass destruction. From the architectural suicide pact that allowed a 200,000-device wipe at Stryker to the personal blackmail engines fueled by the Match Group data breach, the team explores why your own IT tools are being turned against you. Timestamps 00:00 – The "Architectural Suicide Pact" (Stryker & Match overview). 00:44 – Vegas Recording: Fern introduces the location (Findlay Automotive Group conference room). 03:00 – The 2026 Trend: Troy explains why exfiltration is the new ransomware end-game. 04:44 – The Match Incident: Troy breaks down the "Blackmail Engine" and voice-cloning risks. 07:09 – Governance Failures: Damian explains Multi-Admin Approval (MAA) and why it failed at Stryker. 10:00 – The Platform Myth: Troy discusses the "Holy Grail" of full-stack identity. 12:54 – Just-In-Time (JIT) Access: Damian breaks down automating validation for critical tasks. 18:30 – Observability Strategy: Troy discusses mapping security tools to the MITRE ATT&CK framework. 20:50 – The Cost of Downtime: Analyzing the $10M/day loss of the MGM hack. 25:40 – The SaaS Trap: Troy identifies over-privileged accounts in Salesforce and stale SaaS apps. 30:40 – Executive Friction: The Reporting Structure debate: Where the CIO and CISO clash. 33:00 – The Reporting Debate: Troy argues why the CISO should report to Legal or Risk. 38:50 – Innovate or Die: Damian's take on why blocking AI is a losing strategy. 40:40 – Closing Thoughts: Troy’s final plea to fix the Basics before moving to AI. 44:59 – Final Wrap-up: Thanking Findlay Automotive Group and the Henderson, NV hosts.

    47 min
  4. Your Resume is Boring. Here’s Why You’re Still Stuck in Entry-Level | #DTF041

    APR 27

    Your Resume is Boring. Here’s Why You’re Still Stuck in Entry-Level | #DTF041

    Is your resume landing in the trash before a human even sees it? This week on the DTF Cyber Podcast, Troy, Damian, and Fern get brutally honest about the cybersecurity job market. We aren't just talking about certifications; we're talking about why the standard advice is failing the next generation of cyber professionals. Troy reveals why he trashed 48 resumes in one morning, Damian explains why a GitHub repo is worth more than a degree, and Fern asks the questions every job-seeker is thinking but is too afraid to ask. If you're stuck in the entry-level trap, this episode is your roadmap out. Don't forget to Like, Subscribe, and hit the Bell to stay ahead of the curve! TIMESTAMPS: ⁠00:00 — Cold Open: Why Degrees Don't Stop Breaches 01:21 — Tale of Two Cities: The Cyber Bootcamp Reality 03:14 — The AI Crunch: Reskilling Mid-Flight 06:15 — Recipe vs. Cooking: Why Certifications Aren't Enough 08:28 — Project-Based Hiring: What Damian Looks for First 11:29 — The Debate: Is AI Replacing Human Thought? 15:12 — Adaptability: Finding Your Spot in the AI Workforce 20:02 — Proof of Record 22:18 — Soft Skills: The Differentiator in a Level Playing Field 23:48 — Bypassing Automated Resume Systems 27:31 — State of Fear: Lessons from Multi-Million Dollar Firms 30:15 — Stolen Valor: Spotting Fakes in Cybersecurity 32:09 — The Failure Interview: What Did You Learn? 35:13 — Leadership Relations: Building Bridges Before the Fire 40:36 — Pen Testing: Strategic or Not? 44:23 — Setting Yourself Apart 47:08 — The Open Source Debate 53:42 — Practical Projects: Using YouTube & Portfolios to Stand Out 1:03:17 — Fern’s Final Thought: Stop Hiding Your Value 1:04:05 - Episode 41 Anthem

    1h 7m
  5. Anthropic Mythos: The AI That Just Fired Its CISO? | #DTF#040

    APR 13

    Anthropic Mythos: The AI That Just Fired Its CISO? | #DTF#040

    Anthropic just changed the rules of the game with "Mythos"—a frontier-tier model that doesn't just find vulnerabilities; it reasons through a 23,000-word "Living Constitution" to decide if it even wants to help you. In this milestone Episode 40, Damian, Troy, and Fern dive into Project Glasswing, the secret group of 12 companies given early access to this "digital nuke," and debate whether we are heading toward a future of AI-on-AI warfare. From 72% exploit success rates to AI toilets, we cover the technical, the tactical, and the hysterical. Timestamps: •⁠ ⁠00:00 – Intro •⁠ ⁠02:15 – Project Glasswing: Why is Anthropic gatekeeping Mythos? •⁠ ⁠05:39 – The Stats: 72% success in generating working exploits •⁠ ⁠13:30 – Damian’s Deep Dive: Why BSD and zero-days are back in the spotlight •⁠ ⁠19:40 – The 23,000-Word Constitution: Can AI have ethics? •⁠ ⁠28:50 – Troy’s Reality Check: Liability and the "Self-Evolving" rule set •⁠ ⁠42:00 – The Great Debate: Should we bury this tech or embrace it? •⁠ ⁠50:00 – Fern’s Final Thought: AI toilets and the future of fiber

    53 min
  6. Your AI Just Spent $50,000: The Shadow AI Agent Nightmare | #DTF039

    APR 6

    Your AI Just Spent $50,000: The Shadow AI Agent Nightmare | #DTF039

    In this episode, Damian, Troy, and Fern dive into the 'Wild West' of 2026: Shadow AI. From autonomous agents paying unapproved invoices to the rinse and repeat of the 2010 cloud revolution, the team debates whether AI agents are productivity miracles or a liability nightmare for the modern CISO. Timestamps: ⁠00:00 - The $50k Shadow Agent Invoice 01:02 - Fern’s Nightmare Scenario: The AI Agent in Production 02:15 - 2010 vs. 2026: Why Shadow AI is the new Shadow IT 04:14 - Damian’s Technical Deep Dive: The Permission Explosion & Admin Entitlements ⁠11:08 - The State of the Union: CISO Mandates and the "Chief AI Officer" 26:10 - Troy’s CISO Perspective: Managing Identity Governance & Global Risk 40:13 - The Great Debate: Micro-segmentation for AI Agents 46:49 - Final Verdict: Can You Govern What You Can't See? http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    50 min
  7. The Life and Death Stakes of Healthcare Cybersecurity | #DTF038

    MAR 16

    The Life and Death Stakes of Healthcare Cybersecurity | #DTF038

    In Episode 38 of the DTF Cyber Podcast, Fern and Troy welcome Healthcare CISO, Bob Schlotfelt. We dive into why an incident at a hospital is fundamentally different from a retail breach. While Damian is out, Bob brings decades of insight into protecting patient safety over just protecting data. We discuss the nightmare of unpatchable medical devices, why compliance doesn't equal security, and the hilarious (but effective) ways to get a nurse's attention for security training. Chapter Markers: •⁠ ⁠00:00 - Intro: Netflix vs. Banks vs. Hospitals •⁠ ⁠01:46 - Introducing Bob, Healthcare CISO •⁠ ⁠08:38 - The Threat to Connected Medical Devices •⁠ ⁠18:50 - Fixing "Operational Friction" on the Hospital Floor •⁠ ⁠34:06 - Security Awareness in the Bathroom Stalls? •⁠ ⁠43:09 - Why Compliance (HIPAA) is NOT Security. •⁠ ⁠1:01:00 - Telling Truth to Power: Boardroom Advice. http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 5m
  8. Cybersecurity Salaries 2026: The "AI Squeeze" is Here | #DTF037

    MAR 9

    Cybersecurity Salaries 2026: The "AI Squeeze" is Here | #DTF037

    Is the "Cyber Skills Gap" a myth? In this episode, Damian, Troy, and Fern strip away the HR fluff and talk about the cold, hard reality of the 2026 job market. From entry-level SOC roles being "squeezed" by AI to $3.5M CISO roles that come with massive personal liability, we’re breaking down what you’re actually worth and why your resume is likely being ghosted by a bot. If you aren't negotiating your insurance and building your own AI tools, you're falling behind. THE DEEP DIVE: •⁠ ⁠00:00 – Intro •⁠ ⁠01:11 – Fern’s 2026 Job Hunt: Why 50 applications led to zero interviews. •⁠ ⁠04:20 – The "Skills Gap" Debate: Do companies actually want to hire? •⁠ ⁠09:02 – SALARY: The Entry-Level SOC Analyst floor in 2026. •⁠ ⁠14:15 – The Grocery Store Phone Call: How networking beats the portal every time. •⁠ ⁠19:40 – Damian’s Warning: Why "Prompting" AI makes you obsolete. •⁠ ⁠25:10 – The "AI Squeeze": Can a $200 license replace a Tier 1 Analyst? •⁠ ⁠31:30 – The Reporting Trap: Why CISOs reporting to CIOs is a massive risk. •⁠ ⁠35:41 – SALARY: Engineering, Pen-Testing, and Cloud Security ranges. •⁠ ⁠40:11 – The "AI Premium": How to add 20% to your base salary right now. •⁠ ⁠41:51 – The "Clearance Bump": Is the polygraph worth the extra $30k? •⁠ ⁠43:24 – SALARY: The $3.5 Million CISO—who is actually making this? •⁠ ⁠48:50 – D&O Insurance: If you aren't a "Named Director," you aren't protected. •⁠ ⁠55:30 – Risk Management vs. "Check-the-box" Compliance. •⁠ ⁠01:04:56 – Final Advice: Don't be a holdout for a dead salary. EPISODE HIGHLIGHTS: •⁠ ⁠The AI Squeeze: Troy explains why entry-level salaries are stagnating as automation handles the "low-hanging fruit." •⁠ ⁠Building vs. Prompting: Damian breaks down why the "Prompt Engineer" is a temporary role—you need to build the infrastructure to survive. •⁠ ⁠Executive Liability: Why you should never take a CISO role without checking the company's Directors and Officers (D&O) insurance policy. Are you seeing these salary shifts in your neck of the woods? Drop a comment below with your role and your 2026 outlook. #Cybersecurity #CISO #TechSalaries #AI #CareerAdvice #DTFPodcast #CyberJobs http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 6m
See All (43)

Ratings & Reviews

5
out of 5
2 Ratings

About

Damian, Troy, and Fern break down the week’s biggest hacks, breaches, and zero-days with zero corporate filter. Expect strong opinions, dark humor, and actionable intel from three pros who’ve been in the trenches. New episodes drop when the news is too wild to ignore.

Information

  • Creator
    Cyber Podcast
  • Years Active
    2025 - 2026
  • Episodes
    43
  • Rating
    Explicit
  • Copyright
    © Copyright 2026 Cyber Podcast
  • Show Website
    DTF Cyber Podcast