C-Suite Cyber Podcast

Anthony and Mike

C-Suite Cyber Podcast enables C-Suite executives to make security informed decisions.

  1. APR 29

    Security Is an Illusion: Malware, IOCs, and Supply Chain Risk

    Malware attribution is harder than most teams want to admit. Attackers can copy another group’s TTPs, swap tools, buy access, abuse trusted update paths, and make your EDR’s story look cleaner than reality. In this episode of C-Suite Cyber, Mike Small and AJ sit down with Diyar Saadi to talk through malware analysis, attribution, targeted attacks, social engineering, firmware malware, and why defenders cannot rely on tools alone. Expect to hear: Why the target often matters more than the malware when figuring out who is behind an attackHow attackers copy public TTPs to confuse attributionWhy hashes, IPs, domains, and tool names can be weak evidence on their ownWhat defenders misunderstand about MITRE ATT&CK, IOCs, and the Pyramid of PainWhy social engineering, initial access brokers, and MFA bypasses are still major business risksHow firmware malware and update service hijacking can turn trusted updates into compromise pathsDiyar’s advice for anyone learning malware analysis: OS internals, Windows internals, programming, networking, and curiosityThis one gets into the uncomfortable truth behind a lot of security programs: tools help, but they do not replace fundamentals, manual analysis, or attacker-minded curiosity. ___________________________________ Connect with Diyar: https://reversethemalware.blogspot.com/ https://www.linkedin.com/in/diyarsaadi/ ___________________________________ Links: https://github.com/Adaptix-Framework/AdaptixC2 https://github.com/bishopfox/sliver https://github.com/HavocFramework/Havoc https://www.ransomware.live/ https://github.com/horsicq/detect-it-easy https://github.com/mandiant/flare-floss https://github.com/mandiant/capahttps://www.virustotal.com/ https://github.com/mandiant/flare-fakenet-ng https://hex-rays.com/ida-prohttps://github.com/KasperskyLab/hrtng https://malwareunicorn.org/https://malapi.io/ ___________________________________ Sponsor: Tandem Cyber Solutionshttps://tandemcybersolutions.com/csuitecyber/ ___________________________________ Connect with C-Suite Cyber: ⁠⁠LinkedIn⁠⁠⁠⁠⁠ ⁠X⁠⁠ ⁠⁠Instagram⁠⁠⁠⁠⁠ ⁠TikTok

    57 min

  2. APR 15

    Why Most Companies Are Still Easy to Hack

    What are most organizations still getting wrong with security? In this episode, we sit down with Spencer (@techspence), a penetration tester who’s tested over 150 organizations, to break down the real-world gaps attackers are still exploiting every day. We start with a surprising truth: some of the most effective attacks today aren’t new. Simple issues like local admin password reuse are still everywhere, and they’re often all an attacker needs to take over an environment. From there, we dig into how the shift to cloud and hybrid environments is changing the game. Moving to Microsoft 365 and Entra doesn’t eliminate risk, it reshapes it. Identity has become the new battleground, and misconfigurations, over-permissioned users, and weak access controls are opening doors most teams don’t even realize exist. We also get into: Why “secure” is a myth and resilience is what actually mattersHow attackers bypass EDR and why detection is still lagging behindThe hidden risks in SaaS, SSO, and vendor trustWhy context matters more than vulnerability severity scoresHow to communicate security findings in a way the business actually understandsPlus, we explore what’s coming next. AI, agent-based workflows, and the rise of supply chain risk are creating entirely new attack surfaces, and most organizations aren’t ready. Spencer shares why AI won’t replace pentesters anytime soon, but will force everyone in the industry to level up. This episode is packed with real-world insights from the front lines of offensive security, along with lessons for defenders, leaders, and anyone responsible for protecting a business. If you want to understand what actually matters in security right now, this is the conversation to listen to. ___________________________________ Connect with Spencer: https://www.linkedin.com/in/spenceralessi/ https://spenceralessi.com/ https://x.com/techspence https://www.youtube.com/@cyberthreatpov ___________________________________ Connect with C-Suite Cyber: ⁠LinkedIn⁠⁠ X⁠ ⁠Instagram⁠⁠ TikTok

    1h 20m

  3. MAR 30

    AI, Culture, and Cyber Risk in Post-Merger Integration

    Cybersecurity risk does not stop at due diligence. In this episode of C-Suite Cyber, Ceneé LaTulippe breaks down why post-merger integrations fail, where security programs start to break down after an acquisition, and what leadership teams miss when execution is treated like side work instead of a core business priority. The conversation covers culture fit, governance, security assessments, remediation planning, AI-related risk, and the real challenges that show up in the first 60 to 90 days after a deal closes. Ceneé LaTulippe is the Founder & CEO of 5280 PMO Services, an execution authority firm serving mid-market and private equity-backed organizations when the work cannot fail. She specializes in M&A integrations, enterprise software implementations, AI enablement, operational restructuring, and complex program recoveries. 5280 PMO is a senior-led execution authority firm focused on stabilizing, governing, and accelerating high-impact strategic initiatives. Through its Value Realization Model, the firm helps leadership teams turn complex transformation efforts into measurable financial outcomes across M&A, AI enablement, software implementation, and other board-level priorities. Sponsor: Tandem Cyber Solutions Connect with Ceneé and 5280 PMO:Ceneé LaTulippe on LinkedIn5280 PMO on LinkedIn5280 PMO on YouTubeCeneé on Instagram5280 PMO on Instagram Connect with C-Suite Cyber:LinkedInXInstagramTikTok

    1 hr

  4. MAR 9

    Your Cyber Health: The Preventative Care Side of Cybersecurity

    In this episode, Jeremy Banon shares insights on how cybersecurity is increasingly akin to healthcare—focused on prevention, routine check-ups, and informed decision-making rather than fear-based reaction. He emphasizes the importance of proactive security practices, personalized risk assessments, and educating clients to treat cyber health like their physical health. ___________________________________ Connect with Jeremey https://www.linkedin.com/in/jeremybanon/ https://cyberhealth.co/ ___________________________________ Sponsor: ⁠⁠⁠Tandem Cyber Solutions⁠⁠⁠ ___________________________________ Let's connect! ⁠⁠⁠LinkedIn⁠⁠⁠ ⁠⁠⁠X⁠⁠⁠ ⁠⁠⁠Instagram⁠⁠⁠ ⁠⁠⁠TikTok⁠⁠⁠

    51 min

  5. FEB 24

    Cyber Threat Intelligence That Actually Drives Action w/Matt H.

    In this episode of C-Suite Cyber, AJ and Mike sit down with Matt Hopkins to break down what cyber threat intelligence actually means for business leaders and security teams. Matt shares his path from military service into cybersecurity and explains why most organizations struggle to turn threat intelligence into something actionable. The conversation dives into how CTI teams can prioritize what really matters, communicate effectively with leadership, and avoid drowning in data. They also discuss how organizations with limited budgets can leverage open source intelligence and practical frameworks to build meaningful intelligence capabilities. The episode explores how AI is reshaping CTI, why context matters more than volume, and how improving collaboration between executives and security teams leads to stronger detection and response. Matt also talks about building a Cyber Threat Intelligence MCP server and how modern tools are making advanced capabilities more accessible than ever. Reach out to Matt: LinkedIn Email Open CTI MCP Server Repo Sponsor: ⁠⁠Tandem Cyber Solutions⁠⁠ ___________________________________ Let's connect! ⁠⁠LinkedIn⁠⁠ ⁠⁠X⁠⁠ ⁠⁠Instagram⁠⁠ ⁠⁠TikTok⁠⁠

    1h 1m

  6. FEB 10

    Cybersecurity Certifications Through the Eyes of the Hiring Manager

    In this episode, AJ and Mike discuss the significance of certifications in cybersecurity from a hiring manager's perspective. They explore the reputation of various certification bodies, the importance of hands-on experience, and how certifications can impact career advancement. The conversation also delves into the hiring process, emphasizing the need for progressive knowledge and the role of professional development in team growth. Sponsor: ⁠Tandem Cyber Solutions⁠ ___________________________________ Let's connect! ⁠LinkedIn⁠ ⁠X⁠ ⁠Instagram⁠ ⁠TikTok⁠

    1h 23m

  7. JAN 5

    Ep. 18: Preparing Cyber Leaders for 2026

    In this episode, AJ and Mike reflect on their achievements in 2025 and discuss the evolving landscape of cybersecurity. They highlight key trends such as the abuse of trust, compromised packages, and the increasing sophistication of social engineering attacks. The conversation emphasizes the importance of understanding human behavior in cybersecurity, the need for robust detection and response strategies, and the role of AI in both offensive and defensive tactics. As they look forward to 2026, they stress the necessity of planning for potential compromises and the importance of continuous education and awareness in the field. Sponsor: Tandem Cyber Solutions ___________________________________ Let's connect! LinkedIn X Instagram TikTok

    1h 10m

  8. 12/10/2025

    Ep. 17: Reacting to React2Shell (CVE-2025-55182)

    In this episode, Mike and AJ discuss the React to Shell vulnerability, its implications for cybersecurity, and the importance of asset management. They delve into the mechanics of unauthenticated remote code execution, detection strategies, and post-exploitation activities. The conversation emphasizes the need for C-suite executives to understand these vulnerabilities and implement effective security measures. Sponsor: ⁠Tandem Cyber Solutions⁠ ___________________________________ Let's connect! LinkedIn: ⁠c-suite-cyber-podcast⁠ X: ⁠suite_cybe82537⁠ Instagram: ⁠csuitecyberpodcast⁠ TikTok: ⁠@c_suite_cyber_podcast

    1h 22m
See All (24)

About

C-Suite Cyber Podcast enables C-Suite executives to make security informed decisions.

Information

  • Creator
    Anthony and Mike
  • Years Active
    2024 - 2026
  • Episodes
    24
  • Rating
    Clean
  • Copyright
    © Anthony and Mike
  • Show Website
    C-Suite Cyber Podcast