DTF Cyber Podcast

Cyber Podcast
  • 5.0 (2)
  • TECH NEWS
  • UPDATED WEEKLY

Damian, Troy, and Fern break down the week’s biggest hacks, breaches, and zero-days with zero corporate filter. Expect strong opinions, dark humor, and actionable intel from three pros who’ve been in the trenches. New episodes drop when the news is too wild to ignore.

  1. Why Your Tech Won’t Save You: The Human ROI of Cyber Security | Dom Vogel #DTF036

    6D AGO

    Why Your Tech Won’t Save You: The Human ROI of Cyber Security | Dom Vogel #DTF036

    Chances are you’ve got the best tech money can buy, the latest AI, and the biggest firewalls—but you’re still losing. In this episode of the DTF Cyber Podcast, Damian and Fern sit down with Vancouver-based leadership coach and "positivity troll" Dom Vogel to discuss why the weakest link in cybersecurity isn’t a line of code, it’s the person behind the keyboard. We’re ignoring the hardware today to focus on the Human Side of Security. Dom shares his 20+ years of experience transitioning from corporate burnout to coaching cyber leaders on empathy, branding, and "connected leadership" in the AI era. In this episode, we dive into: * The CIO Branding Problem: A real-world story of how a helpdesk’s "likability index" changed a CEO’s perception of IT. * The 1,000 Applicant Crisis: Why junior roles are getting overwhelmed and how to "short-circuit" the online application black hole. * Certs vs. Communication: Why technical certifications are now "table stakes" and how soft skills are the real differentiator in 2026. * Authentic Leadership: Why vulnerability is a leader’s most powerful tool for building trust and mental resiliency within teams. * Personal Brand vs. Reputation: Understanding the "visceral emotional reaction" people have to your name. Connect with Dom Vogel: LinkedIn: https://www.linkedin.com/in/domvogel/ Website: https://www.vogelleadershipcoaching.com Subscribe to DTF Cyber: Don't miss our upcoming deep dive into 2026 Cyber Salaries and the "AI Premium" in Episode 37! Video Timestamps 00:00 – The Weakest Link: Tech vs. Humans 02:18 – Meet Dom Vogel: The Ball Cap & Beard Guy 03:33 – The CIO Branding Problem: A Helpdesk Story 06:12 – Translating Risk into "Boardroom Conversation" 08:12 – The 1,000 Applicant Problem: Standing Out in Noise 10:07 – Why Applying Online is a "Black Hole" 12:23 – Technical Skills are Now "Table Stakes" 14:51 – Photography & Networking: Fern’s Origin Story 19:05 – Stop Investing Only in Certs 21:07 – Vulnerability: A Leader’s Most Powerful Tool 24:42 – Story: The Helpdesk Manager Who Loved Marketing 28:01 – Will AI Replace the Human Craving for Interaction? 33:32 – Creating Psychological Safety in Your Team 37:56 – The Janitor Test: How to Hire for Culture Fit 42:07 – Operational Leverage: Reinvesting in Your People 47:28 – The "Soft Skills" Payday: Why CISOs Need Sales Training 51:06 – Remote Work vs. Office: The Choice Matters 55:30 – What is a "Positivity Troll"? 59:54 – Personal Brand vs. Reputation: What They Say When You Leave 01:05:02 – How Content Creation Leads to Job Offers http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 13m
  2. 72 Hours to Report or Else: The New Compliance Nightmare

    FEB 23

    72 Hours to Report or Else: The New Compliance Nightmare

    In this episode, Damian, Troy, and Fern dive into the heated controversy surrounding new federal reporting mandates. We explore the "Feds vs. Firewalls" dynamic: does mandatory reporting actually help stop the bad guys, or is it just a massive resource drain on teams already fighting for their lives? We break down the 72-hour reporting window for significant incidents and the even tighter 24-hour requirement if you decide to pay a ransom. From the ambiguity of what defines a "significant incident" to the personal liability risks for CISOs, we’re looking at the real-world implications of these 2026 directives. Key topics include: * The struggle between immediate threat response and mandatory paperwork. * How the SBA size threshold might pull 30,000 "non-critical" companies into these rules. * The "minimum viable content" framework for initial reports. * Why the "don’t pay" mantra is harder to follow when human lives are on the line. Timestamps 00:00 – Intro 02:46 – The Car Crash Analogy: Should you call 911 or save the body? 03:55 – Defining Critical Infrastructure: Telecom, Energy, and Gas. 04:41 – The Ticking Clock: Does the 72 hours start at detection or declaration? 05:15 – The 24-Hour Ransom Rule: What happens if you pay? 06:48 – Private Sector Concerns: Will this extend beyond the 16 critical sectors? 09:34 – The Executive War Room: Who is responsible for the communications? 10:47 – Partnering with the FBI: Intel sharing vs. criminal investigation 12:23 – Global Context: The EU’s 24-hour "Early Warning" requirement 15:03 – The Resource Drain: Why incident responders are in revolt 16:59 – CISA vs. FBI: Simplifying the reporting paperwork 20:49 – The ROI of Reporting: What’s in it for the private company? 21:49 – The 30,000 Entity Controversy: Mid-sized companies as "covered entities" 25:56 – Cyber Awareness: Learning from past incidents to prevent future attacks 28:56 – "Minimum Viable Content": Reporting when facts are still changing 34:00 – Legal Risks: Consent to search and "anything you say can be used against you" 36:59 – The "Office Space" Effect: Bureaucracy vs. Collaboration. 40:41 – Voluntary vs. Mandated: The role of ISACs and InfraGard. 48:22 – The Moral Dilemma: Why outlawing ransom payments is complicated 51:13 – 2026 Deadlines: Upcoming CISA Town Halls and feedback loops. 54:33 – Career Implications: Will GRC finally get the respect it deserves? http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 4m
  3. OpenClaw: The Dangerous Evolution of Autonomous AI Agents

    FEB 16

    OpenClaw: The Dangerous Evolution of Autonomous AI Agents

    In this episode of the DTF Cyber Podcast, Damian, Troy , and Fern dive into the rapid and often confusing shift from tools like Clawdbot to Moltbot and finally OpenClaw. They discuss why these autonomous agents are more than just a productivity trend—they represent a significant new attack surface for the modern enterprise. From the "Toddler with a Chainsaw" analogy to the risk of "Shadow AI" in the workplace, we break down the security implications of giving AI bots unfettered access to your network and credentials. 00:00 – Intro 01:19 – The rebranding maze: From Clawdbot to OpenClaw 02:35 – What is an AI bot? First impressions of autonomous control 05:02 – The "Poor Installation" risk and isolated environments 07:21 – The "Age of Ultron" scenario: Efficiency vs. Security 08:45 – Privacy concerns: Bots with access to banking and travel rewards 10:15 – The Starbucks test: Automation vs. user friction 12:15 – When AI goes rogue: Extortion and covering tracks in closed environments 16:04 – Third-party AI risk and the lifespan of autonomous agents 18:24 – Shadow AI: Bots as the new high-tech "mouse jiggler" 20:19 – Inherited Identity: When bots gain your admin privileges 21:40 – Advice for Organizations: How to check your environment for OpenClaw 26:36 – A nightmare for the SoC: Signals, logs, and new attack surfaces 28:53 – 6,000 actions a minute: Why human analysts can't keep up 37:38 – The "Toddler with a Chainsaw" warning 42:07 – Action Items: Three steps to secure AI in your organization 55:35 – Lessons from outages: Why you shouldn't "open the world" on day one!

    57 min
  4. When the World is on Fire: Mental Health and Cyber Incidents

    FEB 2

    When the World is on Fire: Mental Health and Cyber Incidents

    Is the constant wave of alerts keeping you up at 3 a.m.? In this episode of the DTF Cyber Podcast, industry veterans Damian, Troy, and Fern dive deep into the reality of mental health and burnout in the cybersecurity industry. Special guest CISO, Vito Rocco jumps deep into this conversation. With 78% of professionals feeling stressed out and 62% citing alert overload as a primary cause, it's clear the industry needs a culture shift. We discuss the pressures of catastrophic risk , the fear of missing critical alerts, and actionable strategies for leaders and analysts to combat fatigue—from tuning systems to building empathy. Plus, we explore the importance of diverse leadership and setting personal boundaries in a 24/7 world. If you are feeling stressed out and think you need help, please don't go through it alone—seek support from friends, leadership, or a mental health professional. Timestamps: 00:00 - Intro: The reality of cybersecurity exhaustion. 04:19 - 78% of the industry is stressed: The anticipation and reality of major incidents. 07:33 - The hidden stress of the SOC: Alert overload, perfectionism, and the fear of missing the "big one." 12:50 - Building the pipeline: Training talent from within vs. hunting for unicorns. 15:06 - Beating alert fatigue: How to automate, tune the noise, and grow from entry-level to senior analyst. 18:24 - Burnout isn't just about workload: Why empathy and recognition from leadership matter. 23:05 - Building a support system: The importance of therapy and talking it out. 25:05 - Leadership strategies: Connecting with your team beyond transactional work. 35:37 - Why you must use your PTO (and the trap of "Unlimited PTO"). 42:25 - Setting personal boundaries and managing communication in a 24/7 global team. 53:07 - Using turnover rates as a measurement for team health. 1:07:48 - The power of diverse leadership and the rise of female CISOs. 1:18:01 - Conclusion and final thoughts on seeking help. http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 22m
  5. 8 Ways to Jumpstart Your Cybersecurity Career in 2026 | #DTF032

    JAN 19

    8 Ways to Jumpstart Your Cybersecurity Career in 2026 | #DTF032

    2026 is here, and the cybersecurity job market is evolving. Whether you are trying to break into the industry or land your next senior role, the playbook has changed. In this episode of the DTF Cyber Podcast, Fern and Troy are joined by Gary Perkins (CISO at CISO Global) to break down 8 actionable steps you can take right now to jumpstart your career. From building public red team projects to mastering new attack toolchains like the Flipper Zero, we cover the technical and soft skills that hiring managers actually look for. We also dive into why networking is your #1 asset, how to contribute to open source projects, and why "learning to script" is non-negotiable for modern security pros. 🚀 In this episode, we cover: Why you need a public GitHub portfolio (even if you aren't a dev). How to legally perform "hunts" in your current job to gain experience. The difference between "scripting" and "developing" and why Python/Bash helps. Why reading non-cyber books can actually make you a better CISO. 👇 Jump to the 8 Career Hacks: 00:00:00 - Intro: Welcome back to 2026! 00:01:02 - Meet Gary Perkins, CISO at CISO Global 00:07:43 - #1: Build One Public Red Team Project Quarterly 00:14:00 - #2: Master a New Attack Toolchain (Flipper Zero, Bloodhound, etc.) 00:21:16 - #3: Contribute to Open Source Security Projects 00:29:16 - #4: Perform a Weekly Hunt in a Real Environment 00:43:35 - #5: Learn to Script Your Own Tools (Python & Bash) 00:51:18 - #6: Network Like Your Career Depends On It 01:02:17 - #7: Read a Non-Cyber Book (The Phoenix Project, Leaders Eat Last) 01:07:42 - #8: Teach Something Publicly 01:16:20 - Bonus Resource: The Threat Intelligence Support Unit (TISU) Cohort 📚 Resources & Mentions: Book: The Phoenix Project Book: Leaders Eat Last by Simon Sinek Organization: Threat Intelligence Support Unit (TISU) - Free Cybersecurity Cohort https://www.eventcreate.com/e/tisu8 Connect with the Guest: Gary Perkins (CISO Global) https://www.linkedin.com/in/perkinsgary/ Subscribe for more no-nonsense cyber insights! #Cybersecurity #InfoSec #CareerAdvice #RedTeam #BlueTeam #CISO #TechCareers #2026 http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 18m
  6. 2026 Cyber Predictions: AI Agents, Record Ransomware & Deepfake Disasters | DTF#031

    12/24/2025

    2026 Cyber Predictions: AI Agents, Record Ransomware & Deepfake Disasters | DTF#031

    Is 2026 the year AI takes over everything—including the crimes? 🤖💸 In the final episode of 2025, Damian and Troy break down their Top 8 Cyber Predictions for 2026. From AI agents executing 90% of breaches to ransomware payouts potentially hitting half a billion dollars, the future of cybersecurity is moving fast. We also discuss the "Harvest Now, Decrypt Later" threat, why your LinkedIn profile picture might already be a lie, and the new $150k entry-level salary standard. Plus, we’re ending the year with a GIVEAWAY! 🎁 Drop your 2026 prediction in the comments—for every 10 predictions we receive, we’re picking a winner for some exclusive (and secret) DTF Cyber swag. In this episode, we cover: Why AI agents (not humans) will be behind 9 out of 10 breaches. The terrifying potential for a $500M ransomware payout. How deepfakes will finally cause a major real-world crisis. "AI Laundering": The new frontier for cleaning dirty crypto. Why entry-level cyber jobs are hitting $150k salaries (and the catch). 🔔 Subscribe for more unfiltered cybersecurity insights! ⏱️ TIMESTAMPS: 00:00 – Intro: Did AI change the world in 2025? 01:58 – Prediction #1: 90% of breaches will be executed by AI Agents. 07:40 – Prediction #2: Ransomware payouts will break records ($500M?!). 15:15 – Prediction #3: Identity becomes the central pillar (Passkeys backfire?). 20:00 – Prediction #4: A deepfake event will hit major global news. 24:45 – Prediction #5: "Harvest Now, Decrypt Later" goes mainstream. 28:40 – Prediction #6: Mandatory AI Agent audits for federal contractors. 32:30 – Prediction #7: "AI Laundering" becomes the new money laundering. 38:15 – Prediction #8: Entry-level AI Cyber jobs will start at $150k. 45:00 – Bonus Prediction: The consolidation of massive data analytics. 47:00 – GIVEAWAY DETAILS: How to win exclusive swag! #CyberSecurity #AIPredictions #Ransomware #Deepfakes #TechTrends2026 #InfoSec #Podcast #DTFCyber #AI

    49 min
  7. The Ultimate Cybersecurity Gift Guide (Under $100, $200 & Unlimited) #DTF030

    12/17/2025

    The Ultimate Cybersecurity Gift Guide (Under $100, $200 & Unlimited) #DTF030

    The 2025 Cyber Christmas List That Actually Gets You Hired Happy holidays, nerds! Your mom just spent $79 on a “hacker hoodie” that says “Trust Me” in Comic Sans… …while real juniors are out here making six figures with a $29 Yubikey and a Raspberry Pi. In Episode 30, Damian, Troy & Fern save your Christmas with the only cyber gifts worth buying in 2025: • Under $50 stocking stuffers that turn into paychecks • $50–$150 tools that get you interviews • $150–$300 big wins that scream “I’m serious” • Free gifts that slap harder than anything paid • And the absolute coal you should burn before anyone unwraps it Timestamps 00:00 Intro: The "Hacker Hoodie" 01:37 Why "Hacker" Clothing is Bad OpSec 06:01 The Worst Gifts: "Hacking for Dummies" 08:59 Beware of Knockoff Tools & Malware 12:15 Danger: Pre-loaded Hacking USBs 13:49 Best Gifts Under $100 14:00 Book Rec: The Hardware Hacker 14:20 YubiKeys for MFA 16:21 Lockpicking Sets & Physical Pen Testing 21:42 USB Rubber Ducky 23:25 USB Data Blockers (Juice Jacking Protection) 25:05 RFID Blocking Wallets 28:06 Raspberry Pi Projects (Honeypots & VPNs) 28:45 Best Gifts $100 - $200 30:30 Packet Squirrel: Man-in-the-Middle Attacks 34:20 Flipper Zero: Radio Frequencies & Rolling Codes 39:34 Certifications: Security+ & Network+ 44:24 Cloud Credits & AI Subscriptions 46:26 Unlimited Budget Gifts 47:25 Black Hat & DefCon Tickets 48:14 Mac vs. Windows vs. Linux for Hacking 51:53 Giveaway: The "Hacker" Hoodie 57:58 Holiday Security Warning Giveaway: Comment your dream (or worst) cyber gift — we’ll randomly pick one subscriber for a genuine “hacker” hoodie (minimum 10 comments). Everything here is our personal hot takes — not our employers, not legal advice. Just three idiots with mics trying to keep you from bad gifts. — Damian, Troy & Fern DTF Cyber Podcast #CyberGifts #Christmas2025 #CyberSecurity #Infosec #Career http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    59 min
  8. Your Google Account Just Got Hacked – And You Didn’t Click Anything

    12/09/2025

    Your Google Account Just Got Hacked – And You Didn’t Click Anything

    2.5 billion daily account-takeover attempts. That’s one every 34 microseconds. Damian, Troy & Fern go full send-it mode on the 2025 ATO playbook: SIM swaps, session-token theft, MFA fatigue bombing, rogue QR codes, deep-fake family scams, and the OAuth tokens you granted in 2017 that are still wide open. Timestamps 00:00 – Intro 05:20 – SIM swaps & losing your phone number in minutes 09:40 – Why password resets are useless (session tokens survive) 14:20 – MFA fatigue / push-notification bombing 19:10 – OAuth & old third-party app tokens nobody revokes 24:30 – Rogue QR codes at restaurants & hotels 30:15 – Enterprise reality – weekly O365 token theft 37:40 – Non-human identities & service-account sprawl 44:50 – Passkeys in 2026 – will increase ATO risk if misconfigured 51:00 – Public Wi-Fi, juice jacking & QR code myths 58:00 – Closing thoughts Discord (coming soon) #AccountTakeover #SIMSwap #MFAFatigue #CyberSecurity #Infosec #ZeroTrust https://www.fcc.gov/consumers/scam-alert/grandparent-scams-get-more-sophisticated https://newsroom.servicenow.com/press-releases/details/2025/ServiceNow-to-Expand-Security-Portfolio-With-Acquisition-of-Vezas-Leading-AI-native-Identity-Security-Platform/default.aspx https://thehackernews.com/2025/04/customer-account-takeovers-multi.html https://www.gartner.com/reviews/market/identity-threat-detection-and-response-itdr http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

    1h 4m
See All (35)

Ratings & Reviews

5
out of 5
2 Ratings

About

Damian, Troy, and Fern break down the week’s biggest hacks, breaches, and zero-days with zero corporate filter. Expect strong opinions, dark humor, and actionable intel from three pros who’ve been in the trenches. New episodes drop when the news is too wild to ignore.

Information

  • Creator
    Cyber Podcast
  • Years Active
    2025 - 2026
  • Episodes
    35
  • Rating
    Clean
  • Copyright
    © Copyright 2026 Cyber Podcast
  • Show Website
    DTF Cyber Podcast

You Might Also Like