The Defender’s Log Podcast

David Redekop

The Defender’s Log Podcast: Stories from the Cybersecurity FrontlinesThe Defender’s Log is your front-row seat to the real-world battles shaping today’s cybersecurity landscape. Hosted by seasoned professionals, each episode brings you face-to-face with the sharpest minds in digital defense, MSP/MSSP founders, CISOs, threat researchers, and architects, who are redefining what it means to secure our connected world.From zero-trust frameworks to ransomware takedowns, from DNS hardening to incident response in regulated industries, this podcast pulls back the curtain on the strategies, frameworks, and mindsets powering modern cyber resilience. Whether you're a security leader, IT strategist, or tech-savvy executive, you’ll walk away with the tools and stories that move the needle.🔐 Why Listen to The Defender’s Log?Cyber threats are evolving and so must our defenses. This isn’t theory. These are the actual voices of those defending systems under pressure, making real-time decisions that pr...

  1. From Crisis to Prevention: Rethinking Cybersecurity Leadership

    Jun 12

    From Crisis to Prevention: Rethinking Cybersecurity Leadership

    Cybersecurity leaders have spent years building stronger detection and response capabilities. But is that enough? In this episode of The Defender's Log, David Redekop sits down with former CIO, CTO, and cybersecurity executive Phil Johnston to discuss what changes when you've personally led an organization through a major cyber incident. Drawing on decades of experience spanning military communications, government cybersecurity, and executive leadership, Phil shares why cybersecurity should never be viewed as just an IT problem, how organizations can improve resilience, and why prevention, containment, and operational simplicity may be the future of cyber defense. They also explore AI, business risk, executive accountability, incident recovery, intellectual property protection, and what cybersecurity leaders should prioritize over the next five years.   Key Discussion Points 00:00 — Introduction 00:55 — Phil's journey from military communications to cybersecurity leadership 02:26 — Living through a major cyber incident 06:15 — Why cybersecurity is a business problem, not an IT problem 08:12 — What separates successful recoveries from failed recoveries 11:08 — Detection vs prevention: where organizations should focus 16:52 — Why Phil joined ADAM Networks 23:12 — The future of cybersecurity and AI-driven attacks 27:24 — Advice for today's CIOs and security leaders 30:20 — AI, innovation, and empowering employees securely 34:40 — The business impact of intellectual property theft 36:07 — Joining ADAM Networks as Field CIO 38:12 — Leadership, experience, and protecting people   If this conversation challenged your thinking: 👍 Like this episode 🔔 Follow for more conversations with cybersecurity leaders, CISOs, and technology executives 💬 Share your biggest takeaway in the comments 🔗 Send this episode to a leader responsible for security, risk, or technology strategy   #CyberSecurity #CyberLeadership #CISO #CyberRisk #ZeroTrust #CyberDefense #AI #BusinessLeadership #DigitalTransformation #TheDefendersLog #ADAMNetworks

    40 min
  2. Deep in the Dark Matter: What Security Chiefs See That Others Don’t

    May 29

    Deep in the Dark Matter: What Security Chiefs See That Others Don’t

    What if the biggest threats on the internet are the ones nobody can fully measure? In this special episode of The Defender’s Log, host David Redekop sits down with John Todd, Andreas Taudte, and Andrew Campling for a deep conversation about the hidden realities shaping cybersecurity today. From Zero Trust DNS and encrypted traffic to malicious domain “dark matter” and the growing complexity of enterprise security, this discussion pulls back the curtain on what security leaders are actually seeing behind the scenes. The panel explores how attackers quietly evolve their tactics, why modern privacy technologies sometimes create entirely new security problems, and how organizations struggle to balance visibility, compliance, protection, and personal privacy in an increasingly connected world. The conversation also dives into DNS as the internet’s control plane, the risks hiding inside IoT and OT environments, the challenge of securing legacy infrastructure, and why the future of cybersecurity may depend less on perimeter defense and more on understanding behavior patterns at scale. This is the kind of conversation that changes how you look at the internet after the episode ends. Key Discussion Points 02:58 — Why malicious domains keep growing instead of shrinking 04:35 — The case for Zero Trust DNS in enterprises and homes 05:30 — The scale of harmful content online and why it keeps increasing 07:40 — Why protective DNS should be the default 10:00 — Enterprise visibility, DNS logging, and encrypted DNS challenges 12:00 — Privacy vs security: where the debate gets messy 16:00 — How encryption can unintentionally protect bad actors 20:00 — Why modern privacy tools can force companies to inspect everything 23:30 — Moving security controls closer to the endpoint 25:00 — DNS challenges in schools, factories, OT, and IoT environments 29:15 — “We’re solving one problem by creating another” 31:00 — Why DNS is becoming the internet’s true control plane 33:00 — The reality of securing legacy infrastructure 35:00 — Making Zero Trust DNS practical for real-world users 36:00 — Extended DNS Errors (EDE) and making security visible 40:00 — How attackers hide malicious domains in plain sight 42:00 — The rise of “aged” domains and stealthy phishing operations 43:20 — Detecting attacks through DNS behavior patterns Don’t forget to: • Subscribe for more conversations with cybersecurity leaders and innovators • Share this episode with someone working in IT, security, or network infrastructure • Leave a review to help more people discover The Defender’s Log • Follow along for future episodes exploring the technologies shaping the modern internet #CyberSecurity #DNS #ZeroTrust #ThreatIntelligence #CISO #InfoSec #CyberDefense #NetworkSecurity #Privacy #EnterpriseSecurity #ThreatDetection #DNSSecurity #CyberThreats #DigitalInfrastructure #TechPodcast

    1h 4m
  3. Defending the Kids: DNS, Filters, and the Fight for Safer Schools

    May 22

    Defending the Kids: DNS, Filters, and the Fight for Safer Schools

    What happens when a childhood curiosity for computers turns into a mission to protect the next generation online? Tom Newton shares the path from experimenting with modems and BBS systems in the early days of computing to defending schools and students against modern cyber threats. The discussion goes deep into digital safety, BYOD risks, VPN abuse, AI-generated evasion techniques, and why protecting young people online requires more than just technology. The conversation also explores the human side of cybersecurity— curiosity, mentorship, freedom, responsibility, and the challenge of balancing privacy with protection in a permanently recorded world. Whether you're in cybersecurity, education, parenting, or technology leadership, this discussion highlights why digital defense today is ultimately about people.   Key Discussion Points 02:06 – How Tom got into technology 04:26 – Early hacking culture, modems & BBS systems 06:40 – Switching from chemistry to computer science 10:45 – Discovering cybersecurity through a worm outbreak 13:26 – Finding Smoothwall & becoming a defender 16:41 – The importance of mentors and “Johnnys” in life 19:22 – Growing up before everything was permanently recorded 23:21 – The challenge of protecting kids online 24:45 – Peer-to-peer abuse inside productivity tools 26:00 – How students bypass filters and hide games 28:00 – Why content filtering matters more than URL filtering 29:27 – Why keeping kids safe takes a community 32:00 – Balancing exploration, freedom, and protection 33:24 – Privacy vs child safety online 37:33 – UNDERMINR and the discovery process 39:00 – Free VPNs, malware, and harmful advertising 42:00 – Sexualized ads and harmful online ecosystems 44:24 – Why UNDERMINR changes defensive assumptions 48:35 – How Smoothwall and Linewize defend against it 49:37 – The future of privacy, trust, and visibility online Don’t forget to: 👍 Like this video 🔔 Subscribe for more conversations on cybersecurity, technology, and digital defense 💬 Comment with your biggest takeaway from the discussion 🔗 Share this with someone working in tech, education, or online safety #CyberSecurity #OnlineSafety #DigitalDefense #CyberDefense #Privacy #EducationTechnology #InfoSec #AI #Networking #TechnologyLeadership #Podcast #CyberAwareness

    58 min
  4. Protective DNS and the Future of Cyber Defense Architecture

    May 8

    Protective DNS and the Future of Cyber Defense Architecture

    What started as the “phonebook of the internet” is now one of the most critical layers in cybersecurity. In this episode of The Defender’s Log, David Redekop sits down with Cricket Liu—often called the godfather of DNS—to unpack how DNS evolved from a trusted utility into a frontline security control. From the early days of DNS and BIND to the rise of protective DNS, threat intelligence, and zero trust architectures, this conversation traces the real story behind modern network defense.   Key Discussion Points 00:00 From “phonebook” to frontline defense: why DNS became critical to security 02:20 The origins of protective DNS and response policy zones (RPZ) 05:00 Why many organizations still run DNS “wide open” 06:30 The evolution of threat intelligence: from feeds to analytics-driven detection 09:00 How passive DNS data powers modern security insights 12:30 AI’s impact on attackers: customized malware and evasion tactics 13:30 DNS encryption (DoT, DoH, DoQ): privacy vs. visibility tradeoffs 16:00 Where encryption matters most (and where it may not) 20:40 Why protective DNS is still the most overlooked security layer 23:30 The risks of “log-only” mode and missed prevention opportunities 25:20 Zero Trust DNS and controlling where devices can connect 29:50 DNSSEC adoption: why it’s uneven and what it really protects 34:00 What we’d change about DNS if we could redesign it today 37:00 Why DNS still works 40+ years later 40:10 Advice for the next generation: no gatekeepers, no excuses 42:20 AI vs. human curiosity: what actually creates breakthroughs   At its core, this episode is about one idea: there’s no secret sauce. The tools, the knowledge, and the mechanisms are already available. The difference comes down to how we use them. If you work in security, networking, or IT leadership, this is a grounded, practical look at where DNS fits in the fight—and why it matters more than ever. Don’t forget to: 👍 Like this video if it changed how you think about DNS security 🔔 Subscribe for more real conversations with leaders shaping cybersecurity 💬 Comment: What’s your biggest takeaway—or where is your DNS strategy falling short? 🔗 Share this with someone responsible for network or security architecture #CyberSecurity #DNS #NetworkSecurity #ZeroTrust #ThreatIntelligence #InfoSec #AI #CyberDefense #DataSecurity #SecurityArchitecture #TheDefendersLog

    46 min
  5. Why DNS Is Your First Line of Cyber Defense

    Apr 24

    Why DNS Is Your First Line of Cyber Defense

    Most security conversations focus on firewalls, endpoints, and threat detection. Very few start where many attacks begin. That’s why this conversation with Chris Buijs stood out. We unpack why DNS remains one of the most underinvested—and misunderstood—layers in cybersecurity, how automation can strengthen defense (or quietly introduce risk), and why resilient architecture starts with treating foundational infrastructure as strategic. Chris brings decades of perspective spanning networking, DNS, automation, observability, and cyber defense. If you care about Zero Trust, resilience, architecture, or the future of defensive infrastructure, this one goes deep.   Key Talking Points 00:02:11 – Meaning of “20” & Amsterdam Identity 00:03:00 – Language & Tech Culture (English in Tech) 00:07:38 – Chris’s Origin Story (Early Tech Journey) 00:11:00 – Evolution of Networks (TCP/IP, DNS, DHCP) 00:14:00 – DNS Becomes a Core Focus 00:19:07 – Downtime & “It’s Always DNS” Insight 00:22:00 – Organizational Challenges Around DNS 00:25:00 – Underinvestment in DNS & Infrastructure 00:26:25 – Automation vs Security (DevSecOps Shift) 00:31:21 – Internet Scanning (Shodan, Census, Exposure) 00:34:00 – DNS & NTP Attack Vectors 00:36:39 – Timeless Security Principle (Access Lists) 00:39:05 – Final Advice (DNS in Security Strategy) 00:40:14 – Conversation Wrap-Up   If this conversation challenged how you think about cyber defense: 👍 Like this podcast 🔔 Subscribe for more conversations on cyber leadership and resilient architecture 💬 Comment with your biggest takeaway from the discussion 🔗 Share this with someone responsible for security, networking, or infrastructure strategy   #CyberSecurity #DNS #ZeroTrust #NetworkSecurity #CyberDefense #Automation #Infosec #DigitalResilience #SecurityArchitecture #DevSecOps #ThreatDetection #DefendersLog

    45 min
  6. The Psychology Behind a Cyber Breach and the Leaders Who Survive It

    Apr 10

    The Psychology Behind a Cyber Breach and the Leaders Who Survive It

    Cybersecurity is technical. But the humans behind it? That's where it gets complicated. Nim Nadarajah—CISO and managing partner from Critical Matrix, and one of the sharpest minds in the industry—sits down with host David Redekop for a conversation that goes far beyond firewalls and frameworks. From the psychology of a breach victim who no longer knows who to trust, to cutting a client's SIEM costs by millions through process, not tools, this episode is a masterclass in what it actually takes to protect an organization in today's threat landscape. Nim shares the story behind crowdsourcing the discovery of a gold mine (yes, really), why your crown jewels are probably already inside an AI you didn't approve, and what a five-year-old opening the kitchen sink cabinet taught him about zero trust security. Whether you're a CISO, an MSP, a business owner, or someone who just wants to understand what's actually at stake with agentic AI—this one is for you.   Key Discussion Points 00:00 — Intro: Welcome to The Defender's Log 01:34 — Meet Nim Nadarajah: CISO & Managing Partner, Critical Matrix 02:00 — RSAC 2025 recap: 50,000 people, 30,000 steps, and emotional overload 03:18 — The stigma of being hacked: Is the "wall of shame" finally coming down? 05:00 — Competence, confidence, and capability: The 3 Cs of incident readiness 06:04 — Psychology of a breach: The human side of incident response 09:36 — "Who can I trust?" (What it really feels like to be a cyber victim) 12:10 — Nim's origin story: From high school library networks to corporate Canada 15:00 — The Goldcorp Challenge: Crowdsourcing a gold mine before crowdsourcing was a thing 20:31 — Process vs. tools: Why the blank page doesn't care what app you're using 23:00 — AI is everywhere and it's only as good as what you feed it 24:25 — Agentic AI, crown jewels & protecting your intellectual property 26:33 — Shadow AI, 800 firewall rules, and the free-for-all that already happened 29:09 — Zero trust explained through a kitchen sink (and a curious five-year-old) 33:22 — The SIEM transformation that saved millions and paid for itself in a month 37:36 — Dashboard fatigue: Why leaders need signal, not more screens 39:00 — Agentic SOC: Fearfully excited 41:02 — 29 employees, one human: The pure agentic company Nim met at RSAC 43:26 — Vibe coding is real: A salesperson built a privacy app with zero coding experience 46:00 — Ideas are approaching zero value—execution is everything now 46:57 — One sentence for the next generation: "The power of your ideas haven't been created yet."   👍 If this hit home, give it a like — it helps more people find these conversations 🔔 Follow The Defender's Log so you don't miss the next one 💬 Drop a comment — where are you on the process vs. tools debate? 🔗 Tag someone in security or leadership who needs to hear this   #CyberSecurity #CISO #IncidentResponse #AIRisk #AgenticAI #ZeroTrust #SIEM #ManagedSecurity #CyberLeadership #DataGovernance #CrownJewels #TechStrategy #ProcessOverTools #CyberResilience #TheDefendersLog #Podcast #CyberPodcast #MSP #InfoSec #DigitalTransformation #AIGovernance #CybersecurityLeadership #ToolFatigue #CyberAwareness #RSAC2025

    49 min
  7. How to Think, Not What to Think: Raising Resilient Minds in a Tech-Driven World

    Mar 20

    How to Think, Not What to Think: Raising Resilient Minds in a Tech-Driven World

    The future of cybersecurity isn’t just about tools—it’s about how we think. In this conversation, David Redekop sits down with Mitch Prior to unpack what really matters in modern security: from default-deny strategies and local data control to the growing role of AI in filtering signal from noise. What emerges isn’t just a technical discussion—it’s a philosophy. They explore why certifications don’t always equal capability, how curiosity beats credentials, and why the next generation must learn how to think, not just what to think. As AI accelerates everything around us, the real edge belongs to those who can stay grounded, think critically, and build with intention. This is a conversation about discipline, trade-offs, and staying ahead without losing control. Key Discussion Points 01:37 – Meeting Mitch & early Zero Trust conversations 03:00 – How we judge people: heuristics vs real understanding 05:00 – Certifications vs real-world thinking 07:00 – Why learning how to think matters more than ever 08:50 – The risk of outsourcing thinking to AI 11:56 – Mitch’s origin story in tech 14:30 – Privacy, surveillance, and personal responsibility 16:00 – The trade-off of having a public voice 17:00 – The rise of “AI wranglers” 18:50 – Cloud vs local: control vs convenience 22:00 – Why default-deny changes everything 24:50 – The evolution (and fragility) of the internet 31:30 – AI accelerating vulnerabilities 33:30 – Real-world AI use case: smarter security cameras 38:00 – Extracting signal from noise 40:50 – The human edge in an AI-driven world 41:30 – Raising the next generation in a tech-first world 45:00 – Final thoughts: staying adaptable   If this conversation sparked a new way of thinking: 👍 Like the video 🔔 Subscribe for more real, unfiltered conversations 💬 Share your biggest takeaway in the comments 🔗 Pass this along to someone who needs to hear it   #CyberSecurity #AI #ZeroTrust #DataPrivacy #InfoSec #ArtificialIntelligence #TechLeadership #DigitalSecurity #FutureOfWork #Leadership

    47 min
  8. Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions

    Mar 6

    Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions

    Cybersecurity and military defense share the same fundamental principle: you can’t go on offense if you don’t have a secure perimeter. Steven Elliott’s journey—from a farming community in Kansas to the U.S. Army’s 75th Ranger Regiment, and later into finance and cybersecurity leadership—reveals how disciplined thinking, clear communication, and preparation for uncertainty shape strong decision-makers. Markets are unpredictable. Technology is complex. Threats—both financial and digital—evolve constantly. The real advantage comes from understanding risk, simplifying complexity, and building systems that help people make better decisions. This conversation explores the lessons learned from military operations, financial advisory work, and cybersecurity leadership—and why defense, preparation, and clarity matter more than ever in today’s digital world.   Key Discussion Points 00:00 – Why no one can predict financial markets 01:00 – Welcome to The Defender’s Log 01:28 – Introducing Steven Elliot 03:10 – Growing up in Kansas and studying business 05:13 – How 9/11 changed Steven’s life path 05:36 – Entering finance before the 2008 financial crisis 07:17 – An unexpected entry into cybersecurity 09:00 – Why simplifying complex ideas matters 11:40 – Learning to communicate through storytelling 13:10 – Helping clients understand risk and decisions 16:20 – The connection between military defense and cybersecurity 19:50 – Joining the Army Rangers 22:20 – Defense before offense: military priorities of work 24:10 – Why planning matters when things go wrong 27:30 – A mission that changed everything 31:00 – Leadership lessons from crisis and failure 35:30 – Forgiveness, responsibility, and resilience 41:00 – Leadership, truth, and transparency under pressure 46:30 – The consequences of narrative and public attention 50:00 – Lessons for leadership and organizations 53:00 – AI, technology, and leadership in uncertain times 55:30 – Final thoughts: curiosity over fear   If this conversation made you think differently about risk, leadership, or cybersecurity: 👍 Like the video so more people can find it 🔔 Subscribe for more real conversations with leaders shaping security and technology 💬 Share your biggest takeaway in the comments 🔗 Pass this episode along to someone navigating risk, leadership, or cybersecurity   #CyberSecurity #Leadership #RiskManagement #MilitaryLeadership #DecisionMaking #CyberDefense #BusinessLeadership #SecurityStrategy #TechnologyLeadership #Podcast

    57 min
See All (24)

About

The Defender’s Log Podcast: Stories from the Cybersecurity FrontlinesThe Defender’s Log is your front-row seat to the real-world battles shaping today’s cybersecurity landscape. Hosted by seasoned professionals, each episode brings you face-to-face with the sharpest minds in digital defense, MSP/MSSP founders, CISOs, threat researchers, and architects, who are redefining what it means to secure our connected world.From zero-trust frameworks to ransomware takedowns, from DNS hardening to incident response in regulated industries, this podcast pulls back the curtain on the strategies, frameworks, and mindsets powering modern cyber resilience. Whether you're a security leader, IT strategist, or tech-savvy executive, you’ll walk away with the tools and stories that move the needle.🔐 Why Listen to The Defender’s Log?Cyber threats are evolving and so must our defenses. This isn’t theory. These are the actual voices of those defending systems under pressure, making real-time decisions that pr...

Information

  • Creator
    David Redekop
  • Years Active
    2025 - 2026
  • Episodes
    24
  • Rating
    Clean
  • Copyright
    © Copyright 2025 | All Rights Reserved | David Redekop
  • Show Website
    The Defender’s Log Podcast