Security by Default

Joseph Carson

0,0 (0)
TECNOLOGIA
QUINZENAL

Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

HÁ 2 DIAS

AI, Cyber Skills & The Future of Security Training with Hack The Box's Gerasimos

In this special edition recorded live at RSA Conference, Joseph Carson is joined by Gerasimos Marketos (gmar), Chief Product Officer at Hack The Box. They explore how AI is reshaping cybersecurity skills, why traditional education is struggling to keep up, and how hands-on platforms are redefining how defenders and ethical hackers are trained. From real-world fraud detection to AI-powered CTF competitions, this episode dives into the evolving relationship between humans and machines in cybersecurity. 🔑 Key Themes & Topics AI vs Humans in cybersecurity competitionsWhy AI is an accelerator, not a replacementThe evolution from traditional training → hands-on gamified learningClosing the cybersecurity skills gapRed, Blue, and Purple team upskillingAI governance, risk, and agentic threatsThe future of cybersecurity careers and hiring ⏱️ Chapters 00:00 – Introduction & RSA Conference insights02:00 – GMar’s journey: Data → Fraud → Cybersecurity06:30 – Who and What is Hack The Box?10:30 – AI vs Humans: CTF research findings13:00 – AI as a productivity multiplier15:30 – Real-world example: AI winning competitions16:00 – RSAC trends: AI everywhere17:00 – AI governance & emerging risks18:00 – AI for security vs security for AI19:00 – Staying relevant in cybersecurity 🚀 Hack The Box Explained Hack The Box is a cybersecurity upskilling platform offering: 🎓 Academy – Structured learning paths🧩 Challenges & Labs – Hands-on environments🏁 CTFs (Capture The Flag) – Competitive exercises🏢 Pro Labs – Enterprise-scale simulations🔎 Talent Search – Connecting skilled professionals with employers It supports: Red Teams (Offense)Blue Teams (Defense)Purple Teams (Collaboration) Resources: https://www.hackthebox.com/ https://www.linkedin.com/in/gmarketos/ https://www.hackthebox.com/ai-augmented-cyber-workforce-report

20 min
14 DE ABR.

The Analyst's Role in Cybersecurity: Bridging Gaps and Shaping Trends with Fernando

In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts. key Takeaways Role of industry analysts in cybersecurityEmerging trends in cybersecurity including AI and attack surface expansionEffective engagement with analysts for decision supportStrategic cybersecurity budgeting and investmentInfluence of economics and incentives on security decisions sound bites "Understanding what's going on in the world" "Good enough security can be effective" "Workload AI versus workforce AI" Chapters 00:00 Introduction to Security by Default Podcast 00:53 Fernando Montenegro's Origin Story 05:16 The Role of an Industry Analyst 08:55 Maximizing Value from Analyst Interactions 13:16 Understanding AI in Conversations 15:44 Choosing the Right Solutions 16:40 Decision-Making in Technology and Business 17:13 Trends in Cybersecurity and AI 18:26 Understanding Workload vs. Workforce AI 19:40 The Evolving Role of Security Professionals 21:43 The Strategic Importance of Cybersecurity 23:58 Incentives and Decision-Making in Security 25:53 The Shift Left Approach in Development 27:16 Budgeting for Cybersecurity Investments 30:47 Navigating Cybersecurity Budgets 32:26 Engaging with Analysts and Staying Informed 34:33 Curating Information in a Data-Driven World 36:55 Balancing Operational and Strategic Insights 37:51 Connecting with Analysts and Final Thoughts Resources LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/ Futurum Group - https://futurumgroup.com/ Obsidian Knowledge Management System - https://obsidian.md/ Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO

41 min
31 DE MAR.

The Cyber Hero Adventure - Making Security Engaging and Fun with Gary Berman

Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent. Chapters 00:00 Welcome to the Cybersecurity Chaos 02:32 From Fear to Fun in Cybersecurity 05:27 The Journey of a Cyber Advocate 08:09 The Importance of Community and Collaboration 10:45 Bringing Laughter Back to Cybersecurity 13:13 Rebranding Cybersecurity for New Talent 16:00 The Power of Words in Cybersecurity 18:43 Innovative Approaches to Cyber Awareness 21:29 Lessons from Kids: Simplifying Cybersecurity 24:39 The Inner Child and Cognitive Dissonance 26:40 Gamification and Learning Innovations 28:19 Storytelling in Cybersecurity 29:15 Cybersecurity Starts at Home 30:36 Community Engagement and Employee Connection 32:14 The Importance of Acknowledgment 34:13 Finding Joy in Everyday Life 35:11 Humor as a Coping Mechanism 40:04 The Power of Positive Thinking 45:02 Mission Accomplished: Fun and Safety Resources Cyber Heroes Comics - https://cyberheroescomics.com/ Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/

47 min
17 DE MAR.

Inside the Digital Battlefield: Cybersecurity in Geopolitical Conflicts with Chris Kubecka

Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers. Key Topics Cybersecurity in critical infrastructure Geopolitical cyber threats and hybrid warfare Evolving landscape of digital threats and resilience Sound bites "GPS jamming has been a massive challenge." "Digital Empires: China, Europe, and the US." "Radio communications are a vital fallback." Chapters 00:00 Introduction and Background of Chris Kubecka01:37 Cybersecurity Challenges in Critical Infrastructure03:37 Evolving Nature of Cyber Threats05:45 The Role of Drones in Modern Warfare07:25 Hybrid Warfare and Global Diplomacy10:10 The Shift in Global Cybersecurity Dynamics12:18 The Importance of International Cooperation14:33 Privacy and Ethics in Cybersecurity16:50 Historical Context and Regional Cooperation18:55 Cyber Attacks on Civilian Infrastructure22:04 Personal Experiences in Estonia24:10 Geopolitical Tensions and Cybersecurity25:52 Challenges in Maritime Connectivity28:16 Critical Infrastructure Vulnerabilities30:22 The Role of Radio in Authoritarian Regimes33:43 International Maritime Law and Cybersecurity37:46 Recent Projects and Activism in Cybersecurity39:51 Staying Informed in a Rapidly Changing Landscape Resources Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/ Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ

45 min
3 DE MAR.

How Gamification and Community Help Beginners Break Into Cloud and AI Security

In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration. Key Takeaways Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.His journey in cybersecurity began with help desk roles and evolved into penetration testing.Creating content is a great way to learn and contribute to the community.Cloud security presents unique challenges that require ongoing education and adaptation.Gamification in training enhances engagement but should not overshadow practical learning.Community involvement is crucial for personal and professional growth in cybersecurity.Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.Continuous learning is essential in the fast-paced cybersecurity landscape.Mentorship can significantly impact career development and confidence.Cloud security is a growing field with increasing demand for skilled professionals. sound bites "Learning is a great way to learn." "Community is a powerful thing." "Cloud is hard to secure." Chapters 00:00 Introduction to the Podcast and Guest 00:40 Ian Austin's Journey in Cybersecurity 06:40 Transitioning into Security Roles 10:54 Evolution of Learning in Cybersecurity 16:19 The Importance of Community in Learning 22:58 Challenges in Cloud Security 28:46 Staying Updated in the Cybersecurity Field Resources: https://pwnedlabs.io/ https://www.linkedin.com/in/ian-austin/

33 min
17 DE FEV.

Cracking Passwords and the Future of Passwords with Evil Mog

In this episode of the Security by Default podcast, host Joe Carson welcomes Evil Mog, an expert in password cracking and cybersecurity. They discuss the importance of Hacker Jeopardy in making cybersecurity fun, the ongoing challenges with passwords, and the evolving role of AI in password cracking. The conversation also touches on incident response, the significance of documentation, and the future trends in cybersecurity, including the shift towards passwordless authentication and the impact of AI on both attackers and defenders. Takeaways Hacker Jeopardy is a fun way to engage with cybersecurity.Teaching others helps reinforce your own knowledge.Passwords will remain a necessary evil in security.AI is enhancing password cracking methodologies.Documentation is crucial in incident response.The cost of hacking is increasing due to advanced techniques.Collaboration between red and blue teams is essential.Insider threats are on the rise in cybersecurity.Password management is fundamentally an asset management issue.Future trends indicate a shift towards passwordless authentication. Sound bites "Teaching helps you learn better." "Security is about enabling the business." "The cost of hacking is rising." Chapters 00:00 Introduction to Evil Mog and Hacker Jeopardy02:37 The Importance of Community and Teaching in Cybersecurity05:22 Password Security: The Louvre Incident07:59 The Evolution of Authentication Methods10:35 Challenges in Asset Management and Password Management13:15 Operational Technology (OT) Security Challenges15:53 The Role of Documentation in Cybersecurity18:42 AI in Cybersecurity: Automation and Password Recovery21:52 AI in Password Cracking24:56 Enhancing Human Capabilities with AI27:18 The Evolution of Cybercrime30:02 Trends and Predictions for Cybersecurity34:41 Collaboration in Cybersecurity37:24 The Future of Cybercrime and AI40:59 Connecting with Evil Mog

42 min
3 DE FEV.

Exploring Identity Security Trends with Charles Chase

In this episode of the Security by Default podcast, host Joe Carson speaks with Charles Chase about his journey into the cybersecurity field, focusing on identity security and privilege access management. They discuss the evolving trends in identity security, the importance of maintaining identity hygiene, and the impact of regulations like NIST 2 and DORA on organizational practices. The conversation also covers the shift towards passwordless security, the role of AI in identity management, and resources for those looking to enter the field. The episode concludes with reflections on the importance of identities in business and society. Takeaways Charles Chase fell into cybersecurity from a military background.The importance of understanding what you don't know in identity security.Organizations often have dormant accounts that pose security risks.Regulatory bodies are pushing organizations to improve their identity security practices.The shift towards passwordless security is gaining momentum.AI is becoming a valuable tool in identity management.Identity hygiene is crucial for reducing risks in organizations.The commoditization of identity solutions allows smaller businesses to implement security measures.Engaging with customers is key to understanding their unique identity security needs.The future of identity management is focused on user experience and automation. Sound bites "What do I not know?" "It's a learning tool." "It's a fun industry." Chapters 00:00 Introduction to the Podcast and Guest00:47 Charles Chase's Journey into Cybersecurity02:22 Trends in Identity Security and Best Practices05:54 Understanding Dormant Accounts and Their Risks09:54 The Shift Towards Passwordless Security12:45 The Role of AI in Identity Management18:35 The Importance of Digital Identity in Society26:45 Resources for Entering the Identity Space30:49 Conclusion and Final Thoughts Keywords cybersecurity, identity security, privilege access management, trends, best practices, passwordless security, AI in identity management, regulatory impact, identity hygiene, resources for cybersecurity

30 min
20 DE JAN.

Cyber Ops and OSINT with the Grugq

In this episode of the Security by Default podcast, host Joseph Carson engages with the Grugq, a cybersecurity expert and PhD student, discussing his journey into the field, the evolution of cybersecurity practices, and the complexities of information warfare. The Grugq shares insights on anti-forensics, the importance of understanding human behavior in cybersecurity, and the current landscape of cyber warfare, particularly in the context of the ongoing conflict in Ukraine. The conversation highlights the challenges and changes in the cybersecurity field, emphasizing the need for clarity and understanding in a chaotic information environment. Takeaways The Grugq's journey into cybersecurity began with a Unix book.He transitioned from internships to freelancing in cybersecurity.Moving to Thailand helped reduce living costs while consulting.Understanding anti-forensics is crucial for effective cybersecurity.The rules of cyber warfare differ significantly from peacetime operations.Information warfare involves changing how people interpret information.The Grugq emphasizes the importance of human behavior in cybersecurity.Staying updated in cybersecurity requires monitoring current events and engaging with experts.The evolution of cybersecurity tools has made it easier for new actors to operate.The Grugq's PhD research focuses on the realities of cyber warfare. Additional Resources: https://x.com/thegrugq https://github.com/grugq

46 min

Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

Criado por

Joseph Carson
Anos de atividade

2025 - 2026
Episódios

29
Classificação

Explícito
Copyright

© Copyright 2026 Joseph Carson
Site do podcast

Security by Default