Simplifying Cyber

Aaron Pritz, Cody Rivers
  • 5.0 (17)
  • CAREERS
  • UPDATED BIWEEKLY

This show features an interactive discussion, expert hosts, and guests focused on solving cyber security and privacy challenges in innovative and creative ways. Our goal is for our audience to learn and discover real, tangible, usable ideas that don't require a huge budget to accomplish. Shows like “How It’s Made” have become popular because they explain complicated or largely unknown things in easy terms. This show brings the human element to cyber security and privacy.

  1. Who’s That CISO? Allan Alford vs. Himself on Simplifying Cyber

    OCT 1

    Who’s That CISO? Allan Alford vs. Himself on Simplifying Cyber

    How does a CISO react to a live deepfake? In this eye-opening conversation with Alan Alford, CISO at NTT Global Data Centers, we kick off with a live deepfake demonstration that showcases the capabilities and limitations of this emerging technology. The demonstration serves as a springboard into a crucial discussion about the genuine threat deepfakes pose to organizations. While video deepfakes capture headlines, Alan reveals why audio deepfakes currently present the more dangerous and immediate risk vector for businesses. From CEO impersonation for fraudulent wire transfers to political misinformation campaigns, these technologies are already being weaponized in ways many security teams haven't prepared for. Our conversation takes an unexpected turn as Alan challenges one of cybersecurity's most persistent myths: that humans represent the "weakest link" in security. Instead, he champions the workforce as our strongest allies, sharing how simple recognition programs created security champions throughout his organization. His approach connects workplace security to employees' personal lives, dramatically increasing engagement and effectiveness. Alan offers a masterclass in balancing innovation with security, explaining how his organization approaches AI adoption through mandatory training programs and a top-down commitment from leadership. His race car analogy perfectly captures this balance: good security controls are like high-performance brakes that don't just slow you down—they enable you to take corners faster. For security leaders feeling overwhelmed by AI, Alan provides practical starting points that any organization can implement today. From experimenting with AI for personal hobbies to creating automated security reports through carefully crafted prompts, these small steps can build confidence and competence before tackling larger initiatives. Whether you're concerned about deepfake threats, searching for more effective security awareness approaches, or looking to safely implement AI in your organization, this conversation delivers actionable insights from a CISO who's successfully navigating these challenges daily. Listen now to transform how you think about humans, technology, and security in our rapidly evolving digital landscape. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    41 min
  2. Crocodiles in the Board Room! With Andy Ellis

    SEP 23

    Crocodiles in the Board Room! With Andy Ellis

    What makes a truly effective security leader in today's complex threat landscape? In this enlightening conversation with Andy Ellis, former CISO of Akamai Technologies and author of "1% Leadership," we explore how the role of the security executive has transformed from a technical specialist to a strategic business enabler. Andy shares his remarkable journey from Air Force information warfare specialist to becoming Akamai's first security hire, where he spent 20 years building a multi-billion dollar security business within the infrastructure company. His unique perspective challenges conventional thinking about security leadership, organizational structure, and how security teams should communicate risk to the broader business. "Your job as a security professional is really to enable the business to make wiser risk choices," Andy explains, reframing the security function away from being the department of "no" to becoming a trusted advisor that helps organizations understand and navigate risks effectively. Using colorful analogies about crocodiles in the boardroom, he illustrates why security leaders should focus on making relevant risks believable rather than raising alarms about threats that don't align with business priorities. We dive deep into the evolution of the CISO role, discussing why the traditional reporting structures may be outdated and how smaller companies are blending security leadership with IT functions as traditional infrastructure moves to SaaS. Andy challenges security professionals to understand why controls exist rather than just implementing them, asking three critical questions: "What is the real reason you do this? Could we stop? What should we do differently?" Whether you're an aspiring security leader or a seasoned CISO, this conversation offers valuable insights on leadership, communication, and how to deliver real security value in an increasingly complex digital landscape. Listen now to learn how small, incremental improvements in your leadership approach can transform your security program's effectiveness and business impact. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    38 min
  3. Cybersecurity and User Experience

    SEP 9

    Cybersecurity and User Experience

    WATCH this episode on our YouTube channel!  Ever wondered why employees keep finding ways around your security controls? The answer might lie in how those controls are designed and implemented. In this thought-provoking episode, we're joined by Matt Belanger, CIO of Republic Airways, to tackle one of cybersecurity's most persistent challenges: the friction between security requirements and user experience. When security measures become obstacles rather than enablers, "cyber erosion" occurs – users find workarounds that often create more risk than what you were trying to prevent in the first place. Through candid stories from the corporate trenches, we explore common friction points: problematic MFA rollouts, alert fatigue, vague policies, and the blocking of useful tools like cloud storage and AI platforms. Matt shares how communication breakdowns during technology transitions led to adoption failures, while host Todd recalls field workers deliberately damaging devices they believed were tracking them – powerful examples of what happens when security ignores human factors. The conversation shifts from problem to solution as we examine how design thinking principles can transform security implementations. Matt advocates for extending expectations of cyber professionals beyond technical expertise to include empathy and communication skills. As he powerfully states: "So often you hear about the trade-off... Do we want to make this secure or do we want to make this easy to use? And the answer is yes – it is a requirement to both be secure and easy to use." Ready to build security that people actually want to use? Listen now and discover why sometimes you need to slow down to ultimately secure your organization faster. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    36 min
  4. Third-Party Risk Management in Healthcare

    AUG 25

    Third-Party Risk Management in Healthcare

    Ever wonder why healthcare organizations are such prime targets for cyberattacks? In this eye-opening conversation with Kelly White, founder of Risk Recon, we uncover the startling reality that healthcare accounts for 37% of all breach events in the last decade. Kelly's journey from soldering Timex Sinclair computers in the late 70s to founding a pioneering third-party risk management platform offers a fascinating perspective on cybersecurity evolution. He shares how his side project—identifying indicators of vendor cyber health through internet-accessible information—grew from 30,000 lines of weekend code into a successful enterprise now providing crucial breach insights. The data tells a compelling story: organizations with good cybersecurity hygiene experience breach events at rates four to six times lower than those with poor practices. Yet many companies still chase sophisticated security solutions while neglecting fundamentals like secure remote access, proper network filtering, and effective identity management. As Kelly puts it, "If you don't have those foundations in place, you don't have much to build on." We explore AI's emerging role in third-party risk management, where it shows tremendous promise in automating questionnaire reviews and helping security professionals focus on meaningful risk treatment rather than administrative tasks. Kelly's advice for security leaders rings especially true: "Don't try to script your career so tightly that you're not open to opportunities," and remember that "growth begins where comfort ends." Whether you're a healthcare security professional, a CISO working with limited resources, or someone interested in the intersection of risk management and emerging technologies, this conversation offers invaluable insights from someone who's successfully navigated the cybersecurity landscape from practitioner to entrepreneur. Listen now to transform how you think about security fundamentals and third-party risk! 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    22 min
  5. Meet the Security Awareness Apologist

    AUG 18

    Meet the Security Awareness Apologist

    What happens after an employee clicks on a phishing link? Jason Hoenich (hey-nick), the self-proclaimed "Security Awareness Apologist," believes that's where the real education begins. Drawing from his experiences at major entertainment companies like Disney and Sony, Jason shares how live hacking demonstrations where employees witness real-time compromises create powerful, unforgettable learning moments. The conversation dives deep into why traditional security awareness approaches fall short. While phishing simulations and generic training modules check compliance boxes, they rarely drive meaningful behavior change. The most effective programs go beyond making people aware of threats—they make secure behaviors easy and intuitive while building a security-conscious culture from the ground up. One of Jason's most compelling insights revolves around relationship-building. Security awareness professionals who form strategic partnerships with HR, Legal, and Corporate Communications unlock unprecedented program potential. These connections transform potential roadblocks into champions who help tailor messaging and navigate brand considerations when creating engaging content. Security champion programs emerge as another powerful strategy for organizations with global or diverse workforces. By identifying influencers throughout different business units and locations, security teams can extend their reach and ensure messaging resonates across various cultures and job functions. These champions provide invaluable feedback while translating technical concepts into language that connects with their colleagues. The future of human risk management lies in personalization and actionable insights. Rather than just identifying risky behaviors, advanced tools should offer immediate remediation options—imagine a system that not only alerts an employee to unsecured files but offers a one-click solution to fix the vulnerability instantly. Ready to transform your security awareness program? Start by assessing your program's maturity and developing a comprehensive strategy that goes beyond basic tools. Remember Jason's advice: "Strategy, strategy, strategy. If you don't have one, work on it." Your journey toward meaningful security awareness begins with this episode. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    40 min
  6. Cybersecurity Mergers & Acquisitions - Crown Jewels and Red Flags

    AUG 11

    Cybersecurity Mergers & Acquisitions - Crown Jewels and Red Flags

    Ever wonder what lurks beneath the surface of that shiny acquisition target? Our expert panel, featuring M&A Expert Brandon Kern, pulls back the curtain on the hidden cyber risks that can make or break your next deal. When companies merge or acquire, cybersecurity considerations often take a backseat to financial projections and market synergies. Yet overlooking digital vulnerabilities can transform a strategic investment into a costly liability. In this revealing conversation, corporate veterans and M&A specialists share battle-tested strategies for conducting effective cyber due diligence without derailing deal momentum. The discussion kicks off with a practical comparison: cyber due diligence functions much like a home inspection when purchasing property. Just as you wouldn't commit to buying a house without checking for structural damage, acquiring a business without assessing its cybersecurity posture can lead to expensive remediation costs or even devaluation of critical assets. Our experts emphasize focusing on the "crown jewels" – the specific intellectual property, customer data, or technology capabilities that motivated the acquisition in the first place. Timing emerges as a crucial factor throughout the conversation. Bringing in cybersecurity professionals early provides opportunity to identify risks that might affect valuation or negotiation terms. However, the panel acknowledges the delicate balance between thorough assessment and maintaining deal momentum. They share practical approaches for prioritizing critical issues while deferring less immediate concerns to post-close planning – allowing security to enable rather than impede business objectives. The conversation also addresses often-overlooked aspects of M&A cybersecurity, including third-party relationships that come with the acquisition, organizational change management to reduce resistance, and strategies for maintaining business continuity during integration. With firsthand experience from both corporate and consulting perspectives, our experts provide a comprehensive playbook for protecting deal value through strategic cybersecurity planning. Whether you're a corporate development executive, private equity investor, or security leader supporting M&A activities, this episode delivers actionable insights for your next transaction. Listen now to learn how proper cyber due diligence can safeguard your investments and accelerate post-merger integration. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    27 min
  7. Cybersecurity for Entrepreneurs

    JUL 22

    Cybersecurity for Entrepreneurs

    Ever wonder how to protect sensitive data when you don't have an IT department? In this revealing conversation, two pharmaceutical industry veterans who recently launched their own consulting businesses share the cybersecurity challenges they never anticipated after leaving corporate America. Katie Hewitt, founder of BioVenture Advisors, and Laura Viaches, president of Endeavor Pharma Solutions, spent over 20 years each at Eli Lilly before venturing out on their own. Their transition from having robust corporate security infrastructure to becoming their own CISOs overnight offers powerful lessons for entrepreneurs handling confidential information. From Katie's experience juggling client demands before even setting up a domain name to Laura's methodical "stealth mode" approach to building secure systems, their contrasting journeys highlight different paths to the same goal: protecting client trust. The conversation reveals startling gaps in the healthcare consulting ecosystem, where clients with valuable intellectual property rarely audit the security practices of their advisors. "I'm more surprised that's not a question they're asking," notes Katie, highlighting how even sophisticated biotech companies often overlook security verification until regulatory requirements or funding rounds force the issue. Cybersecurity experts Aaron, Todd, and Cody offer practical advice for entrepreneurs navigating these challenges without enterprise budgets. Their recommendations focus on process-first approaches – identifying critical assets, working in client environments whenever possible, and implementing basic controls like multi-factor authentication before investing in complex solutions. The group explores how AI tools create new security considerations, particularly around meeting documentation and data retention. Whether you're launching a new venture or helping clients through their growth journey, this discussion delivers actionable insights about balancing security with entrepreneurial agility. The most valuable takeaway? "If you're a small business entrepreneur, you are the CIO and you are the CISO," Katie reminds us – taking this responsibility seriously from day one can transform security from a burden into a competitive advantage. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    39 min
  8. Navigating AI & Legal in Cyber with Tim Sewell

    JUN 23

    Navigating AI & Legal in Cyber with Tim Sewell

    Artificial intelligence has firmly established itself at the forefront of the cybersecurity agenda, creating both unprecedented opportunities and complex challenges for security leaders. In this eye-opening conversation with cybersecurity veteran Tim Sewell, we dive deep into the realities of implementing effective AI governance and security practices in today's rapidly evolving threat landscape. Tim shares invaluable insights on how AI has fundamentally transformed the cybersecurity domain, comparing this shift to the rise of desktop computing or cloud adoption. He cautions against the "wild west" approach to AI governance that many organizations have inadvertently embraced, where tools are deployed without proper oversight or awareness. Most concerning is his observation that AI is increasingly being integrated into existing business processes by vendors or partners without explicit notification, creating dangerous blind spots in security programs. The discussion reveals surprising developments in third-party risk management, where AI tools now handle everything from vendor questionnaires to SOC 2 report analysis. We explore the troubling reality of "AI sending questionnaires to AI that is responding to questionnaires," raising critical questions about trust and verification in our increasingly automated security ecosystem. Tim provides practical guidance for security teams on transparency in AI usage, particularly when making decisions that may later require justification in legal proceedings. Despite the focus on advanced AI capabilities, Tim emphasizes the continued importance of security fundamentals. He notes that sophisticated nation-state actors are increasingly targeting basic vulnerabilities like buffer overflows and cross-site scripting, especially in critical infrastructure with legacy technologies. For new security leaders, his advice is refreshingly straightforward: identify what you're protecting, assess existing controls, and practice your incident response. Listen now for essential insights on navigating the AI security landscape, from governance frameworks to practical implementation strategies that balance innovation with risk management. Whether you're a CISO looking to update your program or a security professional wanting to stay ahead of emerging threats, this episode delivers actionable knowledge for securing your organization in the age of artificial intelligence. 🔗 Connect with Us & Get in Touch Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics. No gatekeeping and no BS. We’re here to simplify. Official Website: www.revealrisk.com LinkedIn: https://www.linkedin.com/company/reveal-risk 🤘 Stay Secure with Us If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates. Reveal Risk delivers cybersecurity results, not just reports.

    26 min
See All (43)

5
out of 5
17 Ratings

About

This show features an interactive discussion, expert hosts, and guests focused on solving cyber security and privacy challenges in innovative and creative ways. Our goal is for our audience to learn and discover real, tangible, usable ideas that don't require a huge budget to accomplish. Shows like “How It’s Made” have become popular because they explain complicated or largely unknown things in easy terms. This show brings the human element to cyber security and privacy.

Information

  • Creator
    Aaron Pritz, Cody Rivers
  • Years Active
    2020 - 2025
  • Episodes
    43
  • Rating
    Clean
  • Copyright
    © 2025 Simplifying Cyber
  • Show Website
    Simplifying Cyber

You Might Also Like