Deepfakes, Donations, and Deception: The Psychology of the Cyber Con
Threat actors are exploiting human psychology using sophisticated techniques like AI-powered deepfakes and emotional manipulation to bypass traditional security defenses. This episode explores how nonprofits and consumer organizations are increasingly targeted by highly effective scams, including CEO impersonation fraud, Business Email Compromise (BEC), and fraudulent social media donation requests. We break down the new threat landscape, highlighting why effective countermeasures require comprehensive security awareness training and strong organizational policies to combat the persuasive principles of Liking, Authority, and Scarcity.
Sponsors:
www.cisomarketplace.com
www.scamwatchhq.com
Merch - 25% off Black Friday
securitybydesignshop.etsy.com
--------
40:50
--------
40:50
The Accidental Leak: Why You're the Biggest Threat to Your Own Data
We dive into the most financially devastating threats of 2025, revealing how ransomware, which accounted for 76% of incurred losses in one portfolio, and vendor breaches continue to drive significant financial damage. The discussion explores how AI is turbocharging social engineering and credential stuffing (which caused a 250% increase in Account Takeover attacks in 202), enabling threat actors like Scattered Spider to "log in" using valid credentials rather than breaking in. We break down critical defenses—from Multi-Factor Authentication (MFA) to tokenization—and examine how everyday human mistakes, like pasting production credentials into random online formatting tools, create massive enterprise risk.
Sponsors:
www.cisomarketplace.com
www.scamwatchhq.com
Merch - 25% off Black Friday
securitybydesignshop.etsy.com
--------
29:01
--------
29:01
MTTR: Tactics, Trust, and Time-to-Report
This podcast dissects adversary tactics, techniques, and procedures (TTPs), focusing on how attackers leverage social engineering and human psychological weaknesses like fear and trust to gain unauthorized access. We explore the proactive strategies of Red Teaming and Breach and Attack Simulation (BAS), which use the MITRE ATT&CK framework to emulate real-world attacks and test defensive capabilities. Tune in to understand the critical security metrics—like Mean Time to Detect (MTTD), Mean Time to Resolve (MTTR), and Reporting Rate—that quantify security program success and resilience against modern threats.
Sponsors:
www.cisomarketplace.services
securitybydesignshop.etsy.com - 25% off Black Friday Sale
--------
45:15
--------
45:15
Zero Trust to SCADA: Navigating the InfoSec Mandate
This podcast explores the comprehensive responsibilities of modern InfoSec professionals, ranging from core security operations like vulnerability management across operating systems, network devices, and containers, to ensuring physical security and managing application development standards. Dive deep into emerging and complex domains such as AI Governance, securing training data for GenAI models, managing IoT device identities, and navigating the convergence of IT, OT, and IoT/IIoT systems. Learn how leading security teams establish effective governance frameworks (like NIST, ISO, or CMMC), implement robust Incident Response Playbooks, and leverage automation (SOAR) to align security strategy with continuous corporate objectives and board oversight.
www.securitycareers.help/forget-the-hoodie-4-surprising-realities-of-modern-cybersecurity
Sponsors
www.cisomarketplace.com
www.cisomarketplace.services
--------
14:25
--------
14:25
The Privacy Divide: State Laws, Age Limits, and the Battle for the Under-18 Consumer.
This episode explores the complex division in state mandates between general consumer privacy laws and specific children’s design codes, which often function as separate acts or amendments. We break down how compliance is determined either by broad, quantitative thresholds like annual gross revenue and high data volume, or by the specific service's intention or likelihood of being accessed by minors. Crucially, we contrast the age ranges, noting that while general consumer laws often apply up to age 15 or 17, specific design codes and app store regulations increasingly mandate protections for users up to Under 18
www.compliancehub.wiki/beyond-coppa-the-surprising-legal-maze-of-u-s-childrens-data-privacy
Sponsors:
https://childrenprivacylaws.com
https://www.compliancehub.wiki
https://www.myprivacy.blog
CISO Insights: The Cybersecurity Leadership PodcastWhere Security Leaders Shape Tomorrow’s DefensesJoin us for CISO Insights, the definitive podcast for cybersecurity executives navigating today’s evolving threat landscape. Each episode delivers exclusive conversations with industry pioneers and practical frameworks from security leaders.CISO Insights provides actionable intelligence for executives building resilient security programs. We cover everything from board-level risk communication to threat detection, compliance, and talent development.Whether you’re a CISO, aspiring security leader, or technology executive, we equip you with the tools to thrive in a complex digital environment.Connect with us:Shop: cisomarketplace.comNews: threatwatch.newsPodcast: cisoinsights.showTools: microsec.toolsAI Resources: cybersecuritygpt.storeFollow us:TikTok @cisomarketplace - Quick insights and security tipsYouTube @cisomarketplace - In-depth discussions and CISO interviewsTiktok & Youtube: @ScamwatchHQPowered by grit, fueled by caffeine. Thanks for keeping us going!coff.ee/cisomarketplacecoindrop.to/cisomarketplace
España