Best Cyber Assurance Podcasts (2025)

1
Getting Clients To Take Cybersecurity Seriously 36:31

1h ago36:31

36:31

How do you get your clients to take cybersecurity seriously? I sat down with Ann Westerheim of Ekaru to discuss strategies for helping MSP clients improve their cybersecurity posture.

1
Agile Software Development Method (noun) [Word Notes] 7:45

8h ago7:45

7:45

Please enjoy this encore of Word Notes. A software development philosophy that emphasizes incremental delivery, team collaboration, continual planning, and continual learning CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/agile-software-development⁠ Audio reference link: "⁠Velocity 09: John Allspaw and Paul Hammond, "10+ Deploys Pe,⁠" …

1
Trump administration’s federal IT policy goals still need more clarity, former officials say 43:00

5d ago43:00

43:00

Just about seven months into the Trump administration and federal chief information officers are waiting for more explicit policy direction. The Office of Management and Budget has teased a little of their priorities, but a lot remains unknown. At a recent panel of former federal CIOs sponsored by AFFIRM, several weighed in on what they are looking…

1
This scam is now in session. 45:05

5d ago45:05

45:05

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe's sto…

1
Compliance and GTIA Cybersecurity Trustmark 18:02

7d ago18:02

18:02

Getting to compliance... Do you end up with more to do because you have the GTIA Cybersecurity Trustmark Assured? I sit down with Chase Griffin with ShowTech Solutions to talk about their experience and what has transpired since achieving Assured status and how that changed their outlook on improving their compliance to a standard and setting them …

1
Pegasus (noun) [Word Notes] 8:45

7d ago8:45

8:45

Please enjoy this encore of Word Notes. The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠ Audio reference link:⁠“Cybersecurity beyond the Headlines: A Conversatio…

1
Yeti or not, it’s a scam. 50:20

13d ago50:20

50:20

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some …

1
A Client's Journey Through Ransomware 41:22

14d ago41:22

41:22

When a client is hit with ransomware, it can be paralyzing. After the tabletop exercises carried out at #ChannelCon25, Jason Comstock of Clarity Technology Solutions explored ransomware and the path to recovery. Stay tuned to the end for Jason's after-action report.

1
Work from home, malware included. [OMITB] 32:14

15d ago32:14

32:14

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠Selena Larson⁠⁠⁠, ⁠⁠⁠Proofpoint⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠DISCARDED⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena…

1
Domain-based Message Authentication Reporting Conformance (DMARC) (noun) [Word Notes] 8:27

15d ago8:27

8:27

Please enjoy this encore of Word Notes. An open source email authentication protocol designed to prevent emails, spoofing in phishing, business email compromise or BEC, and other email-based attacks. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠ Audio reference link:"⁠Global Cyber Alliance's Phil Reitinger talks DMARC adoptio…

1
Barney changed USCIS’s cyber culture by putting the user first 43:25

16d ago43:25

43:25

Shane Barney, the former CISO at USCIS and currently the CISO for Keeper Security, said the move to zero trust received wide support from the program leaders. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

1
Click for a pay bump? 30:17

20d ago30:17

30:17

In this special episode of Hacking Humans, while Joe and Maria take a well-earned summer break, we’re joined by a special guest host: Rob Allen, Chief Product Officer at ThreatLocker. Rob dives into the tactics and profile of the cybercriminal group known as Scattered Spider—a crew that’s gained notoriety for its cunning use of social engineering o…

1
Reflect on TD Community PreDay 26:25

21d ago26:25

26:25

With more than 100 attendees for a full day of networking and learning. The TD preday and another 30+ next door for MSP-Ignite peer group facilitated discussions, it was a learning and growing experience for all. I sat down with Roddy B. of ShureWeb to get his take and perspective. We went off script a few times, and I'll be sure to bring some more…

1
Shields Up (noun) [Word Notes] 7:46

22d ago7:46

7:46

Please enjoy this encore of Word Notes. A condition announced by the US Cybersecurity and Infrastructure Security Agency (CISA) to draw attention to a temporary period of high alert, associated with expectation of a connected wave of cyberattacks prompted by either a widespread vulnerability or an unusually active and capable threat actor. CyberWir…

1
The delusional side of AI therapy. 51:54

27d ago51:54

51:54

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We've got some follow-up from…

1
Channelcon25: Preview of Preday and Cyber Track 27:34

28d ago27:34

27:34

Charles Love of ShowTech Solutions and I sit down to discuss Channelcon25. Why you should attend and a preview of some of the sessions. From MSP-Ignite and their peer group style conversations to Tech Degenerates and many other communities coming together for a Monday Pre-day and then rolling into the daily agenda, centered, of course, on sessions …

1
Software Assurance Maturity Model (SAMM) (noun) [Word Notes] 5:43

29d ago5:43

5:43

Please enjoy this encore of Word Notes. A prescriptive open source software security maturity model designed to guide strategies tailored to an organization’s specific risks. Audio reference link: "⁠⁠OWASPMSP - Pravir Chandra: Software Assurance Maturity Model (OpenSAMM)⁠⁠." by Pravir Chandra, OWASP MSP, 2009.…

1
Dramatic changes in UK Supply Chain Security 10:52

1M ago10:52

10:52

This episode dives deep into UK Supply Chain Cyber Security, a critical and often overlooked area in today's digital world. So, what exactly is it? It's about securing the entire network of external partners, suppliers, and third-party services that your business relies on. Imagine your company as only as strong as its weakest link. In the UK, this…

1
It’s all glitter, no gold. 47:13

1M ago47:13

47:13

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts share some follow-up, includi…

1
BEC, AI, and Recent Events 34:21

1M ago34:21

34:21

With some of the recent events in the ransomware space, I had a chance to hear firsthand from Dave Alton of Strategic Integrated Resources. I asked the question, "What is concerning you today?" This discussion has some action items that you can do with your own clients. Whether you are dealing with business email compromise, wire fraud, or are just…

1
Universal 2nd Factor (U2F) (noun) [Word Notes] 7:17

1M ago7:17

7:17

Please enjoy this encore of Word Notes. An open standard for hardware authentication tokens that use the universal serial bus, or USB, near-field communications, or NFCs, or Bluetooth to communicate one factor in a two-factor authentication exchange. Cyberwire Glossary link: ⁠⁠https://thecyberwire.com/glossary/u2f⁠⁠ Audio reference link: “⁠⁠Rise of…

1
Convinced, compromised, and confirmed. 51:16

1M ago51:16

51:16

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a ton of follow-up—from a sextortio…

1
Cyber Insurance vs Risk Management 35:48

1M ago35:48

35:48

Cybersecurity Insurance and Risk Management are generally conversations we avoid in the ITSP space, but with recent events, Matt Lee and I sit down to talk about how the two complement each other, the pitfalls, and some tips for protecting yourself through both.

1
adversary group naming (noun) [Word Notes] 10:17

1M ago10:17

10:17

Please enjoy this encore of Word Notes. A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain.By N2K Networks

1
Next phase of digital transformation for SEC, PTO begins 43:10

2M ago43:10

43:10

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

1
Brushed aside: The subtle scam you didn't order. 44:00

2M ago44:00

44:00

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠Dave Bittner⁠⁠, ⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up, as Joe shares with us a compl…

1
GTIA Cybersecurity Trustmark - Assured 34:13

2M ago34:13

34:13

With more than 30 ITSPs through their first assessment cycle, I wanted to take some time to get feedback on why it is an important process for any ITSP. A raw conversation with someone who will pull no punches on providing feedback as it pertains to the Trustmark and the history of what Trustmarks have come out of GTIA for its members. Charles Love…

1
BSIMM (noun) [Word Notes] 6:09

2M ago6:09

6:09

Please enjoy this encore of Word Notes. A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/bsimm⁠ Audio reference link: “⁠OWASP AppSecUSA 2014 - Keynote: Gary McGraw - BSIMM: A Dec…

1
The RMM protocol: Remote, risky, and ready to strike. [Only Malware in the Building] 39:25

2M ago39:25

39:25

Please enjoy this encore of Only Malware in the Building. Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a buil…

1
The many faces of fraud. 41:58

2M ago41:58

41:58

This week, our hosts⁠⁠⁠⁠⁠⁠⁠ ⁠Dave Bittner⁠, ⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from listener Abdussobur, who wonders if…

1
Challenges and Opportunities 33:48

2M ago33:48

33:48

The challenges and opportunities facing Managed Service Providers (MSPs) in 2025 are ever-changing, and the twists and turns keep any MSP on their toes. As I sat down with Brian Rodgers of Aeko Tech, we discussed several topics and found ourselves hitting on a recurring trend: the ever-evolving role of AI in business operations. Here are the four a…

1
OWASP vulnerable and outdated components (noun) [Word Notes] 8:04

2M ago8:04

8:04

Please enjoy this encore of Word Notes. Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discovered vulnerabilities or because newer versions have superseded the deployed version. Audio reference Link: "⁠The…

1
Space Force, DIU open the door wider to commercial technologies 44:14

2M ago44:14

44:14

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

1
Gold bars and bold lies. 45:57

2M ago45:57

45:57

Please enjoy this encore of Hacking Humans. On Hacking Humans, ⁠Dave Bittner⁠, ⁠Joe Carrigan⁠, and ⁠Maria Varmazis⁠ (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there…

1
Insights on Data Intelligence with Pedro Castillo 24:09

2M ago24:09

24:09

Where does my data go? What data was sent across the API? How do we separate the signal from the noise? Pedro Castillo of Onum and I sit down to talk about what might be the subsequent transformation of data processing since Akamai came on the scene. Onum's mission is to address the challenges in data management and cybersecurity. Enjoy our raw con…

1
Managing online security throughout the decades. 43:09

2M ago43:09

43:09

This week, our hosts⁠⁠⁠⁠⁠ Dave Bittner, ⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with some more chicken follow up, this week, delving into malware-relat…

1
Practical Insights From Recovering MSPs 54:00

2M ago54:00

54:00

A fireside chat with George Bardissi of bVoIP and me at the 1Stream by bVoIP Partner Gathering. Mistakes we made, the challenges we overcame, and then we jump into some interesting questions ranging from AI and Insurance to the Cybersecurity Trustmark and how it benefits MSPs. This is a different format and was recorded with a live audience.…

1
OWASP software and data integrity failures (noun) [Word Notes] 8:27

2M ago8:27

8:27

Please enjoy this encore of Word Notes. Code and data repositories that don't protect against unauthorized changes.By N2K Networks

1
Navy PEO C4I focusing on speed, creativity, effectiveness 43:29

2M ago43:29

43:29

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

1
No cameras, no crew—just code. 46:33

3M ago46:33

46:33

This week, our hosts⁠⁠⁠ ⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠, and ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠T-Minus⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from a listener on class action settlements: they’re a class action attorney …

1
2025 UK Cyber Breaches Survey: What need to know - What you need to do 20:07

3M ago20:07

20:07

Business Leaders Cyber Briefing - Episode 12: Key Takeaways What You'll Learn from This Episode Trish and Tom from Cool Waters Cyber break down the 2025 Cyber Security Breaches Survey findings to help UK financial services leaders understand their current risk landscape and improve their cyber defenses. Critical Insights for Business Leaders Your R…

1
OWASP server-side request forgery (noun) [Word Notes] 7:38

3M ago7:38

7:38

Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.By N2K Networks

1
The great CoGUI caper. [OMITB] 35:20

3M ago35:20

35:20

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is jo…

1
GRC Platforms and Other Tools 27:32

3M ago27:32

27:32

Sitting with Henry Tim of Tech Degenerates and Phantom Technology Solutions to talk about GRC platforms. What makes it a GRC platform? How important is a GRC in my MSP? These questions and several others are tackled, and I think we have found some answers.