In this episode of Unspoken Security , host A.J. Nash sits down with Ramesh Rajagopal, Co-Founder and CEO of Authentic8, to discuss the evolving landscape of digital investigations. They explore how modern intelligence teams navigate the deep and dark web, conduct secure open-source research, and protect themselves from exposure. Ramesh shares how his platform, Silo, empowers analysts by providing anonymity, obfuscation, and productivity tools to streamline investigations without compromising security. The conversation dives into the challenges of direct engagement with cybercriminal environments, the risks analysts face when conducting investigations, and how organizations are shifting towards more proactive intelligence programs. A.J. and Ramesh also discuss the growing adoption of digital investigation tools in the commercial sector, spanning industries from financial services to corporate security and brand protection. AI’s role in intelligence work also takes center stage, with insights on how automation can assist analysts without replacing human expertise. The episode closes with practical recommendations for organizations looking to strengthen their intelligence operations while balancing security, efficiency, and long-term strategic growth. Send us a text Support the show…

The intelligence community is often misunderstood, shrouded in secrecy, and clouded by misinformation. In this solo episode, A.J. Nash pulls back the curtain on how intelligence actually works, breaking down the 18 agencies that make up the U.S. intelligence community, their legal limitations, and the oversight that keeps them in check. He explains the different types of intelligence—SIGINT, HUMINT, OSINT, and more—highlighting their roles in national security. A.J. also addresses the myths surrounding intelligence work, including claims of government surveillance, political weaponization, and conspiracy theories. He details how intelligence professionals are trained to be objective, follow strict oversight, and operate within legal frameworks. With firsthand experience, he challenges misconceptions and explains why the reality of intelligence work is far less sinister than the public is often led to believe. Finally, A.J. discusses the impact of political rhetoric on intelligence agencies, emphasizing the importance of separating fact from fiction. He urges listeners to approach claims about intelligence abuse with scrutiny and to recognize the dedication of those working behind the scenes to protect national security. Send us a text Support the show…

DEF CON is more than just a hacking conference—it’s a community. In this episode, host AJ Nash sits down with Ada Zebra, a longtime goon and leader behind DEF CON Hotline, a resource dedicated to handling security incidents, harassment reports, and crisis situations at the event. Ada shares her journey from a first-time attendee to a key figure in DEF CON’s security efforts, shedding light on the history and evolution of the hotline. She discusses how the hotline was born out of necessity after an incident in 2017, when leadership realized DEF CON needed a dedicated space for attendees to report issues safely. Since its launch in 2018, the hotline has grown every year, bringing in highly trained volunteers to assist in complex situations ranging from restraining orders to personal safety concerns. AJ and Ada also explore the hotline’s relationship with DEF CON’s security team, how volunteers are selected and trained, and why fostering an inclusive environment matters in the hacker community. If you’ve ever wondered what happens behind the scenes at one of the world’s largest hacker gatherings, this episode offers an inside look at the challenges, responsibilities, and impact of the DEF CON Hotline. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash sits down with intelligence and security expert Brian Kime to explore the often misunderstood world of industry analysts. With years of experience at Forrester, Brian pulls back the curtain on how analysts conduct research, engage with vendors, and influence the cybersecurity landscape. Together, they address the widespread belief that vendor evaluations are purely “pay to play” and explain why this assumption misses the mark. Brian shares insights into the rigorous methodologies analysts use, the importance of vendor neutrality, and how advisory services help enterprises make informed decisions. He highlights how analysts serve as a bridge between security leaders and vendors, often guiding product development and procurement strategies. The discussion also touches on the value of contributing to analyst research, even for smaller vendors, and how to effectively build relationships with analysts. Whether you're a vendor aiming to get noticed or a CISO navigating technology decisions, this episode offers valuable takeaways on leveraging industry analysts for growth and strategic alignment. Send us a text Support the show…

In this episode of Unspoken Security, AJ Nash sits down with Ryan Cloutier, CEO of ScareBear Industries, to discuss the future of artificial intelligence. Ryan explains the evolution of AI, from its origins with Alan Turing to today's generative AI and large language models. He highlights the importance of understanding that AI, at its core, is mathematics. Ryan emphasizes the need for careful consideration of ethics and societal impact as AI continues to develop. Ryan discusses both the exciting potential and the inherent risks of AI. He explores the potential for misuse and the need for careful governance. He also highlights positive use cases, such as AI companions for the elderly and advancements in medicine. Ryan raises concerns about job displacement and the potential transfer of power from humans to machines. Ryan encourages listeners to become involved in their local AI communities and promote the safe and ethical development of this transformative technology. He stresses the importance of critical thinking and kindness in navigating the future of AI. He leaves listeners with a call to action: do a random act of kindness daily. Send us a text Support the show…

In this episode of Unspoken Security, host A.J. Nash sits down with Jeff Daisley, Principal Security Intelligence Engineer at Comcast, to explore the multifaceted world of executive protection. Together, they unpack the growing convergence of physical and cyber threats facing high-value individuals, including executives, public figures, and their families. From cyberattacks and social engineering to physical security breaches, Jeff emphasizes the importance of a holistic approach to safeguarding these individuals in today’s volatile landscape. Jeff shares actionable insights into building robust executive protection programs, highlighting the need for proactive measures like cyber hygiene, travel assessments, and device security. He underscores the role of trust and collaboration in integrating protective strategies that span personal and professional lives, ensuring the safety of not only the executives but also their inner circles. The conversation also delves into real-world examples, illustrating how vulnerabilities in seemingly small areas—like smart home technologies or insider threats—can lead to significant risks. Whether you’re an industry expert or simply security-conscious, this episode offers valuable perspectives on bridging the gap between digital and physical security in a rapidly evolving world. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash dives into the shadowy world of data brokers with guest Lawrence Gentilello, CEO of Optery. They begin by exploring what data brokers are, revealing how these companies collect, buy, and sell personal information—from dating app details to home addresses—to virtually anyone with a credit card. The conversation sheds light on the breadth of the industry and its impact on individual privacy, especially in the context of emerging technologies. Lawrence discusses the challenges of protecting personal data, detailing common security risks posed by apps, social media, and open web data. The episode emphasizes the need for proactive steps, like using password managers, enabling multi-factor authentication, and reducing one’s digital footprint to minimize exposure to these vast data exchanges. In the final segment, AJ and Lawrence address legislative measures around data privacy, including state-level laws and the evolving role of AI in data brokering. Lawrence shares how Optery’s automated data removal service helps individuals regain control over their personal information, reducing vulnerabilities and enhancing digital security. This episode is essential listening for anyone looking to better understand data privacy and protect their personal information. Send us a text Support the show…

On this episode of Unspoken Security, host AJ Nash welcomes Gary Berman, CEO of Cyberman Security. AJ speaks with Gary about his harrowing journey from successful business owner to victim of a persistent insider threat campaign. What started as financial fraud quickly spiraled into years of cyberstalking orchestrated by a group with suspected ties to a religious cult. Gary's story unveils the devastating impact of insider threats that extend far beyond financial loss. He details the emotional and psychological toll of being relentlessly targeted, both personally and professionally. His experience underscores the often-overlooked connection between cybercrime and extremist organizations. Now a cybersecurity advocate, Gary channels his experience into educating others. He discusses his work with Cyberheroes Comics and his latest venture: a platform designed to make high-level CISO talent accessible to small and medium-sized businesses. Send us a text Support the show…

In this episode of Unspoken Security, host Aj Nash sits down with Charity Wright, Principal Threat Intelligence Consultant at Recorded Future, to dive into the complexities of foreign influence on U.S. elections. They explore the evolving tactics used by nation-states like Russia and China, focusing on cyber threats, disinformation campaigns, and election interference. Charity highlights the growing concern over foreign actors exploiting vulnerabilities to weaken democracies. A key discussion point is the alarming rise of ransomware as a significant threat to the 2024 election. Charity explains how both nation-state and cybercriminal groups could disrupt critical infrastructure, potentially preventing voters from accessing polls or undermining public trust in the electoral process. The conversation wraps up by addressing how misinformation and disinformation campaigns have evolved, especially with the use of AI. Charity offers insights on how citizens can better identify credible sources and resist manipulative tactics designed to divide and destabilize. Send us a text Support the show…

In this episode of Unspoken Security, host A.J. Nash sits down with Dominic Vogel, founder of Vogel Leadership & Coaching, to discuss the importance of bringing humanity back into the cybersecurity field. Dominic shares his journey from corporate burnout to becoming an advocate for kindness and authenticity in an industry often focused on metrics and technology. Dominic explains how leading with empathy and building real, human connections can transform the workplace. He emphasizes that in a high-stress field like cybersecurity, creating positive environments is crucial for maintaining mental well-being and productivity. The conversation also touches on Dominic’s leadership approach, where he prioritizes relationships and kindness over traditional, rigid business strategies. Tune in to learn how Dominic is reshaping cybersecurity leadership by focusing on people first, showing that a human-centered approach can lead to long-term success in both business and personal life. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash talks with Crystal Morin, Cybersecurity Strategist at Sysdig, about the world of threat hunting. Crystal shares her journey from military linguist to cyber defender, highlighting the skills that translate across these fields. The conversation dives into what threat hunting is and why it's crucial for proactive cybersecurity. Crystal explains how she developed a company-wide threat-hunting program at Booz Allen Hamilton, emphasizing the importance of open-source tools and training. Crystal discusses the challenges of funding proactive security measures and the need for more threat hunters in the industry. She also touches on recent discoveries, including novel cybercriminal operations and targeted attacks against large language models. The episode wraps up with insights on making threat hunting accessible to more professionals in the cybersecurity field. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash sits down with Emily Phelps, Director of Marketing Communications at CYWARE. They dive into the core challenges and strategies in cybersecurity marketing. Emily emphasizes the importance of not just attracting customers but ensuring they are the right fit to prevent churn and frustration. She highlights the need for authenticity in marketing messages, noting that misleading claims can harm both the company's reputation and customer trust. AJ and Emily also discuss the essential goals of marketing within the cybersecurity industry, stressing the need to build and retain a loyal customer base. Emily shares her philosophy on marketing, focusing on creating value and clear, truthful communication rather than succumbing to the pressure of exaggerated claims. She underscores the importance of understanding the audience and articulating the unique value propositions of the company. The conversation delves into the broader role of marketing in supporting the security community. Emily explains how effective marketing can bridge the gap between technical experts and the market, fostering better understanding and collaboration. This episode provides a candid look at the realities of cybersecurity marketing and the principles that drive successful strategies. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash engages in an insightful conversation with Karla Reffold, Chief Product Officer at Surefire Cyber. The episode dives into the nuances of cybersecurity careers and leadership. Karla shares her journey from a background in recruiting and corporate governance to her current role in cybersecurity, highlighting her expertise in risk assessment and leadership. Karla discusses the importance of confidence and humility in career advancement, recounting stories of successful career transitions and emphasizing the need for clear career goals. She also reflects on the evolving nature of cybersecurity and the critical role of continuous learning and networking. AJ and Karla explore the significance of understanding risk in cybersecurity, with Karla underscoring the value of practical experience and networking over formal certifications. The episode concludes with a discussion on the challenges faced by women in the cybersecurity industry and the importance of resilience and self-belief. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash sits down with Paul Ashley, Chief Technology Officer at Anonyome Labs, to explore the intricacies of decentralized identity. Paul explains how decentralized identity offers stronger security and better privacy compared to traditional centralized and federated identity systems. He emphasizes the role of identity wallets, which store user identities and verifiable credentials, ensuring users maintain control over their personal information. Paul dives into the historical evolution from centralized identity systems in the 1990s to the current decentralized models. He highlights the limitations and privacy concerns associated with federated identity systems, such as data aggregation by large identity providers like Google. These concerns underscore the need for decentralized systems that empower users to manage their identities independently. The conversation also covers real-world applications of decentralized identity, including mobile driver's licenses, which offer selective disclosure and zero-knowledge proofs. These innovations allow users to share only necessary information, enhancing privacy and security. Paul predicts a significant impact of decentralized identity on the security landscape in the coming years, marking a transformative shift in how personal data is managed and protected. Send us a text Support the show…

In this episode of Unspoken Security, host AJ Nash welcomes Jeff Foley, founder and leader of the OWASP AMASS flagship project and Vice President and Distinguished Fellow of Research at ZeroFox. They dive into the critical importance of attack surface management (ASM) in cybersecurity, emphasizing the need for visibility from an adversarial perspective. Jeff explains how attackers spend most of their time on surveillance to deeply understand their targets; a vital component to improving the likelihood of being successful during any attack. AJ and Jeff discuss the transition from government to commercial cybersecurity - including the challenges and opportunities - and Jeff shares his insights on how the commercial sector can benefit from the disciplined and thorough approaches used in government cybersecurity. He stresses the importance of ASM as a form of intelligence, advocating for organizations to identify and manage their attack surfaces as attackers do proactively. The episode also covers the terminology and misconceptions surrounding ASM, with both AJ and Jeff agreeing that "attack surface management" may not fully capture the essence of the practice, suggesting "attack surface intelligence" as a more accurate term. They underscore the necessity for continuous monitoring and adaptation in a constantly evolving cyber threat landscape. Finally, as with all episodes of Unspoken Security, our guest (Jeff, in this case), reveals a secret...something that - to this point - has remained unspoken. Like every episode, Jeff doesn't disappoint! Send us a text Support the show…