Hacking Humans: "Pass the intel, please. [OMITB]"

Date: November 4, 2025
Host: N2K Networks
Theme: Deception, influence, and social engineering in the world of cyber crime—this episode focuses on information sharing and public-private partnerships in cybersecurity.

Overview

In this conversational and lively episode, Selena, Keith, and Dave blend humor and expertise on a "road trip" to the Fishy Awards, then dive into a deep discussion about the importance, challenges, and impact of information sharing between the public and private sectors in the fight against cybercrime. Drawing on personal experience and recent high-profile operations, they explore why partnerships matter, how trust is built, the difficulties organizations face, and how effective sharing can vastly improve collective defense.

Key Discussion Points

Setting the Stage: Why Information Sharing?

Conference Serendipity: Selena and Keith recently met unexpectedly at a Europol conference, sparking this episode’s focus on public-private alliances and how collaboration strengthens cybersecurity.

"It's one of these lovely little kismet moments that are happening all the time at conferences.” — Selena [04:10]
Karaoke Metaphor: Dave likens info sharing to karaoke—everyone's excited until it’s their turn to participate, highlighting reluctance in practice.

"Public private partnerships are kind of like karaoke. Everybody's enthusiastic until it's their turn." — Dave [05:13]

The Genesis & Structure of Public-Private Partnerships

Early Initiatives: Keith recounts the creation of the NCFTA (National Cyber Forensic and Training Alliance) as a neutral, nonprofit hub for sharing between banks, government, and academia in Pittsburgh.

“It wasn’t owned by government, it wasn’t owned by any company or any academic institution. And then this way you can kind of come together and share cyber threat intelligence.” — Keith [07:27]
Balancing Skepticism & Privacy: Initial responses were skeptical due to concerns over exposing sensitive data or reputational risk.

“There is a lot of animosity or concern, really, at the beginning... make sure that you do it right.” — Keith [08:13]
"No one wants to be center of gossip, whether it’s about a cyber attack or, you know, how many dips you ate at a party, Dave." — Selena [09:44]
Visibility Gap: No single entity has the full picture; each participant offers a unique perspective (e.g., Proofpoint focuses on initial access but relies on others for post-exploitation insight).

“Every company has unique visibility. No one is looking at all of the same information.” — Selena [09:58]

How Collaboration Happens (and Why It Works)

Real-World Success: Operation Endgame is spotlighted as a positive example—significant botnets were dismantled via joint effort.

“That would not have happened without everyone coming together and sharing their information.” — Selena [10:40]
Concrete Stories:

"When we did the core flood takedown... we had to go to the Attorney General and present our solution. And he’s like, ‘Okay... just remember, guys, if you break it, you bought it.’” — Keith [12:34]
Actionable versus Abstract:

“It’s not like, hey, we want all your data. Nobody has the time to go through all the data anyways. But it’s like, if you know that this particular piece of malware is going to affect a number of people, then you can pull those teams together and share that specific information.” — Keith [11:50]
Information Sharing Platforms: ISACs, the Cyber Threat Alliance, and frameworks like MITRE ATT&CK are crucial, channeling both broad alerts and specific, actionable info to communities.

“As a researcher... one of the best things about information sharing is it helps me get to know other people within the community and like what they sort of specialize in.” — Selena [16:00]

Overcoming Barriers

Making the Case Internally: To convince boards or legal teams, reframe participation as both a protective and reputational win.

“...being part of the greater good will actually help impact and make your company safer... if you’re part of the takedown, you may get your name on the press release.” — Keith [13:53]
Trust and Personal Relationships: Much work is facilitated through trusted, informal channels—group chats, backchannel signals, and "high school reunion" conference vibes.

“It’s all built on trust, you know, so it’s really building these personal relationships and understand who does what in what company.” — Keith [20:13]
Government Responsibility and Legal Protections:

“Organizations need these reinsurances from the government that they can share without risk of repercussions.” — Dave [22:05]
“Without [liability protections], probably 90% of legal counsel is going to say no.” — Keith [23:26]

Practical Impact, Wins, and Roadblocks

Recent Successes: The Loomis Stealer takedown is cited as an example of near-term, real-world impact—imposing costs and disrupting cybercrime ecosystems, even if threat actors sometimes regroup.

“...impose costs, like literal financial costs as well as the time cost and the reputation cost can be massive.” — Selena [24:10]
Publishing Research: Openly publishing findings (e.g., remote monitoring & management abuse) often seeds further collaboration and reciprocal sharing across the industry.

“Publishing information begets more information. It’s fantastic.” — Selena [26:35]
Moderation in Sharing: The risk of "oversharing" is rare; more commonly, wider sharing leads to benefits for a broader array of organizations, especially smaller banks or less-resourced entities.

“If you’re sharing that information, you’re really helping the greater good, down the line as well.” — Keith [29:37]

Notable Quotes & Memorable Moments

“Qual quality assurance is everyone’s responsibility.” — Dave, amid the chip-and-dip banter [01:03]
“Chain of custody.” — Dave, joking about guarding chip dips like evidence [02:48]
“Information sharing is like karaoke. Everybody’s enthusiastic until it’s their turn.” — Dave [05:13]
“If you break it, you bought it.” — Attorney General, per Keith’s story [12:34]
“Nobody wants to just share information to a black hole.” — Keith [33:26]
“Deck the halls with threat intelligence.” — Selena [34:21]
“Caring is sharing.” — Dave [34:16]

Timestamps for Important Segments

03:03: Episode Topic Intro—information sharing and public-private partnership
06:22: Historical context: NCFTA founding and approach
08:54: What makes orgs cautious about sharing
10:28: Operation Endgame and lessons on collaborative success
13:24: Making the case for prioritizing sharing within private orgs
15:09: Non-governmental options (ISACs, alliances, frameworks)
20:00: Behind-the-scenes collaboration ("backchannels," trust)
22:05: Legal reforms & government’s enabling role
23:52: Recent successful takedowns & their impacts
26:35: The power of publishing research and collaborative discovery
29:14: Risks of oversharing (rare) and benefits to the community
30:43: Future of information sharing—hope for normalization
33:26: Importance of communication about outcomes
34:21: Holiday pun—decking the halls with threat intelligence

Tone & Language

The episode is lively, joking (especially with "chip and dip" metaphors as analogies for trust and gatekeeping), self-effacing, and insightful—balancing technical expertise with accessibility. The hosts’ camaraderie and passion for cybersecurity’s “greater good” shines through.

Episode Takeaways

Information sharing is essential. No organization or government sees the whole cyber threat landscape alone; partnerships, trust, and collaboration are vital.
Trust needs nurturing. Both formal infrastructure (alliances, frameworks, legal protections) and informal connections (private chats, conference friendships) drive meaningful action.
Collective defense is a journey. Public-private partnerships must move beyond “buzzword” status to deliver actionable, visible outcomes—and celebrating “little wins” is key to building community buy-in.

Conclusion

Through banter, anecdotes, and first-hand experience, this episode makes a compelling case that actionable, trusted information sharing is central to cyber defense. The hope: that in the near future, sharing becomes as natural—and essential—as breathing for the cybersecurity community.

Hacking Humans: "Pass the intel, please. [OMITB]"

Overview

Key Discussion Points

Setting the Stage: Why Information Sharing?

Conference Serendipity: Selena and Keith recently met unexpectedly at a Europol conference, sparking this episode’s focus on public-private alliances and how collaboration strengthens cybersecurity.

"It's one of these lovely little kismet moments that are happening all the time at conferences.” — Selena [04:10]
Karaoke Metaphor: Dave likens info sharing to karaoke—everyone's excited until it’s their turn to participate, highlighting reluctance in practice.

"Public private partnerships are kind of like karaoke. Everybody's enthusiastic until it's their turn." — Dave [05:13]

The Genesis & Structure of Public-Private Partnerships

Early Initiatives: Keith recounts the creation of the NCFTA (National Cyber Forensic and Training Alliance) as a neutral, nonprofit hub for sharing between banks, government, and academia in Pittsburgh.

“It wasn’t owned by government, it wasn’t owned by any company or any academic institution. And then this way you can kind of come together and share cyber threat intelligence.” — Keith [07:27]
Balancing Skepticism & Privacy: Initial responses were skeptical due to concerns over exposing sensitive data or reputational risk.

“There is a lot of animosity or concern, really, at the beginning... make sure that you do it right.” — Keith [08:13]
"No one wants to be center of gossip, whether it’s about a cyber attack or, you know, how many dips you ate at a party, Dave." — Selena [09:44]
Visibility Gap: No single entity has the full picture; each participant offers a unique perspective (e.g., Proofpoint focuses on initial access but relies on others for post-exploitation insight).

“Every company has unique visibility. No one is looking at all of the same information.” — Selena [09:58]

How Collaboration Happens (and Why It Works)

Real-World Success: Operation Endgame is spotlighted as a positive example—significant botnets were dismantled via joint effort.

“That would not have happened without everyone coming together and sharing their information.” — Selena [10:40]
Concrete Stories:

"When we did the core flood takedown... we had to go to the Attorney General and present our solution. And he’s like, ‘Okay... just remember, guys, if you break it, you bought it.’” — Keith [12:34]
Actionable versus Abstract:

“It’s not like, hey, we want all your data. Nobody has the time to go through all the data anyways. But it’s like, if you know that this particular piece of malware is going to affect a number of people, then you can pull those teams together and share that specific information.” — Keith [11:50]
Information Sharing Platforms: ISACs, the Cyber Threat Alliance, and frameworks like MITRE ATT&CK are crucial, channeling both broad alerts and specific, actionable info to communities.

“As a researcher... one of the best things about information sharing is it helps me get to know other people within the community and like what they sort of specialize in.” — Selena [16:00]

Overcoming Barriers

Making the Case Internally: To convince boards or legal teams, reframe participation as both a protective and reputational win.

“...being part of the greater good will actually help impact and make your company safer... if you’re part of the takedown, you may get your name on the press release.” — Keith [13:53]
Trust and Personal Relationships: Much work is facilitated through trusted, informal channels—group chats, backchannel signals, and "high school reunion" conference vibes.

“It’s all built on trust, you know, so it’s really building these personal relationships and understand who does what in what company.” — Keith [20:13]
Government Responsibility and Legal Protections:

“Organizations need these reinsurances from the government that they can share without risk of repercussions.” — Dave [22:05]
“Without [liability protections], probably 90% of legal counsel is going to say no.” — Keith [23:26]

Practical Impact, Wins, and Roadblocks

Recent Successes: The Loomis Stealer takedown is cited as an example of near-term, real-world impact—imposing costs and disrupting cybercrime ecosystems, even if threat actors sometimes regroup.

“...impose costs, like literal financial costs as well as the time cost and the reputation cost can be massive.” — Selena [24:10]
Publishing Research: Openly publishing findings (e.g., remote monitoring & management abuse) often seeds further collaboration and reciprocal sharing across the industry.

“Publishing information begets more information. It’s fantastic.” — Selena [26:35]
Moderation in Sharing: The risk of "oversharing" is rare; more commonly, wider sharing leads to benefits for a broader array of organizations, especially smaller banks or less-resourced entities.

“If you’re sharing that information, you’re really helping the greater good, down the line as well.” — Keith [29:37]

Notable Quotes & Memorable Moments

“Qual quality assurance is everyone’s responsibility.” — Dave, amid the chip-and-dip banter [01:03]
“Chain of custody.” — Dave, joking about guarding chip dips like evidence [02:48]
“Information sharing is like karaoke. Everybody’s enthusiastic until it’s their turn.” — Dave [05:13]
“If you break it, you bought it.” — Attorney General, per Keith’s story [12:34]
“Nobody wants to just share information to a black hole.” — Keith [33:26]
“Deck the halls with threat intelligence.” — Selena [34:21]
“Caring is sharing.” — Dave [34:16]

Timestamps for Important Segments

03:03: Episode Topic Intro—information sharing and public-private partnership
06:22: Historical context: NCFTA founding and approach
08:54: What makes orgs cautious about sharing
10:28: Operation Endgame and lessons on collaborative success
13:24: Making the case for prioritizing sharing within private orgs
15:09: Non-governmental options (ISACs, alliances, frameworks)
20:00: Behind-the-scenes collaboration ("backchannels," trust)
22:05: Legal reforms & government’s enabling role
23:52: Recent successful takedowns & their impacts
26:35: The power of publishing research and collaborative discovery
29:14: Risks of oversharing (rare) and benefits to the community
30:43: Future of information sharing—hope for normalization
33:26: Importance of communication about outcomes
34:21: Holiday pun—decking the halls with threat intelligence

Tone & Language

Episode Takeaways

Information sharing is essential. No organization or government sees the whole cyber threat landscape alone; partnerships, trust, and collaboration are vital.
Trust needs nurturing. Both formal infrastructure (alliances, frameworks, legal protections) and informal connections (private chats, conference friendships) drive meaningful action.
Collective defense is a journey. Public-private partnerships must move beyond “buzzword” status to deliver actionable, visible outcomes—and celebrating “little wins” is key to building community buy-in.

wavePod

Pass the intel, please. [OMITB]

Powered by Wave AI

Summary

Hacking Humans: "Pass the intel, please. [OMITB]"

Overview

Key Discussion Points

Setting the Stage: Why Information Sharing?

The Genesis & Structure of Public-Private Partnerships

How Collaboration Happens (and Why It Works)

Overcoming Barriers

Practical Impact, Wins, and Roadblocks

Notable Quotes & Memorable Moments

Timestamps for Important Segments

Tone & Language

Episode Takeaways

Conclusion

Summary

Hacking Humans: "Pass the intel, please. [OMITB]"

Overview

Key Discussion Points

Setting the Stage: Why Information Sharing?

The Genesis & Structure of Public-Private Partnerships

How Collaboration Happens (and Why It Works)

Overcoming Barriers

Practical Impact, Wins, and Roadblocks

Notable Quotes & Memorable Moments

Timestamps for Important Segments

Tone & Language

Episode Takeaways

Conclusion