Podcast
Pwned: The Information Security Podcast
Hosted by Justin Fimlaid · EN
Pwned is a weekly information and cyber security podcast addressing real-world security challenges. Occasionally funny, always informational, and driven by those who live and breathe security. Each episode we dive into the latest and greatest in technology, security frameworks, best practices, and how-tos. We’ll chat with industry leaders to learn how they got to where they are, what they see coming, and how they learned from their mistakes.
10episodes
Episodes
Newest firstAll episodes
Episode 200 - Reflections of Pwned...Until Next Time
Apr 3, 202400:36:43Tap to summarizeIn this episode of Pwned, Justin and Jack celebrate their milestone 200th episodes the best way they can…with some good old Ransomware Rye. Join the duo offsite at Mad River Distillers tasting room in Burlington, Vermont, as they review podcast excerpts from the last few years and respond with fresh takes, all while guessing who actually said it. Check out the links below on people we reference in this episode:Glen Bressner, Co-Founder and Managing Partner, Activate VP Chris Metinko, Senior Reporter, Crunchbase News Key moments: 00:00 – Title Sequence00:20 – Introduction05:30 – Café Press and Hot, Stinky Soup10:17 – Punxsutawney Programmer15:05 – Sometimes You Should Argue the Price of Champagne 21:36 – Parsing Through Cybersecurity Product TUD 26:30 – Meat Market March 31:13 – Beyond the Badness-Ometer34:57 – Wrap UpIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 199 - When a BlackCat Crosses Your Path...
Mar 21, 202400:24:28Tap to summarizeIn this episode of Pwned, BlackCat rises from the grave for another life full of ransomware attacks; this time targeting a healthcare organization, Change Healthcare, for a whopping $22 million. Join Justin and Jack as they look through the facts and speculate that BlackCat may not be who they say they are. If you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 198 - Heard it Through the Grapevine - Beyond the Beltway, 2024
Mar 8, 202400:16:25Tap to summarizeIt’s a first, with Jack going solo, and the subject is a set of 8 recent recommendations from senior IT and security leaders at the recent e.Republic/Center for Digital Democracy Beyond the Beltway show. Panels of executives described their experience with successful security and technology communications, and Jack interprets and applies these for our Pwned cybersecurity audience. It’s a rare view into the minds and reactions of the kind of leaders that we know are fundamental to the success of any security strategy.Check out these links:e.Republic: https://www.erepublic.com/Beyond the Beltway: https://events.govtech.com/Beyond-the-Beltway-2024.html#/agendaCenter for Digital Government: https://www.govtech.com/cdgKey takeaways: 00:00 - Title Sequence00:25 – Introduction02:48 – Know the Plan03:58 – Bring Objective Data05:02 – Speak to All06:05 – Find the Baseline07:45 – Upskill My Team10:11 - Everything is Relative11:50 - Bring the Value13:10 - Prepare for Change14:27 – RecapIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 197 - Curt Wood, CISA, and the Cavalry
Feb 21, 202400:30:36Tap to summarizeWell-known public sector executive advisor, Curt Wood, joins the team to talk about the role of the Cybersecurity and Infrastructure Security Agency (CISA), statewide cybersecurity, and the complex responsibilities of leaders as they understand and integrate multiple communities in their cybersecurity planning. As former executive secretary and CIO for the Commonwealth of Massachusetts and the current executive director for the 2023/2024 SLED Cybersecurity Priorities Report (CPR), Curt is going broad and deep with Justin Fimlaid and Jack Danahy on the changing nature of threat intelligence, interagency communications, and establishing a leadership position for cybersecurity.View the CISA websiteDownload the CPRIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 196 - The Recent MOAB Event -- Mother or Just Another?
Feb 14, 202400:20:17Tap to summarizeJustin Fimlaid and Jack Danahy are talking about the recent 26.6B records found exposed. While the records are mainly old, the Pwned perspective is always new. Listen in for some history, some discussion of other expert views like Troy Hunt and others, and a perspective on whether this Mother of All Breaches may in fact be more of a news story and less of a new story.View Troy's article: Troy Hunt: The Data Breach "Personal Stash" EcosystemView the original MOAB post: Mother of All Breaches: a Historic Data Leak Reveals 26 Billion Records | CybernewsKey Takeaways:00:00 – Title Sequence00:45 – Introduction to topic: Mother of All Breaches02:24 – Public Reaction03:42 – Where Did the Records Come From?05:28 – Mystery Leads to Uproar08:25 – Biggest Takeaway From the Breach10:53 – Making Improvements, But Still a Long Way to Go13:13 – Complex Passwords and Password Vaults15:40 – AI-Generated Code 18:00 – SummaryIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 195 - Reflections on Election Security
Feb 9, 202400:26:14Tap to summarizeIn a discussion covering election issues from disinformation to voter access, Justin Fimlaid and Jack Danahy are both dispelling and reinforcing listener concerns about the impact of technology and cyber threats on the upcoming elections. Tune in for an in-depth discussion on disinformation, newly proposed government/social media contact restrictions, and a look into what may come (or that the team think should come) to deliver more secure elections in the future.Key Takeaways:00:00 – Title Sequence00:22 – Introduction04:16 – Social media and influencing elections06:50 – Disinformation from the very beginning10:33 – Can we ever go back to disconnected elections?13:47 – Trusting election security technology16:37 – Estonia’s voting technology18:43 – Voting ID’s and intrusiveness 21:33 – Education and election awareness24:30 – Wrapping upIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 194 - Pulling MXDR Out of the Pit of Despair
Jan 31, 202400:23:46Tap to summarizeIt’s been over two years since the team examined the overuse and increased malleability of the term “XDR” and were forced to sentence that term to the Pwned terminology dungeon, the “Pit of Despair”. Well, times change, and our intrepid topical explorers are seeing signs that a reexamination is deserved, as XDR is becoming more understood, and Managed XDR (MXDR) is now a reality. Join Justin Fimlaid and Jack Danahy in this episode of Pwned as they carefully pull MXDR out of the "Pit of Despair" by the suspenders. The guys explore and wade through the industry jargon that has complicated views of threat detection and response technology and services, and ultimately, make the rescue.Check out the original episodes where they were placed into the Pit:Pwned GigaByte - The pit of despair (nuharborsecurity.com)Voldemort (XDR) Spawns New Death Eaters (mXDR) (nuharborsecurity.com)Key Takeaways:00:00 – Title Sequence00:30 – Introduction03:18 – Term reveal05:28 – Notable changes in the last two years08:45 – Has XDR manifested itself into reality?13:49 – The history/origins of XDR17:00 – Jack’s rebuttal 21:58 – Wrap upIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 193 - Nostra-BlameUs: The 2022 Predictions Revisited
Jan 24, 202400:16:28Tap to summarizeIn honor of releasing the 2023-2024 SLED CPR, Justin and Jack take a walk down memory lane and discuss their predictions from the 2022 CPR, and how they fared in 2023. Have all 5 predictions panned out the way the duo thought, or did some fall short? Tune in to find out. Check out our annual SLED CPR. Key Takeaways:00:00 – Title sequence00:27 – Introduction to topic01:15 – Prediction 1: Back to basics04:45 – Prediction 2: Teaming up06:03 – Prediction 3: Staying on top08:30 – Prediction 4: Election-driven urgency10:27 – Prediction 5: States Will Lead Private industry to new models of securityIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 192 - It's Back! Pwned Previews the 2023-2024 SLED CPR
Jan 17, 202400:24:25Tap to summarizeIn this episode, Justin and Jack are giving a sneak preview of this year’s SLED Cybersecurity Priorities Report. It’s all fresh off the presses and the team is giving a birds-eye view of the process, focus, and conclusions that the CPR is bringing to (and from) State, Local, and Higher Education leaders.If you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →Episode 191 - Leaving 2023: Time for Defense in Breadth
Jan 10, 202400:19:55Tap to summarizeThe Pwned podcast leaps into 2024 with Justin Fimlaid and Jack Danahy talking about what they've were seeing at the end of 2023, some ideas on improving for 2024, and some new ideas around understanding more about predicting breach impact and exposure. The guys are looking at some new ideas like improving attack simulation, increasing visibility, and the potential application of new approaches like synthetic malware and attack campaigns. One of the results of a new Pwned term of art, based in a need to focus on "Defense in Breadth" over the tradition of "Defense in Depth of days gone by. All of this drives a conversation ranging from cyber insurance to the value of the next cybersecurity dollar spent.It's a great way to wrap up 2023 with Pwned and jump into the hopeful potential for 2024. Key Takeaways:00:00 – Title sequence00:24 – Introduction01:35 – Recommendations for starting out 202402:15 – One small gap can lead to catastrophe03:56 – New year, new approaches05:00 – Prediction: Synthetic Testing08:35 – Potential for better insurability and dollar spend/investment11:23 – Jack’s JIE: Justin Inspired Epiphany: Defense and Breadth13:18 – Impacts against the business during and after an attack16:25 - SummaryIf you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com.For general information, you can reach us at info@nuharborsecurity.com.If you like our content, please like, share, and subscribe! We’ll catch you on the next one.Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.Website: https://nuharborsecurity.comFacebook: https://www.facebook.com/nuharbor/Twitter: https://twitter.com/NuHarborLinkedIn: https://www.linkedin.com/company/nuharborInstagram: https://www.instagram.com/nuharborsecurity/
Transcribe →