
Hosted by Hunter Strategy · EN

Cyber warfare is often misunderstood and this episode explains why it’s usually a supporting act rather than the main event in modern conflict. Jake Williams and Bryson Bort break down how cyber operations differ from kinetic warfare, why attribution and battle damage assessment are so difficult, and why political and strategic limits often matter more than the technology itself. You’ll also hear how adversaries use low-cost, scalable cyber campaigns to create disruption without triggering direct escalation. Overall, it’s a sharp look at how cyber tactics are reshaping future warfare and global security.Episode Chapters: 00:00 Introduction to Cyber Warfare05:16 The Role of Cyber in Modern Warfare07:51 Stuxnet: A Case Study in Cyber Warfare10:52 Legal Definitions and Warfare16:17 The Complexity of Cyber Operations17:50 Investment in Cyber Capabilities22:10 The Future of Cyber Warfare27:06 Ethics and Cyber Warfare33:51 Predictions for Future Conflicts41:30 Educating on Cyber Warfare

Cybersecurity Challenges in Internet of Things (IoT) DevicesIoT isn't just smart bulbs and garage door openers, it's the badge scanner at your office door, the sensors on a wind turbine, the x-ray machine at your hospital, and the PLC system running a manufacturing floor. The attack surface is enormous, and most of it was never built with security in mind.In this episode, host Matt Triner sits down with Adeel Chohan, Head of Data & AI at Provectus, to unpack why IoT security is so hard to get right and why it keeps getting harder. They dig into device procurement gaps, firmware vulnerabilities, the challenges of securing brownfield infrastructure, and why security is almost always the last conversation in an IoT deployment, not the first.From power grids to hospital networks to factory floors, Adeel and Matt explore what it actually takes to secure environments where connected devices outnumber the people managing them - and why legacy perimeter defenses aren't built for this reality.You can't protect what you can't see.Episode Chapters:00:00 Introduction to IoT Device Security02:47 The Broad Scope of IoT Devices05:35 Unique Considerations for Securing IoT Devices09:56 Challenges in Implementing Security Measures for IoT Devices23:27 The Role of Cloud Providers in Enabling and Securing IoT Devices26:49 The Challenge of IoT Cybersecurity and the Need for Standardization27:42 From Point-to-Point Solutions to Standardized Device Management31:05 The Trade-Offs Between Proprietary and Standardized Protocols42:01 The Role of Regulation in Ensuring IoT Security44:27 The Impact of Decreasing Sensor Costs on IoT Security46:33 The Mindset Shift Towards Prioritizing IoT Security49:06 The Future of IoT Security: Regulations, Collaboration, and AI

Unlock the future of cybersecurity in the Department of Defense with insights on the latest tools, frameworks, and strategies transforming network monitoring. Most agencies are still relying on outdated processes—are you prepared for the shift toward automated, real-time risk assessments? In this episode, Dan Beller, Director of Cloud Solutions at Hunter Strategy, and Chris Sowards, GRC expert, reveal how cutting-edge innovations like OSCAL, cloud-native integrations, and advanced vulnerability scanning are revolutionizing continuous monitoring for defense networks.Episode Chapters: 00:00 Introduction to Continuous Monitoring and Risk Assessment02:05 Continuous Monitoring and the ATO Process03:23 Continuous Monitoring and System Modifications06:15 Evolution of Continuous Monitoring08:45 Assessment and Compliance in Continuous Monitoring12:44 Tooling and Automation in Continuous Monitoring16:04 Future Trends in Continuous Monitoring19:04 Building Trust and Relationships19:43 Challenges in Generating Artifacts20:29 Automating ATO Process22:48 GRC as a Gateway into Cybersecurity24:00 The Value of GRC Professionals24:29 The Importance of GRC in Software Development25:51 The Need for Improved Tooling27:08 The Role of OSCAL in Trusting Tooling28:31 Tools for Managing Disparate Scanning Results29:52 The Challenge of Limited Authorizations30:51 Collaboration and Human Readability in OSCAL34:07 The Need for Connected Governance36:27 Measuring the Success of Continuous Monitoring

Most organizations overlook the secret ingredient to cybersecurity success: culture. In this eye-opening episode, cybersecurity veterans Russell Eubanks and AJ King reveal how building a strong security culture isn’t just good practice, it's essential. They share powerful stories demonstrating what a thriving security culture looks like and how it can prevent costly breaches. Discover why aligning mindsets and fostering collaboration across teams can transform security from a challenge into a strategic advantage. Perfect for leaders eager to embed security into their organization's DNA, this conversation offers proven strategies to transform your mindset—and your defenses.00:00 Introduction to Security Culture02:27 The Importance of Culture in Cybersecurity05:19 Examples of Good and Bad Security Culture11:01 Comparing Security Cultures Across Organizations18:35 Common Pitfalls in Enhancing Security Culture21:58 Integrating Security into Organizational Culture23:45 The Role of Non-Security Management26:35 Empowering All Employees in Security29:28 Phishing Exercises: A Double-Edged Sword38:25 Key Takeaways for Executives and Non-Executives

In this episode of "This is Fine," AJ King, Alex Sharpe, and Jake Williams delve into the complexities of the Zero Trust framework and its overlay against NIST 800-53 R5. They explore the philosophical and practical aspects of Zero Trust, emphasizing its role in modern cybersecurity. The discussion highlights the challenges and strategies for implementing Zero Trust, particularly in government and commercial sectors. The episode concludes with insights on how organizations can approach Zero Trust as an evolving mindset rather than a fixed goal.Episode Chapters: 00:00 Introduction to Zero Trust and NIST 800-5305:37 Challenges in Implementing Zero Trust11:18 The Role of Identity in Zero Trust17:11 The Evolution of Zero Trust22:29 Final Thoughts on Zero Trust Implementation

In this episode of This is Fine, cybersecurity experts AJ King, Joshua Marpet, and Jake Williams dive into the complexities of pen testing. They explore why standardization is crucial for effective testing and how misconceptions can lead to security gaps. Discover the importance of proper scoping to focus on high-impact areas and why a pen test should simulate real attack scenarios. This discussion is essential for security leaders aiming to enhance their testing programs and communicate value across teams. Learn how to turn pen testing into a strategic security pillar and make smarter cybersecurity investments.00:00 Introduction to Pen Testing and Cybersecurity Experts02:02 Common Misconceptions About Pen Testing07:35 The Need for Standardization in Pen Testing10:49 Defining Pen Testing: Dimensions and Attributes16:51 The Role of Compliance in Pen Testing21:57 The Impact of Breaches on Shareholder Value23:15 The Impact of Cyber Insurance on Business Operations25:59 Understanding the Role of CISOs in Cybersecurity27:34 Challenges in Scoping Penetration Tests30:38 The Importance of Standards in Cybersecurity33:33 Regulatory Environment and Its Influence on Cybersecurity36:23 The Role of Regulation in Cybersecurity Standards39:14 Defining Objectives for Effective Penetration Testing41:31 Maximizing Value from Penetration Testing Budgets

Most organizations dramatically underestimate how quickly offensive cyber techniques evolve—and how crucial stealth and rapid detection truly are. In this episode, Jake Williams, a cybersecurity veteran, joins Hunter Strategy’s AJ King and Jordan Lazo to expose the real tactics behind cyber warfare—and how your organization can keep pace. Discover why the myth of complex, Hollywood-style attacks is just that, and why most breaches happen through simple social engineering or widespread credential theft. Tune in now to master the art of cyber resilience in a hostile digital landscape—because in cyber warfare, the winners are those who adapt first.Episode Chapters: 00:00 Introduction to Cybersecurity and Nation-State Threats04:46 The Rise of Zero-Day Exploits12:23 Common Misconceptions in Offensive Cyber Operations18:15 The Reality of Cyber Attacks25:33 Public-Private Collaboration in Cybersecurity30:15 Staying Ahead in Offensive Operations

Most organizations overlook a simple truth that could save them millions: understanding when and how to choose between monolithic, modulithic, and microservices architectures. This episode reveals a practical framework to make those calls confidently, impacting security, scalability, and team throughput. Greg Vanore and Scott Hiland break down these concepts with relatable analogies, offering clarity and tactical guidance. Perfect for tech leaders and practitioners, it turns complex concepts into clear actions to transform your organization’s tech strategy today.Episode Chapters: 00:00 Introduction to Software Architectures02:23 Understanding Monolithic, Modulithic, and Microservices05:15 Complexity and Scaling in Software Development08:12 The Role of Data in Architecture Decisions11:17 Bridging the Gap Between Business and Technical Teams14:10 Maintenance and Security in Software Systems17:09 Defining Monolithic vs. Modulithic Architectures23:51 Building API Specifications for Business Needs26:27 Microservices: When and Why?28:04 The Role of Technical Debt in Architecture30:32 Hype-Driven Development vs. Real Business Needs32:34 The Evolution of DevOps Tooling37:21 Testing Strategies in Modern Development41:47 Aligning Technology with Business Goals47:08 Sustainability of Technology Solutions

Unlock the secrets of securing government systems in the cloud and avoid costly pitfalls with guests Dan Beller and Michael Christopherson. Discover insider strategies for seamless, compliant, and secure cloud migration. Learn the subtle differences between commercial clouds and GovCloud environments, and why they matter for your project's security. Perfect for government IT leaders and cloud architects, this episode is your essential guide to a smarter, safer, and more compliant GovCloud journey.Episode Chapters: 00:00 Introduction to GovCloud and Its Importance00:55 Understanding GovCloud: Definition and Characteristics03:17 The Need for GovCloud: Security and Compliance06:12 Practical Differences Between GovCloud and Commercial Cloud07:27 Challenges in Implementing GovCloud Solutions09:07 Navigating the Complexities of GovCloud Services12:23 Service Availability and Documentation in GovCloud18:51 The Evolution of Cloud Migration Strategies29:04 Best Practices for Transitioning to GovCloud

In this episode of "This is Fine," we dive into the complexities of time management in software, infrastructure, and security. We explore how time zones, political changes, and system synchronization impact software development and security operations. The discussion highlights the challenges of maintaining consistent time across distributed systems and the importance of using standardized time protocols like UTC. The episode also touches on historical and cultural aspects of timekeeping, illustrating the intricate relationship between time and technology.Episode Chapters: 00:00 Introduction to Time in Software04:30 The Importance of Synchronized Time09:12 Challenges in Distributed Systems15:34 Understanding Unix Time and Its Implications24:04 Real-World Examples of Time Failures27:33 Best Practices for Managing Time in Software