
Loading summary
Beau Friedlander
I wrote a little song to remind you. Choice hotels get you more of the experiences you value. The Cambria Hotel's got it all. A rooftop bar.
Tal Callender
Have a bar.
Beau Friedlander
Bring a date, your squad, or even your mom. Book direct@ChoiceHotels.com
Commercial Announcer
this episode is brought to you by Fox One. Watch all 104 matches of the FIFA World cup live in 4K for just $19.99 a month, with three days free. Build your own multiview. Choose up to three streams and follow player spotlights. Stay on top of every moment with live stats, highlights, and instant replays. The FIFA World cup, streaming live on Fox One, offers a subject to change. See fox.com for complete terms and conditions.
Beau Friedlander
Have you ever cheated to win something and then found out that your opponent cheated as well? What was the game?
Tal Callender
It was a nice manipulation on Tetris game.
Beau Friedlander
That's where this episode starts. With a kid, a Tetris leaderboard, you know, like on Tetris, like, who's winning? And a grudge turned into a career.
Tal Callender
I was so upset, and I woke up the next morning and I saw that I'm no longer ranked number one.
Beau Friedlander
There was more on the line for Tal Callender, the CEO of Remedio, than just being ranked number one. There were also real prizes she could win.
Tal Callender
And I promised my parents that they will get, you know, we will get the foosball. We will get the prizes that I promised them. And usually when I promise, I. I make it happen. And when I saw that someone else won and it was never, it was, I mean, like, I didn't see his, you know, like, kind of nickname before, I was so pissed. And I said, no way. I mean, I'm the best here. Like, he must have been cheated. Like, if he cheated, I will also learn how to cheat. And that's how this journey started.
Beau Friedlander
She didn't just learn how to cheat. She hacked the back end of the game scoring database. Not the game itself, just the database behind it. And from there, she didn't stop. Prizes turned into a nickname. The kids in her neighborhood called her the female Robinhood. She made her first million dollars before she was 18, as one does if you're. I don't know if you're not me. Today, she runs a cybersecurity company called Remedio. She spent time in one of the most elite cyber units in the Israeli military. And right now, she thinks most companies maybe yours, actually, she probably thinks probably yours have absolutely no idea what's running inside their own network. And, you know, I think that Most people have no idea what's making them vulnerable. I'm Beau Friedlander and this is what the hack, the show that asks in a world where your data is everywhere, how do you stay safe online? I think, I think I want to start with something like Tal Callander of Remedio, Co founder, CEO of Remedio is a cybersecurity entrepreneur. True. A former professional hacker, also true. Who has spent her career closing the gap between identifying security risks and actually fixing them. So sounds like you're a bug hunter, but I'm guessing that's probably not how you would put it. And you have been a hacker. I guess the first thing I'm curious about as the father of daughters is the fact that you're a hacker in the first place. It's a very male world and you're not a guy. So how is that when I started.
Tal Callender
Think about it.
Beau Friedlander
Tal grew up in Israel in a neighborhood that was mostly boys playing soccer and basketball instead of, in her words, Barbies or Polly Pocket. She didn't think much about being a girl in a male dominated field until years later when her company started operating internationally. By then it was too late to stop her anyway. Right? She's already in there. But the Tetris story isn't really about Tetris. It's about what happens to someone who can't stand to lose. And what happens when the system she grew up in took that exact trait and pointed it somewhere very specific.
Tal Callender
To be honest, I saw that in a fighter pilot course before and I didn't, unfortunately didn't pass the entire course. So I would say I was a bit too, A bit, you know, I was worried, I thought that I know better than the pilot next to me and obviously he didn't like it. So after a few months I found myself going to my, to my real hobby, which became a profession which is, you know, like joining the, the some elite computer unit. And one thing really interesting that happened there is I really wanted. It's very hard for me to hear no. And when I kind of, I failed myself, you know, and I, I didn't continue. Eventually I didn't finish as a fighter pilot. What happened is that I really wanted to go back there. So I did everything I could. I became like, you know, like I got, you know, like the president certificate, like, whatever. And I did so many good things, you know, and, and all I wanted is to go back to be, you know, to finish my fighter pilot course. And when I just sent them everything, hey, look, you know, I changed. I'M okay now. They said, no, sorry, you are not going back.
Beau Friedlander
Even though she wasn't going to be a fighter pilot, she did serve in the Israeli Defense forces in the IDF's computing and communications center with Special Forces.
Tal Callender
And this is where I got my security clearance. I am passionate about what I do, but also about the military and what they do. And they kind of switch my, I would say a black hat to a white hat. And, and I started doing things, helping my country and that's where I, that's how I grew up. So, like the army pretty much made me very mature. In, in a few months.
Beau Friedlander
After her military service, Tahl went back to the private sector, although this time less, shall we say, in a legal gray area. And so when did you leave the military?
Tal Callender
After five and a half years, I, I started working for some high tech companies.
Beau Friedlander
Black Hat to, I guess, Gray Hat to White Hat. White Hat, we're going for White Hat. Same skill, same obsessive quality, same refusal to accept. No, the problem sets were different because now we're talking about cybersecurity. Now she's looking at defense, though, not offense. Hackers are looking at how to get in and security. People have the harder job because they have to imagine all the ways the hacker is going to think up.
Tal Callender
My word was finding things and to think like an attacker. But not only finding things, fixing things.
Beau Friedlander
According to IBM's most recent cost of data breach report, the average breach now costs the company $4.4 million globally and average. And in the US that number is over $10 million. The report also found something else. When companies have a lot of unauthorized ungoverned AI running around what the industry calls Shadow AI, that adds another $670,000 to the bill on average. What does that mean? Is that like, does that mean somebody's using ChatGPT when they should be using Claude or Gemini? I'm, I guess it might, but I'm guessing probably more problematic is people using AI agents, agentic AI that they've configured themselves. Because think about all the misconfigurations that can happen when some dodo is doing that and they're doing it in an environment where it has been explicitly banned. Most companies wouldn't allow it. So the stakes are real. But Tal's argument is that most companies aren't actually struggling to find the problems. I would argue they, they actually are. But the real problem is they're struggling to fix them. They knew they had this thing, there was a bug hunter told them, they knew, okay, we gotta fix it, they haven't fixed it yet. And that gap between knowing something's broken and actually closing the ticket, that's what she's trying to do.
Tal Callender
Detection is not enough. The problem today in the industry is a remediation. 100% people already see, they know it. They have too many tools that will tell them what is wrong instead of, hey, I mean, here is what is wrong, but we fix it for you. We want to fix what others only find. In very short, not only that we close the gap, but we make it safe and fast.
Beau Friedlander
So what is remediation for people who don't know?
Tal Callender
Let's say that you have a company or you work for a company that they have, I don't know, let's say whatever number of employees. One thing that the company must do is kind of running kind of penetration testing or running some vulnerability checks to see, you know, what are, what's going on within their devices, within their applications, within everything, the cloud. The problem is that those tools that I just mentioned, they are mainly focused on finding the problem. Now when you find one problem, usually it takes a lot of time to address it, but, and it can be problems that are 20 years old, but they are still here. Usually you get a very nice PDF report with hundreds, if not thousands of things that you need to fix. And one fix can take you between days, two weeks, two months. But you cannot really focus, you cannot really dedicate your team's time to fix it.
Beau Friedlander
And so the obvious conclusion is you. They just patch everything automatically auto update all the time. But it turns out that's like telling someone to just renovate their house without ever turning off the water or turning off the electricity or learning about contracting or getting a contractor or, yeah, come on, touch the wrong. Anything, I don't know, buy something before everything is decided. Do you get the picture? You can't, you can't just do that. So the idea that you can just patch something, that's really not the solution.
Tal Callender
Think about patch Tuesday of Microsoft. Every month they are trying to address like dozens of CVEs and not everyone can update all of their operating systems just in one click. They can't because they don't know what are the dependencies, they don't know what they are going to break. And sometimes they have some legacy operating system.
Beau Friedlander
When Microsoft releases a giant batch of fixes, if you have an old big system with everything connected to everything else, you know, like a Jenga tower built over 20 years, you don't know which piece you can safely pull out or replace. In other words, you. If you do something, you might be doing something that creates a new vulnerability. Choosing the wrong one could lead to something else breaking, you know, or falling. Django wise, a lot of companies are still running really old, really complicated systems. And the pieces that you put in, the pieces you take out, they're not interchangeable. These are the kind of things you can't just auto update. It's way too complex. Because what happens if the whole thing falls over? I'm sticking with the Jenga Tower. If suddenly thousands of employees can't log into their computers, that's the real deal. If banks, airports, weather services, whatever it is, are locked out hospitals, it's a huge deal, right? And all it takes is one of these crazy battles, tower of nonsensical interlocking parts that are sensical to the person who built them to fail. Because of the patch. The patch that was like oh so obvious. Just use the patch.
Tal Callender
Microsoft released another patch Tuesday. And within the patch Tuesday, there is one thing that keeps repeating itself, unfortunately, too many times. It used to be called Print Nightmare.
Beau Friedlander
Print Nightmare is a vulnerability in the part of Windows that handles printing, the print spooler. That's the process that happens before your printer starts making noise. But here's the thing. A lot of companies, they don't print anymore, right? But that service is still sitting there weirdly, dumbly, dangerously switched on on millions of computers. Like an old unlocked door nobody remembers exists. But it's there. It's just got a little dirt over it. Dig it up. The hackers know it's there. They don't need to dig it up. So instead of just boarding up that door for good, Microsoft has spent years patching it over and over. And every time someone finds a new way to pick the lock. Well, you get the picture. So what Tal does is Remedio, her company will go into a company and say they'll check every device. Now, has this one ever gotten a printer hooked up? Has anyone printed anything in the last three months? If the answer is no, get rid of the door. The vulnerability can't be used against you anymore because the thing it depends on isn't there. End of story, no risk, Nothing breaks. Problem gone. That's what she calls a quick win zero disruption remediation.
Tal Callender
So again, so anything from legacy protocols or ciphers to some misconfigured application that, you know, keeps, you know, like wide open, anything from even Microsoft Teams to Java to Claude, I don't know, like even to Adobe, okay, yeah.
Beau Friedlander
So it can Be like a. Just this, the company ciso. If they don't have one, this is really the problem. But that somebody hasn't actually closed all the doors.
Tal Callender
Yes.
Beau Friedlander
Is that. How common is that?
Unknown Speaker
Wow.
Tal Callender
100% of the time we find variety of configuration drift.
Beau Friedlander
Now, do you include in that drift user error, like human beings bring your own device and the things that come on their devices? Yes, you do. Well, then it's endless what you find.
Tal Callender
Exactly what I was about to say. It is endless.
Beau Friedlander
So that's one open door, one piece of software that nobody notices for years. But now multiply that by every laptop, every login, every old service quietly running in the background of a company with a thousand employees. That's the job. It's an endless number of doors nobody remembered to lock, a lot of them with custom things that are human shaped. Right. So all that, the principal or the configuration drift, the human error, that's the normal threat. That's what security teams have been dealing with for 20 years. What happens when the thing that finds those doors isn't a person, but something built specifically to be terrifyingly good at it? Yes. We're talking about AI so good that one AI company decided it was actually too dangerous to release something. They made you read about it. That thing has a name. It's called Mythos. And when we come back, I'll explain exactly what it is and why the US Government just forced its own creator to shut it down. In April of 2026, Anthropic, the company behind Claude, announced something unusual. They built a new model called Mythos, and instead of releasing it to the public the way they normally would, they said it was. Well, they said they wouldn't. They said it was too dangerous to release. You know, the world couldn't handle it. The responsibility, the awesome responsibility that would go with using this thing. And it wasn't because it was unsafe in some vague way. It was because it was deeply unsafe in a very known way. It turned out to be really good at finding security flaws in software. Anthropic had built a killer hacker app.
Tal Callender
AI safety and research company Anthropic now says that it cannot release its latest AI model. And it's, because it's, quote, too powerful for the public.
Beau Friedlander
The company is concerned that cybercriminals and
Tal Callender
even spies may abuse their new technology.
Beau Friedlander
In testing, it found critical, previously unknown vulnerabilities and basically every major operating system and web browser bugs that had sat there undiscovered for years, in some cases for decades. And it didn't just Find them, it could build a working exploit, an actual tool to break in, often within a day. So instead of selling access to it, Anthropic locked it down. Makes sense. Now they only gave access to a small group of trusted partners, companies like Microsoft, Google, major banks specifically, so those companies could use it to find and fix their own weaknesses before everyone else found them, you know, first. And they. They called that project Glasswing.
Commercial Announcer
Basically, every big tech company that is not OpenAI or meta is getting access to this model. But not general access, just access to do defensive cybersecurity testing. Bas to go out and harden their systems and their infrastructure and their software before the general public can get its hands on this model.
Beau Friedlander
But just a few weeks ago, the US Government issued an order forcing Anthropic to cut off access to Mythos entirely for every foreign user anywhere in the world, including Anthropic Zone employees who weren't American citizens.
News Reporter
Last Friday, the US Government did something extraordinary. It effectively forced one of America's leading artificial intelligence companies to withdraw its most advanced product from the market. Anthropic, the maker of the frontier AI model Mythos, and its commercially available cousin Fable, have been given little warning and according to reports, roughly 90 minutes to comply.
Beau Friedlander
Now, I personally, don't you think they should just. Nobody should be using it, period. Or I guess I can see why they. But who gets to use it? That's like deciding who gets, you know, the antidote for poison when everybody in a group has been bitten by the same snake. The government stated reason was that it's a national security concern, something to do with the way of getting around model safety restrictions. Anthropic pushed back and says that they believe this is a misunderstanding, right? That the same capabilities that government is worried about are already available for other AI models that aren't restricted at all.
News Reporter
The administration's concerns are not frivolous. Anthropic appears to have made real mistakes. A Washington Post report suggested that it expanded access to Mythos beyond what officials believed had been approved and moved too slowly. In responding to concerns about who was being allowed to use it, intelligence agencies reportedly favored a tougher approach. But that is precisely why process matters. Senior administration officials have repeatedly criticized the company, saying it was woke and hired too many Democrats. President Trump has publicly mocked the company.
Beau Friedlander
As of now, anyway. As I sit here recording my voice, the fight is still playing out.
Tal Callender
Even before method, you have the Opus 4.6, and then you have methods, and then you have other things. So they found like 170 vulnerabilities in Firefox or something like that. The CTO of Firefox, you know, he took a look and they fixed it eventually. But he took a look and said, oh, nothing is really too sophisticated. I mean, like, if we had, like, a few people running the pt. I mean, nothing that a human being cannot find. And I'm like, dude, is that really your answer? I mean, no. Your answer should be like, no, that's great. We have something that, you know, like, as a machine, speed finding us the issues, and who cares if it is someone that a human being can find or not? So everyone cares if you fix it, I mean, on time, and you don't, you know, like. And you don't want to keep it, I mean, like, already vulnerable.
Beau Friedlander
Why do you think that was his take? Why do you think that was his take about, you know, humans could have found it?
Tal Callender
Because he wanted to say that probably any scanner is still not advanced enough to think, like, not like a human. Okay. Like, to be even superior than. Than a human being. That's. That's what I believe.
Beau Friedlander
Like, you think he was saying, like, that human threat actors are still the real concern?
Tal Callender
Yeah, he kind of. He says, okay, like, it's still. And, And. And don't get me wrong, I mean, today, using AI, Wow. I mean, like, instead of, you know, like, sitting in a network for then wait, you know, for a month, for years, I can do it now in hours, days, or weeks. Like, that's what I can do in order to get all of my information. But I didn't like his approach to, you know, like, kind of comparison of the findings that it's like, you know, like, human can find it. I mean, like, who cares?
Beau Friedlander
So her theory is that a human could have found this response, and it's less about the facts and the finding and more about the kind of professional reflex not wanting to concede that something automated just outpaced a team of specialists. And whether or not that's a fair read of their motivations, I think the broader point survives the disagreement. The question, could a person have found this is the wrong question to be asking. The right question is, how fast did we fix it? That's Tal's question. Right? That's the mission. If AI can find all of these vulnerabilities that need to be fixed, obviously AI can hack those very same things. And we are now in a world where we have to assume that Anthropic is not the only one with a killer app.
Tal Callender
Correct. And let me tell you something even more. You know, that should Raise some concerns when you install claude. I mean, even if you are not going to code, okay, even you install CLAUDE to use the chat, okay, when you install by default code, the default setting of CLAUDE are not secure. They don't use the sandbox. They have a world readable permission to their state directory. They have like, if you want, you can enable easily the cowork without any limitations. There is no restrictions on the plugins and the permissions and so many things that comes by default. It's not only claude, it's also for Codex. The problem that happen is that people are. People just want to do things right and then they just install and then they just do something and no one understands the implications and no one understands that if you have one device that has AI misconfiguration, it is way more severe than you have a regular misconfiguration. Because AI misconfiguration can exponentially grow. I mean, in every attack. Every attack in the world involves configuration drift. Every attack in the world, it maybe doesn't start with the configuration, but it evolves it, it involves it. So AI can definitely go to a monster that you do not have any, any, any controls.
Beau Friedlander
I want to be precise about what Tal is describing because AI misconfiguration can sound abstract, but it's not. It's the same print spooler problem from before a setting no one checked. But the difference I guess is that this unchecked thing now has the ability to take actions on its own. So while no one's looking, things may be happening. Files can be read, code can be run, plugins installed. The blast radius of one bad default isn't just one open door or a blown open door. Right. It's a world with no doors. I think a lot of employers would be shocked to know how many of their employees, especially the remote employees, are creating where they're on their own. WI fi are creating agents to do their work. What have you found in that score?
Tal Callender
Whether it is a very strict location, it's not as easy okay to do it. Obviously startups, you know, like smaller companies. Yes. Whether it is bigger companies, they have their own limitation. Usually the device that they use, the work device is very hardened. And here is the. But usually the browser is not as hardened and by default you can do so many things on the browser that just get the permissions on your device completely. And I say the sky is not the limit, is the starting point right now. You know, like to, to do anything you want. And most of the applications are already in the browser, you know, so you can just control other applications with browser with AI.
Beau Friedlander
In March of 2026, a piece of widely used open source software called Light LLM. It's a tool that routes traffic between different AI providers. It's the plumbing that sits between an app and whatever model it's using that software. Light LLM. Okay, it was bound to happen, right? It was compromised for about 40 minutes. Anyone who installed or updated during that window pulled down code with a built in credential stealer. That's a hack capable of grabbing cloud keys, SSH access, even moving laterally inside company networks. Okay, that's the nightmare. And if you don't know what any of those abbreviations or terms or words are, it just means that for 40 minutes there was a skeleton key kind of. Because Light LLM sits underneath so much AI infrastructure, I think reportedly something like tens of millions of downloads a month. The damage wasn't contained to one company, at least one organization. A company called Merkur, later confirmed that they were affected with reports of data being stolen and an extortion attempt that followed. A lot of companies will say you can use Gemini, but you can't use OpenAI or you can't ChatGPT, or you can use Claude, you know, but they're mutually exclusive or they'll just buy a contract, an enterprise contract with one of them. But people are using the other stuff on the side. Isn't that a problem?
Tal Callender
Yeah, exactly. It's not only the Gemini, it's not only the Claude, and it's not only whatever the Microsoft Teams of complexity. Complexity, yeah, it's way more than that. It's like people write their own agents. People use LLMs that might be malicious LLMs. People have their MCPs and people don't understand right now what's going on. It's kind of in front of them, but not in front of them because they have no idea what to do with it and some cannot even see it. So it's bigger than I have Claude, I allow Gemini, I do this. No, it's bigger than that.
Beau Friedlander
In front of them, but not in front of them. I guess the risks are not hidden in some sophisticated, undetectable way. Most companies don't have visibility to see what's already sitting right there in their own system. So when a company tells you that they've locked all this down tal, do you believe them?
Tal Callender
They are trying to limit as much as they can. I mean, for example, I have a company that says, yeah, I completely blocked anything that is not Microsoft Teams and Then we saw that they have too many clothes and a few open clothes in their environment. Then no, what do you mean? I completely closed it and know that you didn't. I mean not only that it's there, it's very active. So people think that they have control. But there aren't as many solutions today that not only will tell you what is it that you have, but will take control over those.
Beau Friedlander
And it's the same problem. It's, it's not just about a bad policy, it's a, it's just knowing whether your policy is true. You know, you can say we don't allow this or this never happens. But like is that true? So that's the threat configuration drift, shadow AI agents no one approved. Which raises the obvious question, why not lock it all down? Ban personal devices. Sorry, I know this sounds extreme, but just from a security point of view, ban personal devices. Problem solved, right? Nope. There's a reason most companies don't do that and it's not because they don't care. What's the resistance you run up against when you make these kinds of suggestions to them?
Tal Callender
So it depends what levels of control we are talking about. So some companies would say we don't allow even to bring your own device. I mean it's okay to connect with the phone only with, only on the allow list apps that we approved and we are open to phones which is probably like email, Slack and they are very strict on the end user device that they get.
Beau Friedlander
Okay, yeah, you picture something like the television show severance, right. Where they, you know, everything stays in a locker, they go in an elevator, they're in a different space, it's completely clean.
Tal Callender
Yes. I mean again they think it is clean until they get a different, you know, until they see that isn't that it is not. So, so some companies would say yes, this is what you are allowed to use. I mean like some companies are not even allow people to use let's say Android. They only allow iPhone because they checked everything against iPhone and for them iPhone is okay. And some companies they say no, you get everything from you. You get a phone, you get a laptop and you only deal with this with these two devices. That's all. So it changes from one company to another. I have to tell you, like that's, that's the reality.
Beau Friedlander
But when you get a true believer and they say okay Tal, I want to make ours, make us as hard to hit as possible. We are developing a new kind of satellite that runs on kidney beans and we don't Want anyone to find out first. So we need to be, you know, completely, completely secure. And you say, okay, great, you have to buy all new tech and here's the devices that you need to buy and it's going to cost you X amount. Do the true believers just do it or do they push back?
Tal Callender
It is always down to does it worth it? You know, like I pay X, but is it kind of worth it? You know, like what happens exactly? Like if I got, you know, attacked or breached, like, I'm going to pay 10x, I'm going to pay the same X. And it's all about, it's all about risk, all the time risk calculation. And to be honest, some of them like specific, I would say defense or things that people that are developed something that is super important. Like if we'll take health care, for example. Unfortunately they don't have extra money, right? So I mean they don't, they don't have enough stuff, they don't have enough money. So they will probably will not do it, right? You're doing, you're talking about also state, local, so you're talking about specific organizations, maybe about specific tech, maybe about specific financial, maybe about specific defense. So these companies are a bit more open. Some companies already do it, right? Like, and they, and the people that are not, or they are trying to have their own air gap, you know, like network. It comes to a question of risk all the time. Like, is it worth it? That's all.
Beau Friedlander
Risk calculation. Okay, I know it sounds dull, but I think this is kind of interesting. Is it, Is it worth it? That's a whole industry really reduced to one quiet math problem that happens in a boardroom somewhere, completely invisible to the rest of us. But that calculation only works if you can actually put a number on both sides of it and then make a decision. And even then, like, you kind of suck, right? I mean, think about it. That's sort of a sucky thing anyway. Cost of a lockdown, that's easy. That's a line item, that's a vendor quote. Cost of not doing it, That's a guess, an average maybe. But there is a third variable in that equation that doesn't show up on a spreadsheet at all. Because you can buy every device, you can lock down every phone air gap, every network you want, and none of it matters if the breach doesn't come through one of those many open doors. If it comes through a person, somebody already inside, you still lose.
Tal Callender
At the end of the day, people have money, okay? And if you just try to buy them with something. They can do so many awful things even they can even sell their family just to do something, to get money. And that's a problem. Some of them are soldiers in the intelligence process and they got money from Iran to do some stupid stuff like, you know, like sending them to spy. Yeah. But again, even today the most sophisticated eventually attacks. I mean despite the fact that they involve misconfiguration, they also involve insiders. And that's when we go back to, you know, I mean I don't want the world to be eventually full of robots and that they will replace us. I believe that. I mean, I don't think that the world is going to any, any place that is good so far. I mean from what we all see, I mean again like it's, it's not something that will, will be ending soon. But the robots, I don't want them to replace us, you know, anytime soon. But I, I, I mean it's not what I see. There is always pluses and minuses and if you want to be really good in attacking places, whether it is country versus country, whether it is, you know, group of individuals and going, I mean towards something bigger. But most probably they will use someone and they will gather enough information in order to get, you know, you, me, I mean anyone else, you know, someone that they really want to, I mean like their target, you see it unfortunately.
Beau Friedlander
So what are the chances that a big hacking syndicate or state sponsored hacking operation has not already tried to infiltrate Anthropic and OpenAI and all the rest of them to try and get an insider who's on their payroll giving them information? What are the chances? Not already happening?
Tal Callender
No, it happened, it happened, it happened. I mean 100%, I mean 100%. Like, and of course China is trying to mimic their own on topic. Like for sure. Like it's, yeah, it happens. I can.
Beau Friedlander
So you have spies that are getting paid $500,000 a year plus whatever they're getting to spy.
Tal Callender
I mean I'm pretty sure it's, yeah, I'm pretty sure it happens. Like, I mean I would be surprised if it wasn't. Yeah, but it's, yeah, it's naive and,
Beau Friedlander
and the funny thing is they're, they're getting, all of these places are recruiting people that are very, very, very skilled, intelligent, high functioning people and that's exactly who also usually turns coat and becomes a spy.
Tal Callender
Yeah. And maybe it's not, maybe people are not talking about it enough, but it happens. And it happens. Unfortunately. Yeah, I would say more Often than we think.
Beau Friedlander
Every other angle we've talked about in this episode, the misconfigured print spooler, the insecure default settings, the AI LLM no one approved, the agentic AI, even the Tetris database. Those are all, in theory, fixable things. You write better defaults, you write better code, you build better visibility tools, you close the gap, like Tal does for a living. But you can't patch a person who's decided the money's worth it. You can't say, oh, sorry, hackers, no more hacking. Hackers, stop hacking. You can't. It's not going. That's not the way the world works. And that is finally the big problem here. Tal, thank you so much for joining me today. I really appreciate your insights and we look forward to having you back.
Tal Callender
Thank you so, so much for having me.
Beau Friedlander
Now it's time for our tin foil swan, our paranoid takeaway to keep you safe on and offline. I'm going to say something that is just deeply unpopular, but here it is. If you're using an LLM at work, if you're using Claude or. I didn't say it first because I think it's best. I just said it first because, like, because whatever. I'm not going to say anything else about it. ChatGPT, perplexity, Gemini. If you're using any of these, well, are they the ones that your company has approved? Because if they're not the ones that your company has approved, then I'm going to make a radical suggestion, and that is stop. Stop doing it now. Even if they are the ones that your company's approved. I want you to do the basic stuff, okay? I want you to make sure that the AI platform is not using your content to train on. And most likely, most likely your CISO has already figured that one out for you. But regardless, if you're a smaller company, that may not be the case, and here's why. Because you're going to be putting sensitive information into it and, and, and you have no visibility into what, what's happening with it. So just, if you can go in incognito mode or ghost mode or whatever it's called, do that. And absolutely 100% always make sure it's not training on your data. That's it. Thanks for listening. Stay safe out there and see you next week. What the hack is produced by Beau Friedlander. That's me and Andrew Steven, who also edits the show. What the hack is brought to you by Deleteme. Deleteme makes it quick and easy and safe to remove your personal data online and was recently named the number one pick by a New York Times wirecutter for personal information removal. You can learn more about Deleteme if you go to joindeleteme.com wth that's joindeleteme.com WTH and if you sign up there on that landing page, you will get a 20% discount. I kid you not, a 20% discount. So yes, color me fishing, but it's worth it.
Bill Kerr
From artificial intelligence to the gig economy to global volatility, the economy is changing at a dizzying pace. Enter the Managing the Future of Work Podcast, the chart topping and critically acclaimed podcast from Harvard Business School. Hosted by me, Bill Kerr and by Managing the Future of Work project Co chair Joe Fuller, this show explores technology trends, demographic changes, the rise of the care economy, and many other forces transforming the landscape of work. We'll highlight the insights of business leaders, technologists and experts like Business Roundtable's Kristen Silberg on corporate workforce strategy and Khan Academy founder sal Khan on AI education and the future of work. With more than two and a half million downloads and close to 300 episodes, there is something for everyone. Follow HBS Managing the Future of Work on Apple Podcasts, Spotify or wherever you're listening now.
Unknown Speaker
Have you ever wondered why Reese Witherspoon founded hello Sunshine? Or where Kevin o' Leary got his start? Or even how Alex Earle became the most accessible founder to someone who may not even consider this space? Enter the Founder Mindset, a new podcast from Harvard Business School Foundry hosted by me, Reza Satchew. As a leading educator in entrepreneurship, I've built multiple high profile companies and mentored thousands of students and founders through the realities of starting and scaling ventures. And with the Founder Mindset, I'm sharing those lessons with you by sitting down with world class entrepreneurs including Witherspoon, o' Leary and Earl plus Tim Ferriss and many more to break down exactly how they commit, decide and build for impact. These aren't surface level interviews. Each episode I challenge my guests to revisit their toughest moments, their boldest decisions, and the mindset that carried them through. Follow the Founder Mindset wherever you get your podcasts.
Title: Fighter Pilot Cadet Turned Hacker, She Keeps Us Safe
Release Date: June 30, 2026
Host: Beau Friedlander
Guest: Tal Callender, Co-Founder & CEO of Remedio
In this episode of "What the Hack?", host Beau Friedlander sits down with Tal Callender, CEO of cybersecurity firm Remedio and former member of elite Israeli military cyber units. The discussion traces her journey from a competitive, Tetris-obsessed child who hacked her way to the top, through her military service, to being a leader in the cyber defense world. Key themes include the challenges of remediation in security, the evolving threats posed by AI (especially agentic AI), the persistence of human error, and the looming risk of insider threats.
On Remediation:
“We want to fix what others only find. In very short, not only that we close the gap, but we make it safe and fast.”
— Tal Callender [09:23]
On Shadow AI and Misconfiguration:
"If you have one device that has AI misconfiguration, it is way more severe than [if] you have a regular misconfiguration. Because AI misconfiguration can exponentially grow."
— Tal Callender [25:41]
On Insider Risk:
"You can't patch a person who's decided the money's worth it."
— Beau Friedlander [39:58]
On AI’s Security Arms Race:
"If AI can find all of these vulnerabilities that need to be fixed, obviously AI can hack those very same things."
— Beau Friedlander [23:22]
Beau’s Paranoid Takeaway ("Tin Foil Swan"):
The conversation balances technical acumen with accessible anecdotes, relatable metaphors (the "Jenga tower"), and a self-aware, slightly irreverent tone that keeps the discussion engaging even as it addresses sobering realities.
This summary covers the complete content of the episode, skipping commercials, intros, and outros.