Episodes

  • Dave DeWalt on how to get a board to buy in on cybersecurity

    Dave DeWalt on how to get a board to buy in on cybersecurity
    Aug 21 2025
    In this episode of Safe Mode, host Greg Otto talks with Dave DeWalt, founder and CEO of NightDragon, about advising boards and portfolio companies on making cyber a first-order business issue, not an afterthought. We’ll explore how emerging technologies and remote work reshape risk profiles, when a CISO belongs in the board conversation—or even in a board seat—and what training and metrics actually move the needle across non-technical teams. We’ll also unpack how to motivate leaders outside of IT to own cyber risk, the structures that drive enterprise-wide accountability, and what information boards should demand to ensure the right risks are being prioritized. From calibrating cyber risk appetite in shifting threat environments to staying ahead of evolving regulations across sectors like power and aviation, we’ll get practical on governance and disclosure. In our reporter chat, Greg talks with Derek Johnson about the president’s possible push to end mail-in voting, and why the efforts are dead on arrival.
    Show More Show Less
    31 mins
  • Are enterprises having the right AI security conversations?

    Are enterprises having the right AI security conversations?
    Aug 14 2025
    In this episode of Safe Mode, host Greg Otto sits down with Chris Sestito, CEO of HiddenLayer Technologies, to discuss the evolving landscape of AI security and where current protection strategies are falling short. Sestito shares insights on how leading enterprises are rethinking their approach to AI asset protection, reveals real-world examples where traditional security measures failed against AI-specific threats, and explains the unique vulnerabilities that conventional cybersecurity tools struggle to address. The conversation explores the tension between rapid AI innovation and regulatory frameworks, with Sestito offering his perspective on what smarter, more adaptive AI regulation should look like and how policymakers can balance innovation with robust security protections. Don't miss this deep dive into the future of AI security, insider threats in AI-driven workplaces, and Sestito's top recommendations for government regulators crafting new AI security laws In our reporter chat, Greg talks with Tim Starks about what the federal government is doing to meet the demands put forth in President Trump’s cybersecurity executive order.
    Show More Show Less
    46 mins
  • What is CISA’s focus moving forward

    What is CISA’s focus moving forward
    Aug 7 2025
    On this episode of Safe Mode, Greg Otto sits with two CISA leaders, Chris Butera, Acting Executive Assistant Director for CISA’s Cybersecurity Division, and Bob Costello, CIO of CISA, at the 2025 Black Hat USA Conference to discuss numerous different topics: the recent Microsoft Sharepoint vulnerability, the upcoming CIRCIA rulemaking, the future of the JCDC, state and local cyber grants, and the emphasis they are placing to strengthening public-private partnerships. In our reporter chat, Greg talks with Matt Kapko about what they both heard during their conversations at the Black Hat conference.
    Show More Show Less
    34 mins
  • Inside the AI Action Plan with Dreadnode’s Daria Bahrami

    Inside the AI Action Plan with Dreadnode’s Daria Bahrami
    Jul 31 2025
    On this episode of Safe Mode, host Greg Otto sits down with Daria Bahrami, Head of Policy at Dreadnode, for an in-depth exploration of the new AI Action Plan and its sweeping implications for critical infrastructure security. From the technical hurdles in securing vital systems to the growing need for “secure-by-design” technology standards, Daria breaks down what’s at stake as artificial intelligence becomes both a linchpin and a potential liability in our national cyber defenses. In our reporter chat, Greg talks with Tim Starks about the motion on Capitol Hill to confirm CISA Director nominee Sean Plankey.
    Show More Show Less
    33 mins
  • NetRise’s Tom Pace on why telecom’s Salt Typhoon problem may never go away

    NetRise’s Tom Pace on why telecom’s Salt Typhoon problem may never go away
    Jul 24 2025
    In this episode of Safe Mode, Greg talks with Tom Pace, CEO of Netrise, about the recent Salt Typhoon cyberattack against U.S. telecom networks and how the government is responding. Tom explains why it’s so hard to fully protect or fix these giant, complex systems, even when officials say they have stopped the threat. He points out the tough choices telecom companies face—like keeping service running, following regulations, and fixing security gaps—which don’t always work together. The conversation also covers problems with current rules and why spending more money isn’t always the answer. Listen for a straightforward discussion about what it will really take to keep our communication networks safe.
    Show More Show Less
    31 mins
  • Kemba Walden and Devin Lynch on securing the AI Stack

    Kemba Walden and Devin Lynch on securing the AI Stack
    Jul 17 2025
    Greg is joined in studio with Kemba Walden and Devin Lynch from the Paladin Global Institute about securing the future of AI. They break down the multilayered AI technology stack and highlight where systems are most at risk—from data poisoning to adversarial model extraction. We discuss the adequacy of today’s security standards, the evolving responsibilities of cloud providers, and the ethical challenges facing policymakers in an era of rapid AI adoption. Tune in for practical insights on best practices, global cooperation, and the next wave of threats and opportunities as AI shapes critical infrastructure worldwide.
    Show More Show Less
    1 hr and 7 mins
  • Valence Security’s Yoni Shohet on the growing risk tied to SaaS applications

    Valence Security’s Yoni Shohet on the growing risk tied to SaaS applications
    Jul 10 2025
    Greg is joined in studio with Kemba Walden and Devin Lynch from the Paladin Global Institute about securing the future of AI. They break down the multilayered AI technology stack and highlight where systems are most at risk—from data poisoning to adversarial model extraction. We discuss the adequacy of today’s security standards, the evolving responsibilities of cloud providers, and the ethical challenges facing policymakers in an era of rapid AI adoption. Tune in for practical insights on best practices, global cooperation, and the next wave of threats and opportunities as AI shapes critical infrastructure worldwide. Michael Saintcross, Senior Director for Defense and Intelligence Community Business at Optiv + ClearShark, joins SNG host Wyatt Kash in a sponsored podcast discussion on why agencies must pivot from traditional ICAM strategies to solutions that offer granular control and "zero standing privilege" to defuse advanced threats. This segment was sponsored by Optiv + ClearShark.
    Show More Show Less
    34 mins
  • Intel471’s Will Dixon goes behind the scenes on the DanaBot takedown

    Intel471’s Will Dixon goes behind the scenes on the DanaBot takedown
    Jul 3 2025
    This week, Greg talks to Will Dixon, Senior Intelligence Collection Manager for Intel471, about the lifecycle and takedown of DanaBot — one of the most notorious malware-as-a-service (MaaS) platforms of the last decade. We'll explore how DanaBot transformed from a banking trojan into a full-featured MaaS tool, capable of serving both criminal enterprises and espionage operations. Will shares insights on its technical evolution, how it became a vital cog in the Initial Access Broker (IAB) ecosystem, and the anti-forensic tricks that kept detection teams on their toes. We'll also dig into the broader impact on the cybercrime underground: How did DanaBot’s productization and subscription model reshape the MaaS and IAB economies? Has its downfall changed how actors maintain operational security, or blurred the lines between crimeware and espionage tools? This episode is perfect for anyone interested in the inside story of a leading-edge cybercrime operation and global enforcement campaign.
    Show More Show Less
    33 mins