Episode 14 of the Distilled Security Podcast is here! This week, the team welcomes guest John Zeolla , a cybersecurity expert and AI enthusiast, for a deep dive into the risks, realities, and potential of artificial intelligence. Topics include: Shadow AI in the Enterprise : Why business leaders are adopting AI faster than CISOs can assess the risks—and how features are outpacing controls. Third-Party AI Risk : Understanding vendor integrations with ChatGPT and others, and how contracts alone ca...
Jul 08, 2025•1 hr 23 min•Ep. 14
Episode 13 of the Distilled Security Podcast is here! Join us as we explore: The Coinbase Breach : A breakdown of Coinbase’s recent insider-driven breach, including social engineering, bribery of offshore contractors, and how the company responded publicly and operationally. Building Insider Threat Programs : The crew shares practical approaches to detecting insider misuse, behavioral monitoring, and the potential for "job descriptions as code." CISO Liability and Insurance : Discussion on the e...
Jun 13, 2025•1 hr 23 min•Ep. 13
Join us as we reflect on: One Year of Podcasting : The crew celebrates a full year of episodes, favorite topics, behind-the-scenes production, and where the show is headed next—including a new studio setup and future sponsors. Audit Quality and Risk : A deep dive into the evolution of cybersecurity audits, the growing influence of low-cost providers, and what actually makes an audit valuable and trustworthy. Third-Party Risk Management : How companies can assess vendor SOC 2 reports, triage risk...
May 02, 2025•1 hr 38 min•Ep. 12
Episode 11 of the Distilled Security Podcast is here! Join us as we cover: Signal, Encrypted Messaging, and Corporate Policy: A deep dive into the use of Signal in sensitive discussions—including a political mishap—and the implications for corporate communication policies, discovery, and compliance. Oracle Cloud Breach Allegations: Evaluating breach claims, early response tactics, and the value of proactive key and credential rotation. DNA Data, 23andMe, and Privacy Concerns: With 23andMe filing...
Apr 14, 2025•1 hr 30 min•Ep. 11
Episode 10 of the Distilled Security Podcast is here! Join us as we explore: Security in Times of Budget Cuts: How organizations can navigate layoffs and reduced funding while maintaining a strong security posture. The Cybersecurity Talent Shortage: Why security hiring remains challenging, the need for apprenticeship models, and how organizations can develop internal talent pipelines. BSides Pittsburgh: Put this on your calendar and submit talks. Cyber Crisis Readiness: The importance of C-suite...
Mar 12, 2025•1 hr 34 min•Ep. 10
Episode 9 of the Distilled Security Podcast is here! Join us as we explore: Security on a Budget: How teams can optimize tools, manage resource constraints, and build an effective security strategy with limited funding. AI and Efficiency: The impact of AI on job performance, along with the risks of AI-powered note-taking and data classification. Data Breaches & Industry Challenges: Lessons from Marriott’s data breaches, security concerns in the hospitality industry, and evolving consumer pro...
Feb 06, 2025•1 hr 18 min•Ep. 9
🎙️ Episode 8 of the Distilled Security Podcast is here! 🔐🥃 🔎 Join us as we explore: The Whiskey Rebellion and Craft Distilling : A dive into the history of the Whiskey Rebellion and what it means for today’s distillers. Learn about Iron City Distilling, creating national brand-quality spirits, and the significance of the Bessemer brand name. Whiskey Craftsmanship : Insights into chamber still distillation, the balance of maturation versus aging, and premium craft whiskey production. Executiv...
Jan 07, 2025•1 hr 22 min•Ep. 8
Welcome to Episode 7 of the Distilled Security Podcast! In this episode, hosts Justin, Rick, and Joe are joined by special guest Brandon Eckert to explore his fascinating journey in cybersecurity, share industry insights, and enjoy a fun debate on Thanksgiving favorites. Here’s what’s in store: Topics Covered: 🔹 Navigating a Career in Cybersecurity Reflections on starting out in cybersecurity, overcoming challenges in small-town IT careers, and the role of certifications in shaping career succe...
Dec 10, 2024•1 hr 19 min•Ep. 7
Episode 6: SEC Penalties, M&A Security, and Due Diligence Welcome back to the Distilled Security Podcast ! In this episode, hosts Justin, Rick, and Joe dive into the latest in cybersecurity, from regulatory challenges to pop culture: Topics Covered SEC Penalties for Cybersecurity Disclosures Discussing recent SEC penalties due to lapses in cybersecurity disclosure, the implications for companies, and how organizations can stay compliant. Cybersecurity Materiality and Disclosure Practices Tip...
Nov 08, 2024•1 hr 17 min•Ep. 6
Join hosts Justin, Rick, and Joe as they cover: Resume Review Insights: Joe offers valuable tips on resume writing, focusing on showcasing accomplishments and using metrics to stand out. Passion Projects and Hobbies: The team discusses how personal projects and volunteer work can make resumes more compelling by demonstrating a passion for the field. Community Engagement at TRISS : The hosts invite listeners to their booth at the upcoming Three Rivers Information Security Symposium (TRISS), where...
Oct 02, 2024•1 hr 4 min•Ep. 5
Episode 4: Ethics in Cybersecurity, Career Development, and Data Protection In Episode 4, we are joined by Doug Salah to explore some critical topics in cybersecurity and career growth. Key Topics Doug Salah’s Cybersecurity Journey : His transition into cybersecurity and current role in the industry. Networking in Cybersecurity : The value of building connections at cybersecurity conferences. TRISS (Three Rivers Information Security Symposium) : Insights into TRISS, its scholarships, and its imp...
Sep 09, 2024•1 hr 13 min•Ep. 4
Episode 3 of the Distilled Security Podcast is here! Join us this week as we jump into: CrowdStrike Incident Analysis: A deep dive into a recent mishap by CrowdStrike that led to significant financial losses and operational disruptions, including 5.4 billion in estimated losses. Vendor Accountability: Exploring the legal and financial repercussions of security vendor failures. Business Continuity Planning: The importance of preparing for security vendor failures, including considering alternate ...
Aug 12, 2024•1 hr 11 min•Ep. 3
Episode 2 of the Distilled Security Podcast is here! Join us this week as we jump into: Exploring the critical importance of tailoring security frameworks: Aligning with an organization's specific goals and objectives Highlighting frameworks like NIST CSF and CIS to advance security programs effectively Insights on aligning KPIs with the NIST CSF framework Complementary use of frameworks like CIS to enhance security control measurement Perspective on compliance and regulatory requirements The ro...
Jul 08, 2024•1 hr 5 min•Ep. 2
Welcome to the first episode of Distilled Security! Join us as we dive into a variety of exciting topics, including: Is College Worth It? : We explore the value of higher education in today's world. Microsoft and Executive Compensation : Analyzing cybersecurity in executive pay at Microsoft. BSides Pittsburgh : Exciting talks are coming to BSidesPGH. Starting as a New CISO : Things to do first coming into a new company. Grab your favorite cocktail and tune in for an engaging and fun-filled discu...
Jun 07, 2024•1 hr 5 min•Ep. 1
Join us on Distilled Security as we delve into the fascinating world of cybersecurity. Each episode, we break down intriguing topics, analyze the latest news, and engage in in-depth conversations with our hosts and invited guests. Whether you're a seasoned professional or just curious about cybersecurity, our podcast offers valuable insights and thought-provoking discussions to keep you informed and entertained. Tune in and stay ahead of the curve in the ever-evolving landscape of cybersecurity....
Jun 02, 2024•45 sec•Ep. 1
