All Episodes
Displaying 1 - 20 of 87 in total
Copilot or Co-Conspirator? AI Helpdesks and the Next Social Engineering Wave
In this episode, we unpack how AI helpdesks and support copilots are quietly becoming a new social engineering surface. Instead of just worrying about phishing human a...
Insight: Reading Your Environment Through Logs, Events, and Alerts
In this episode of Bare Metal Cyber’s Tuesday “Insights” feature, we unpack how security logs, events, and alerts can move from noisy fragments to a clear, trustworthy...
Certified: Speaking Cloud with AWS Certified Cloud Practitioner
When you see “AWS Certified Cloud Practitioner” on a resume, what does it really tell you about that person’s cloud skills? In this Monday “Certified” episode, we unpa...
Model Supply Chain Mayhem: Securing the AI You Didn’t Build Yourself
In this episode, we dig into what happens when your most important artificial intelligence (AI) capabilities come from models, copilots, and APIs you did not build you...
Insight: Making Sense of Security Control Types
Security controls are often described as policies, tools, and processes, but in practice they shape how your defenses behave before, during, and after an incident. In ...
Certified: CRISC at the Intersection of Cyber Risk and Business Decisions
Risk is where business decisions collide with real technology limits, and ISACA’s Certified in Risk and Information Systems Control (CRISC) sits right in that intersec...
Cyber Talks: The Four Ps of Marketing for Cybersecurity: A Cyber Talks Conversation with Tapan Deka
In my latest Cyber Talks session, developed by BareMetalCyber.com, I sat down with Tapan Deka, assistant professor at Madhavi Skills University, to explore something m...
Ghosts in the Training Data: When Old Breaches Poison New AI
In this narrated edition of Ghosts in the Training Data: When Old Breaches Poison New AI, we explore how years of incidents, leaks, and scraped datasets quietly shape ...
Insight: Making Defense in Depth Actually Work
Defense in depth is one of those phrases everyone uses, but few teams can clearly describe in terms of everyday work. In this narrated edition of our Tuesday “Insights...
Certified: Building Your Analyst Mindset with CompTIA CySA+
This episode walks through the CompTIA Cybersecurity Analyst (CySA+) certification in clear, practical terms for early-career defenders. You will hear what CySA+ actua...
SOC Pager Olympics: Gold Medal in 3 A.M. False Alarms
In this episode, we break down the reality of the SOC Pager Olympics—the endless cycle of 3 a.m. wake-ups triggered by false alarms. You’ll hear how misconfigured thre...
Network Segmentation Without the Buzzword Fog
When your network still feels like one big open floor plan, a single compromised device can turn into a building-wide fire. In this audio companion to my Tuesday “Insi...
Certified: Monday: PCI Professional (PCIP) – Learning to Speak the Language of PCI DSS
This episode walks you through the PCI Professional (PCIP) certification in clear, everyday language. We start with what PCIP is designed to prove, why it matters for ...
SBOM & Chill: You Don’t Need Every Ingredient—Just the Allergens
In this episode, we strip away the noise surrounding Software Bills of Materials and reframe them through a fresh lens: allergens. Instead of drowning in endless depen...
Insight: Asset Inventory Basics for Real-World Defenders
In this narrated Insight, we unpack cyber asset inventory as the quiet backbone of a modern security program. You will hear what cyber asset inventory really means in ...
Certified: How CCISO Signals You’re Ready for Executive Security Leadership
The Certified Chief Information Security Officer (CCISO) exam is built for security leaders who are ready to move from running tools to running a program, and this nar...
Cyber Talks: Tracking School Swatters and Shooters: Turning Online Leakage Into Action with Detective Richard Wistocki
In my conversation with Detective Richard Wistocki (Ret.), we talked candidly about a reality that many school leaders and law enforcement professionals already feel ...
Tabletop Telenovela: Turning Your IR Plan into a Drama People Remember
In this episode, you’ll learn how to transform a traditional, forgettable tabletop exercise into something unforgettable: a telenovela. We explore how to recast roles ...
Insight: Turning Patch and Update Management into a Strength
Patch and update management rarely makes headlines, but it quietly determines how exposed your environment really is. In this audio Insight, we walk through the founda...
Certified: Stepping Into Security Leadership with CISM
This episode takes you inside the world of the Certified Information Security Manager (CISM), a certification that helps professionals grow from hands-on security work...