CYBR.SEC.CAST Episode 66: Wendy Nather
In CYBR.SEC.CAST Episode 66, Wendy Nather explains why cybersecurity’s biggest lessons aren’t coming from breaches, but from the near-misses no one talks about.
In CYBR.SEC.CAST Episode 66, Wendy Nather explains why cybersecurity’s biggest lessons aren’t coming from breaches, but from the near-misses no one talks about.
After enduring years of cyberstalking, Kelley Misata transformed personal trauma into a cybersecurity movement, helping nonprofits close dangerous security gaps the industry still doesn’t understand.
A cascading series of supply-chain compromises spanning GitHub pipelines, npm, PyPI, and core developer tools has exposed how deeply attackers can exploit the trust fabric of modern software, leaving organizations scrambling to assume everything is compromised.
Cybersecurity is not something that is necessarily intuitive for the vast majority of people. That’s where the problems creep into scope. Much like walking in the dark towards the kitchen, there is the ever-present danger of a piece of Lego lurking in the carpet.
Industry veteran Theresa Lanowitz says the modern software supply chain has become too complex to see, too critical to ignore, and too exposed to secure the old way.
As AI accelerates development and expands the attack surface, organizations are waking up to a harsh reality: the software supply chain is now their most fragile and least understood security risk.
Mike Holcomb’s OT security training cuts through theory and brings IT and OT professionals together around one goal: understanding how industrial environments actually work and how to secure them before failure becomes physical.
Iran's proxies hacked the FBI director who vowed to hunt them down.
Cybersecurity has outgrown the SOC. As attacks spill into water systems, hospitals, and critical infrastructure, OT.SEC.CON will bring together the practitioners, policymakers, and operators redefining what defense looks like when cyber risk becomes physical risk.
The tens of thousands of at-risk water utilities across this country are still out there — now slightly more aware of how exposed they are, which isn’t exactly progress.
It’s been quite a long time since we stopped naming servers like pets, instead treating them more like cattle farms. But AI has brought cute naming back to the forefront.
Critical infrastructure organizations reported thousands of incidents in the covered period, and year-over-year data shows a roughly 180% increase in the exploitation of vulnerabilities as an initial access path, concentrated heavily on edge devices and remote access infrastructure.
The RSAC 2026 expo floor didn’t just reflect the cybersecurity market — it exposed how vendors think buyers buy. Right now, that means AI everywhere, clarity nowhere, and a growing gap between messaging and meaning.
ICIT Executive Director Valerie Moon says the United States remains unprepared for critical infrastructure attacks that come with modern geopolitical conflict.
The human side of cybersecurity historically hasn't been as big a pageview driver as the technical stuff. But that is changing. This edition of the newsletter captures that.