The Analyst's Role in Cybersecurity: Bridging Gaps and Shaping Trends with Fernando

The Future of Cybersecurity in an AI-Driven World with Diana Kelley

In this episode of the Security by Default podcast, host Joe Carson welcomes Diana Kelley, a prominent figure in the tech industry, to discuss her journey in technology, the evolution of AI, and its implications for cybersecurity and the job market. They explore the historical context of AI, from early systems like ELIZA to modern advancements like Watson and ChatGPT, and address common misconceptions about AI's capabilities. The conversation also delves into the future of jobs in an AI-driven world, emphasizing the need for training and understanding of AI technologies. In this conversation, Joseph Carson and Diana Kelley discuss the evolution of jobs in the context of technological advancements, particularly focusing on AI and its implications for the workforce. They explore the necessity of continuous retraining and the emergence of new roles, the importance of contextual understanding in AI, and the behavior of AI agents. Additionally, they emphasize the need for control mechanisms in AI development and the importance of empowering women in cybersecurity to address the growing challenges in the field. Takeaways * The podcast aims to bring clarity and transparency to the chaos in the tech world. * Diana Kelley has a rich history in technology, starting from the DARPAnet in the 1970s. * ELIZA was one of the first AI systems, designed to emulate a therapist. * Watson's success in Jeopardy was due to its speed, not intelligence. * AI's interaction with humans can lead to misconceptions about its capabilities. * Chain of thought prompting has improved AI's problem-solving abilities. * AI is a probability machine, not a sentient being. * Training is essential for effective AI usage. * The evolution of AI has implications for job security and creation. * Legacy systems still require human oversight and expertise. The jobs we have today are constantly evolving due to technology. * Retraining is essential to stay relevant in the workforce. * AI will create new job opportunities in various fields. * Understanding context is crucial for effective AI interaction. * Prompt engineering is a vital skill in working with AI models. * Control mechanisms are necessary for managing AI behavior. * Empowering women in cybersecurity is critical for the industry's future. * Community support is essential for fostering diversity in tech. * Continuous learning is key to adapting to technological changes. * Networking and mentorship play a significant role in career development. Chapters 00:00 Introduction to the Podcast and Guest 01:01 Diana Kelley's Journey in Tech 04:56 The Evolution of AI: From ELIZA to Watson 10:14 AI in Cybersecurity: Training Watson for Cyber 14:03 Understanding AI: Human-like Interaction and Misconceptions 16:33 Advancements in AI: Chain of Thought Prompting 20:11 The Future of Jobs in the Age of AI 21:20 The Evolution of Jobs and Skills 23:51 AI and Human Interaction 27:06 Contextual Understanding in AI 29:56 Agent Behavior and Control 32:58 Staying Informed in a Rapidly Changing Field 36:07 Empowering Women in Cybersecurity Resources & Links: * ELIZA - Joseph Weizenbaum's AI Program [https://en.wikipedia.org/wiki/ELIZA] * Diana Kelley - LinkedIn [https://www.linkedin.com/in/dianakelleysecuritycurve/] * OWASP GenAI Project [https://genai.owasp.org/] * Women in Cybersecurity (WiCyS) [https://www.wicys.org/] * IBM Watson [https://www.ibm.com/watson] * OpenAI GPT Models [https://openai.com/] * Anthropic's Claude [https://www.anthropic.com/] Connect with Diana Kelley: * LinkedIn [https://www.linkedin.com/in/dianakelleysecuritycurve/] Enjoy this insightful conversation on the past, present, and future of AI and cybersecurity, highlighting the balance between innovation and responsible deployment.

Building Trust and Community in Cybersecurity Leadership with JC Vega

In this episode, cybersecurity expert JC Vega shares insights on effective communication, leadership, and risk management in cybersecurity. He emphasizes the importance of translating technical concepts for business leaders, building trust, and fostering community to enhance organizational resilience. keywords cybersecurity, leadership, risk management, communication, trust, community, organizational resilience, cybersecurity education keytopics * Translating cybersecurity for non-technical audiences * Building champions within organizations * The importance of trust and verification in security * Cybersecurity as an enterprise survival issue * Leveraging AI and technology responsibly sound bites "Validate and verify, don't just trust." "Train like it's a Super Bowl." "Leave a link, build a community." Chapters 00:00 Introduction to Cybersecurity Leadership 02:34 Translating Cybersecurity for Non-Technical Audiences 05:13 Building a Team of Champions 08:02 Understanding Business Impact and Risk 10:39 The Role of AI in Cybersecurity 12:58 Cybersecurity as an Enterprise Survival Problem 15:21 The Importance of Ecosystem Relationships 18:00 Trust and Zero Trust in Cybersecurity 20:28 Continuous Learning and Community Engagement resources Cyber Cannon Project - https://cybercannonproject.org/ B-Sides Conferences - https://www.bsidescon.org/ LinkedIn Profile of JC Vega - https://www.linkedin.com/in/jcvega/

AI, Cyber Skills & The Future of Security Training with Hack The Box's Gerasimos

In this special edition recorded live at RSA Conference, Joseph Carson is joined by Gerasimos Marketos (gmar), Chief Product Officer at Hack The Box. They explore how AI is reshaping cybersecurity skills, why traditional education is struggling to keep up, and how hands-on platforms are redefining how defenders and ethical hackers are trained. From real-world fraud detection to AI-powered CTF competitions, this episode dives into the evolving relationship between humans and machines in cybersecurity. 🔑 Key Themes & Topics * AI vs Humans in cybersecurity competitions * Why AI is an accelerator, not a replacement * The evolution from traditional training → hands-on gamified learning * Closing the cybersecurity skills gap * Red, Blue, and Purple team upskilling * AI governance, risk, and agentic threats * The future of cybersecurity careers and hiring ⏱️ Chapters * 00:00 – Introduction & RSA Conference insights * 02:00 – GMar’s journey: Data → Fraud → Cybersecurity * 06:30 – Who and What is Hack The Box? * 10:30 – AI vs Humans: CTF research findings * 13:00 – AI as a productivity multiplier * 15:30 – Real-world example: AI winning competitions * 16:00 – RSAC trends: AI everywhere * 17:00 – AI governance & emerging risks * 18:00 – AI for security vs security for AI * 19:00 – Staying relevant in cybersecurity 🚀 Hack The Box Explained Hack The Box is a cybersecurity upskilling platform offering: * 🎓 Academy – Structured learning paths * 🧩 Challenges & Labs – Hands-on environments * 🏁 CTFs (Capture The Flag) – Competitive exercises * 🏢 Pro Labs – Enterprise-scale simulations * 🔎 Talent Search – Connecting skilled professionals with employers It supports: * Red Teams (Offense) * Blue Teams (Defense) * Purple Teams (Collaboration) Resources: https://www.hackthebox.com/ https://www.linkedin.com/in/gmarketos/ https://www.hackthebox.com/ai-augmented-cyber-workforce-report

The Analyst's Role in Cybersecurity: Bridging Gaps and Shaping Trends with Fernando

In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts. key Takeaways * Role of industry analysts in cybersecurity * Emerging trends in cybersecurity including AI and attack surface expansion * Effective engagement with analysts for decision support * Strategic cybersecurity budgeting and investment * Influence of economics and incentives on security decisions sound bites "Understanding what's going on in the world" "Good enough security can be effective" "Workload AI versus workforce AI" Chapters 00:00 Introduction to Security by Default Podcast 00:53 Fernando Montenegro's Origin Story 05:16 The Role of an Industry Analyst 08:55 Maximizing Value from Analyst Interactions 13:16 Understanding AI in Conversations 15:44 Choosing the Right Solutions 16:40 Decision-Making in Technology and Business 17:13 Trends in Cybersecurity and AI 18:26 Understanding Workload vs. Workforce AI 19:40 The Evolving Role of Security Professionals 21:43 The Strategic Importance of Cybersecurity 23:58 Incentives and Decision-Making in Security 25:53 The Shift Left Approach in Development 27:16 Budgeting for Cybersecurity Investments 30:47 Navigating Cybersecurity Budgets 32:26 Engaging with Analysts and Staying Informed 34:33 Curating Information in a Data-Driven World 36:55 Balancing Operational and Strategic Insights 37:51 Connecting with Analysts and Final Thoughts Resources LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/ Futurum Group - https://futurumgroup.com/ Obsidian Knowledge Management System - https://obsidian.md/ Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO

The Cyber Hero Adventure - Making Security Engaging and Fun with Gary Berman

Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent. Chapters 00:00 Welcome to the Cybersecurity Chaos 02:32 From Fear to Fun in Cybersecurity 05:27 The Journey of a Cyber Advocate 08:09 The Importance of Community and Collaboration 10:45 Bringing Laughter Back to Cybersecurity 13:13 Rebranding Cybersecurity for New Talent 16:00 The Power of Words in Cybersecurity 18:43 Innovative Approaches to Cyber Awareness 21:29 Lessons from Kids: Simplifying Cybersecurity 24:39 The Inner Child and Cognitive Dissonance 26:40 Gamification and Learning Innovations 28:19 Storytelling in Cybersecurity 29:15 Cybersecurity Starts at Home 30:36 Community Engagement and Employee Connection 32:14 The Importance of Acknowledgment 34:13 Finding Joy in Everyday Life 35:11 Humor as a Coping Mechanism 40:04 The Power of Positive Thinking 45:02 Mission Accomplished: Fun and Safety Resources Cyber Heroes Comics - https://cyberheroescomics.com/ Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/