Are you curious about the evolving world of cybersecurity, virtual CISOs, and their vital role in different industries? In this episode, Brian and John are joined by cross-vertical vCISO Jason Taule, who brings a wealth of experience and insights from his diverse career in the field as one of the first CISOs...ever. From working with federal agencies like NASA to serving as a virtual CISO for agriculture, heavy manufacturing, and healthcare organizations, Jason offers valuable perspectives on the unique security challenges faced across different sectors.Throughout the episode, Jason discusses the evolving role of the Chief Information Security Officer (CISO) in various industries. He highlights the intricacies of implementing cybersecurity measures in sectors like healthcare, where specific jargon and risks come into play.The conversation also goes into the complexities of managing operational technology (OT) and IoT security, emphasizing the need for improved third-party access control and a better understanding of firmware vulnerabilities. Additionally, the episode explores the impact of regulations, financial pressure, and the evolving threat landscape on organizations' engagement with security. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Sean Tufts is in the house, and we ask him to go all the way back. All the way. From his origins to the evolving challenges and security needs in IoT and OT environments, particularly in critical infrastructure. Your hosts, Brian Contos and John Vecchi, engage in a thought-provoking conversation with special guest Sean Tufts from Optiv. The discussion goes into Tufts' background, from his transition from an NFL player to a cybersecurity and critical infrastructure expert, to managing substantial programs at Optiv. Sean touches on the changing landscape of critical infrastructure, the challenges of IoT and OT security in the wake of COVID-19, and the evolving tactics in cyber attacks. He also shares insightful anonymized stories of cyber incidents, emphasizing the importance of effectively addressing vulnerabilities in IoT devices and legacy systems to mitigate risks. After listening to the episode, be sure to subscribe to the Phosphorus IoT Security Podcast to stay updated on evolving cybersecurity challenges and strategies in the IoT and OT space. Share this impactful episode with colleagues and peers involved in securing critical infrastructure to spark insightful conversations and proactive measures for vulnerability management. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Content Warning: This episode contains explicit language and references to criminal activity.In this episode, Brian and John are joined by a very special guest—John Threat, also known as John Lee, a veteran of the Great Hacker War and known as "Corrupt" from the early 90s hacking group MOD (Masters of Deception). We dive into the fascinating origins and culture of hacking, with John Threat sharing his experiences from the '80s all the way to the present day and the excitement of exploring and breaking into systems. The discussion also explores the evolution and loss of excitement in the hacking culture, the potential impact of AI and machine learning, and the changing threat landscape. From the deep camaraderie within hacking groups and the diversity of the MOD team in the 90s to the potential ethical and legal implications of new technologies, this episode is set to be a thought-provoking and riveting journey into the world of cybersecurity and hacking.You can follow John Threat on Instagram at @johnthreat or follow his work at http://www.rip.space and http://www.johnthreat.com. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

She's no slacker. Danielle Jablanski has been an "expert" — she hates that word — in nuclear policy analysis (the "original Cyber-Physical System"), energy research, and now Nozomi Networks, where she plays the crucial OT cybersecurity strategist role. John Vecchi and Brian Contos pick Danielle's brain on the ever- and never-changing trends and challenges, digging into the need for consequence-based security and collaboration between security professionals and OT engineers. The discussion also covers the growing concern about the security of IoT devices in OT environments, the importance of centralizing and managing security, addressing the issues surrounding legacy devices, and the evolving landscape of liability and insurance in cybersecurity.Key Topics Covered:1. Trends in cybersecurity and the importance of consequence-based security2. Concerns about the security of IoT devices in OT environments and the role of centralization and management3. Challenges with legacy devices in ICS and healthcare and the need for building controls and defense-in-depth4. Evolving conversations about liability and insurance in cybersecurityAfter tuning in to this episode, subscribe to the IoT Security Podcast, powered by Phosphorus, to stay informed about the latest trends and insights in IoT security. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Susan Peterson Sturm joins Brian Contos and John Vecchi on the IoT Security Podcast to discuss the importance of understanding specific features needed for different teams in IoT security. Susan Peterson Sturm has dedicated most of her career to the energy industry, where her expertise lies in asset optimization and energy market trading. However, it was her venture into product management that led her to the exciting field of OT security. Susan's journey in the industry spans approximately 15 years, and she feels privileged to have witnessed the growth and evolution of her peers throughout this time.In this episode, Susan, Brian, and John emphasize the need for change management, localization in factories, and the integration of cybersecurity measures into existing processes. The episode also touches on the challenges faced by CISOs, the importance of user feedback, and the need to quantify material cybersecurity risk. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Find the line between man and machine with John, Brian, and guest Len Noe, CyberArk technical evangelist. Len, the personification of transhumanism and the future of human-machine integration, host to a number of augmentations himself, is a self-taught cybersecurity expert with a unique background in the world of black hat and gray hat hacking. For most of his life, Len delved into the dark side of technology, breaking into computers and causing havoc. However, with the arrival of grandchildren, Len realized that he needed to change his ways. Recognizing that his skills were primarily focused on hacking, Len made the brave decision to use his expertise for good. He embarked on a new journey, putting his unique perspective on security to work for the good guys. Len transitioned from being a malicious hacker to becoming a cybersecurity professional, using his knowledge to defend against cyber threats and secure computer systems.Len shares his experiences and insights as someone who has embraced technological enhancements and implanted various devices in his own body. From RFID NFC chips to a mini-computer in their leg, Len takes us on a journey through the possibilities and challenges of this emerging field. Join us as we explore transhumanism's societal, theological, technological, moral, and medical implications. Get ready to dive deep into the possibilities of collaboration, the debates surrounding free will, and the potential benefits and drawbacks of these advanced technologies. Stay informed and open-minded about the advancements in technology and their potential impact on humanity. Share this episode with others to spark discussions on transhumanism, IoT security, and the future of technology. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

What is security? Our guest here, Patrick Benoit, Global CISO for Brinks, thinks about that a lot, working for a company with 165 years in the space. From reinforced stage coaches to the security today, there's a focus on the physical. In today's episode, John and Brian talk to Patrick Benoit about people and Things. People are the solution as well as the problem, as Patrick declares that breaches only happen for two reasons. Someone did something they were supposed to do, or someone didn’t do something they were supposed to do. There’s always a human component. Listen in as they hit on topics like:The evolving landscape of integrated security platforms and the importance of trust in team dynamics The challenges of breach reporting and materialityThe rising threat of ransomware attacks on IoT devicesThe fascinating potential of Generative AI for hackers And more on zero trust, IoT security standardization, and the role of CISOsGet ready for an information-packed episode that will illuminate the complexities and opportunities in the world of IoT security. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

The passion for cybersecurity can arise at any moment. For our guest Andres Andreu, he started his career in software engineering, but that path was not to be. His naturally (self-described) paranoid nature drove him to constantly think about potential vulnerabilities and how to protect against them. Andres was already performing tests on his software creations, and his career transitioned from software engineering to becoming a renowned figure in the world of security.Andres sheds light on a significant portion of the attack surface, including IoT, OT, IIoT, and IoMT cyber-physical systems in organizations across manufacturing, utilities, energy, healthcare, finance, retail, and logistics. He and hosts John and Brian delve into the difficulties of gaining visibility into these devices and understanding their posture and risk assessment.In this episode, learn about the limitations of traditional passive monitoring tools and the challenges faced when scanning industrial IoT devices for vulnerabilities. Andres emphasizes the importance of identifying and understanding these devices before implementing security measures.Andres shares insights into the difficulties of monitoring IoT devices, including the importance of careful firmware updates, the complexities of monitoring configurations in industrial control systems, and the vulnerabilities of older equipment.Join us as we delve into the world of IoT device security with Andres Andreu on this episode of the IoT Security Podcast. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Ron Kuriscak is here to share his extensive knowledge and experiences in the world of IoT security, and has he got some great stories! Ron brings over 20 years of experience in the field to the show. He's been in the trenches on a number of high-profile breaches, giving him a unique perspective on the challenges and importance of securing IoT devices.In our conversation, we dive deep on the role of the CISO, their relationships with other executives, and the evolving threat landscape, littered with unmonitored, unmanaged devices. Ron sheds light on the struggles faced by CISOs, as they juggle physical and data security responsibilities with different skill sets required for each. He also discusses the changing trend of CISOs reporting up through the legal chain of command or directly to the CEO for clearer communication and a better understanding of security matters.Then we delve into the world of breaches and the lessons Ron has learned along the way. From the importance of being prepared with a good partner by your side, to the challenges faced when seeking assistance from big entities, Ron shares his valuable insights on prevention, preparation, and engaging with the right partners.Furthermore, we explore the concept of being a "seesaw" in security, a topic rarely discussed in such detail before. Ron reflects on the ever-evolving role of security directors, the shift towards risk-driven approaches, and the need for effective communication and storytelling when presenting to boards and executives. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Huddled in a corner, away from the lights and sounds of the slots, John and Brian reminisce about the Black Hat USA conferences gone by and what trends and topics this one already holds. In this mini-sode on location, the dynamic duo discusses AI, xIoT, and the security of slots. But when you end up in Vegas yearly, you also inevitably get up to some non-work activities. Did you know you can rent and drive construction equipment?Let's get into Things on an extra mini-sode of the IoT Security Podcast! Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Over the past 17 years, Kelly Jackson Higgins, editor-in-chief at Dark Reading, has watched the cybersecurity industry explode. She brings a unique perspective to the podcast in discussion with Brian and John as they pick apart the challenges faced in industrial environments to the vulnerabilities in healthcare organizations. Just as the world of technology journalism has changed, so has Dark Reading and the way they approach the industry, the major players, and evolving conversations in the space. Kelly's unique position allows her to triage the firehose of information for us, focusing on ransomware and "the whole AI thing," and more. Throughout the conversation, we will explore the importance of visibility and monitoring of connected devices, the persistent issue of devices being connected to the public internet when they shouldn't be, and the need for collaboration between IT and OT teams. We will also delve into recent cyber threats, such as ransomware attacks and the concerning trend of ransomware as a service, shedding light on the advancement of technology and its impact on cybersecurity.Join us as we explore these critical topics with our expert guest, Kelly Jackson Higgins, and uncover the challenges, advancements, and solutions in the realm of IoT security. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

It's cyber all day, every day, with Chase Cunningham, Dr. Zero Trust himself. He joins John and Brian to delve into the complex and ever-evolving world of online security threats. With cyber-attacks becoming increasingly sophisticated and prevalent, understanding the strategies and technologies that can safeguard our digital assets has never been more crucial.Chase Cunningham, a seasoned cybersecurity professional, renowned author, and podcast host in his own right, joins us as our esteemed guest. With his extensive background in the industry, Chase brings a wealth of knowledge and insights to the table. From his time serving as a military strategist and chief cryptologic technician in the United States Navy to his current role as a prominent cybersecurity analyst, Chase has witnessed firsthand the evolving landscape of cyber threats and the strategies required to combat them.During the conversation, we explore various pressing topics, including the rise of nation-state cyber attacks, the growing importance of zero-trust architecture, the impact of artificial intelligence and machine learning on cybersecurity, and the critical role of individuals and organizations in safeguarding their digital identities.This episode should offer the listener valuable insights and practical advice from one of the industry's foremost experts. Join us as we unmask the complexities of cybersecurity and empower ourselves with the knowledge to stay one step ahead of potential threats.Listen to Chase Cunningham on DrZeroTrust here. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

In this episode, Tammy Hawkins, a fraud specialist with over 20 years of experience, warns of the growing threat of cyberattacks on IoT devices and emphasizes the need for organizations and individuals to take proactive security measures. She offers critical advice and recommendations on how the audience — that's you! — can protect themselves against these cyber threats.In this episode, learn about:Delving into the world of IoT security threats and the risks they pose in our digital landscapeUnraveling the complexity of cybercriminal activity and how insiders contribute to security breachesRealizing the importance of taking a proactive approach to secure IoT devicesExamining the role of IoT devices in organizations and the potential risks they carryGaining insight into the necessity of staying informed and vigilant in the fight against cyber threatsBrian Contos and John Vecchi speak with Tammy Hawkins, a seasoned cybersecurity specialist whose career has taken her through various roles and industries. Starting in information security, Tammy transitioned to Mastercard, where her expertise lay in creating cutting-edge security products to fight the world’s best fraudsters. From there, she branched out into the gaming sector at Activision Blizzard, focusing on anti-toxicity solutions. Now, as the Director of Cybersecurity and Fraud at Intuit, Tammy is passionate about protecting small businesses and their software systems. With her comprehensive knowledge of IoT device security, Tammy's input is an invaluable asset to today's topic. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Brian and John sit down to the mic with Vignesa Moorthy. With a seasoned background in telecommunications and cybersecurity, Vignesa Moorthy is a forward-thinking innovator in the industry. Running a successful Singapore-based telco company, he has expanded operations across Southeast Asia and evolved his company's focus to cybersecurity services. With years of hands-on experience securing customer infrastructure, Vignesa has unparalleled knowledge of the key risks facing IoT infrastructure managers in today's rapidly advancing technology landscape. His expertise in managing IoT device vulnerabilities makes him an ideal speaker on this very subject.In this episode, you will hear about:Insights into Southeast Asia's cybersecurity landscape and the solutions implemented to combat threats.The indispensable role of data leak prevention and IoT infrastructure protection for ensuring data security.The explosive growth of IoT devices and the best practices to address inherent vulnerabilities.The importance of cooperation and ongoing education across stakeholders in the IoT domain.How staying alert and adaptable can be game-changers for businesses in cybersecurity.The pain of taking ineffective actions and not seeing results can be overwhelming. But don't lose hope. In this episode, we'll explore the best practices for managing IoT vulnerabilities and improving overall device security, giving you the peace of mind you deserve. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Are you tired of feeling helpless and exposed when using IoT devices? Have you been told to simply 'be careful' without any real solutions? In this episode, we get our ears on some expert insights and practical solutions to help you take control of your privacy. From understanding the risks and vulnerabilities to mastering cybersecurity challenges and envisioning a safer future - this episode is a must-listen for every privacy-conscious individual using IoT devices.In this episode, you will hear:Valuable insights into privacy risks and vulnerabilities within IoT devices and discover expert solutions to tackle them.The importance of increasing consumer awareness for preserving privacy while using IoT devices.The complexities of cybersecurity challenges and integrating security measures within IoT devices and regulations.The technical aspects of IoT devices, such as encryption, protocols, and shared infrastructure.Future plans by empowering users and cooperating with protection authorities and organizations for a more secure IoT environment.Our guest in this episode is Anna Maria Mandalari.Brian and John talk with Anna Maria Mandalari, a talented IoT privacy and security expert who has dedicated her career to understanding and addressing the vulnerabilities of IoT devices. Beginning her education journey in Italy, Anna specialized in Telematics before pursuing a Ph.D. in Internet measurements in Madrid. Her expertise in networking eventually led her to London's Imperial College, where she began focusing on IoT privacy and security. Now, Anna works at University College London, where she collaborates with other experts to develop innovative solutions for safeguarding consumer privacy in the IoT space. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

In this episode, John and Brian talk with Mark Weatherford, a skilled cybersecurity veteran with a diverse background in both government and private sectors. Having held positions such as CISO for California and Colorado and serving in the Obama administration as the Deputy Under Secretary for Cybersecurity, Mark has a unique perspective on IoT security and critical infrastructure protection challenges. In addition to his government roles, Mark has ventured into the private sector, working with startups and as the Chief Security Officer at NERC. His expertise in IoT security is incredibly valuable for cybersecurity professionals looking to stay informed in this rapidly evolving field.Listen in for a conversation on:Navigating the complicated obstacles involved in securing IoT devices and defending crucial infrastructureIdentifying the underestimated hazards linked to the perception that air-gapped networks are entirely protected from breachesAcknowledging the powerful impact of education and awareness in tackling IoT security challengesRecognizing the importance of implementing more regulatory measures and policies for bolstering IoT device securityInvestigating the escalating threats of IoT attacks and the need for integrating security solutions within IoT devicesAs a cybersecurity professional, staying up-to-date on IoT security challenges is crucial to protecting critical infrastructure. Don't fall for the common misconceptions - Mark Weatherford will share the truth with John and Brian about the complex challenges of securing IoT devices and infrastructure. Stay informed and stay protected. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

In this episode, Brian and John dive into the world of Capture the Flag competitions in the realm of cybersecurity. Our special guest, Rachael Tubbs from IoT Village, discusses the rise of CTFs and how they are becoming a popular feature at cybersecurity conferences like Defcon. We explore how IoT Village is leading the way in making these conferences more accessible, exhibiting a range of innovative devices, and even holding a free virtual conference. We also discuss the challenges of developing security life cycles for IoT development and how the limited security mindset of small companies is a concerning trend across the 50 billion devices in use. Tune in for an exciting and informative look into the rapidly evolving world of cybersecurity.Topics covered in this episode include:Introduction to Capture the Flags (CTFs) and their importance in securityBackground of IoT VillageDefcon CTF and its valueIoT Village's response to pandemicRachel Tubbs is a psychology graduate who developed an interest in understanding human motivation. She started working as a contractor for the US Government's Defense Counterintelligence Security Agency, where she was introduced to the world of cybersecurity. However, she found that the private sector was more suited to her, and she eventually found a position at IoT Village, a security consulting and research firm founded by Independent Security Evaluators. Rachel has been with IoT Village for almost three years now. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

In this episode, Brian and John speak with Julie Tsai. Julie Tsai is a seasoned cybersecurity expert with over 25 years of experience in Silicon Valley, navigating the complex world of securing IoT environments. With a diverse background that includes a liberal arts degree and a minor in economics from Stanford, Julie has honed her skills in system administration, DevOps, and DevSecOps. She has worked with numerous tech startups, helping them overcome security challenges and achieve compliance with minimal resources. Julie's unique problem-solving approach and ability to adapt quickly to new challenges have made her a sought-after expert in cybersecurity.In this episode, the gang discusses how to:Tackle intricate cybersecurity challenges using minimal resources for maximum protectionExplore the driving forces behind psychological and emotional triggers in cybersecurity threatsGain insight into the essential nature of visibility and understanding within IoT securityAchieve equilibrium between networking and prioritizing the use of connected devicesStreamline processes and harmonize tools to ensure the security of your IoT environment Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Unlock the secrets to secure your connected world with powerful IoT security solutions."If you don't assume that there's going to be some level of detect and respond kind of fail back mechanism, then you're going to come up and be very disappointed one day because you didn't build those layers of defense in, but you should 100% lead with prevention, if you ask me." - Jay LeekIn this episode, John and Brian speak with Jay Leek. Jay is a venture capitalist investor with a unique background in cybersecurity, having served as a consultant, corporate executive, and the first CISO in private equity. He is the co-founder of Send Ventures, a venture capital firm investing in the best early-stage cybersecurity startups in the world.Jay Leek's career path has been a winding one, from consulting to being the first CISO in private equity. He then started a fund that has done well and has partnered with a four-time CISO to start a venture fund. Through this, Jay and his team have invested in the best, brightest, and most exciting cybersecurity startups. After meeting with 500 companies, Jay and his team learned that prevention is possible when the team, technology and total addressable market are in the right place. After four years of searching, they finally found a company that could actively defend and remediate security risks. Jay and his team have made it their mission to help CISOs solve their security problems and provide the best possible solutions.In this episode, John and Brian speak with Jay about the following:1. How former Fortune 500 CISOs are leveraging their experience to help the world's biggest companies through venture capital investments.2. How companies are leveraging automation and preventive approaches to combat the shortage of security professionals.3. How CSOs are tackling the problem of IoT security through prevention measures. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

When Steven Edwards, an IT Guy turned Security Analyst, discovered the unexpected challenge of securing an expansive attack surface that includes refrigerators, vending machines, and scanners across multiple private address spaces, he had to be tenacious and curious to protect his organization from attack."No matter what the tragedy is, it's beholden upon us to learn from it, to grow and improve. And I think we have done that in a lot of ways." - Steven EdwardsIn this episode, Brian Contos and John Vecchi talk with Steven Edwards. Steven Edwards was a "Regular IT Guy," content with his work and comfortable with his life. But when a coworker advised him to move into cybersecurity, he took it. He returned to school, got his master's degree, and never looked back. With a curious and tenacious mindset, he was able to find a prosperous career, and when the pandemic hit, he saw how the business model was changing in ways he had seen before. He recognized the need for companies to recognize their security vulnerabilities and to invest in the solutions to protect their assets, but the biggest challenge was convincing those who held the checkbook. As he continued to work in the field, he found that the attack surface had broadened and that IoT security was an ever-growing challenge. Steven Edwards has a master's degree in cybersecurity and enjoys the challenge of solving problems and learning new things in the security field.In this episode, Brian and John discuss with Steven:1. The need for those with an investigative mindset and their curiosity to enter into the security field.2. How the remote work model has changed the security mindset and how organizations must adapt.3. The challenge of identifying, cataloging, and patching devices such as phones, TVs, and printers in the network. Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast