Best Podcast Episodes About Gambit Security
Everything podcasters are saying about Gambit Security — curated from top podcasts
Updated: Apr 27, 2026 – 70 episodes
Listen to the Playlist
Ridealong has curated the best and most interesting podcasts and clips about Gambit Security.
Top Podcast Clips About Gambit Security
Ridealong summary
Quantum computing advancements could break Bitcoin's encryption by 2029, but there's time to adapt if developers act now.
Quantum computing advancements have made breaking Bitcoin's cryptography easier than previously thought, posing a significant threat to its security.
Quantum computing poses a real threat to Bitcoin's encryption, but the timeline gives the crypto community a chance to adapt before 2029.
Quantum computing advancements pose a real threat to Bitcoin's encryption, with Google suggesting a significant reduction in resources needed to break it, potentially destabilizing the cryptocurrency market.
Ridealong summary
Dating apps are being exploited in dangerous ways, as highlighted by a troubling scenario in Ukraine where Russian adversaries created fake profiles to target foreign volunteers. This alarming tactic underscores the risks associated with sharing personal information online, especially in conflict zones. A similar incident with the fitness app Strava revealed how user data could inadvertently compromise military locations, illustrating the need for caution in our digital interactions.
“… to these guys to keep them from getting the opportunity. Is that right? I think so. And one of the other issues, I think, for anybody who's doing IT security is, you know, the famous expression is it's not possible to prove a negative. It's how do you get credit for your organization not being attacked? How do you demonstrate that it's because you have the budget that you have for IT and the equipment that you have and the staff that you have? You know, certainly there's profit pressure in any enterprise. And so when the guys who are controlling the purse strings look around for where they can cut, …”
“… it worth to you for us not to tell the world or to leak the personal and business data that we have stolen from you? Right. So they have the means. They have the motive. The motive is extortion and payment. Yeah. The opportunity, it's really up to these guys to keep them from getting the opportunity. Is that right? I think so. And one of the other issues, I think, for anybody who's doing IT security is, you know, the famous expression is it's not possible to prove a negative. It's how do you get credit for your organization not being attacked? How do you demonstrate that it's because you have the budget that you have for IT and the equipment that you have and the staff that you have? You know, certainly there's profit pressure in any enterprise. And so when the guys who are controlling the purse strings look around for where they can cut, They're like, well, we haven't had any problems with our IT. Everything's going great. So let's cut there. And it's like, wait a minute. The reason everything is going great and you haven had any attacks is that we been able to keep the defenses up We been able to purchase expensive network gear that even though the old stuff was still working, it …”
View more
Ridealong summary
Organizations are finally realizing that neglecting cybersecurity can lead to devastating breaches and public shame. With a surge in data extortion tactics, IT departments must demonstrate the importance of sustained funding to keep defenses strong. If businesses want to avoid being on the infamous breach list, they need to take IT security seriously now more than ever.
Ridealong summary
The breach of FBI Director Kash Patel's emails underscores a critical failure in cybersecurity and highlights the incompetence within the FBI's leadership, particularly in handling Iran-related counterintelligence.
“Now, one thing that the world of private maritime security shows us is that neoliberal globalism is willing to look the other way a great deal and allow a great deal of violence on behalf of corporations, not on behalf of the state. When people are getting engaged by these vessels, it is to protect property. Granted, sometimes it is also to protect life. These pirates have killed people and kidnapped people and such But the state has been willing to cede its monopoly on violence at the high seas …”
“Now, one thing that the world of private maritime security shows us is that neoliberal globalism is willing to look the other way a great deal and allow a great deal of violence on behalf of corporations, not on behalf of the state. When people are getting engaged by these vessels, it is to protect property. Granted, sometimes it is also to protect life. These pirates have killed people and kidnapped people and such But the state has been willing to cede its monopoly on violence at the high seas because it couldn find a good solution to this and it been willing to overlook a lot of loss of life and i just don see a way that this doesn't lead to more loss of life and that is probably what we have to look forward to it may have already begun happening in the strait of homoose between when we record this and when you hear it but it is deeply …”
View more
Ridealong summary
The Maersk Alabama incident rattled the shipping industry and highlighted modern piracy's shift from theft to hostage-taking. In 2009, Somali pirates captured the U.S.-flagged ship, leading to a dramatic standoff with U.S. Navy SEALs that ended with the pirates being shot to rescue the captain. This event not only sparked fear in maritime security but also raised complex jurisdictional issues surrounding piracy.
Ridealong summary
Gulf states are urging the U.S. to take decisive action against Iran, highlighting their strategic reliance on American support. Despite their limited leverage, they are actively seeking ways to assist, as tensions rise and the threat from Iran continues. Meanwhile, the U.S. is providing arms to Iranian protesters and Kurds, reflecting a complex geopolitical landscape.
“… their customer base is not using these tools maliciously. the hackers sort of wind up on the lagging edge, not on the frontier, but all of the cybersecurity companies like Palo Alto Networks, like CrowdStrike, like the folks that you've had at your conference, they maintain access to the frontier, and so they're always fighting with a bigger weapon. Is that sort of the equilibrium we should expect here? That's a great question. And by the way, we did have today the two top cybersecurity experts at Antropic, the head of security and the head of product security, sharing the roadmap and thoughts …”
“… this person just spent $5 million on our API and it's all cyber attack related prompts. Like, let's maybe turn them off or figure out what's going on over there. They have a huge incentive to sort of, you know, control their customer base so that their customer base is not using these tools maliciously. the hackers sort of wind up on the lagging edge, not on the frontier, but all of the cybersecurity companies like Palo Alto Networks, like CrowdStrike, like the folks that you've had at your conference, they maintain access to the frontier, and so they're always fighting with a bigger weapon. Is that sort of the equilibrium we should expect here? That's a great question. And by the way, we did have today the two top cybersecurity experts at Antropic, the head of security and the head of product security, sharing the roadmap and thoughts about the upcoming capabilities of Antropic and other platforms. I think the answer to that is our continuous investment in innovation in the space. It's not just about Weez that I mentioned or Sierra. Those are large established startups. But we did have one company going out of stealth last week, Onyx Security. All they do is agent security. We had …”
View more
Ridealong summary
Threat actors are outpacing defenders in the race to leverage AI for cyber attacks, creating a significant risk. While cybersecurity companies are innovating to combat this threat, the gap in adoption speeds leaves defenders at a disadvantage. However, the emergence of new security-focused startups may shift the balance in the coming years.
“… 31 so not 27 no 31 which is another wait for it CVSS 10 critical vulnerability in Cisco systems. As I said at the top of the show, what would the Security Now podcast be without a brand new shiny Cisco CVSS critical 10.0. The NIST NVD, the National Vulnerability Database, says of the new one, 31, they write, a vulnerability in the web-based management interface, who would have guessed, of Cisco secure firewall management center, apparently not that secure software, could allow an unauthenticated remote attacker to execute arbitrary Java code as root on an affected device. In other words, there …”
“… very bad 10.0 CVE 2026-20127, which was that widely exploited authentication zero day discovered while being exploited in Cisco's Catalyst SD-WAN enterprise product line. really anyone could be forgiven for confusing that one with cisco's cve 2026 201 31 so not 27 no 31 which is another wait for it CVSS 10 critical vulnerability in Cisco systems. As I said at the top of the show, what would the Security Now podcast be without a brand new shiny Cisco CVSS critical 10.0. The NIST NVD, the National Vulnerability Database, says of the new one, 31, they write, a vulnerability in the web-based management interface, who would have guessed, of Cisco secure firewall management center, apparently not that secure software, could allow an unauthenticated remote attacker to execute arbitrary Java code as root on an affected device. In other words, there you go, Cisco 10.0. They wrote, this vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted, serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the …”
View more
Ridealong summary
A newly discovered critical vulnerability in Cisco's secure firewall management center could allow attackers to execute arbitrary Java code as root, putting countless enterprises at risk. This flaw, CVE-2026-20131, was disclosed on March 4, 2026, and is already being exploited in ransomware campaigns. The ongoing issues with Cisco's authentication systems highlight the urgent need for better security measures in enterprise environments.
Ridealong summary
In this hilarious segment, a dinner check sparks a debate about restaurant behavior, leading to a wild story of credit card hacking at a place called Poppy Garden. The punchline hits when the host discovers that even after getting hacked, he can still use Apple Pay with his new card number before it arrives!
Ridealong summary
Unprotected printers can compromise your entire network, and many are left vulnerable by default settings. The surprising truth is that even a simple USB upload can turn a printer into a gateway for malware, spreading it throughout the system. This highlights the critical need for better security measures in seemingly harmless office devices.
Ridealong summary
Bragging about your cryptocurrency wealth can put you at risk of robbery or worse. Criminals often target individuals based on their lifestyle cues and online presence, making it crucial to keep your assets private. This alarming reality is highlighted by the experiences of high-net-worth individuals who may even require bodyguards due to threats.
“… going on, of course, but very few times do we communicate that we need something for our program that we don't get. Also, find a way to show that security is an enabler of the business. Like a good example is a password manager because everybody hates passwords, right? Or implementing password lists throughout your organization, which is hard to do. But if you can find those quick wins, easy wins, you're a hero. Like I'm a hero with my husband because of a password manager. So it works. You know, my co-host, Mike Johnson, CISO of Rivian, his thing is he tries to talk to the employees about their …”
“there are some healthy challenging going on, of course, but very few times do we communicate that we need something for our program that we don't get. Also, find a way to show that security is an enabler of the business. Like a good example is a password manager because everybody hates passwords, right? Or implementing password lists throughout your organization, which is hard to do. But if you can find those quick wins, easy wins, you're a hero. Like I'm a hero with my husband because of a password manager. So it works. You know, my co-host, Mike Johnson, CISO of Rivian, his thing is he tries to talk to the employees about their personal security. And if he does that first, then they get understand business security because if you can't get them to understand their own security, I mean, that's a crazy logical leap to business security. Yes, you're both nodding your heads. I don't think it's a crazy leap. I use it all the time. No, no, I'm saying if you don't do it, it's a …”
View more
Ridealong summary
A strong security culture can drive business success, but it starts with the security team understanding their role as business architects. By asking 'why' repeatedly, security leaders can instill a business mindset within their teams, leading to better decision-making and resilience. This approach not only improves security but also enhances product velocity and customer trust.
Ridealong summary
AI has already led to the loss of 90,000 jobs in the past year, and experts warn this is just the beginning. Holly Elmore from PauseAI argues that we must create international treaties to prevent further job loss and even potential human extinction, rejecting the idea that we should simply adapt to AI's rise. The urgency of addressing these issues is clear, as the technology poses unforeseen dangers to society.
“… is Iran, which the U.S. is targeting. Moving on, the long national nightmare of long national lines might soon be over. Trump directed Homeland Security to start paying TSA workers just before the weekend, even though Congress failed to agree on a path to end the partial government shutdown. That means agents could start seeing paychecks as soon as today, but don't expect the lines that TSA just snap back to normal immediately. Almost 500 TSA agents have fully quit since the funding lapse in mid-February. That is in addition to the 1,000 agents that quit during the 43-day government shutdown …”
“… Iran is earning about $139 million a day from oil sales in March, up from $115 million into February. So that's around 30% more revenue. It seems like the only person benefiting, at least economically, in terms of selling their oil on the global markets is Iran, which the U.S. is targeting. Moving on, the long national nightmare of long national lines might soon be over. Trump directed Homeland Security to start paying TSA workers just before the weekend, even though Congress failed to agree on a path to end the partial government shutdown. That means agents could start seeing paychecks as soon as today, but don't expect the lines that TSA just snap back to normal immediately. Almost 500 TSA agents have fully quit since the funding lapse in mid-February. That is in addition to the 1,000 agents that quit during the 43-day government shutdown last year. Those roles won't be easy to replace. It takes four to six months to complete training. Plus, it's not like people are applying in droves for a job that increasingly gets caught up in political skirmishes leading to lost paychecks. Adam Stahl, TSA's chief of staff, said last week that the situation will get worse before it gets better, …”
View more
Ridealong summary
The TSA is facing a staffing crisis, leading to record-long security lines at airports. Despite Trump’s order to restore pay for TSA workers, many have quit, resulting in a 40% call-out rate at some airports. With lengthy training processes and a lack of job security, the situation is expected to worsen before it improves.
“… in the web server and then everything was fixed. And we were pulling our hair out for over a week on that particular issue. How do you handle the security handouts? Because you mentioned the certifications and things like this. When you have so many vendors and you're actually moving data between all these vendors, there's so many questions on this one. But let's talk about security first. How do you handle the security between these? Do you have a common security design pattern that you use? Because that's a lot of vendors, 25 vendors. That's a lot. It's a lot. Yeah, for sure. So we rigorous …”
“… logs okay try it now click oh and that's when it's like ah we didn't give you the new root CA here and they you know They send us the PKS file or what, I can't remember at this point. But they send us the group of certificates and we get those loaded in the web server and then everything was fixed. And we were pulling our hair out for over a week on that particular issue. How do you handle the security handouts? Because you mentioned the certifications and things like this. When you have so many vendors and you're actually moving data between all these vendors, there's so many questions on this one. But let's talk about security first. How do you handle the security between these? Do you have a common security design pattern that you use? Because that's a lot of vendors, 25 vendors. That's a lot. It's a lot. Yeah, for sure. So we rigorous risk assessments, and that's the number one thing that the NCUA is always looking for us in our regulation is the credit union performing reasonable information security risk assessments of all vendors and everything that we do. So when I first got here, we put into play just adhering to the NIST standards, the 800-DASH document on guide to risk …”
View more
Ridealong summary
A week-long vendor issue was resolved when a missing encryption certificate was finally identified. This incident highlights the importance of rigorous risk assessments and adherence to NIST standards for managing security across multiple vendors. By implementing these practices, organizations can effectively mitigate risks and ensure compliance with regulatory requirements.
Ridealong summary
CISA's Cyber Hygiene program is a game changer for organizations, offering free vulnerability scanning to enhance security. Once accepted, organizations receive detailed reports on vulnerabilities, with scanning frequency determined by severity, ensuring critical issues are addressed promptly. This proactive approach helps businesses stay ahead of potential cyber threats.
“This is not just a security issue. Greg Notch, CSO of Expel, said, quote, the problem is rooted in economics and incentives. Oh, this came up before. Let's hear it again. Engineering organizations are funded, tasked, and measured on shipping features that deliver outcomes. If you're selling software and business side has little incentive to fund AppSec because they have already externalized all of that risk to their customers with limitation of liability clauses. Good for …”
“This is not just a security issue. Greg Notch, CSO of Expel, said, quote, the problem is rooted in economics and incentives. Oh, this came up before. Let's hear it again. Engineering organizations are funded, tasked, and measured on shipping features that deliver outcomes. If you're selling software and business side has little incentive to fund AppSec because they have already externalized all of that risk to their customers with limitation of liability clauses. Good for them, by the way. Going back to the quote. Yeah. By the way, let's just stop the quote. If you can pull that off, none of this is important. None of this is important. But going back to Greg's quote, if you're developing software for internal customers, there is even less incentive to care. The core problem is that there is very little real …”
View more
Ridealong summary
The real issue with software security lies in economic incentives, as highlighted by Greg Notch, CSO of Expel. Developers are often rewarded for speed and feature delivery, leaving security concerns sidelined, especially when risks can be externalized to customers. This dynamic creates a friction that security teams must navigate by aligning their goals with business objectives to change the narrative around security's importance.
“… so. Yeah. Right? It's like it's this, we have this genie in a bottle. It's amazing. But how do I contain this? Has it ever happened before? I mean, security has always come at the end. Like it's never, I think it's just that we've solved, we've solved the coding side of this, the writing code side. And now it's more of a systems engineering. These are all fundamentally just systems and architectural problems. It's not necessarily security issues. Social engineering to some extent is, but that's, the problem is, is you're bringing up, you're co-mingling risks across different trust domains with …”
“… code. Putting all of this together, I think what's super fascinating to me is this is one of the first times we're having technology. But what it can do is not limited by its abilities, but limited by how I can make it secure and stop it from doing so. Yeah. Right? It's like it's this, we have this genie in a bottle. It's amazing. But how do I contain this? Has it ever happened before? I mean, security has always come at the end. Like it's never, I think it's just that we've solved, we've solved the coding side of this, the writing code side. And now it's more of a systems engineering. These are all fundamentally just systems and architectural problems. It's not necessarily security issues. Social engineering to some extent is, but that's, the problem is, is you're bringing up, you're co-mingling risks across different trust domains with this. So you have the trust and safety and alignment issues with your underlying foundation models. You have the systems architecture and execution around how OpenClaw does things on your local machine. And then you have the sort of the traditional hacking sort of, you know, prompt injection type stuff. Like people want to do malicious. People want to …”
View more
Ridealong summary
The future of note-taking for AI agents is evolving beyond simple markdown to include executable code and dynamic charts, creating a richer source of truth. However, this technological advancement raises significant security challenges, as the ability to execute code must be balanced with the need to contain potential risks. Ultimately, the focus is shifting from coding capabilities to systems engineering and security architecture to ensure safe interactions with these powerful tools.
Ridealong summary
In ransomware negotiations, never appear desperate or rude to the attackers, as it can diminish your leverage and increase costs. Timing is crucial; negotiations typically start within three to five days, but if backups are intact, walking away might be the best option. Understanding when to engage or disengage can significantly impact the outcome for the victim organization.
“… take the vacation with the kids, do the fun stuff, support the charities, whatever the case may be, but just at least have that kind of baseline security that gives me the confidence that I can drop out of any commercial relationships that I might need to drop out of. Any provisions you would offer to my plan?”
“… exposed to it with the goal of hopefully being able to drop whatever commitments i have forego all income contribute however i can contribute to be useful and then beyond that i think basically spend and or give it all away is kind of my mindset. Like, take the vacation with the kids, do the fun stuff, support the charities, whatever the case may be, but just at least have that kind of baseline security that gives me the confidence that I can drop out of any commercial relationships that I might need to drop out of. Any provisions you would offer to my plan?”
View more
Ridealong summary
Imagine being financially secure enough to drop all commitments and focus on what truly matters. Zvi Mowshowitz shares his vision of achieving a baseline financial security that allows him to spend time with family, support charities, and contribute to society without the burden of commercial obligations. This mindset not only fosters personal freedom but also empowers a more meaningful life amidst the uncertainties of AI-driven job loss.
Top Podcasts About Gambit Security
The Watch Floor with Sarah Adams
4 episodes
Security Now (Audio)
4 episodes
Bannon`s War Room
4 episodes
CISO Series Podcast
3 episodes
Bulwark Takes
3 episodes
Meet the Press
3 episodes
The Megyn Kelly Show
3 episodes
TBPN
2 episodes
Stories Mentioning Gambit Security
Top Podcasts on Political Violence Against Trump
There is an increasing concern about political violence in the United States, particularly regarding threats against former President Donald Trump. This rise in threats highlights the ongoing tensions and security challenges in the political landscape, which could have significant implications for public safety and political stability.
Top Podcasts on Bitcoin's Quantum Threat
The cryptocurrency market, including Bitcoin, is experiencing significant developments with the potential threat from quantum computing, increasing institutional adoption, and heightened regulatory scrutiny. These factors are shaping the future landscape of digital currencies, impacting their security, acceptance, and compliance requirements.
bitcoin
