Unspoken Security

In this encore presentation of Unspoken Security Episode 32 (originally published on 3 April 2025), host AJ Nash sits down with Chris Birch, an intelligence practitioner with nearly 30 years of experience, to discuss the ever-evolving landscape of social engineering. Chris's unique perspective comes from leading teams that actively engage with threat actors, turning the tables on those who typically exploit vulnerabilities.

Chr...

In this episode of Unspoken Security, host AJ Nash sits down with Zoë Rose, SecOps Manager at Canon EMEA. They explore the real-world barriers to building effective incident response programs and discuss why so many organizations struggle to move beyond reactive firefighting.

Zoë shares her perspective from both consulting and in-house roles, pointing out that most incident response teams are overwhelmed, under-resourced, and stuck ...

In this episode of Unspoken Security, host AJ Nash sits down with Charlotte
Guiney, Cyber Threat Intelligence Manager at Toyota Financial Services. They
explore what it takes to build threat intelligence programs that work for both
security teams and the wider business. Charlotte cuts through the noise,
stressing that buy-in is step one—and that it’s often the hardest step. She
shares how understanding internal ...

In this episode of Unspoken Security, host A.J. Nash sits down with Dr. J. Lugo Santiago, Chief Operating Officer at QBRIC, to dig into how organizations actually calculate cyber risk—and why most current models fall short. Lugo explains that understanding risk is much more than looking at past incidents or relying on static checklists. Instead, he argues that real foresight comes from blending human insight, diverse data, and scen...

In this episode of Unspoken Security, host A.J. Nash sits down with Dominic Vogel, founder of Vogel Leadership & Coaching, to discuss the importance of bringing humanity back into the cybersecurity field. Dominic shares his journey from corporate burnout to becoming an advocate for kindness and authenticity in an industry often focused on metrics and technology.

Dominic explains how leading with empathy and building re...

In this episode of Unspoken Security, host A.J. Nash sits down with Lauren
Zabierek, Senior Vice President for the Future of Digital Security at the
Institute for Security and Technology. Together, they examine how the
traditional view of national security often overlooks the people it seeks to
protect. Lauren shares why national security must move beyond military
and government, and instead focus on the everyda...

In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information of...

In this episode of Unspoken Security, host AJ Nash welcomes Ivan Novikov, CEO of Wallarm, to discuss the fundamental shifts in API security. They explore how APIs have evolved from internal tools to the public-facing backbone of mobile apps, IoT, and AI. This change has dramatically expanded the threat surface, making traditional security methods obsolete.

Ivan explains why older approaches, like signature-based detection and RegEx,...

Data alone does not persuade. For data-driven leaders, learning to
translate numbers into a compelling narrative is a critical skill. In this
episode of Unspoken Security, host AJ Nash speaks with Salvatore Manzi, a
leadership communications coach, about the strategies technical leaders
can use to create influence. Salvatore explains why leaders must learn to
make meaning over metrics to connect with teams, stak...

In this episode of Unspoken Security, host AJ Nash welcomes Mark Freedman, Principal and CEO of Rebel Global Security, to discuss a major shift in the global threat landscape. The primary national security concern has moved from counter-terrorism to interstate strategic competition. This change requires a new security model, especially for the private sector.

Mark explains that companies are now players on a geopolitical battlefield...

In this episode of Unspoken Security, host AJ Nash speaks with Dr. Peter Garraghan, CEO and CTO of Mindgard. They discuss the real-world security risks of artificial intelligence. Peter starts with a simple point: AI is just software, and software is easy to break. He urges businesses using AI to step back and truly understand its vulnerabilities.

Peter draws parallels between the current AI boom and past technology cycles like clou...

Why does security awareness training so often fail? In this episode of Unspoken Security, host AJ Nash welcomes Living Security CEO Ashley M. Rose to discuss this common issue. They explore how compliance-driven, "check-the-box" training creates a false sense of security. This old model relies on vanity metrics and rituals instead of reducing actual human risk.

Ashley presents a better way forward through human risk manage...

Cyber crime continues to grow each year, but should organizations give up fighting it? On this episode of Unspoken Security, host AJ Nash speaks with Robert Duncan from Netcraft, who argues the answer is absolutely not. Robert makes the case that fighting cyber crime is worth the effort, even when it feels like an endless battle.

Robert challenges the common view that "whack-a-mole" tactics are pointless. He beli...

In this episode of Unspoken Security, host AJ Nash sits down with Jennifer Leggio, Chief Strategy Officer of W2 Communications, to discuss the unspoken challenges impacting career fulfillment. Jennifer shares her personal experiences with toxic work environments, imposter syndrome, and the struggle to balance ego and self-awareness. She highlights the importance of advocating for yourself while remaining empathetic to others' ...

In this unfiltered episode of Unspoken Security, host A. J. Nash explores the looming threat quantum computing poses to our digital infrastructure with experts Robert Clyde, Managing Director of Clyde Consulting and Chair of crypto-security firm CryptoQuanti, and Jamie Norton, a Board Director at ISACA with extensive cybersecurity credentials. They cut through the technical jargon to explain how quantum computing fundamentally diff...

In this eye-opening episode of Unspoken Security, host AJ Nash welcomes notorious hacker and security expert Jayson E. Street to discuss why traditional security awareness training falls short. Jayson explains that most corporate security training is merely policy-driven compliance, not actual security education.

Instead of focusing on checkbox exercises once a year, Jayson advocates for building situational awareness—a security min...

In this eye-opening episode of Unspoken Security, host AJ Nash welcomes notorious hacker and security expert Jayson E. Street to discuss why traditional security awareness training falls short. Jayson explains that most corporate security training is merely policy-driven compliance, not actual security education.

Instead of focusing on checkbox exercises once a year, Jayson advocates for building situational awareness—a security min...

Ransomware gangs aren’t faceless shadows. Jon DiMaggio knows—he’s talked to them. In this episode, A.J. Nash sits down with the Chief Security Strategist at Analyst1 to pull back the curtain on the hidden world of cybercriminals. Jon shares how he builds detailed personas, infiltrates ransomware crews like LockBit, and navigates the psychological toll that comes with living a double life.

Jon breaks down the tactics behind covert en...

In this episode of Unspoken Security, host AJ Nash sits down with Chris Birch, an intelligence practitioner with nearly 30 years of experience, to discuss the ever-evolving landscape of social engineering. Chris's unique perspective comes from leading teams that actively engage with threat actors, turning the tables on those who typically exploit vulnerabilities.

Chris details how social engineering is simply human manipulation...