CISO Insights: Voices in Cybersecurity

In this episode, we dissect the escalating cyber threats targeting the cannabis industry in 2025, from the massive STIIIZY data breach to the rise of AI-driven ransomware groups like Everest and Qilin. We explore critical regulatory shifts, including the strategic partnership between Metrc and BioTrack and the strict new data privacy mandates under the NJDPA that are redefining retail compliance. Finally, we discuss how operators can harden their digital infrastructure against supply chain vulnerabilities to secure patient data and maintain operational resilience. https://www.compliancehub.wiki/the-complete-guide-to-cannabis-business-security-why-traditional-risk-assessment-tools-fall-short https://www.securitycareers.help/a-straightforward-guide-to-cybersecurity-for-your-cannabis-business   Sponsors: https://cannabisrisk.diy https://www.cannasecure.tech

This episode uncovers the "12 Threats of Christmas" defining the 2025 holiday season, where AI-driven social engineering and deepfakes have turned festive shopping into a high-stakes battlefield. We explore the surge in retail ransomware and "smishing" attacks, while auditing the hidden privacy risks of popular smart toys that may be spying on your home. Tune in to learn why experts call this the "peak hunting season" for cybercriminals and how to protect your digital identity from the perfect storm of holiday fraud. www.scamwatchhq.com/the-12-threats-of-christmas-your-complete-2025-holiday-security-survival-guide   The Threats: Delivery "Smishing" - Fake package texts with malware Spy Toys - IoT vulnerabilities in connected gifts AI Voice Cloning - Deepfake grandparent & CEO scams Retail Ransomware - 230% surge targeting Black Friday Encryption-less Extortion - Data theft without file locking Social Media Malvertising - 40% fraud rate on Instagram/TikTok ads Charity Fraud - Deepfake victims soliciting donations Gift Card Draining - Physical tampering & "boss" email scams Crypto Rug Pulls - Holiday memecoins & fake celebrity livestreams Evil Twin Wi-Fi - Fake hotspots in airports and malls Account Takeover Bots - 520% spike in credential stuffing Supply Chain Breaches - Third-party vendor compromises    Sponsor: www.cisomarketplace.com www.scamwatchhq.com   

This episode unpacks a bold new strategy from the Vanderbilt University Institute of National Security, arguing that the U.S. must undertake a "whole-of-society" mobilization akin to World War II to counter persistent cyber aggression. We discuss the proposed shift to "Integrated Resilience," which focuses defense efforts on the five most critical infrastructure sectors—power, water, telecoms, finance, and healthcare—while mandating real-time threat visibility to prevent cascading failures. The conversation also covers the creation of a National Cyber Operations Team (NCOT), a "team-of-teams" designed to integrate private-sector talent with military command to scale offensive capabilities and achieve "Analytic Superiority"   Sponsors: www.compliancehub.wiki www.myprivacy.blog 

This episode dives into the declassified Chairman of the Joint Chiefs of Staff Manual 3500.08, which serves as the master training guide for establishing and operating a Joint Psychological Operations Task Force (JPOTF) headquarters. We explore how military planners were taught to integrate psychological operations with special forces, civil affairs, and information warfare to influence foreign audiences and achieve national objectives. Listeners will gain insight into the rigid structure of tasks, conditions, and standards required to execute strategic influence campaigns ranging from humanitarian support to full-scale war. https://www.myprivacy.blog/the-silent-war-psychological-operations-from-the-kgb-to-tiktok https://podcast.cisomarketplace.com/e/the-psyop-industrial-complex-hacking-human-trust-in-the-fifth-generation-war   Sponsors:  www.myprivacy.blog www.compliancehub.wiki 

Delve into the clandestine industry of Bulletproof Hosting (BPH), where providers utilize sophisticated "infrastructure laundering" and corporate shell games to shield ransomware gangs from the law. We explore how these digital fortresses have evolved from physical bunkers to complex networks of jurisdictional arbitrage and "DMCA ignored" policies designed to frustrate investigators. Finally, learn how unprecedented international actions like Operation Endgame are striking back, seizing thousands of servers and shattering the myth of invulnerability surrounding these criminal safe havens.   https://breached.company/the-bulletproof-fortress-inside-the-shadowy-world-of-cybercrime-hosting-infrastructure https://breached.company/operation-endgame-continues-crazyrdp-bulletproof-hoster-dismantled-as-dutch-police-seize-thousands-of-servers-in-coordinated-cybercrime-crackdown www.hackernoob.tips/briefing-on-the-bulletproof-hosting-ecosystem     Sponsors: www.breached.company www.cisomarketplace.services