It takes an advanced degree to understand the psychology behind why users hate security controls, so we got someone with two: Dr. Nikki Robinson, DSc Cybersecurity, PhD Human Factors. Nikki joins us to break down the real reasons security implementations fail—and how to fix them.

What You'll Learn:

🔹Why vulnerability scoring goes wrong (hint: it's not the tech)

🔹How to get 99% patching rates through automation

🔹The psychology behind user resistance to security controls

🔹Why developers say "I can't implement secure code" (and what to do about it)

🔹Human factors engineering for cybersecurity practitioners

Real-World Insights:

♦️From 60% to 99% vulnerability remediation in 6 months

♦️Why 600-page security policies guarantee failure

♦️The empathy approach to security policy enforcement

♦️API sprawl and agentic AI risks keeping security pros awake

Dr. Robinson combines IT operations experience with advanced degrees in cybersecurity and human factors psychology. Her research reveals why traditional security approaches create resistance—and practical frameworks that actually work.

She also schools us in how to make a tequila sunrise (technique matters!)

Why would a hacker at the top of his game who found dozens of zero-days switch to defense? The answer is a lot more complicated than you think. In this fascinating episode, we sit down with Cody Pierce, co-founder and CEO of Neon Cyber and former Zero Day Initiative researcher. Cody gives us an insider view into the exploit marketplace, and tells us why he went from offense to defense.

🎯 WHAT YOU'LL DISCOVER:

✅ The REAL difference between vulnerabilities and exploits (most people get this wrong)

✅ Why attackers "bank" zero-days instead of using them immediately

✅ The shocking economics behind exploit marketplaces ($50K to nearly worthless in seconds)

✅ How nation-state attacks actually work (it's not what you think)

✅ What happened with Cody's own USB hacking tool

✅ What motivated Cody to change his approach to ecruity

Perfect for: Cybersecurity professionals, ethical hackers, IT managers, security researchers, students, and anyone curious about the real world of cyber warfare

#Cybersecurity #Podcast #ZeroDay #EthicalHacking #InfoSec #InformationSecurity #CyberWarfare #SecurityResearch #Vulnerabilities #Exploits #CyberDefense #ZeroDayInitiative #CyberEthics

Join us for a special episode of the Security Cocktail Hour as co-hosts Joe Patti and Adam Roth sit down with cybersecurity legend Paul Asadoorian—founder of Security Weekly and Principal Security Evangelist at Eclypsium. With more than two decades of experience, Paul brings his unique mix of deep technical knowledge and podcasting charisma to discuss firmware vulnerabilities, supply chain risks, and the overlooked attack surfaces hiding in your hardware. And he literally--and we do mean literally--brings fire to the show.

🎙️ In This Episode:

• Paul’s journey to becoming a leading voice in cybersecurity—and how he found a career he truly loves

• Why firmware and supply chain security are the hidden battlegrounds of modern cyber defense

• This might finally be the Year of the Linux Desktop.

Paul's podcasts:

Paul's Security Weekly: https://www.scworld.com/podcast-show/pauls-security-weekly

Below the Surface Podcast: https://eclypsium.com/podcasts/

Got big travel plans this summer? Remember to pack some protection against cyber threats. In this episode of the Security Cocktail Hour podcast, hosts Joe Patti and Adam Roth break down the real cybersecurity threats you face when using hotel Wi-Fi, airport chargers, and public networks—and what you can do to stay safe.

Learn about:

• Why public Wi-Fi is more dangerous than you think

• The truth about VPNs—and what they don’t protect

• USB “condoms,” OMG cables, and travel routers

Whether you’re a casual traveler or a frequent flyer, join us to learn how to keep your long-awaited vacation free from cyber headaches.

💬 Comment and follow us for the latest on cybersecurity from industry experts.

📌 Got a question or topic idea? Drop it in the comments—we just might feature it in an upcoming episode.

#Podcast #Cybersecurity #InformationSecurity #Infosec #TravelTips #VPN #WiFiSecurity #USBCondom #DigitalSafety #PublicWiFi

In this episode of Security Cocktail Hour, we go deep into the high-stakes world of modern cyber incident response (IR) with Lisa Landau and Tim Shipp of ThreatLight—two top-tier experts redefining how breaches are handled today.

Discover how IR has evolved—and why the old playbook no longer works.

What you’ll learn:

• Why speed is everything in breach response

• Why incident response isn’t about flying on-site anymore

• How top teams manage the intense stress of IR

• Why cybercriminals operate like businesses—and how to outsmart them

• Why tools alone aren’t enough—and what your team really needs

Whether you’re defending a Fortune 500 company or just want to understand how real cyber incidents unfold, you’ll hear directly from the professionals who lead real-world breach responses under pressure.

📎 Learn more about ThreatLight: https://www.threatlight.com

Selling six-figure security solutions isn’t about flashy demos or steak dinners—it’s about trust, relationships, and delivering real value. In this episode of the Security Cocktail Hour, we go inside the world of cybersecurity sales with Trevor Marcotte, founder of TnK Tech and a longtime industry insider.

Trevor reveals how deals actually get done in the high-stakes world of cybersecurity—from building trust with IT buyers and CISOs to navigating complex vendor relationships and solving real problems for clients. Alongside co-hosts Joe Patti and Adam Roth, Trevor shares why people matter more than products, and how trust beats tools every time.

Visit TnK Tech at https://tnkgoattech.com

💬 Tell us in the comments about the good and bad relationships you've had with sales people.

#Cybersecurity #InfoSec #InformationSecurity #Podcast #TechSales

Agentic AI is changing the game—but is it a security nightmare in the making? In this episode of the Security Cocktail Hour, co-hosts Joe Patti and Adam Roth sit down with Kevin O’Connor to dive into one of the hottest (and most misunderstood) topics in cybersecurity: Agentic AI Security.

Join us to learn:

✔️ What agentic AI actually is—and why it’s exploding in popularity

✔️ The real security risks that come with AI agents running wild in business environments

✔️ How cybercriminals can hijack AI agents for fraud, misinformation, and even weaponizing data

✔️ Why agentic AI could be the new Shadow IT, operating outside security teams’ control

✔️ How companies can secure AI-powered automations before they become the next major attack vector

As businesses rush to adopt AI-driven assistants, chatbots, and automation tools, are they unknowingly opening the floodgates to massive security risks? And can we actually defend against it?

Watch now to get ahead of the next AI security challenge!

Kevin joins us from Zenity

Learn more about Securing Agentic AI from Zenity Labs - No Sales, No Marketing, Just the Research

https://labs.zenity.io/

Get in on the conversation - The Industry’s First Agentic AI Security Summit

https://www.zenity.io/resources/events/ai-agent-security-summit-2025/

Do you think AI agents will turn everyone into a software developer? Tell us in the comments.

Ever wondered what it's like to lead cybersecurity on the front lines? In this episode of Security Cocktail Hour, we sit down with Keren de Via, a former IDF officer and trailblazing Chief Information Security Officer (CISO), who shares her extraordinary journey from military leadership to navigating the complex world of corporate cybersecurity.

Join hosts Joe Patti and Adam Roth as they dive deep into Keren's experiences leading cybersecurity for front line units, where security decisions carry the highest stakes. From adapting military strategies to the boardroom to redefining leadership in the cybersecurity landscape, Keren's insights are a masterclass in resilience, agility, and innovation.

Tell us about some of the toughest decisions you've made in the comments!

#Cybersecurity #Leadership #CISO #InformationSecurity #RiskManagement #Podcast #CyberLeadership #Innovation #HighStakesDecisions #CyberResilience