Cyber Threat Intelligence Podcast

The moment a “hacktivist” group starts speaking with a state’s voice, the puzzle of attribution changes. We explore how Russian-speaking cybercrime transformed after 2022, why so many crews began to move in sync with national narratives, and what language, targeting, and coordination can reveal about influence without leaning on weak assumptions. Our guest, analyst Anastasia Sentsova, brings deep regional fluency and years of fieldwork to explain how militarization, culture, and policy shape a pipeline that normalizes digital action and pulls volunteers toward more aggressive operations.

We walk through the rise of coordinated Telegram ecosystems, including bot-driven “cyber squads” that gamify propaganda with ranks, points, and real-world rewards. That may sound harmless, but it builds habits, grows networks, and legitimizes escalation. From there, it’s a short step to DDoS—and increasingly—intrusions that touch critical infrastructure. We also examine the ransomware world’s political boundaries: no-go lists that evolved from domestic targets to BRICS countries, selective law enforcement pressure following diplomatic milestones, and the unspoken bargain that keeps operators productive so long as they toe the line.

Rather than force-fit labels like sponsored or tolerated, we talk about influence as a measurable spectrum. Indicators include state rhetoric in native-language posts, synchronized activity with kinetic events, target selection aligned with policy goals, and public signaling when named individuals “celebrate” sanctions without consequence. For practitioners, we offer concrete ways to avoid Western bias, validate translations, and build multi-source cases with explicit confidence levels. And we look ahead: the proxy model travels, youth pipelines deepen skills, and hybrid operations blur the boundary between hacktivists and APTs.

If this kind of clear-eyed CTI resonates, follow the show, share it with your team, and leave a review so others can find it. Join our LinkedIn group, Cyber Threat Intelligence Podcast, to keep the conversation going and tell us what signals you’re tracking next.
Send a text
Support the show
Thanks for tuning in! If you found this episode valuable, don’t forget to subscribe, share, and leave a review. Got thoughts or questions? Connect with us on our LinkedIn Group: Cyber Threat Intelligence Podcast—we’d love to hear from you. If you know anyone with CTI expertise that would like to be interviewed in the show, just let us know. Until next time, stay sharp and stay secure!

🎙 Season 2 Starts March 3rd

Season 1 was about building foundations.
Season 2 is about raising the bar.

We’re diving deeper into the Cyber, Threats, and Intelligence, with practitioners who live it every day.

FULL Video: https://youtu.be/oa2t9GQl6EU

📅 Premiere: March 3rd
🔔 Subscribe now so you don’t miss it.

The threat landscape evolves.
So should we.

Send a text
Support the show
Thanks for tuning in! If you found this episode valuable, don’t forget to subscribe, share, and leave a review. Got thoughts or questions? Connect with us on our LinkedIn Group: Cyber Threat Intelligence Podcast—we’d love to hear from you. If you know anyone with CTI expertise that would like to be interviewed in the show, just let us know. Until next time, stay sharp and stay secure!

Your assistant wants to learn everything about you, remember it forever, and act on your behalf across apps and devices. That promise is powerful—and risky. We break down a no-nonsense safety plan for adopting an always-on AI assistant without handing over your digital life, drawing on years in cybersecurity and months building a personal assistant that listens, learns, and controls real tools.

We start with the foundation: identity isolation and permission design. Instead of connecting your primary accounts, create fresh Google or iCloud identities and selectively share calendars, folders, and photos into that sandbox. Then layer in separation of duties: let the assistant draft emails, code, and automations, but run reviews through a separate model before deploying anything. You’ll hear concrete workflows that preserve the magic of autonomy while catching mistakes, bad defaults, and excessive permissions.

From there, we get tactical about risk. Scope your first use case tightly and keep IoT devices off the table until you’ve watched the system behave for weeks. If you can, use a dedicated machine; if not, contain the runtime with hardened Docker setups—non-root users, minimal images, restricted networking, and secrets handled correctly. Turn on comprehensive logging and make the assistant explain what it did and why. Most importantly, disable auto-install and auto-update for skills and plugins, review changelogs, and promote updates only after testing. Assume failure, keep backups, and apply least privilege at every step.

We close with a direct ask to security professionals: help shape safer AI by contributing hardened images, documentation, and practical guardrails to open-source projects. The genie isn’t going back; users are adopting these tools today. If you’ve got expertise in containers, threat modeling, or secure defaults, your contribution can cut attack surface for thousands of people overnight. If this resonates, subscribe, share with a friend who’s testing an assistant, and leave a review with the one safeguard you plan to implement next.
Send a text
Support the show
Thanks for tuning in! If you found this episode valuable, don’t forget to subscribe, share, and leave a review. Got thoughts or questions? Connect with us on our LinkedIn Group: Cyber Threat Intelligence Podcast—we’d love to hear from you. If you know anyone with CTI expertise that would like to be interviewed in the show, just let us know. Until next time, stay sharp and stay secure!

Want fewer fire drills and smarter security moves? This season finale brings together the strongest lessons from our guests on how cyber threat intelligence turns uncertainty into clarity—and clarity into action. We share what actually works when the data is partial, the stakes are high, and leadership wants proof that CTI moves the needle on risk and cost.

We start with the core: prioritization under uncertainty. You’ll hear how teams use intelligence to decide what to patch first, where controls matter most, and how to focus limited resources without missing the threats that can take a business offline or put customer data at risk. We dig into the language of value—money saved, revenue protected, efficiency gained—and why BLUF, clear implications, and stakeholder interviews beat jargon every time. If you’ve wrestled with KPIs, KRIs, or ROI, we unpack practical metrics that reflect real outcomes, not vanity numbers.

From there, we look ahead. Forecasting adversary capabilities, mapping susceptibility, and choosing proactive mitigations can shift a security program from reactive to resilient. You’ll get candid perspectives on building CTI the right way—starting tactically and growing into operational and strategic impact, or choosing a build-vs-buy path aligned to budget and goals. We also talk careers and team shape: why diverse backgrounds thrive in CTI, how small teams can deliver outsized results, and the discipline of deciding what you will not do so you can excel at what matters.

If you want CTI to influence decisions at every level—SOC, IR, red and purple teams, and the board—this wrap-up offers the playbook: stakeholder-first communication, focused scope, useful metrics, and a relentless push toward proactive defense. Follow, share, and leave a review to help more practitioners find these insights—and tell us: what CTI metric best proves your impact?
Send a text
Support the show
Thanks for tuning in! If you found this episode valuable, don’t forget to subscribe, share, and leave a review. Got thoughts or questions? Connect with us on our LinkedIn Group: Cyber Threat Intelligence Podcast—we’d love to hear from you. If you know anyone with CTI expertise that would like to be interviewed in the show, just let us know. Until next time, stay sharp and stay secure!

Want a front-row seat to how cyber threat intelligence turns noise into decisions that save real money and protect trust? Pedro Kertzman sits down with Alex Keedy, a seasoned CTI leader with experience at Flashpoint, ZeroFox, Intel 471, Deloitte, and Booz Allen Hamilton, to unpack the craft of translating technical signal into business impact. From a political science beginning to profiling actors and advising executives, Alex shows why great intelligence starts with curiosity and ends with clarity: here’s what’s happening, what it means for us, and what we should do next.

We dig into the tough question every leader asks: how do you prove ROI for attacks that never landed? Alex breaks down practical models that map blocked activity to benchmark costs, balance tangible savings with brand and trust impacts, and prioritize the few actions that reduce the most risk. For mid-sized organizations, she lays out a pragmatic roadmap: start small, tap managed services, automate the obvious, and use early wins to earn budget. You’ll hear how a$10 stolen credential becomes a$50M outage, why ransomware-as-a-service thrives, and how to disrupt that supply chain before it reaches your environment.

Alex also opens the curtains on dark web tradecraft. Reputation-driven marketplaces demand embedded personas to validate threats, verify leaks, and ask the questions victims can’t. That access helps teams confirm exposure, guide response, and even support law enforcement—with examples spanning financial fraud, takedowns, and human trafficking investigations. Along the way, we share actionable learning paths: SANS webcasts, vendor blogs, Security+ or Network+ for baseline fluency, and community routes like B‑Sides and scholarships that lower barriers for new talent.

If you care about cybersecurity strategy, budget impact, and real-world outcomes, this conversation delivers the playbook: align intelligence to business risk, measure what matters, and communicate in plain language. Subscribe, share with a teammate who needs stronger CTI outcomes, and leave a review telling us the one question you want answered next.
Send a text
Support the show
Thanks for tuning in! If you found this episode valuable, don’t forget to subscribe, share, and leave a review. Got thoughts or questions? Connect with us on our LinkedIn Group: Cyber Threat Intelligence Podcast—we’d love to hear from you. If you know anyone with CTI expertise that would like to be interviewed in the show, just let us know. Until next time, stay sharp and stay secure!