Security Weekly Podcast Network (Audio)

Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybersecurity hiring trends. Jim McCoy, CEO at Atlas, joins Business Security Weekly to share his expertise on the global workforce needs in the 160 countries where Atlas provides direct Employer of Record services. From CISO hiring to where to build security teams, Jim will help us navigate the cybersecurity hiring challenges most organizations face. In the leadership and communications segment, CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap, Rethinking the CIO-CISO Dynamic in the Age of AI, Transparent Leadership Beats Servant Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-426

Pornhub, WSL, Santastealer, Geoserver, Webkit, Fortiyomama, Dad's Pix, Aaran Leyland, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-538

Open source projects benefit from support that takes many shapes. Kat Cosgrove shares her experience across the Kubernetes project and the different ways people can make meaningful contributions to it. One of the underlying themes is that code is written for other people. That means PRs need to be understandable, discussions need to be enlightening, documentation needs to be clear, and collaboration needs to cross all sorts of boundaries. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-361

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we’ll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We’ll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: DBSC/DPOP as Complementary Technologies to FIDO Authentication News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-437

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-537