In this eye-opening episode of Unspoken Security, host AJ Nash welcomes notorious hacker and security expert Jayson E. Street to discuss why traditional security awareness training falls short. Jayson explains that most corporate security training is merely policy-driven compliance, not actual security education.

Instead of focusing on checkbox exercises once a year, Jayson advocates for building situational awareness—a security mindset that extends beyond the workplace into everyday life. He shares practical strategies for gamifying security training, fostering a culture where employees feel like participants rather than targets, and creating year-round engagement through creative competitions.

Through entertaining stories and candid insights from his experience as a simulated adversary for hire, Jayson challenges the industry's approach to security training and offers a refreshing perspective on how to make organizations genuinely more secure.

Send us a text

Support the show

Ransomware gangs aren’t faceless shadows. Jon DiMaggio knows—he’s talked to them. In this episode, A.J. Nash sits down with the Chief Security Strategist at Analyst1 to pull back the curtain on the hidden world of cybercriminals. Jon shares how he builds detailed personas, infiltrates ransomware crews like LockBit, and navigates the psychological toll that comes with living a double life.

Jon breaks down the tactics behind covert engagements—how ego, language barriers, and criminal alliances can be used to gain access. He also talks through his storytelling process in The Ransomware Diaries and why long-form, evidence-based intelligence reporting still matters. This isn’t just threat research—it’s human behavior under a microscope.

The conversation also dives into attribution, burnout, and the personal risks Jon has faced. He opens up about being targeted, leaning on mental health support, and using fear as fuel. This is a raw, unfiltered look at cyber threat intelligence from the inside.

Send us a text

Support the show

In this episode of Unspoken Security, host AJ Nash sits down with Chris Birch, an intelligence practitioner with nearly 30 years of experience, to discuss the ever-evolving landscape of social engineering. Chris's unique perspective comes from leading teams that actively engage with threat actors, turning the tables on those who typically exploit vulnerabilities.

Chris details how social engineering is simply human manipulation, a skill honed from birth. He explains how attackers leverage fear and greed, the fastest and cheapest ways to manipulate individuals. He also dives into how attacks have evolved, highlighting the dangers of increasingly sophisticated tactics like deepfakes and the blurring lines between legal and illegal applications of social engineering.

The conversation also explores the crucial role of organizational culture in cybersecurity. Chris emphasizes that awareness, not just education, is key to defense. He advocates for sharing threat intelligence widely within organizations and across industries, empowering everyone to become a sensor against social engineering attempts. Chris also shares a surprising personal fear, offering a lighthearted end to a serious discussion.

Send us a text

Support the show

In this episode of Unspoken Security, host A.J. Nash sits down with Ramesh Rajagopal, Co-Founder and CEO of Authentic8, to discuss the evolving landscape of digital investigations. They explore how modern intelligence teams navigate the deep and dark web, conduct secure open-source research, and protect themselves from exposure. Ramesh shares how his platform, Silo, empowers analysts by providing anonymity, obfuscation, and productivity tools to streamline investigations without compromising security.

The conversation dives into the challenges of direct engagement with cybercriminal environments, the risks analysts face when conducting investigations, and how organizations are shifting towards more proactive intelligence programs. A.J. and Ramesh also discuss the growing adoption of digital investigation tools in the commercial sector, spanning industries from financial services to corporate security and brand protection.

AI’s role in intelligence work also takes center stage, with insights on how automation can assist analysts without replacing human expertise. The episode closes with practical recommendations for organizations looking to strengthen their intelligence operations while balancing security, efficiency, and long-term strategic growth.

Send us a text

Support the show

The intelligence community is often misunderstood, shrouded in secrecy, and clouded by misinformation. In this solo episode, A.J. Nash pulls back the curtain on how intelligence actually works, breaking down the 18 agencies that make up the U.S. intelligence community, their legal limitations, and the oversight that keeps them in check. He explains the different types of intelligence—SIGINT, HUMINT, OSINT, and more—highlighting their roles in national security.

A.J. also addresses the myths surrounding intelligence work, including claims of government surveillance, political weaponization, and conspiracy theories. He details how intelligence professionals are trained to be objective, follow strict oversight, and operate within legal frameworks. With firsthand experience, he challenges misconceptions and explains why the reality of intelligence work is far less sinister than the public is often led to believe.

Finally, A.J. discusses the impact of political rhetoric on intelligence agencies, emphasizing the importance of separating fact from fiction. He urges listeners to approach claims about intelligence abuse with scrutiny and to recognize the dedication of those working behind the scenes to protect national security.

Send us a text

Support the show

DEF CON is more than just a hacking conference—it’s a community. In this episode, host AJ Nash sits down with Ada Zebra, a longtime goon and leader behind DEF CON Hotline, a resource dedicated to handling security incidents, harassment reports, and crisis situations at the event. Ada shares her journey from a first-time attendee to a key figure in DEF CON’s security efforts, shedding light on the history and evolution of the hotline.

She discusses how the hotline was born out of necessity after an incident in 2017, when leadership realized DEF CON needed a dedicated space for attendees to report issues safely. Since its launch in 2018, the hotline has grown every year, bringing in highly trained volunteers to assist in complex situations ranging from restraining orders to personal safety concerns.

AJ and Ada also explore the hotline’s relationship with DEF CON’s security team, how volunteers are selected and trained, and why fostering an inclusive environment matters in the hacker community. If you’ve ever wondered what happens behind the scenes at one of the world’s largest hacker gatherings, this episode offers an inside look at the challenges, responsibilities, and impact of the DEF CON Hotline.

Send us a text

Support the show

In this episode of Unspoken Security, host AJ Nash sits down with intelligence and security expert Brian Kime to explore the often misunderstood world of industry analysts. With years of experience at Forrester, Brian pulls back the curtain on how analysts conduct research, engage with vendors, and influence the cybersecurity landscape. Together, they address the widespread belief that vendor evaluations are purely “pay to play” and explain why this assumption misses the mark.

Brian shares insights into the rigorous methodologies analysts use, the importance of vendor neutrality, and how advisory services help enterprises make informed decisions. He highlights how analysts serve as a bridge between security leaders and vendors, often guiding product development and procurement strategies. The discussion also touches on the value of contributing to analyst research, even for smaller vendors, and how to effectively build relationships with analysts.

Whether you're a vendor aiming to get noticed or a CISO navigating technology decisions, this episode offers valuable takeaways on leveraging industry analysts for growth and strategic alignment.

Send us a text

Support the show

In this episode of Unspoken Security, AJ Nash sits down with Ryan Cloutier, CEO of ScareBear Industries, to discuss the future of artificial intelligence. Ryan explains the evolution of AI, from its origins with Alan Turing to today's generative AI and large language models. He highlights the importance of understanding that AI, at its core, is mathematics. Ryan emphasizes the need for careful consideration of ethics and societal impact as AI continues to develop.

Ryan discusses both the exciting potential and the inherent risks of AI. He explores the potential for misuse and the need for careful governance. He also highlights positive use cases, such as AI companions for the elderly and advancements in medicine. Ryan raises concerns about job displacement and the potential transfer of power from humans to machines.

Ryan encourages listeners to become involved in their local AI communities and promote the safe and ethical development of this transformative technology. He stresses the importance of critical thinking and kindness in navigating the future of AI. He leaves listeners with a call to action: do a random act of kindness daily.

Send us a text

Support the show