Cyber Sidekicks

Episode Notes
NEWS
Google announces Google Unified Security (GUS)
Oracle Faces Mounting Criticism as It Notifies Customers of Hack
RSA & Security Tinkerers
Further Information regarding Pitch For Charity - pitchforcharityinfo@okta.com
https://www.okta.com
Leave us a message!
Do you want to leave some feedback and suggestions? You can leave us a voicemail (90 seconds max). We will share any that are not too spicy in the following episode. Link to our SpeakPipe page.
Or if you're feeling shy, send us an email:
Christina Richmond - christina@richmondadvisorygroup.com
Rory Duncan - rory@richmondadvisorygroup.com
Technology we use
Podcast Recording Platform - Cleanfeed
Cyber Sidekicks Show Host – Pinecast
Edited & mastered in GarageBand

Episode Notes
AI SECURITY SURVEY RESULTS PREVIEW
Richmond Advisory Group has surveyed 300 US-based security professionals regarding their use and planned adoption of AI Security tools. We preview some of the results in this episode...
If you would like to learn more, please contact either Christina or Rory via the links below!
NEWS
Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses
EvilCorp & RansomHub Working Together to Attack Organizations Worldwide
RSA LATEST
Reminder: RSAC 2025 – April 28 to May 1 – Moscone Center, San Francisco
As of the 8th April we have only three weeks – 21 sleeps! – until the first day of the show!
We have a PACKED schedule…
Looking forward to meeting with friends, colleagues – new and old – and all the lovely tech vendors and service providers who will be attending.
LEAVE US SOME FEEDBACK!
Want to leave some feedback and suggestions but would prefer not to write an email? You can leave us a voicemail (90 seconds max). We will share any that are not too spicy in the following episode.
SpeakPipe link
CONTACT
Christina Richmond - christina@richmondadvisorygroup.com
Rory Duncan - rory@richmondadvisorygroup.com
MUSIC
Music from #Uppbeat (free for Creators!):
https://uppbeat.io/t/soundroll/kitchen-dance
License code: 2WTFLOYAMBLZSNPC

S1 EPISODE#10 - SHOW NOTES
SEND US A MESSAGE!
Want to leave some feedback and suggestions but would prefer not to write an email? You can leave us a voicemail (90 seconds max). We will share any that are not too spicy in the following episode.
SpeakPipe link
NEWS
Microsoft Warns of New StilachiRAT Malware
Legacy Medical Devices Remain Easy Targets for Ransomware
THIS WEEK'S GUEST
This week’s special guest is Saryu Nayyar, the Founder and CEO of Gurucul
Saryu talks with us about User Entity Behavior Analytics (UEBA), next-gen SIEM and how AI/ML and automation can help with incident triage and identifying the “unknown unknowns”
CONTACT
Christina Richmond - christina@richmondadvisorygroup.com
Rory Duncan - rory@richmondadvisorygroup.com

Episode Notes
SPECIAL EPISODE
This week is devoted to a deep-dive discussion about Google's announcement that it plans to acquire Wiz for $32 billion...!
The news has been reported extensively (like... everywhere), so we take a deeper dive into what may (or may not) be behind the move, what it means for Google, its cybersecurity strategy and more...
Links to some additional sources we reference:
Security Tinkerer Ross Haleliuk’s blog post from July 2024: The Wizard Of Cyber: what is behind Wiz's success and what got the security industry craving for magic
David Strom’s September 2022 article in CSO Online, CNAPP buyers guide: Top tools compared
YOUTUBE CHANNEL
Richmond Advisory Group’s YouTube channel is now live!
Our YouTube channel is where we post videos of tradeshow and event visits, discussions with vendors and other folks in the industry, and some “behind the scenes” insights. The first pieces of content are already published:
·      A quick tour of the Cloud & Cybersecurity Expo in London on 12th March
Three short discussions with some interesting technology vendors and service providers:
·      Yoav Cogen, CTO, Satori Cyber
·      Nico Sanguinetti, Inside Partner Account Manager, ESET UK
·      Ed Hume, Managing Director, Advanced Cyber Defence Systems (ACDS)
RSAC 2025
RSAC 2025 – April 28 to May 1 – Moscone Center, San Francisco
• We’ll be there!
• Reach out if you would like to meet us – thanks to all of you who have done so already! Our calendar is filling up!
• Vendors: we are always happy to have a chat
• Newcomers to the industry: let’s grab a coffee and chat…
CONTACT US
Send us your comments, suggestions and feedback!
Christina Richmond - christina@richmondadvisorygroup.com
Rory Duncan - rory@richmondadvisorygroup.com

Episode Notes
NEWS
New CCA Jailbreak Method Works Against Most AI Models
New Polymorphic Attack That Mimics Any Chrome Extension Installed On The Browser
THIS WEEK'S GUEST
We had a great chat with Josh Ray, Founder & CEO of Blackwire Labs!
RSA LATEST
RSAC 2025 – April 28 to May 1 – Moscone Center, San Francisco
We’ll be there! Reach out if you would like to meet us
Vendors: we are always happy to have a chat
Newcomers to the industry: let’s grab a coffee and talk.
Security Tinkerers - Pitch for Charity - REGISTER
Vendor Submission Form
Contact for more information - pitchforcharityinfo@okta.com
Sponsored by Okta and SentinelOne
REACH OUT TO US
Christina Richmond - christina@richmondadvisorygroup.com
Rory Duncan - rory@richmondadvisorygroup.com

Episode Notes
NEWS
Trustwave will no longer be merging with Cybereason
Shocking? Or not really a surprise? In an open letter to clients, partners, trustees, CEO Eric Harmon announced on Friday 7th March that Trustwave will no longer be merging with Cybereason, following the announcement in November 2024.
Data breach at Japanese telecom giant NTT hits 18,000 companies
Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. Was the DDoS attack in January are precursor to this most recent incident?
RSA LATEST
RSAC 2025 – April 28 to May 1 – Moscone Center, San Francisco
We’ll be there! Reach out if you would like to meet us
Vendors: we are always happy to have a chat
Newcomers to the industry: let’s grab a coffee and talk.
Security Tinkerers - Pitch for Charity - REGISTER
Vendor Submission Form
Contact for more information - pitchforcharityinfo@okta.com
Sponsored by Okta and SentinelOne
CYBER SIDEKICKS UNIVERSITY PRESENTS....
... A history of Endpoint Detection & Response (EDR)
First in an irregular series looking at the history of cybersecurity
Designed to be educational and informative - reflecting on how key technologies and topics came into being and what we can learn from their development.
REACH OUT TO US
Christina Richmond - christina@richmondadvisorygroup.com
Rory Duncan - rory@richmondadvisorygroup.com

Episode Notes
Welcome to Episode #6!
Today we talk about cyber cruising, the challenges of early advantage in AI and security; GenZ privacy & security concerns;  as well as the perils of having raccoons in your kitchen.
SPECIAL GUEST
This week, we chat with Allan Alford, Senior Vice President of Information Security at NTT Global Datacenters
NEWS
Apple removes iCloud end-to-end encryption in the UK
Forget Phishing, “mishing” is the new threat we have to worry about
Poor old Nvidia - earnings beat expectations but stock still slides….
RSA CONFERENCE & SECURITY TINKERERS
Information / background about Pitch for Charity
Pitch for Charity Attendee form
Vendor Submission form
Feedback, suggestions, comments and questions welcome!
Yours hosts,
Rory & Christina

Episode #5 Show Notes
Hello!
Episode #5 continues our chats with cybersecurity practitioners, this week with Adriana Duarte, a SIEM Engineer with NDM Technologies based in Spokane, WA.
An MSP and MSSP, NDM Technologies specialises in application software, cloud computing, data center, networking, security, storage, unified communication, virtualization, and managed services.
Christina and I also have the first part of our discussion on Continuous Threat Exposure Management (aka CTEM) as outlined by Gartner's framework - https://www.gartner.com/en/articles/how-to-manage-cybersecurity-threats-not-episodes
Part 2 will follow in the next episode. Richmond Advisory Group will be publishing a paper on the topic of CTEM in advance of RSAC 2025.
Let us know if you have any feedback, suggestions or comments.
All the best from Rory & Christina

Episode Notes
TODAY’S GUEST
We’re very happy to have George Werbacher, Director of Information Security at Live Oak Bank on the show.
We had a wide-ranging discussion, but George summed-up the challenge of dealing with the continuing emergence of new technologies: “The existential crisis from a security standpoint is going to be, are we going to let all this transformative stuff take away our attention from what’s foundational”
If you would like to be a guest on the show, let us know! We are always interested in hearing from cyber security 'sidekicks' - the CISO's, engineers, IT directors and the many others on the cyber frontlines.
NEWS
UK Government rebrands AI Safety Institute .... drops "Safety" and substitutes "Security" in the title?
Researcher gets $10,000 bug bounty for disclosing vulnerability in YouTube ... attackers could have potentially access email addresses by exploiting a design flaw in Google APIs.
RSAC LATEST
Security Tinkerers To Host “Pitch for Charity” Event cosponsored by Okta and SentinelOne
CLOSING COMMENTS
Please get in touch if you have any comments, questions, suggestions or would simply like to say "hi"!
Rory & Christina

Episode Notes
A special episode this week where we are joined by a special guest: Adam Brennick, Director of Security, Risk and Compliance at Cockroach Labs.
We talk about a bunch of different cyber-related things including DeepSeek (again!); the challenge of keeping up with technology development and security threats; advice from Adam on where to learn about - and be kept informed about - what's happening in the security industry, and; the correct meat choices for BBQ’ing depending on State....
To learn more, take a look at Cockroach University (yes, that's right!) for lots of information around distributed databases, cloud-native applications, general purpose SQL databases & much more!