Cybeers | Podcast on RSS.com

Cybeers

by Triskele Labs

Tech News Technology

Season 3

Cybeers | Cyber Maturity Assessment

Cybeers: Cyber Maturity Assessment A lot of organisations feel “reasonably mature” - right up until an incident hits and that confidence evaporates. Our latest Cybeers episode, unpacks what cyber maturity really means in practice, why many organisations misjudge their own maturity, and how the Triskele Labs Cyber Maturity Assessment (CMA) bridges the gap between documented controls and real-world resilience with Nick Morgan – Chief Executive Officer, Steve Simpson – WA State Manager, Richard Grainger – Global Head of Digital Forensics and Craig Martin – Global Head of Incident Response. We cover: How cyber maturity shows up (or fails) during live incidents Why evidence-based validation matters more than policy intent How organisations can establish a defensible baseline and prioritised roadmap How CMA aligns governance, detection, response and operational execution into a single, integrated approach 🎧 Tune in now!

Cybeers | State of Cyber 2025

Episode: Cybeers – State of Cyber 2025 Duration: ~49 minutes Hosts: Nick Morgan with Richard Grainger, Brad Morgan, and Mike Higgo Summary: The Cybeers team dives deep into Triskele Labs’ State of Cyber 2025 report. From ransomware and business email compromise to AI and OT risks, this episode captures the realities of today’s Australian cyber landscape. Hear real cases, data-backed insights, and what the experts expect in FY26. Takeaways: Threat actors are moving faster, leveraging automation and new access techniques. Healthcare and finance remain top targets due to funding gaps and valuable data. Organisations still neglect MFA, patching and basic asset discovery. Roll-your-own AI introduces new vectors for data leaks and compromise. Expect OT breaches and continued identity-based threats in FY26. Listen now and read the full report at: stateofcyber.com.au

Season 2

Cybeers | Operational Technology

Cybeers: Operational Technology Security What do mines, hospitals, and supermarkets have in common? They all rely on Operational Technology (OT) and it’s quickly becoming one of the biggest blind spots in cybersecurity. Whether you’re in mining, healthcare, energy, or just curious about how cyber connects with the physical world this episode is a must-listen. In our latest Cybeers episode, we dive into the critical (and often misunderstood) world of OT security with Jack Rutherford – Chief Technology Officer, Richard Granger – Global Head of Digital Forensics and Brad Morgan – Head of Managed Security. We cover: Why OT is fundamentally different (and more fragile) than IT The real-world impact of attacks like Colonial Pipeline Why most organisations already have OT... but don’t realise it Monitoring, testing, and defending systems that can’t go offline The likelihood of a major OT incident in Australia 🎧 Tune in now!

Cybeers | Penetration Testing in 2025

Beer tasting & intro How have things changed in the last eight years in TL’s offensive services? Are we testing enough for breaches through defensive? When did SMEs realise they should not test only for compliance purposes? Security is still not represented at the board level (and it should be) Mindset shift Pentesters’ cool factor vs blending in corporate environments CORIE objective PCI DSS testing and compliance It’s not 'one or the other'

Cybeers | Jan 2025 | Guest: Chathura Abeydeera, Offensive Cyber Security

Host: Jack Rutherford, Chief Technology Officer, Triskele Labs Co-host: Richard Grainger, Global DFIR Lead, Triskele Labs Guest: Chathura Abeydeera, Director Offensive Security, KPMG DeepSeek Operational Technology (OT) Ransomware in 2025 Mandatory ransomware notifications Skills shortage? Cyber as a family affair and success in the industry PhD: Cyber & Space Intelligence CREST and professionalisation goals

Cybeers | Hackmas | Dec 2024 Q&A

Cybeers tasting Intro Q1: Are there more cyber attacks during Christmas, new year? Do you guys take any special precautions during these holidays? Q2: As AI adaption increases, will offensive security tools and solutions advance more, or will defensive solutions show greater adaptability and innovation? Q3: Each persons most 'interesting' data breach or major cyber event story of 2024 and why? (Size, tactic, target, impact). Q4: When you respond to an incident, how do you take the IOCs, TTP and other learnings and share that beyond your customer base to help the rest of the digital community at large? Q5: How do you get around issues including customer targeting using IOCs and IP issues? Q6: What is the best encryption standard? Also, can you provide a brief summary of how certificates work. Q7: Based on what you’re seeing in the landscape, what threats do you believe are going to either increase or continue to remain as the top cybersecurity threats in 2025? Q8: What are some of the emerging techniques you’re seeing attackers are using to bypass MFA, and how can defenders/organisations respond? Q9: What are the pros & cons of honeypots and honeynets as another cyber security strategy and defence. Q10: What ideas are you exploring with generative AI to improve your IR function in containment and remediation and how are you implementing this functionality to uplift your IR capability. Are you able to share any these ideas for the wider community? Q11: What strategies or tools would you recommend for someone starting in vulnerability management to effectively identify and prioritise risks in an organisation's cybersecurity landscape? Q12: How often were are you able to decrypt ransomwared files, stats wise across all incidents in recent 3 years. Quite a few of small businesses now promised decryption with high success as their marketing. Q13: Small businesses under 20 machines, what combination of av/backup architecture design and practices would you recommend based on experience, some quick wins outside of not having RDP to the world? Q14: Will there be a cyspirits or cywhisky off shoot in 2025? Maybe as a session after cybeers?

Cybeers | The role of SIEM, XDR, CTI product categories and MTTD, MTTR and MTTP metrics

00:00 Cybeers 05:49 What's the difference between SIEM and XDR solutions? 10:08 About XDR product category, Extended Detection and Response 12:48 And what is CTI? 14:24 The best way to 'action' CTI (Cyber Threat Intelligence) 15:50 All SIEM solutions are the same? 17:28 Open source layer 19:42 Importance of monitoring all hours of the day 20:37 'Friday night special' at Triskele Labs 22:03 How many compromised organisations had SIEM in place? 22:56 'The mailbox', security@ 23:43 Roll out your Defender 24:36 MDR service, people expertise, false positives, Mean time to detect (MTTD), Mean time to respond (MTTR) and Mean time to protect (MTTP)

Cybeers | State of Cyber - Annual DFIR Report

State of Cyber - Annual DFIR Report

Cybeers | CrowdStrike Falcon Agent causing Blue Screen of Death (BSOD) Errors on Windows | July 2024

CrowdStrike Falcon Agent causing Blue Screen of Death (BSOD) Errors on Windows

Cybeers | Modern Threat Vectors | April 2024

Pikabot MFA bypass EDR bypass Worm GPT Sleepers inside of organisations

1 of 2