In this episode of Exploited: The Cyber Truth, we go below deck to expose the vulnerabilities lurking in the digital systems steering today’s maritime operations.
RunSafe Security CEO Joe Saunders and special guest Duncan Woodbury—CEO of Liberas and Executive Director of the Maritime Hacking Village at DEF CON—join host Paul Ducklin for a candid conversation about securing the floating infrastructure that powers global trade and national defense.
As ships evolve into cloud-connected data centers and autonomous vessels redefine modern naval operations, the cyber stakes couldn’t be higher. From GPS spoofing and AIS jamming to real-world crane system takeovers and confiscated narco-subs, Duncan shares what hackers—and defenders—will encounter at this year’s Maritime Hacking Village at DEF CON 33.
Together, Joe and Duncan explore:
Why maritime infrastructure is the “last dinosaur” of digital transformationThe risks of legacy software in mission-critical systemsHow offensive security is driving rapid discovery and remediationWhy hiding vulnerabilities only benefits your adversaries
Whether you're building autonomous surface vessels, managing port logistics, or leading security strategy for a defense program, this episode offers an inside look at how to navigate maritime cybersecurity before attackers set the course.
--------
30:01
--------
30:01
Creative Resilience in Cybersecurity & AI: A Conversation with Joe Saunders and Leslie Grandy
In this episode of Exploited: The Cyber Truth, RunSafe Security CEO Joe Saunders joins Leslie Grandy, Lead Executive in Residence at the University of Washington, for an insightful conversation about how creative resilience is reshaping cybersecurity in the age of AI.
From philosophical strategies like “Premeditation of Evils” to inversion thinking and paradoxical reasoning, Leslie shares how blending creativity with technical precision can help organizations better anticipate and prepare for evolving cyber threats. Joe and Leslie also explore the double-edged nature of generative AI—how it can serve both attackers and defenders—and why companies must embrace human-centered frameworks alongside technical tools.
Together, they examine the risks of expert bias, the pitfalls of over-automating with AI, and how to design cybersecurity strategies that prioritize adaptability, foresight, and Secure by Design principles.
Topics covered:
The role of creative thinking in modern cybersecurityInversion thinking as a planning tool for resilienceHow attackers—and defenders—are using generative AIWhy AI can’t replace human judgment in risk strategyThe critical need for Secure by Design software development
Whether you’re building products, leading a team, or defining security policies, this episode offers a fresh, actionable perspective on how to stay ahead of both known and unknown threats.
--------
34:50
--------
34:50
Weaponized Before Disclosure: Rethinking Vulnerability Intelligence for Embedded Systems
In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by Patrick Garrity, Security Researcher at VulnCheck, and RunSafe Security CEO Joe Saunders for a deep dive into the hidden lifecycle of vulnerabilities—and why many threats are exploited long before public disclosure.
As embedded systems grow more complex, attackers are moving faster, exploiting flaws before most organizations even know they exist. Patrick shares research on how frequently vulnerabilities are weaponized prior to disclosure and what that means for defenders across critical infrastructure, OT environments, and embedded technologies.
Together, the group explores how hidden software dependencies, insufficient supply chain visibility, and outdated components create long-term blind spots for security teams. They also discuss actionable strategies, from Software Bills of Materials (SBOMs) to proactive disclosure, that help organizations build more resilient systems.
Topics covered:
Why exploitation often occurs before vulnerabilities are publicly disclosedThe hidden risks in embedded systems and opaque supply chainsHow SBOMs and build-time visibility can help mitigate inherited riskThe importance of security maturity in long-lifecycle product environmentsWhat organizations can do today to reduce risk and increase resilience
Whether you're in cybersecurity, product development, or managing legacy infrastructure, this episode will reshape how you think about vulnerability intelligence and embedded system security.
--------
29:51
--------
29:51
Hacking Healthcare: What the Latest Data Tells Us About Medical Device Security
In this episode of Exploited: The Cyber Truth, host Paul Ducklin sits down with RunSafe Security Founder and CEO Joe Saunders to explore the urgent and evolving risks facing medical devices in healthcare. Based on RunSafe’s 2025 Medical Device Cybersecurity Index—an extensive survey of over 600 healthcare leaders across the U.S., UK, and Germany—they unpack how cyberattacks are no longer limited to hospital IT networks but are now directly compromising connected medical devices, threatening patient care in real time.
From real-world consequences like forced patient transfers and increased downtime, to the rising willingness of healthcare organizations to pay premiums for secure devices, this conversation reveals how cybersecurity is reshaping healthcare operations and procurement strategies. Joe explains why securing medical devices requires a fundamentally different approach than traditional IT, the growing intersection of IT and operational technology (OT) risks, and why regulatory standards are more critical than ever for patient safety.
Topics covered:
Real impacts of cyberattacks on medical devices and patient careWhy 46% of healthcare organizations have declined to buy devices lacking strong securityThe unique challenges of securing medical devices versus traditional IT systemsThe convergence of IT and OT security risks in healthcare environmentsThe rising importance of Software Bills of Materials (SBOMs) in medical device procurementAdvice for device manufacturers adapting to a security-first healthcare market
If you’re involved in healthcare, medical device manufacturing, or cybersecurity, this episode offers vital insights into the new front lines of protecting patient care in a connected world.
--------
30:08
--------
30:08
From Seafloor to Stratosphere: Protecting Networked Maritime Defense Systems
In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by Ocean Aero’s Michael “Sparky” Braun and RunSafe Security Founder and CEO Joe Saunders for a deep dive into the vulnerabilities and opportunities in autonomous maritime defense.
As navies deploy autonomous vehicles on—and below—the water’s surface, this conversation explores the overlooked cybersecurity risks that threaten their resilience and effectiveness. Sparky shares Ocean Aero’s vision for solar- and wind-powered autonomous vessels capable of weeks-long missions while Joe breaks down the need for embedded security to ensure these systems can operate safely in contested environments.
Topics covered:
How autonomous maritime vehicles reshape modern defense strategyInteroperability challenges and the need for Secure by Design systemsWhy nations like South Korea are shifting from traditional assets to autonomous fleetsRisks posed by supply chain vulnerabilities and insecure software components
Whether you're in defense, critical infrastructure, or cybersecurity, this is a must-listen discussion on protecting mission-critical systems in an increasingly connected battlespace.
Exploited: The Cyber Truth is a hard-hitting, no-fluff podcast exposing the realities of today’s cyber threat landscape and risks to critical infrastructure. Through candid conversations with top cybersecurity experts, industry leaders, and frontline defenders, the show breaks down recent high-profile vulnerabilities and exploits and covers innovative strategies used to stop them. To keep critical infrastructure safe, defenders need the upper hand. Tune in and get the cyber truth.
South Africa