Security Cocktail Hour

What happens when your security perimeter extends to Mars—and MFA isn't an option?

In this episode of the Security Cocktail Hour, we sit down with Renee Wynn, former CIO of NASA, to explore what cybersecurity looks like when traditional frameworks simply don't apply.

Renee Wynn managed IT for some of humanity's most critical infrastructure: Mars rovers, the James Webb Space Telescope, the International Space Station. We cover the unique challenges of cybersecurity in the aerospace, defense and space fields—and what those constraints teach us about security thinking more broadly.

Early in the discussion, Renee emphasizes: "We always have to make sure we don't have a failure of imagination when we're looking at these risk-based decisions." This is the kind of mindset shift that shapes great security leaders. We also explore how she navigated government oversight, built trust with federal auditors, and led through constraints that forced her to rethink everything.

Whether you work in government, private sector, or dream of expanding your security career into new industries—this conversation will broaden how you think about what's possible.

00:00 Introduction & The Coolest Resume in Cybersecurity
00:51 No Multi-Factor Authentication on Mars: Securing Assets Beyond Earth
02:54 Navigating Oversight: How to Build Trust With Government Auditors
15:00 Failure of Imagination: Rethinking Risk Assessment in Extreme Environments
35:00 Leadership Lessons: Thinking Bigger in Security

Website: https://securitycocktailhour.com
Newsletter: https://securitycocktailhour.com/newsletter
LinkedIn: https://www.linkedin.com/company/security-cocktail-hour
Twitter/X: @SecCocktailHour

Enjoyed this episode? Follow us and share with colleagues who'll enjoy honest discussions among security professionals.

In part 2 of our discussion, John Strand tells us how the cybersecurity industry has turned stagnant, with a lack of innovation and an investment model that isn't going to turn that around any time soon. We explore why venture capital funding hasn't led to the breakthrough products the industry needs, and what's holding back real innovation. John also highlights the leaders in the security industry who are actively giving back to the community, and he and Adam try to one-up each other over who's stayed in the most disgusting hotel room.

00:00 Intro
00:12 Security is Ripe for Disruption
06:19 Better Investors = Better Security Products
10:22 Security is Awesome
12:43 Scaling Conference Talks
15:54 John's Advice on Guests
17:30 A Great Set of People
23:18 Bad Hotels, Good People
29:10 Wrapup
29:54 Outro

This is Part 2 of our conversation with John Strand.

Website: https://securitycocktailhour.comNewsletter: https://securitycocktailhour.com/newsletterLinkedIn: https://www.linkedin.com/company/security-cocktail-hourTwitter/X: @SecCocktailHour

Enjoyed this episode? Subscribe and share with colleagues who'll enjoy honest discussions among security professionals.

John Strand isn't interested in fixing the broken security education system—he's tearing it down and rebuilding it. In Part 1 of this two-part conversation, the founder of Black Hills Information Security explains why scholarships don't solve the real problem, how American universities are losing ground to European programs, and the unexpected places where he's finding the next generation of security talent.

What We Cover:

Why scholarships preserve a broken system instead of fixing it
The barriers that actually matters: Not what you expect
American universities vs. European programs: who's winning and why
Career changers bringing new perspectives to the industry.
AI's "fallow period" in hiring and what comes next
The standardization of mediocrity: how AI is making everything "blah"

00:00 Introduction
00:50 Rethinking Cyber Education
07:01 Diversity Brings Amazing People into Security
09:53 Changing Lives
11:42 Giving Back to the Community
14:33 The Strand Family of Companies
17:02 Security's AI Mistake

Part 2 coming soon

Website: https://securitycocktailhour.com
Newsletter: https://securitycocktailhour.com/newsletter
LinkedIn: https://www.linkedin.com/company/security-cocktail-hour
Twitter/X: @SecCocktailHour

Enjoyed this episode? Subscribe and share with colleagues who need to hear this perspective on the future of security education.

Keeping your Flipper Zero's firmware updated is critical for security and performance—but the update process isn't always smooth. In this episode, we'll walk you through every step of updating your Flipper Zero firmware, including how to work through a snag you might encounter.

Whether you're a security professional, pentester, or hardware enthusiast, regular firmware maintenance is essential for keeping your tools secure and functional. This guide shows you what it takes for the popular Flipper Zero.

00:00 Introduction to Flipper Zero
02:30 Laptop connection and app
06:20 Begin Update
07:23 This doesn't look right
09:40 Definitely not right
10:27 Success
12:57 Next steps

Catch up with the previous episode in this series when we unboxed the Flipper Zero:
https://open.spotify.com/episode/1rU2o8B5cd9MYZ4uQSB3VG?si=cce55d68cdc048b6
And our episode on the ethics of 'hacking' devices:
https://open.spotify.com/episode/0olsN2LKLn09wOLpnxqeIH?si=adf4b00394714209

📧 Subscribe to Our Newsletter: Get exclusive cybersecurity insights, episode updates, and career tips delivered to your inbox.
👉 https://securitycocktailhour.com/newsletter/

🔗 Connect With Us:
Website: https://securitycocktailhour.com
LinkedIn: https://www.linkedin.com/company/security-cocktail-hour/
Twitter: @SecCocktailHour

Curious about the Flipper Zero, one of the most talked-about `gadgets` out there? We give you a quick look as we unbox a new one.

This is a companion to one of our earliest episodes, where we talked about the ethics and proper use of hacking tools. https://youtu.be/BVca3X8wE_c

📧 Subscribe to Our Newsletter: Get exclusive cybersecurity insights, episode updates, and career tips delivered to your inbox.
👉 https://securitycocktailhour.com/newsletter/

🔗 Connect With Us:
Website: https://securitycocktailhour.com
LinkedIn: https://www.linkedin.com/company/security-cocktail-hour/
Twitter: @SecCocktailHour