The dynamic evolution of hacker culture, the ongoing transformation of cybersecurity conferences, and the importance of resilience and curiosity among security researchers are all topics covered in this episode through stories of past and present with Dhillon Kannabhiran, CEO and Founder of Hack In The Box (HITB) and Out Of The Box. He and Phillip Wylie examine the shift from open knowledge sharing and exploration to the monetization and commercialization of cybersecurity exploits. Dhillon offers insights into the unique approaches Hack In The Box and Out of the Box conferences have taken, encouraging people the valuing of persistence and the collaborative spirit that push the community forward.

Dhillon Kannabhiran on LinkedIn: https://www.linkedin.com/in/l33tdawg/

Dhillon Kannabhiran on X: https://x.com/l33tdawg

Key Points/Topics Covered:

1. Evolution of hacker culture and the foundational role of resilience and curiosity
2. History, mission, and format of Hack In The Box and Out of the Box conferences
3. Shifts in conference and research communities post-COVID and the influence of commercialization on sharing
4. The continuing need for community, knowledge sharing, and supporting new talent in cybersecurity
5. The changing landscape of security research and bug hunting with the advent of AI and new technology

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Aseem Jakhar, Cybersecurity Entrepreneur, Technologist, and Founder of EXPLIoT, joins Phillip Wylie to address the current state and evolution of IoT and hardware security, examining why security has lagged in this sector compared to other technological advances. By exploring regulatory changes, practical security considerations for both researchers and consumers, and the expanding avenues for learning, Aseem emphasizes the urgent need for awareness, compliance, and practical know-how. The conversation also highlights the importance of AI in enhancing security research and provides actionable guidance for securing connected environments.

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

The episode centers on the challenges and opportunities in IoT and OT security, with insights from technical content creator, hardware hacker, and educator Andrew Bellini. It highlights the often-overlooked vulnerabilities of industrial and consumer IoT devices, emphasizing the accessibility of hardware hacking and the need for practical, low-cost educational resources, covering hands-on learning, industry anecdotes, recommendations for securing environments, and advice for newcomers interested in hardware security.

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Ted Harrington (Founder of IoT Village, Executive Partner for Independent Security Evaluators, Author, Speaker, and Podcaster) examines the ongoing challenges and progress in IoT security, emphasizing how community initiatives, the hacker mindset, and business-oriented communication can drive real change in the industry. Ted and Phil Wylie discuss practical strategies for justifying security budgets to management, the value of offensive security, and the important role of education and community in strengthening defenses. Also highlighted are how IoT security is both improving and facing growing risks due to rapid expansion, and why viewing security as a competitive advantage is vital for organizations.

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Amy Chaney, SVP Technology, COO for Citi, shares a seasoned perspective on driving technological transformation and robust security in large financial institutions. The episode explores practical guidance for aligning business cases with emerging technologies like AI, highlights the importance of agile security policies, and emphasizes the critical skills needed to effectively communicate security priorities to boards and business units. Chaney underscores how fostering a balance between innovation and risk management empowers organizations to build resilience amid evolving threats and rapid tech advances.

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Hash Salehi, Reserve Engineer and Founder of RECESSIM, joins host Phillip Wylie to demystify the world of hardware hacking and security, highlighting niche but critical vulnerability research in IoT and embedded devices. Through recounting his own experiences, from customizing low-cost fault injection attacks on automotive microprocessors to reverse engineering smart meters, Hash shares both successes and frustrations from the front lines of hands-on security assessment. The conversation aims to inspire and equip listeners who want to explore or deepen their understanding of hardware security by surfacing resources, communities, and the mindset necessary to uncover vulnerabilities beyond software.
Links:

http://www.recessim.com/

https://wiki.recessim.com/

https://www.youtube.com/c/RECESSIM

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Cybersecurity in healthcare is facing heightened challenges as regulations shift, IoT devices proliferate, and ransomware attacks become increasingly devastating. Josh Spencer, Founder, and CIO at FortaTech Security and with over fifteen years in the field including time as CISO/CTO at UT Southwestern, explores why HIPAA changes are necessary, the high stakes of securing medical devices, and how both technology and culture play roles in protecting patient data and safety. The conversation breaks down risks, practical mitigation strategies, and the ongoing evolution of both threats and defensive tools -- including AI -- and covers the evolving HIPAA landscape and the move from “addressable” to required controls, ransomware’s impact on hospitals and patient safety, challenges and best practices in securing connected medical (IoT/OT) devices, the importance of real-world risk assessment and penetration testing in healthcare, and human factors, including security awareness training and leveraging AI both for defense and as a threat.

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Cybersecurity is redefined as a discipline for the curious and adaptable, with a focus on continuous learning, imagination, and embracing change. On location at the RSA Conference, host Phillip Wylie and Anand Singh discusses the evolving challenges of IoT and OT security, the rapid integration of AI, and how organizations must address overlooked endpoints and fragmented infrastructures. There is an emphasis on practical advice for CISOs and cybersecurity practitioners, underscoring the importance of foundational security practices, data visibility, identity management, and mental well-being in high-stress leadership roles.

1. The role of curiosity and adaptability in cybersecurity careers
2. Overlooked risks and challenges in IoT and OT device security
3. The transformative impact of AI and the importance of securing AI adoption
4. Practical strategies for asset, identity, and data management
5. Maintaining work-life balance and resilience for CISOs and security leaders

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast