THREATCON1 PODCAST
Keep up with THREATCON1 for the latest insights. Follow us on your preferred podcast service:
Teen Hackers, Billion-Dollar Damage with Zafran’s Yonatan Keller & Nate Rollings on AI Threats Rising
THREATCON1 hosts Tom Bain and Patrick Garrity sit down with Nathan Rollings, Field CISO at Zafran, and Yonatan Keller, Analyst Team Lead at Zafran, for a deep, practitioner-focused conversation on the realities of modern vulnerability management.Together, they explore why patching alone can’t keep up with today’s threat landscape — and how security teams can dramatically reduce risk by prioritizing what actually matters.
When Offense Meets Defense — How Cybersecurity Teams Reduce Risk Faster with Tyler Shields
Tom and Patrick sit down with Tyler Shields, Cybersecurity Strategy Analyst at Omdia, for a wide-ranging conversation on where cybersecurity is heading — and what actually matters to practitioners right now.
The discussion dives deep into the realities behind AI hype, the importance of keeping humans in the loop, and why buyers are overwhelmed by security debt rather than lacking data. Tyler also offers a candid take on the CVE ecosystem, vulnerability scoring fragmentation, and why context — not raw severity scores — is the only thing that makes vulnerability data actionable.
The Biggest Cyber Threats Today: Insecure Software, CVEs & AI with Nabil Hannan
Tom and Patrick sit down with Nabil Hannan, Field CISO at NetSPI, AI-focused startup advisor, and host of the Agent of Influence podcast. Nabil shares his unique perspective on today’s most pressing cybersecurity challenges.
From North Korea to LinkedIn: The New Era of Social-Engineered Intrusion with Christine Fignar
Tom and Patrick sit down with Christine Fignar, Cybersecurity Analyst at the Federal Reserve Bank of Minneapolis, to unpack one of the most misunderstood areas of security: insider threats and human-driven risk. Christine’s background spanning aviation, HR, communications, and counterterrorism gives her a rare perspective on stress, behavior patterns, and the subtle signals that often precede incidents.
We get into her “Cone of Uncertainty” framework for visualizing how threats form and evolve, discuss hiring fraud, offboarding gaps, nation-state recruitment, and why organizations routinely miss early warning signs. A conversation for anyone looking to better understand, track, and communicate human-centric risk.
Building a Proactive Cyber Strategy with Focus and Cross-team Collaboration with Simon Goldsmith
Tom and Patrick welcomed Simon Goldsmith, CISO, Ovo Energy to the show, to chat about the emerging threat landscape across different industries he’s served in - from the CISO’s perspective. We dig into some of his cyber experiences throughout his career, talk rugby, debate Oasis vs Blur and even drill down into how to counter coordinated nation-state attacks!
Cyber Ops Experience Meets Following Industry Money with Mike Privette
Tom and Patrick host Mike Privette, Founder, Return on Security, to get a sense of Mike's perspectives on how he's used his operational background in cyber as a former multi-time CISO to pivot into something entirely different in the cyber market today! Mike brings insights on how he tracks and slices data on all cyber funding and M&A activity with his broad-ranging dataset and his leading newsletter. They cover ground on emerging threats, AI investment in cyber and what pushed him to pursue a unique pivot in his cybersecurity journey!
CVE's Emerging Threats and Horror Movies with Tod Beardsley (RunZero)
Tom and Patrick sit down with VP of Security Research, Tod Beardsley. We talk to Tod about his current role leading cyber research at RunZero, his time at CISA, emerging cyber threats he's currently engaged in researching, his perspective on the CVE program and its future - and finally, horror movies, of which Tod is an aficionado and active podcast host himself of Podsothoth: A Lovecraft Book Club. This session isn't THAT scary really...
The Ins and Outs of Offensive Cyber with Andrew Boyd
In this episode, Tom and Patrick chat with former Director of the CIA’s Center for Cyber Intelligence, Andrew Boyd, about the root of today’s emerging cyber threats to both business and to citizens. They dive into his experience in offensive cybersecurity across multiple former government roles, how he grew his skillset into cyber and experiences in serving the U.S. in many innovation-led cyber capacities, and his current cyber-inspired initiatives.
Cyber Summer Break with Jen Easterly
In this episode, Tom and Patrick chat with Jen Easterly, former Director of CISA, for the U.S. government. Topics covered range from public-private collaboration efforts to better protect our national security, to her perspectives on defending against threat actors targeting U.S. interests as well as the impact AI is having on cyber today, with a sneak peak into a few of her upcoming key initiatives. And we go to learn how Jen Easterly spent her summer!
Teen Hackers, Billion-Dollar Damage with Zafran’s Yonatan Keller & Nate Rollings on AI Threats Rising
THREATCON1 hosts Tom Bain and Patrick Garrity sit down with Nathan Rollings, Field CISO at Zafran, and Yonatan Keller, Analyst Team Lead at Zafran, for a deep, practitioner-focused conversation on the realities of modern vulnerability management.Together, they explore why patching alone can’t keep up with today’s threat landscape — and how security teams can dramatically reduce risk by prioritizing what actually matters.
When Offense Meets Defense — How Cybersecurity Teams Reduce Risk Faster with Tyler Shields
Tom and Patrick sit down with Tyler Shields, Cybersecurity Strategy Analyst at Omdia, for a wide-ranging conversation on where cybersecurity is heading — and what actually matters to practitioners right now.
The discussion dives deep into the realities behind AI hype, the importance of keeping humans in the loop, and why buyers are overwhelmed by security debt rather than lacking data. Tyler also offers a candid take on the CVE ecosystem, vulnerability scoring fragmentation, and why context — not raw severity scores — is the only thing that makes vulnerability data actionable.
about
THREATCON1 is the place to go for insights on emerging cyber threats. Hosted by VulnCheck’s Security Researcher Patrick Garrity, and Chief Marketing Officer Tom Bain, THREATCON1 will give listeners critical cyber insights through discussions with top cybersecurity practitioners and leaders in the industry that drive innovation and thought leadership. Patrick and Tom will dive into emerging news stories and cyber threats, and trends that are materially shaping the industry with sharp analysis and fresh perspectives that matter related to national security and economic viability.
Meet the Hosts
Tom Bain is the Chief Marketing Officer at VulnCheck. He’s a frequent presenter at the biggest cybersecurity events including RSAC Innovation Sandbox and Black Hat, as well as investor and Marketing events globally. He was the host of Cyware’s Cybercast podcast, and is also a frequent contributor to the RSA Innovation network.
Tom has held Marketing lead roles at multiple cybersecurity startups including Finite State, Cyware, RiskRecon, (acquired by Mastercard) Morphisec, GoSecure, Q1 Labs (acquired by IBM) and AppSecInc. (acquired by Trustwave). He has experience in building go-to-market strategies focused on growth and solving complex challenges.
Patrick Garrity is a security researcher at VulnCheck where he focuses on vulnerabilities, vulnerability exploitation and threat actors. Patrick has spent the last decade helping building Cybersecurity companies including Duo Security, Censys, Blumira, Nucleus Security and VulnCheck. In his role, he is a frequent contributor to the VulnCheck blog, the Marketing and Product teams, as well as a regular presenter on webinars and at industry events worldwide.