Sami Eltamawy Talks Podcast

This episode delves into the dangers of sextortion, a form of phishing email that blackmails individuals by threatening to reveal compromising material. The host discusses the increasing prevalence of sextortion, especially in the US and UK, and highlights its psychological impact on victims. Listeners are provided with techniques to protect their organizations, including awareness training, email filtering, blocking pornographic sites on work devices, and using camera covers. The episode emphasizes the importance of preparation and proactive measures to mitigate the risk of sextortion attacks.

Security teams across organizations face a persistent challenge: limited resources, unlimited vulnerabilities, and mounting pressure to secure systems effectively. The traditional approach of prioritizing vulnerabilities solely based on Common Vulnerability Scoring System (CVSS) scores creates inefficient resource allocation and can leave critical exposures unaddressed while teams focus on theoretical risks.
Read the full article on my personal blog on samieltamawy.com 

In this episode, I address founders and business leaders on the critical importance of investing in security early in their startup journey. Many early-stage companies overlook security, thinking it's a later-stage investment. The video breaks down why this mindset is risky by explaining how a security breach can impact user base, revenue, and overall valuation. It also covers the likelihood of being hacked, types of hackers, and their motives. Practical steps for investing in security are provided, including hiring full-time generalists, utilizing part-time security experts or virtual CISOs, and growing internal security champions. This guide aims to help founders proactively protect their startups and build trust with investors.

In this comprehensive episode, you will learn how a structured approach can enhance your organization's defense mechanisms and help you build a reliable and resourceful IDR or SOC function.
Key topics include defining and classifying assets, developing attack scenarios, evaluating SIEM integrations, and optimizing for cost and efficiency. Whether you are starting from scratch or seeking improvements, this guide provides valuable insights to fortify your organization's incident response framework. Tune in for expert strategies to maximize your SOC's effectiveness and resourcefulness.

In this episode, I explore the crucial principle of 'Shift Left' in security, emphasizing the integration of security measures early in the software development lifecycle (SDLC). I will explain the necessity of moving security considerations from late stages, such as post-release testing, to the very beginning—starting from ideation, requirements, and design stages. Highlighting the benefits of early security integration in terms of cost savings and developer satisfaction, the video covers various methods such as security training, system design review, static and dynamic analysis, and bug bounty programs. This comprehensive approach to embedding security into each phase of the development process not only preempts vulnerabilities but also fosters a collaborative and proactive security culture within the development team.

In this episode, I will discuss the rise of cyberterrorism and why it’s vital to stay vigilant in the era of digital threats. I will explore the contributing factors like anonymity, hacking tools, and vulnerable targets, while offering practical strategies for individuals and organizations to enhance their cyber defenses. Tune in for insightful tips and expert advice to help safeguard against cyber attacks.

In this podcast episode, I explore the concept of proximity bias, a common workplace tendency to favor those who are physically closer over remote employees. Learn how leaders and team members can recognize and counteract this bias to ensure fair treatment and equal opportunities for all. I provide practical tips for leaders on managing proximity bias and strategies for remote workers and introverts to improve their visibility and communication within the team.
 
If you find these tips helpful, don't forget to like, subscribe, and share this episode with your colleagues!

In this episode, "The Courage to Be Disliked at Work: Security, Privacy & IT," we dive into the critical importance of standing firm in your principles, even when it means making unpopular decisions.
Inspired by the book "The Courage to Be Disliked," this video explores how to focus on doing what’s right for data security, privacy, and IT effectiveness—without letting the desire to be liked influence your judgment. Whether you’re a manager or an individual contributor, learn how to apply these principles at work to ensure ethical decision-making, build resilience, and drive meaningful impact in your role.
 
Topics covered:
- How to balance courage and professionalism.
- Why being liked should never be your goal in decision-making.
- Real-world examples of applying this mindset in security, privacy, and IT.
 
If you’ve ever felt the pressure to compromise your standards to avoid conflict, this episode is for you!
Don't forget to like, share, and subscribe for more insights on cybersecurity, privacy, tech, and professional growth.