In our final episode of 2025, Dave Lewis, global advisory CISO for 1Password, joins Greg Otto to unpack the “access‑trust gap”: the growing mismatch between what employees (and tools like AI assistants) can access at work and what security teams can actually see, verify, and control. Dav explains how this gap shows up in everyday ways—logins that bypass intended controls, personal devices used for work, and teams adopting apps or AI tools faster than IT can govern them—and why that combination creates quiet but serious risk. You’ll hear practical advice on narrowing the gap with stronger identity checks, smarter device trust, cleaner SaaS governance, and simple guardrails for safe AI use that don’t crush productivity.
All content for Safe Mode Podcast is the property of Safe Mode Podcast and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In our final episode of 2025, Dave Lewis, global advisory CISO for 1Password, joins Greg Otto to unpack the “access‑trust gap”: the growing mismatch between what employees (and tools like AI assistants) can access at work and what security teams can actually see, verify, and control. Dav explains how this gap shows up in everyday ways—logins that bypass intended controls, personal devices used for work, and teams adopting apps or AI tools faster than IT can govern them—and why that combination creates quiet but serious risk. You’ll hear practical advice on narrowing the gap with stronger identity checks, smarter device trust, cleaner SaaS governance, and simple guardrails for safe AI use that don’t crush productivity.
Phosphorus’ Sonu Shankar on IoT Vulnerabilities and Salt Typhoon Tactics
Safe Mode Podcast
23 minutes 50 seconds
3 months ago
Phosphorus’ Sonu Shankar on IoT Vulnerabilities and Salt Typhoon Tactics
In this episode, Greg Otto talks with Sonu Shankar, President at Phosphorus, to discuss the unique security challenges facing today’s rapidly expanding Internet of Things landscape, where traditional endpoint protections are ineffective. The episode explores how everyday devices with default passwords and outdated firmware open organizations up to significant risk. Shankar highlights the tactics of groups like Salt Typhoon, who exploit these weak spots to infiltrate and persist within networks. The conversation underscores the pressing need for deeper asset inventory and active discovery in critical environments.
In our reporter chat, Greg talks with Matt Kapko about a supply-chain attack on npm that turned out to be pretty close to a false alarm.
Safe Mode Podcast
In our final episode of 2025, Dave Lewis, global advisory CISO for 1Password, joins Greg Otto to unpack the “access‑trust gap”: the growing mismatch between what employees (and tools like AI assistants) can access at work and what security teams can actually see, verify, and control. Dav explains how this gap shows up in everyday ways—logins that bypass intended controls, personal devices used for work, and teams adopting apps or AI tools faster than IT can govern them—and why that combination creates quiet but serious risk. You’ll hear practical advice on narrowing the gap with stronger identity checks, smarter device trust, cleaner SaaS governance, and simple guardrails for safe AI use that don’t crush productivity.
