Ctrl - Alt - Secure Podcast

In this episode of Ctrl-Alt-Secure, Valentina Flores, CEO of Red Sentry, sits down with Brianna Martinson, Director of Engineering at Tepia, to explore what it truly means to build secure, resilient systems around humans — not in spite of them.Brianna shares how her background as a longtime developer shapes Tepia’s people-first engineering philosophy. Rather than treating software as isolated features, Tepia partners with clients to understand entire system flows, user behavior, and business constraints — especially when working with complex or legacy environments.The conversation dives into why “user error” is often a design failure, how discovery and design should be just as rigorous as development, and why tiny usability decisions can make or break adoption and security outcomes. Brianna and Valentina also discuss holistic system thinking, DevOps principles, microservice architecture, and the emotional realities teams face when legacy tech becomes a liability.The episode closes with a candid discussion on why leaning into discomfort — even when it risks short-term losses — leads to stronger trust, better systems, and more meaningful impact.Key topics covered:• Why human-centered design improves security outcomes • The hidden risks of blaming users instead of systems • Designing intuitive systems that people actually use • Navigating legacy code, technical debt, and hard rebuild decisions • Holistic engineering, DevOps, and microservice architecture • Why doing things “the right way” builds long-term trust over short-term profitWho should listen: This episode is ideal for engineering leaders, security professionals, product teams, founders, and anyone building or securing complex systems where humans, technology, and business intersect.About Ctrl-Alt-SecureCtrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.🔗 Learn more about Tepia: https://tepia.co/🔗 Contact Red SentryFind more about Red Sentry. 

In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Timothy Shields, Partner at Kelley Kronenberg, to unpack what data privacy law really looks like when it meets real-world technology, security, and business constraints.Timothy brings a rare perspective to privacy law, having started his career as a software developer and academic before becoming a tech and data privacy attorney. That technical background shapes how he advises companies today—moving away from unrealistic “zero-risk” thinking and toward practical, defensible decision-making.The conversation explores where organizations most often misunderstand data privacy requirements, why documentation and intent matter as much as tools, and how companies can reduce legal exposure before something goes wrong. Valentina and Timothy also discuss breach response, AI-related legal risk, and why small companies are just as exposed as large enterprises.Key topics covered in this data privacy episode:• Why legal risk in tech is rarely “zero risk” — and why that mindset fails • How a technical background changes the way privacy law is applied in practice • Common privacy blind spots engineers and executives overlook • The biggest legal mistakes companies make after a breach • Why proactive security testing and planning matter more than perfection • The critical role of documentation when regulators or courts get involved • Why not doing what you said you would do creates more liability than getting breached • Where AI liability is headed and what companies should be doing now • Why “we’re too small to be a target” is one of the most dangerous privacy mythsWho should listen?This episode is essential for founders, executives, legal teams, engineers, security leaders, and anyone responsible for handling customer data, building software, or managing cyber risk. If your company collects, processes, or stores data—or is experimenting with AI—this conversation offers practical guidance you can actually act on.About Ctrl-Alt-SecureCtrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.🔗 Learn more about Kelly Kronenberg: https://www.kelleykronenberg.com/ 🔗 Contact Red SentryFind more about Red Sentry. 

In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Madison Morrow, Director of Business Development at Blue Sages, and Farshad Esnaashari, a medical device full–lifecycle consultant, to break down one of the most urgent topics in the med-tech industry: cybersecurity requirements for FDA medical device submissions.The conversation explores why the FDA is increasing its cybersecurity expectations, the most common mistakes manufacturers make, and how device makers can integrate security early in the product lifecycle. Madison explains how Blue Sages supports medical device companies through engineering best practices, software documentation, testing, and compliance, while Farshad brings over 30 years of experience in architectural security, risk management, and interpreting FDA cybersecurity guidance.Key topics covered in this FDA cybersecurity episode:• Why cybersecurity must start early in medical device design (not at the end) • What the FDA now expects: SPDF, SBOM, traceability, threat modeling, and vulnerability management • Why shallow SBOMs, missing traceability, and late pentesting delay submissions • How penetration testing and offensive security strengthen FDA submissions • Practical guidance for med-tech startups balancing speed, safety, and compliance • How AI introduces new cybersecurity risks in medical devices and what the FDA expects for model updates, rollback plans, and integrity checksWho needs this episode?This discussion is essential for anyone involved in medical device development, regulatory submissions, FDA compliance, cyber risk, software validation, or connected device security. If you’re preparing a 510(k), De Novo, or PMA submission in 2025–2026, this episode gives you a clear roadmap of what to prioritize.About Ctrl-Alt-SecureCtrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.🔗 Connect with Blue Sages to explore their engineering and regulatory support for medical device companies: https://www.bluesages.com/ 🔗 Contact Red Sentry: https://redsentry.com/contactFind more about Red Sentry. 

In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Dr. Bennett Hammer, founder and president of Hammer IT, for a deep dive into one of today’s most common yet misunderstood risks: email security. They break down the evolving threat landscape, from the rise of phishing and ransomware to the ways AI is now being used by both attackers and defenders.The conversation explores why email remains one of the most effective entry points for cybercriminals, how remote and hybrid work environments have expanded the attack surface, and the practical steps organizations can take to strengthen their defenses. Dr. Hammer highlights the importance of proactive measures, continuous user education, and building a culture where employees are empowered to question suspicious activity.A handful of valuable takeaways: • Phishing and ransomware continue to top the list of email-based threats • AI is accelerating both offensive and defensive capabilities in cybersecurity • Remote work has created new vulnerabilities in email workflows • User training and awareness remain essential for preventing breaches • Strong filtering, verification protocols, and layered defenses make a measurable differenceTo explore more of Dr. Hammer’s work or try his free tools, visit hammeritconsulting.com, hammersecure.com, or HammerSpam, his spam email analyzer.Ctrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered pentesting firm helping companies identify and fix vulnerabilities before attackers can exploit them.Find more about Red Sentry. 

In this episode of CTRL-ALT-SECURE, Valentina Flores discusses the importance of understanding neurodiversity in tech leadership with guests Andy and Fred from Irregular Training. They explore how neurodivergent individuals, including those with autism and ADHD, can bring unique strengths to the workplace, the challenges posed by standardized work environments, and practical steps organizations can take to support neurodiverse talent. The conversation emphasizes the need for flexibility, trust, and a shift in hiring practices to leverage the strengths of neurodivergent individuals for a more inclusive and productive workplace.A handful of valuable takeaways:Neurodiversity is a key part of how teams actually function and succeed.Understanding different thinking styles can unlock creativity and performance.Standardized workplaces often miss what neurodivergent employees need to thrive.Traits like deep focus, pattern recognition, and problem-solving are real strengths.Flexible roles and trust-based cultures bring out the best in neurodivergent talent.The future of work will depend on embracing and designing for neurodiversity.To learn more about Andy and Fred’s work on building inclusive, high-performing teams, visit their site Irregular Training.CTRL-ALT-SECURE is brought to you by Red Sentry, a human-led, tech-powered pentesting firm helping companies identify and fix vulnerabilities before attackers can exploit them.Find more about Red Sentry. 

Ctrl-Alt-Secure Podcast: Breach Mode – How to Survive a Cyber CrisisHost: Valentina Flores (Red Sentry CEO)Special Guest: Casey Boggs (President, ReputationUs)Are you a CISO or CIO preparing your organization for the reputational fallout of a cyberattack? In this episode, we dive deep into the critical, often-overlooked side of cybersecurity: reputation management. Join Valentina Flores and Casey Boggs as they discuss real-world strategies for crisis communication, incident response, and protecting your brand when the unthinkable happens.Key Topics:Why reputation is as important as technical responseCommon mistakes companies make after a breachBuilding a proactive incident response and communication planIndustry-specific challenges (healthcare, finance, tech, and more)Authenticity and transparency in crisis communicationsChapters:00:00 – Introduction & Guest Welcome02:10 – Casey Boggs’ Background & ReputationUs05:30 – The Real Impact of a Cyber Breach on Reputation09:00 – Who’s to Blame? Internal & External Stakeholders13:20 – Common Mistakes in Crisis Response18:00 – Timing & Transparency: When to Communicate22:45 – Building a Smart Incident Response Plan28:10 – Legal, Insurance, and PR: Who’s on Your Team?33:00 – Industry-Specific Considerations37:15 – Success Stories & Lessons Learned41:00 – Proactive Steps for CISOs & CIOs45:00 – Final Takeaways & ResourcesAbout Our Guest:Casey Boggs is President of ReputationUs, a leading firm specializing in reputation management and crisis mitigation. With over 20 years of experience, Casey has helped organizations across industries navigate the aftermath of cyber incidents and protect their most valuable asset: trust.Connect with Us:🔗 Red Sentry🔗 ReputationUsFind more about Red Sentry. 

Welcome to the Control-Alt-Secure podcast! In this episode, host Valentina Flores (CEO of Red Sentry) sits down with Richard Frederick, founder and CEO of Strategic All Source Intelligence, to uncover the hidden risks of your digital footprint.We dive deep into:What your digital footprint really is—and why it matters more than everHow hackers and threat actors weaponize open source intelligence (OSINT) against individuals and organizationsThe most overlooked ways companies expose themselves onlineReal-world strategies for managing and reducing your attack surfaceThe role of pen testing, cloud security, and continuous monitoring in modern cyber defenseActionable tips for building cyber resiliency and protecting your reputationWhether you’re a business leader, IT professional, or just want to stay safe online, this episode is packed with insights you can use right away.🔗 Connect with Richard Frederick for more on intelligence and risk advisory services. https://sasintel.com/Don’t forget to like, subscribe, and hit the bell for more cybersecurity conversations!Find more about Red Sentry. 

Are your company’s backups really as safe—and as restorable—as you think? Or are you just hoping someone, somewhere, has it all covered?This week, Red Sentry CEO Valentina Flores welcomes backup and disaster recovery expert Cathy Miron (CEO of eSilo) for a reality check on one of the most misunderstood (and neglected) pillars of cybersecurity. Together, they demystify how backups actually work, what most companies get wrong, and why a “set it and forget it” approach is a recipe for disaster.In this episode: • What’s really required for a modern backup and disaster recovery strategy (and why it’s more than just clicking ‘save’) • Why backups fail when you need them most, and how to avoid common mistakes • The difference between compliance checkboxes and true business resilience • Ransomware, immutability, the “3-2-1 rule,” and other backup best practices explained—minus the jargon • How to test your plan (before a disaster strikes) and why tabletop exercises are your best friend • The dangers of assuming your IT team, MSP, or cloud provider has you covered • Recovery point objective, recovery time objective, and what actually matters when you’re staring down downtimeWhether you’re in the cloud, on-prem, or somewhere in between, you’ll learn why backup and recovery need to be at the core of your security and business continuity plan—not an afterthought.If you don’t know exactly how your backups work (or if they work at all), this episode is a must-listen. Don’t wait for an attack or accident to test your recovery plan. Start now.Subscribe for more real-world cybersecurity conversations—practical, honest, and focused on what actually keeps your business running.00:00 Introduction to the Podcast and Guest00:31 Cathy Miron's Background and eSilo's Evolution02:50 Importance of Backups and Recovery in Cybersecurity03:42 Business Continuity and Resiliency Planning07:06 Common Misconceptions and Overconfidence in Backups16:56 Ransomware and the Importance of Immutability27:00 Cloud Backups and Vendor Risk Management30:42 Future of Backup and Recovery33:00 Conclusion and Final ThoughtsFind more about Red Sentry. 

In this insightful episode, Red Sentry CEO Valentina Flores sits down with Brian Guenther from Exceed to break down the essentials of a successful cybersecurity journey. From understanding critical certifications to navigating the latest CMMC updates, they share actionable advice and industry insights to help businesses stay compliant and ready to operate in today’s threat landscape.Find more about Red Sentry. 

Valentina Flores, CEO of Red Sentry, sits down with Rob Petrosino to explore the intersection of AI and cybersecurity. Together, they discuss how AI is transforming industries and provide practical insights on adopting AI securely in the workplace. Whether you're a tech enthusiast or a business leader, this episode offers valuable perspectives on staying ahead in the AI-driven future. Find more about Red Sentry. 

In this episode, Valentina Flores, CEO of Red Sentry, sits down with Chris Bollig, a cyber insurance expert from Bellrock Insurance, to discuss the essential role of cyber insurance in today’s threat landscape.As cyberattacks become more frequent and complex, businesses must focus on prevention and be prepared for the financial fallout of potential breaches. Valentina and Chris dive into real-world scenarios, exploring how cyber insurance policies can provide critical support, mitigate risks, and ensure continuity when the unexpected happens.They also share practical tips for selecting the right policy, understanding coverage options, and aligning your cybersecurity strategy with insurance requirements.This episode is a must-listen for business owners and cybersecurity professionals looking to fortify their defenses and secure their organization’s future.Find more about Red Sentry. 

In this episode, Valentina Flores, CEO of Red Sentry, sits down with Samir Black, CEO of Data Pros Consulting, to explore the critical world of Incident Response. As cyber threats grow more sophisticated, organizations must be prepared to detect, respond, and recover from attacks efficiently. Valentina and Samir dive into real-life examples, sharing their expert advice on building a resilient incident response plan and discussing the key steps businesses can take to safeguard their data and reputation. This is a must-listen for cybersecurity professionals and business owners looking to stay ahead of evolving threats.Find more about Red Sentry. 

In this episode of the Ctrl-Alt-Secure Podcast, host Valentina Flores and special guest Weston Weil delve into the often overlooked but critically important topic of hardware cybersecurity.Join us as we explore the significance of safeguarding hardware and the impact of data storage decisions on overall security. Don't miss this insightful discussion filled with valuable insights and expert perspectives. Tune in now and enhance your understanding of hardware security.https://www.redsentry.com/Find more about Red Sentry. 

Join host and CEO, Valentina Flores, Medical Device Academy Inc. President and FDA compliance expert, Rob Packard, and in-house leading penetration tester, Andrés Peña, as they take a deep dive into medical device cybersecurity. Learn more about how the healthcare industry suffers from common gaps in medical device security and how education can be pivotal in its prevention. Find more about Red Sentry. 

Check out what were the most common vulnerabilities in 2023 and what new threats we can expect in 2024. Discover some free tips on how to stay protected from the pros!Find more about Red Sentry.