 |
ISF PodcastAuthor: Information Security Forum Podcast
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management. Language: en Genres: Business, Management, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it Trailer: |
Listen Now...
S36 Ep25: Brett Johnson - From Most Wanted to Most Valuable: Inside the Cybercrime Landscape
Episode 25
Monday, 20 April, 2026
Today we bring back one of our favorite guests: former US most-wanted cybercriminal Brett Johnson. It’s been seven years since he was last on the show, and much has happened in the world of cyber. Brett shares how his perspective has changed in the past few years, and gives his thoughts on how new technologies impact cyber crime. Steve and Brett discuss compliance and what Brett’s path from prison to helping law enforcement means for other cyber criminals. Brett also answers some rapid-fire questions.Key Takeaways: Increased ease of access to cybercrime tools and services, along with manpower problems in law enforcement, are key reasons for why cyber crime is one of the world’s largest economies today. Enterprises must shift focus from trying to block every attack to protecting their crown jewels for when an attack inevitably gets through. Bad things happen because good people remain silent. Tune in to hear more about: Why cybersecurity awareness training often fail (13:32) If Brett’s path to redemption is still viable for today’s cyber criminals (16:57) Some rapid-fire questions to Brett (21:35) Standout Quotes: “Cybersecurity and security overall is not a romantic thing. It's not an exotic thing. It's simply doing the nuts and bolts of what you need to do. And the problem is that largely that's not happening in the environment. If you've got management that's more interested in butter than they are in guns, you've got those types of issues.” - Brett Johnson “Cybersecurity awareness training or fraud prevention training, scam awareness, anything like that, we tend to educate at a very rational level. For scams and a lot of fraud and stuff like that, it doesn't happen at a rational level. If I'm trying to attack a person and compromise that person, I'm not doing it at a rational level. I'm doing it at an emotional level. I'm trying to get you to set reason and logic aside and to react emotionally. So all that training takes place at that rational level. You can understand it there. That doesn't mean that you understand it at the emotional level whatsoever.” - Brett Johnson “Is it harder? In one respect it is because we now have people that are aware of how money is moved, what criminals seek to do with it. Banks have become more aware of a lot of the new ways to launder and funnel funds. In many ways, it's much harder, but at the same time, criminal networks have adapted to that difficulty.” - Brett Johnson Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and TwitterFrom the Information Security Forum, the leading authority on cyber, information security, and risk management.
