—-Ryan Williams Sr, B1Daily
Welcome back to ‘The Other Side of the Firewall‘ podcast! On this holiday-special episode, Shannon Tynes and I tackled some of the most pressing developments in digital security, global cybercrime, and AI risk—and the implications for security professionals at every level.
North Korea’s Record Crypto Theft: $2+ Billion in 2025
In a stunning escalation, North Korea linked cyber operators have stolen over $2.02 billion in cryptocurrency so far in 2025—a 51% increase over 2024, according to the latest reports. That’s part of a broader $6.75 billion haul since 2016.
Here’s what stood out in our discussion:
- The rise of decentralized finance (DeFi) creates new attack surfaces and opportunities for illicit movement of digital assets. Without intermediaries like banks, malicious actors can transfer huge sums without the oversight traditional systems have.
- State actors aren’t just after data—they’re after funding. Nations like North Korea use stolen crypto to finance missile and nuclear programs.
- Broader adoption of digital currencies—from CBDCs to mainstream payment systems—will only increase the value of these attacks in the years ahead.
As I asked on the show: How is crypto insured? If an exchange is hacked, how do victims recover their assets? Right now, the answers are murky. Unlike FDIC insured bank accounts, most crypto holdings carry little guaranteed protection. This “wild west” landscape demands both better risk modeling and insurance mechanisms.
Security Through Unusual Signals: The 110ms Keystroke Detection
Another headline grabbed our attention: Amazon reportedly detected a North Korean IT infiltrator because of their 110-millisecond keystroke delay. These tiny timing differences were enough to flag remote workers pretending to be local—proof that security monitoring can go far beyond firewalls and password policies.
- It underscores how behavioral analytics are emerging as a critical defensive layer.
- Remote workforce strategies must evolve with threat intelligence—high resolution signals like typing cadence can differentiate friend from foe.
AI’s Dual Edged Sword: Lessons From 2025
We also reflected on an ISACA article about AI missteps in 2025—from default credentials in AI hiring tools to deepfake political videos and harmful LLM outputs.
Key takeaways for cybersecurity teams and leaders:
- AI isn’t inherently good or bad—it amplifies both. Mistakes like leaving default credentials open aren’t new, but when AI platforms make them exploitable at scale, the impact magnifies.
- Bias and discrimination in AI systems aren’t theoretical—they’re real. Facial recognition and predictive models have already shown disproportionate impacts on people of color.
- Misinformation and deepfakes erode trust. Whether it’s a fake video of a world leader or fraudulent hiring systems, AI can weaponize lies unless we build stronger safeguards.
- Human computer interaction risks are increasing. The more people rely on AI, the more we must support digital literacy and mental health resilience.
What This Means for You—and Cybersecurity in 2026
Here’s the honest truth we discussed: innovation never waits for regulation, and threat actors are increasingly sophisticated. Crypto theft, behavioral analytics, and AI enabled deception are just the beginning.
So what should leaders and practitioners focus on in the coming year?
- Invest in monitoring systems that go beyond logs—think behavioral telemetry, anomaly detection, and adaptive risk scoring.
- Ensure AI governance frameworks are in place now. Protect against bias, misinformation, and unsafe model behavior before deployments go live.
- Educate your teams and your organization. Performance reviews, hiring practices, and incident response plans—all must incorporate AI security.
- Build resilience in digital finance and crypto assets. Risk transfer mechanisms like insurance and custodial protections are critical.
As Shannon and I wrapped up the episode, one thing was clear: we’re entering a new phase of cyber risk—and it’s bigger than breaches. It’s about trust, identity, and the digital value flowing through every system we build.
Stay secure, stay secure, and happy holidays!
Ask a CISSP ft Ahmad Austin, Director of Cybersecurity & Author of The Boundaryless Enterprise
Today I am excited to welcome my guest, Ahmad Austin, to The Other Side of the Firewall podcast.
Ahmad is the founder of Cy3, LLC, and author of a brand new cybersecurity book, ‘The Boundaryless Enterprise,’ and he brings 22 years of experience in cybersecurity and governance. He has spent most of his career serving in the public sector, with the last few years focused on driving impact in the private sector as well.
During the conversation, Ahmad and I dig into what he has learned across both sides of the fence, how governance actually works in the real world, and why he felt compelled to write this book now.
If you care about security, policy, and building programs that actually work for people, you will not want to miss this episode.
Check out the episode right now on your podcast platform of choice or this evening on WDJY 99.1 FM and the TuneIn app at 5 PM EST: https://www.wdjyfm.com/
And don’t forget to pick us up his brand new book, ‘The Boundaryless Enterprise’: https://a.co/d/fPHOXd6
’Tis the season of giving, and I’m feeling generous! 🎁
Pick up the eBook version of my book, THE OTHER SIDE OF THE FIREWALL: The Real-Life Stories of Movers, Shakers & Glass Ceiling Breakers, for FREE on Smashwords:
Use code SW100 at checkout for 100% off.
Offer valid through January 1, 2026.
If you enjoy the guide, do me a huge favor and leave a review as your Christmas gift to me—it really helps others discover the book. ⭐
And if you want a physical copy, visit https://lnkd.in/gZFRXeaH or pick it up anywhere books are sold!
PSA: No matter how you read the guide, please make sure to leave an honest review on Amazon. Reviews hold significant value. Thanks!
Ryan is a retired Air Force veteran who brings over 20 years of experience in network infrastructure, project management, and cybersecurity consulting to his current role as CEO of RAM Cyber Consulting & Assessments, LLC. RAM Cyber is a premier governance, risk, and compliance (GRC) consultancy dedicated to supporting the Defense Industrial Base (DIB), federal agencies, and corporate entities. We specialize in delivering expert guidance to ensure compliance, mitigate risks, and enhance cybersecurity postures.
Shannon, also a retired Air Force veteran, has more than two decades of expertise in network security and vulnerability management. He now serves as an Information System Security Officer (ISSO), where he continues to enhance national security protocols.
Chris is a Navy veteran with over 13 years in IT, information assurance, and risk management. His current role as a Senior Security Consultant focuses on vCISO and Cyber Assessments services enhancing data security and privacy for various organizations.
**The Other Side of the Firewall podcast is a product of RAM Cyber Consulting & Assessments, LLC. RAM Cyber Consulting & Assessments, LLC is a premier governance, risk, and compliance (GRC) consultancy dedicated to supporting the Defense Industrial Base (DIB), federal agencies, and corporate entities. We specialize in delivering expert guidance to ensure compliance, mitigate risks, and enhance cybersecurity postures. RAM Cyber is pending SDVOSB, VOSB, and 8(a) certification by the SBA, underscoring our commitment to excellence and service.
B1Daily 
Leave a comment