InfosecTrain

AI is everywhere, from personal companions to high-stakes business automation. But as adoption grows, so do the risks of data privacy breaches, algorithmic bias, and lack of accountability. In this episode, we discuss why AI literacy is no longer optional for IT professionals and how the Certified AI Governance Specialist program bridges the gap between technical AI tools and responsible business leadership.

🎯 Key Topics Covered in This Episode:
The Shift in AI Adoption: From "Googling" to "Chatting" how AI has moved from a search tool to a personal and professional companion.

Accountability in AI: Why we can't take an AI to court and the urgent need for human oversight in high-risk use cases like loan approvals.

Technical vs. Non-Technical Roles: Why AI governance is for everyone from developers to CISOs and the importance of "AI Literacy" as mandated by the EU AI Act.

The Amazon Resume Case Study: A real-world example of how a lack of AI governance led to gender bias and reputational damage.

Global Regulations & Frameworks: Understanding the impact of the EU AI Act, GDPR, ISO 42001, and the NIST AI Risk Management Framework.

Career Evolution: Kish shares his personal journey from a technical "fix-it" guy to a governance consultant, explaining why governance is a better career decision.

Practical Training vs. Theory: What sets the Certified AI Governance Specialist program apart, including hands-on policy writing and real-world risk assessments.

Explainability & Blind Spots: Why AI decisions must be auditable and explainable to maintain customer trust and legal compliance.

The Lightning Round: Quick takes on "automation bias," the biggest mistakes organizations make, and whether AI is currently under-governed or under-understood.

🎧 Stay ahead of the curve with InfosecTrain. Prepare for the future of GRC by becoming a Certified AI Governance Specialist. Our 48-hour live instructor-led program provides the templates, use cases, and practical insights you need to lead AI initiatives.

Watch the full episode on YouTube: https://www.youtube.com/watch?v=jMYDpy-zy8M

In this episode, we break down the sophisticated world of Red Teaming. Moving past simple vulnerability scans, we explore the mindset of a determined adversary. We cover the entire attack chain from initial access via LLMNR poisoning to lateral movement using BloodHound and explain how these simulations help Blue Teams sharpen their detection and response capabilities.

Key Topics Covered in This Episode:
Defining Red Teaming: Why Red Teaming is "threat-oriented" rather than "vulnerability-centric," focusing on organizational resilience.

Understanding APTs: The characteristics of Advanced Persistent Threats—sophisticated, long-term, and stealthy.

The MITRE ATT&CK Framework: A breakdown of the 14 tactics used to map adversarial behavior from reconnaissance to impact.

Red Team vs. Pentesting: A detailed comparison of scope, duration, and goals (Narrow vs. Broad, Goal-oriented vs. Threat-oriented).

The Attack Life Cycle: Stepping through Reconnaissance, Initial Compromise, Persistence, Privilege Escalation, and Exfiltration.

Live Demo: LLMNR Poisoning: How attackers exploit "link-local" protocols to capture password hashes using tools like Responder.

Cracking Hashes: Using Hashcat to resolve captured NTLMv2 hashes into plain-text passwords.

Visualizing the Path: Using BloodHound and Neo4j to map hidden relationships and attack paths within Active Directory.

The Blue Team Perspective: How the Security Operations Center (SOC) uses Red Team findings to close detection gaps.

🎧 Level up your offensive security skills with InfosecTrain. We provide specialized training in Red Teaming, Active Directory Security, and APT Simulation to prepare you for the front lines of cybersecurity.

Watch the full episode on YouTube: https://www.youtube.com/watch?v=ruaK9NNIE2w

Are you still spending 20 minutes reading a single regulatory document? In this episode, we show you how to leverage Gemini and Custom Agents to automate document analysis. We walk through the process of feeding an AI 17 pages of RBI fintech guidelines and training it to act as your personal "Fintech Helper" capable of answering complex questions and drafting polished, empathetic emails directly to your team or clients.

Key Timestamps & How-To:
The Manual Burden: Why reading 17 pages of RBI guidelines takes too long and how AI solves the "memory" problem.

Knowledge Feeding: How to properly summarize and feed specific regulatory knowledge into your custom agent.

Setting the Guardrails: Why you must instruct your agent on tone (e.g., "polite and mature") and ensure it doesn't use random citations.

Multi-Tool Integration: Enabling your agent to use web searches and your professional email to gather real-time context.

3-Second Analysis: Watching the agent digest a massive update and provide accurate summaries in under three seconds.

The Draft-to-Sent Workflow: How the agent automatically creates a ready-to-send draft in your Gmail based on the document's findings.

Master AI Automation with InfosecTrain. We provide the technical foundation to help you build secure, autonomous agents for your professional workflow.

Watch the full episode on YouTube: https://www.youtube.com/watch?v=9nTsH4m0KqA

National security is no longer just about tanks and aircraft; it’s about power grids, financial ecosystems, and data privacy. In this episode, Colonel Deepak Joshi explains why safeguarding a business is an act of nation-building. We dive into the DPDP Act, the "Black Box" of AI, and why your organization’s cybersecurity posture is now a competitive advantage that drives revenue and trust.

Key Timestamps & Insights:
Beyond the Battlefield: Why cyber warfare is now a primary domain alongside land, sea, and air.

Critical Infrastructure: The high stakes of protecting airports, power grids, and banking services.

The ₹250 Crore Risk: Understanding the penalties under India’s DPDP Act and the cost of "just in case" data collection.

Security as a Brand: How Apple and Tata Nexon used "security" as a winning marketing tagline to dominate markets.

The AI Privacy Bridge: Balancing innovation with ethical data ingestion and avoiding the "Black Box" trap.

Secure by Design: The "Sprinkler System" analogy—why security must be baked into the foundation, not added later.

Startup Survival Kit: Three non-negotiable tips for high-energy startups to protect their IP and reputation.

The Human Firewall: Why regular patching is like a medical checkup and why your digital hygiene matters more than your tools.

Career Pivot: Why cybersecurity professionals are perfectly positioned to lead the new wave of Privacy and DPO roles in India.

Expert Guest: Colonel Deepak Joshi (CISO & DPO) 
Hosted by: InfosecTrain Tech Talk

Watch the full episode on YouTube: https://www.youtube.com/watch?v=RR--vwkpMVY

Are we moving past the era of simply "chatting" with AI? In this session, we look at the rise of Agentic AI tools that don't just draft emails or suggest code but actually go into your browser, check your mail, and book your tickets for you. We explore LlamaCoder for instant app building and how Comet and Perplexity are turning our web browsers into autonomous assistants.

What’s Inside This Episode:
LlamaCoder: Building functional apps, to-do lists, and SAS landing pages in seconds using Meta's Llama models.

Enter the Agentic Browser: How Comet allows you to manage tasks across different tabs without ever opening them.

Inbox Automation: Watching an AI agent check for payment reminders and draft a reply directly inside Gmail.

Concierge AI: Using an agent to find movie shows in Delhi-NCR, compare ticket prices, and apply coupon codes autonomously.

The Google vs. Perplexity War: Why Google is integrating Gemini directly into Chrome to prevent users from switching to third-party agents.

GenAI vs. Agentic AI: Understanding the shift from "generating information" to "autonomous execution."

🎧 From advanced AI prompting to cybersecurity governance, we help you master the tools of tomorrow.

Watch the full episode on YouTube: https://www.youtube.com/watch?v=6NCr4fDLhE0