mnemonic security podcast

Ever wondered how INTERPOL tackles organised crime and cyber threats?
In this episode of the mnemonic Security Podcast, we’re joined by Bjørn Watne, Global Chief Information Security Officer at INTERPOL, for a conversation on how cybercrime is evolving, and what it takes to combat it.
Bjørn draws on more than 25 years of experience across industries including law enforcement, financial services and telecoms. In his role at INTERPOL, he explains how the organisation connects and supports law enforcement across 196 countries, tackling terrorism, organised crime, financial crime, and cybercrime. He also explains how and why INTERPOL distinguishes between cybercrime and cyber-enabled crime, highlighting how traditional crimes are increasingly amplified by digital tools, AI, and cloud technologies.
During Bjørn and Robby's conversation, Bjørn outlines INTERPOL’s coordination model with local jurisdictional leads, partnerships with private expertise, and the need for neutrality, including avoiding state-on-state cyber war issues. As well as discusses the “cybercrime supply chain”, attribution challenges, and where they've observed AI do the most harm.
Send us Fan Mail

“Human behavior is not going to change significantly year after year.”
In our latest podcast episode, Robby is joined by Rob Shapland, ethical hacker and Director at Cyonic Cyber, to explore how social engineering works in practice today.
Despite advances in technology, social engineering remains an effective attack method. Whether it is a convincing email, a friendly conversation, or a well-timed request to the support desk, attackers continue to exploit human trust.
In this episode, we discuss how social engineering tactics have evolved and what still stays the same, how new tools are making attackers more effective, and real-world stories, including how many buildings Rob has gained access to during his career so far.
Rob will also be speaking at mnemonic’s annual conference, C2 Summit, this May. Check out the program and see if you should join us as well: mnemonic.io/c2-summit-2026 
Send us Fan Mail

In this episode of the mnemonic security podcast, we’re joined by Will Thomas, Senior Threat Intelligence Advisor at the CTI company Team Cymru, to discuss the latest trends in initial access.
Will shares what he is currently observing, including the growing exploitation of edge devices, the targeting of SaaS environments using infostealers and stolen credentials, and the rise of ClickFix-style social engineering techniques.
He also explains how these trends differ between threat actors depending on their motivations, and what organisations should prioritise to stay ahead. Will outlines practical steps defenders can take and the key questions security teams should be asking to stay ahead of attackers.
The conversation also covers Will’s main concerns around threat actors’ use of LLMs, and how CTI and threat hunting should ideally be carried out to support security operations.
Want more Will Thomas? Here you can find his Ransomware-Tool-Matrix: https://github.com/BushidoUK/Ransomware-Tool-Matrix/tree/main/Tools
And his own podcast Future of Threat Intelligence (FoTI) Podcast:
https://www.team-cymru.com/future-of-threat-intelligence-podcast
Send us Fan Mail

"It's prime time for runtime!"
In this episode of the mnemonic security podcast, we're joined by Sergej Epp, Global CISO & Member of the Executive Team of Sysdig, to discuss threats at machine speed and runtime security.
Sergej explains how runtime security enables organisations to understand what is really happening inside containers and serverless workloads, and why, without it, they are effectively blind to critical activity within their cloud-native environments. He shares recent examples of supply chain incidents that highlight these risks, including the GitHub Actions compromise, NPM attacks, and the two waves of Shai-Hulud.
Robby and Sergej also discuss the most common ways that attackers get access to clusters and containers, and how organisations can stay ahead of attacks using real-time telemetry.
Send us Fan Mail

"We are not really seeing as many attacks in the cloud where people hack in. It's more likely that they simply log in."
In this episode of the mnemonic security podcast, we're exploring Cloud Detection & Response (CDR) together with Brian Contos; returning guest, fellow podcast host, author, and serial security entrepreneur. In his conversation with Robby, he shares from his new role as Field CISO for the Cloud Detection & Response platform Mitiga.
They discuss the Salesforce supply chain attack and the challenges of protecting interconnected cloud ecosystems, the evolution of Cloud Detection & Response so far, and what we should expect in the near future.
Send us Fan Mail