Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As Chinese hackers continue their raid of American companies, the threat reaches new levels of urgency, not so much for the sophistication of these hackers, but because of the sheer volume of attacks. And yet, victims continue to keep their breaches under wraps, and the government is hamstrung in what they can say because most everything they know about Chinese cyberespionage is classified.

Highlighting real-world examples of civilian cyber engagement, from the Ransomware Hunting Team developing decryptors to organizational models like Cyber Peace Builders that connect volunteers with nonprofits needing cybersecurity assistance.

Welcome to the Data Security Decoded podcast by Rubrik Zero Labs. In this episode, our host, Caleb Tolin, is joined by Michael Razeeq, a cybersecurity policy researcher specializing in advocating for Civilian Cyber Corps (C3s). Michael shares insights into how these volunteer forces, C3s, are transforming community cyber defense, addressing workforce shortages, and providing both preventive and reactive cybersecurity services to underfunded organizations.

From a CISO’s perspective, cybersecurity is a high-stakes game against cybercriminals. We stay calm, cool, and collected—even when attacks are nonstop. With solid incident response and communication plans, we’re always ready to make our next move.

For this special live recording of To Catch a Thief at The New York Stock Exchange, host and former lead cybersecurity and digital espionage reporter for The New York Times, Nicole Perlroth sits down with those who have been directly targeted by, traced, or directly engaged China’s state-sponsored hackers, diplomatically, or in the cyber domain.

"IT Manager's essential advice: Employees are secretly buying software without telling IT. The solution? Join HR and marketing meetings, find out what your team is REALLY doing, and address TikTok use in the office. Clear communication across departments is your best defense against shadow IT.

"We have an attention span of around 1.8 seconds" - Carolin Desirée Toepfer explains why traditional security training isn't working. Learn how repetition and psychology-based approaches can drive real behavior change instead of just checking compliance boxes. Watch this episode of Data Security Decoded for research-backed insights from the founder of a cybersecurity edtech platform.

Welcome to the Data Security Decoded podcast. In this episode, our host, Richard Cassidy, is joined by Carolin Desirée Toepfer, founder of Cyttraction and CISO as a Service for multiple organizations across Europe and North America. Carolin shares her journey from building websites and online communities to becoming a cybersecurity leader, offering insights into the unique challenges of European cybersecurity, AI security frameworks, and transforming cybersecurity training into data integrity training that better aligns with business needs.

"Something's going to happen." Maria Roat, former Deputy Federal CIO, delivers a wake-up call about the inevitable nature of security incidents. In this crucial clip from Data Security Decoded, Maria reveals why response preparation is everything and how to minimize damage when (not if) breaches occur. Don't wait until "all your data went out the door" - learn proactive strategies from a federal tech leader who's seen it all!

To Catch a Thief explores how nation states have shifted their cyber espionage strategy from trade secret theft to targeting American critical infrastructure. We are also excited to share that Nicole Perlroth, the host of To Catch a Thief, joins Rubrik in a new role as Chief Cyber Raconteur.

Former NSA Director Keith Alexander called it “the greatest transfer of wealth in history.” Hillary Clinton, FBI Director James Comey and President Barack Obama also sounded the alarm on the biggest heist in human history.

Google discloses its hack and points the finger squarely at Beijing, which spells the end for Google’s business ambitions in China. Other victims stay silent, too fearful to offend the gatekeepers to the world’s largest market. Nobody will talk. Until they came for The New York Times.

Aysha Khan, CIO & CISO at Treasure Data, drops a truth bomb: "Security isn't a tech problem—it's a BUSINESS problem." In this eye-opening clip from, Aysha explains why cybersecurity deserves a seat at the board table and how empowering your CISO creates true organizational resilience. Listen to the full episode to discover why your security strategy might be fundamentally flawed!

Rapid, reliable has never been so easy. Keep your business moving forward at lightning speed with Turbo Threat Hunting. With the ability to proactively scan 75,000 backups in less than 60 seconds, you can recover and get back up to speed in record time. Time is money, especially when it comes to recovering and getting your business back up and running!

Rubrik Annapurna was designed specifically to help knock down every obstacle between you and innovation. Best in-class security? Fantastic! Seamless, scalable access to all of your enterprise data? Even better. Imagine what your organization can unlock with Rubrik Annapurna.

Everyone has a plan until they get punched in the face - and cyberattacks are that punch. While traditional security focuses on prevention, true resilience comes from how you respond and recover. Learn why organizations must build better infrastructure, processes, and talent post-breach instead of rushing back to normal operations. The human toll of attacks is real, but avoiding post-incident reflection is the biggest mistake you can make.

Even well-prepared organizations with strong security are surprised by the intensity and length of cyber attacks. Heather Hughes notes that many expect quick solutions but are unprepared for the reality. "This process isn't over in two days," she explains, countering the myth of a 'big red button' fix. For more on how organizations should prepare, hear Heather, VP at Aon Cyber Solutions in the latest episode of podcast.

In this episode of Into the Breach, James Purvis and Mike Schmidt delve into the concept of the IAM (Identity and Access Management) blast radius and its impact on modern security practices. They explore how DSPM (Data Security Posture Management) helps reduce noise, focus on sensitive data, and implement proactive least-privilege models to mitigate risks in cloud and SaaS environments. Learn how understanding the interplay between identities and data can enhance security outcomes and minimize the blast radius of breaches.

In this episode of Into the Breach, James Purvis and Mike Schmidt tackle the evolving relationship between IT Ops and IT Security. They discuss how eliminating silos, adopting a people-and-process-driven approach, and embracing platformization can bridge the gap between these traditionally separate teams. Learn how modern organizations are shifting from best-of-breed solutions to integrated platforms to improve collaboration, streamline workflows, and achieve faster, more effective outcomes as cloud adoption skyrockets.

Amy Bogac, CISO at Elevate Textiles, shares her candid approach to cybersecurity program management. She emphasizes the importance of distinguishing between immediate fixes and long-term improvements after security incidents. Key insights: Set clear boundaries between incident resolution and continuous improvement Use security incidents as leverage for necessary program investments Learn from every crisis to strengthen your security posture Distinguish between short-term fixes and long-term strategic improvements.