Threat Vector by Palo Alto Networks

Every threat actor leaves a financial signature. Ransomware operators, state-sponsored hackers, fraud networks — they all need to move money, and when they do, the blockchain records it permanently.

Jackie Burns Koven leads cyber threat intelligence at Chainalysis, where she tracks how criminal and nation-state actors use cryptocurrency to fund attacks, launder proceeds, and pay for the tools and infrastructure that power the underground economy. Before Chainalysis, she worked in the U.S. Intelligence Community on nuclear proliferation. She also serves on the Ransomware Task Force, the cross-sector coalition working to disrupt the financial ecosystem that makes ransomware profitable.

In this conversation recorded live at the Links conference in New York, guest host Michael Sikorski, CTO of Unit 42, talks with Jackie about how blockchain intelligence works as a threat intelligence discipline, why open-source cryptocurrency is more exposed than most defenders realize, and what the financial signatures of threat actors can reveal that traditional IOCs cannot.

You’ll learn:


How blockchain intelligence connects wallets to threat actors, criminal networks, and nation-state operations


Why cryptocurrency is relevant to every organization, even those that don’t pay ransoms or custody crypto


What North Korea’s $2 billion in stolen cryptocurrency tells us about the scale of state-sponsored crypto crime


How financial signatures can track a threat actor across rebrands, gang changes, and evolving crime types


What most CTI analysts are missing by not having a blockchain tracing capability in their toolkit

This episode is essential listening if you’re a threat intelligence analyst, incident responder, or security leader trying to understand the financial infrastructure that funds the attacks hitting your industry.

Related Episodes:


Muddled Libra: From Spraying to Preying in 2025


Lessons from the Underground

#ThreatIntelligence #Ransomware

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠⁠

Ingrid Parker, Director of Intel Response at Unit 42, has a background that doesn't fit the mold: art student, Army linguist, systems administrator deployed to Afghanistan, co-author of 11 Strategies of a World-Class Cybersecurity Operations Center. In this conversation, she and David dig into what it actually feels like to do threat intelligence at the highest levels — how you build the kind of thinking that lets you get inside an adversary's head, what you look for when you're hiring for that skill, and what the job quietly costs the people who do it well.

Related Episodes:


The Art of Threat Hunting — Ryan Chapman on how threat hunters develop instincts and expertise


Transform Your SOC and Get Ahead of the Threats — Clay Brothers on SOC transformation and what makes teams resilient


Designing Human-Centered Security Operations — Liz Pinder and Patrick Bayle on analyst burnout, focus, and what the SOC owes its people

#ThreatIntelligence #CyberDefense

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

AI is the most powerful tool defenders have ever had. It's also the most dangerous weapon attackers have ever had. Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines, has seen AI reshape both sides of the threat equation. In this conversation, he gets specific about what happens when powerful tools fall into the wrong hands, and what leaders need to do before they get caught off-guard.

You'll learn:


How attackers are using AI to move faster, scale wider, and go deeper than ever before


Why the moment you deploy AI, your security posture fundamentally changes


What curiosity-driven leadership looks like when the threat landscape won't sit still


How to close the gap between the security team's understanding of AI and the rest of the organization


What Assaf learned from 25+ years on the frontlines that still applies in the AI era

#CyberSecurity #AIRisk

Related Episodes:


The Good, the Bad, the Ugly of AI


Inside AI Runtime Defense


Securing AI in the Enterprise

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

The FBI sees every breach. You see yours.

Adam Maddock, Section Chief of the FBI's Cyber Technical Analytics and Operations Section, and Jarrod Schlenker, Assistant Section Chief leading the FBI Cyber Division's private-sector engagement, join David Moulton to walk through Operation Winter SHIELD, the FBI's public campaign built on what investigators see repeated across hundreds and thousands of cases. Ten defenses. All of them rooted in real intrusions. Most of them still missing from too many organizations.

You'll learn:

Why SMS-based MFA is no longer enough, and what phishing-resistant authentication actually looks like in practice

How end-of-life SOHO routers and IoT devices become obfuscation infrastructure for attacks against targets that never knew they were involved

Why calling the FBI early in an incident changes what's possible, and what you lose if you wait

What the FBI means when it says industry is a "critical ally," not a passive recipient of intelligence

Why you don't need to have your act together before you call your local FBI field office, and why trying to might actually hurt the investigation

This episode is essential listening if you're: a CISO or security leader wondering what law enforcement actually needs from you, an executive who doesn't yet have a relationship with your local FBI field office, or a practitioner trying to understand which defensive investments move the needle most.

Resources:


Operation Winter SHIELD at fbi.gov

Operation Winter SHIELD One-Pager

Related Episodes:


Lessons from the Underground with Keith Mularski, former FBI special agent and Chief Global Ambassador at Qintel


Inside the Mind of State-Sponsored Cyberattackers with Lior Rochberger, Unit 42

Risk, Resilience, and Real Talk with Sam Ainscow

#Cybersecurity #CriticalInfrastructure

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

What does it take to go from staring at forensic images to sitting across from a CEO whose company is on fire?

Steve Elovitz has spent his entire career in the room when things go wrong. He started in forensics and eDiscovery at PwC, moved to Booz Allen doing government work, then spent a decade at Mandiant before joining Unit 42 to lead North America consulting and incident response. The throughline across all of it: empathy.

In this conversation, Steve reflects on what two decades of incident response actually teaches you about the people on the other side of a breach. The executives fighting for their jobs. The CISOs trying to communicate while everything's on fire. The analysts who need someone to have their backs.

You'll hear how Steve's understanding of the job evolved as he moved from technical analyst to executive advisor, what the shift from forensic imaging to real-time response felt like from inside it, why identity keeps showing up in nearly every postmortem, and what briefing a board looks like when you get 15 minutes instead of the hour you planned for.

Steve has advised Fortune 500 boards and C-suites through some of the most damaging breaches of the past two decades. His biggest lesson turned out to be the one no certification teaches.

This episode is essential listening if you're a security professional trying to grow from analyst to advisor, or a leader building a team that can sustain this kind of work over a career.

Related Episodes:

Speaking Security in Board Language 

Cybersecurity Metrics and Reporting to the Board 

Transform Your SOC and Get Ahead of the Threats

#IncidentResponse #Cybersecurity

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠