<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet href="/stylesheet.xsl" type="text/xsl"?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:podcast="https://podcastindex.org/namespace/1.0">
  <channel>
    <atom:link rel="self" type="application/rss+xml" href="https://feeds.transistor.fm/the-breach-desk" title="MP3 Audio"/>
    <atom:link rel="hub" href="https://pubsubhubbub.appspot.com/"/>
    <podcast:podping usesPodping="true"/>
    <title>The Breach Desk</title>
    <generator>Transistor (https://transistor.fm)</generator>
    <itunes:new-feed-url>https://feeds.transistor.fm/the-breach-desk</itunes:new-feed-url>
    <description>Every week, Carlos Cardal Alves, CISO and founder of CRS Consulting, takes the week's most significant breach, strips it down to the mechanism that made it possible, maps it to the regulatory exposure, and hands you one action to take before the next one lands.
No jargon for its own sake. No vendor pitches. Just the breach and the lessons thereof. </description>
    <copyright>© 2026 Carlos Alves</copyright>
    <podcast:guid>5aa3e261-e6e9-5fe7-8c8f-ed2bf4af1d7e</podcast:guid>
    <podcast:locked>yes</podcast:locked>
    <language>en</language>
    <pubDate>Mon, 06 Jul 2026 09:37:42 +0100</pubDate>
    <lastBuildDate>Mon, 06 Jul 2026 09:41:11 +0100</lastBuildDate>
    <link>https://www.globalcrs.eu/research.html</link>
    <image>
      <url>https://img.transistorcdn.com/4p8eSoEfFbteS7Wo3fnS4SQ03pO-yFJQ-am_EIWbmuU/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9mNjhl/NWMzZWEyZjMxZjA2/MjM5MjYwNTliOTNk/Yzg2Mi5wbmc.jpg</url>
      <title>The Breach Desk</title>
      <link>https://www.globalcrs.eu/research.html</link>
    </image>
    <itunes:category text="Technology"/>
    <itunes:type>episodic</itunes:type>
    <itunes:author>Carlos Alves</itunes:author>
    <itunes:image href="https://img.transistorcdn.com/4p8eSoEfFbteS7Wo3fnS4SQ03pO-yFJQ-am_EIWbmuU/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9mNjhl/NWMzZWEyZjMxZjA2/MjM5MjYwNTliOTNk/Yzg2Mi5wbmc.jpg"/>
    <itunes:summary>Every week, Carlos Cardal Alves, CISO and founder of CRS Consulting, takes the week's most significant breach, strips it down to the mechanism that made it possible, maps it to the regulatory exposure, and hands you one action to take before the next one lands.
No jargon for its own sake. No vendor pitches. Just the breach and the lessons thereof. </itunes:summary>
    <itunes:subtitle>Every week, Carlos Cardal Alves, CISO and founder of CRS Consulting, takes the week's most significant breach, strips it down to the mechanism that made it possible, maps it to the regulatory exposure, and hands you one action to take before the next one lands.</itunes:subtitle>
    <itunes:keywords>cybersecurity, data breach, CISO, information security, cyber risk, GRC, governance risk compliance, DORA, NIS2, GDPR, operational resilience, ransomware, supply chain attack, third party risk, threat intelligence, cyber leadership, board advisory, financial services security, EU regulation, incident response, data protection, security strategy, cyber awareness, breach analysis, executive security</itunes:keywords>
    <itunes:owner>
      <itunes:name>Carlos Alves</itunes:name>
      <itunes:email>carlos.alves@globalcrs.eu</itunes:email>
    </itunes:owner>
    <itunes:complete>No</itunes:complete>
    <itunes:explicit>No</itunes:explicit>
    <item>
      <title>The Hidden Master Keys</title>
      <itunes:episode>2</itunes:episode>
      <podcast:episode>2</podcast:episode>
      <itunes:title>The Hidden Master Keys</itunes:title>
      <itunes:episodeType>full</itunes:episodeType>
      <guid isPermaLink="false">2d1609c2-32a3-4f6e-b713-92ca1bc7d81f</guid>
      <link>https://www.globalcrs.eu/research.html</link>
      <description>
        <![CDATA[<p>This podcast is a deep-dive discussion about Episode 1, specifically highlighting how trusted third parties serve as primary attack vectors. The discussion also covers JavaScript injections and the unverified claims against the Council of Europe, emphasizing the need for rigorous vendor inventories</p>]]>
      </description>
      <content:encoded>
        <![CDATA[<p>This podcast is a deep-dive discussion about Episode 1, specifically highlighting how trusted third parties serve as primary attack vectors. The discussion also covers JavaScript injections and the unverified claims against the Council of Europe, emphasizing the need for rigorous vendor inventories</p>]]>
      </content:encoded>
      <pubDate>Mon, 06 Jul 2026 09:37:32 +0100</pubDate>
      <author>Carlos Alves</author>
      <enclosure url="https://media.transistor.fm/318dc72b/75cc4540.mp3" length="18019164" type="audio/mpeg"/>
      <itunes:author>Carlos Alves</itunes:author>
      <itunes:image href="https://img.transistorcdn.com/bOOa0tM8_fBOZEmfMMzOvMnKUMcIJ4gQHd0tzI1hOT8/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS80NTYx/NTk3ZTJiNDM2Y2Uy/ODVkY2I0NDM1NjAx/YmFmMy5qcGVn.jpg"/>
      <itunes:duration>1125</itunes:duration>
      <itunes:summary>
        <![CDATA[<p>This podcast is a deep-dive discussion about Episode 1, specifically highlighting how trusted third parties serve as primary attack vectors. The discussion also covers JavaScript injections and the unverified claims against the Council of Europe, emphasizing the need for rigorous vendor inventories</p>]]>
      </itunes:summary>
      <itunes:keywords>cybersecurity, data breach, CISO, information security, cyber risk, GRC, governance risk compliance, DORA, NIS2, GDPR, operational resilience, ransomware, supply chain attack, third party risk, threat intelligence, cyber leadership, board advisory, financial services security, EU regulation, incident response, data protection, security strategy, cyber awareness, breach analysis, executive security</itunes:keywords>
      <itunes:explicit>No</itunes:explicit>
      <podcast:transcript url="https://share.transistor.fm/s/318dc72b/transcription.vtt" type="text/vtt" rel="captions"/>
      <podcast:transcript url="https://share.transistor.fm/s/318dc72b/transcription.srt" type="application/x-subrip" rel="captions"/>
      <podcast:transcript url="https://share.transistor.fm/s/318dc72b/transcription.json" type="application/json" rel="captions"/>
      <podcast:transcript url="https://share.transistor.fm/s/318dc72b/transcription.txt" type="text/plain"/>
      <podcast:transcript url="https://share.transistor.fm/s/318dc72b/transcription" type="text/html"/>
    </item>
    <item>
      <title>Episode 1 - They Never Touched The Front Door</title>
      <itunes:episode>1</itunes:episode>
      <podcast:episode>1</podcast:episode>
      <itunes:title>Episode 1 - They Never Touched The Front Door</itunes:title>
      <itunes:episodeType>full</itunes:episodeType>
      <guid isPermaLink="false">e9dfe949-1320-45b8-b667-ff0148478876</guid>
      <link>https://www.globalcrs.eu/research.html</link>
      <description>
        <![CDATA[<p><strong>Episode 1 - The Door You Forgot You Left Open</strong></p><p><em>Coverage window: breaches logged through 01 July 2026</em></p><p>Three confirmed breaches. Three different targets. One pattern: not one attacker knocked on the front door. Every breach came through a trusted third party, a forgotten credential, a hijacked package, an injected script. This is the episode that sets the tone for The Breach Desk: Breach Mechanisms, not Headlines.</p><p>#TheBreachDesk #CyberSecurity #DataBreach #CISO #CyberRisk #GRC #DORA #NIS2 #GDPR #OperationalResilience #ThirdPartyRisk #SupplyChainSecurity #RansomWare #ThreatIntelligence #InfoSec #CyberLeadership #BoardAdvisory #SecurityStrategy #DataProtection #npm #OpenSource #PasswordSecurity #OAuth #EURegulation #CRS</p>]]>
      </description>
      <content:encoded>
        <![CDATA[<p><strong>Episode 1 - The Door You Forgot You Left Open</strong></p><p><em>Coverage window: breaches logged through 01 July 2026</em></p><p>Three confirmed breaches. Three different targets. One pattern: not one attacker knocked on the front door. Every breach came through a trusted third party, a forgotten credential, a hijacked package, an injected script. This is the episode that sets the tone for The Breach Desk: Breach Mechanisms, not Headlines.</p><p>#TheBreachDesk #CyberSecurity #DataBreach #CISO #CyberRisk #GRC #DORA #NIS2 #GDPR #OperationalResilience #ThirdPartyRisk #SupplyChainSecurity #RansomWare #ThreatIntelligence #InfoSec #CyberLeadership #BoardAdvisory #SecurityStrategy #DataProtection #npm #OpenSource #PasswordSecurity #OAuth #EURegulation #CRS</p>]]>
      </content:encoded>
      <pubDate>Wed, 01 Jul 2026 20:37:26 +0100</pubDate>
      <author>Carlos Alves</author>
      <enclosure url="https://media.transistor.fm/592029ba/fdb15e4c.mp3" length="8497916" type="audio/mpeg"/>
      <itunes:author>Carlos Alves</itunes:author>
      <itunes:image href="https://img.transistorcdn.com/1DDfADnKy7YLAqgYdfxKEyRTXjWKzUbVxWaAlOfP8Og/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS81ZTIw/OWViZWNiNmFmZjlh/OWU1NzNkMGIyNmFm/ZTA1NS5wbmc.jpg"/>
      <itunes:duration>528</itunes:duration>
      <itunes:summary>
        <![CDATA[<p><strong>Episode 1 - The Door You Forgot You Left Open</strong></p><p><em>Coverage window: breaches logged through 01 July 2026</em></p><p>Three confirmed breaches. Three different targets. One pattern: not one attacker knocked on the front door. Every breach came through a trusted third party, a forgotten credential, a hijacked package, an injected script. This is the episode that sets the tone for The Breach Desk: Breach Mechanisms, not Headlines.</p><p>#TheBreachDesk #CyberSecurity #DataBreach #CISO #CyberRisk #GRC #DORA #NIS2 #GDPR #OperationalResilience #ThirdPartyRisk #SupplyChainSecurity #RansomWare #ThreatIntelligence #InfoSec #CyberLeadership #BoardAdvisory #SecurityStrategy #DataProtection #npm #OpenSource #PasswordSecurity #OAuth #EURegulation #CRS</p>]]>
      </itunes:summary>
      <itunes:keywords>cybersecurity, data breach, CISO, information security, cyber risk, GRC, governance risk compliance, DORA, NIS2, GDPR, operational resilience, ransomware, supply chain attack, third party risk, threat intelligence, cyber leadership, board advisory, financial services security, EU regulation, incident response, data protection, security strategy, cyber awareness, breach analysis, executive security</itunes:keywords>
      <itunes:explicit>No</itunes:explicit>
      <podcast:transcript url="https://share.transistor.fm/s/592029ba/transcript.txt" type="text/plain"/>
    </item>
  </channel>
</rss>
