Episode 195: Enigma Machines’ Security Lessons for Today

 

 

In episode 195 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Ed Skoudis, President of SANS Technology Institute, and Marcus Sachs, Senior Vice President and Chief Engineer at the Center for Internet Security® (CIS®). Together, they discuss Enigma machines, their history, and their security lessons for today.

Here are some highlights from our episode:

  • 00:56. Introductions to Ed and Marc
  • 01:32. What Enigma machines are and why cybersecurity folks still care about them today
  • 06:10. Enigma machines as a symbol for how we can use hacking for noble purposes
  • 07:18. How the the human mind and the need for ease of use can undermine security
  • 15:59. The importance of testing when designing and maintaining a security system
  • 20:45. Why "security through obscurity" isn't actually true
  • 22:58. Curiosity, logic, and a wide range of knowledge: Essential traits for getting hired in cybersecurity today
  • 30:57. The impact of culture in shaping security policy and priorities
  • 35:09. Why artificial intelligence (AI) is the Enigma machine of 2026
  • 36:11. How to learn more about Enigma machines

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.