Crucial Tech
By Lou Covey
Crucial TechAug 24, 2021
Episode 8.14 -- Generative AI is accelerating phishing attacks
This week we talked to SlashNext's CEO Patrick Harr and Field CTO Stephen Kowski regarding a study about the growth of criminal activity using generative AI
SlashNext’s State of Phishing Report claimed a 1,265% increase in malicious phishing emails and a 967% increase in credential phishing between Q4 2022 to Q3 2023. . While ransomware attacks get all the publicity, the reality is phishing is a much bigger problem for a much larger portion of the populace.
Episode 8.13 - Finding gold in Metomic survey
Cyber Protection Magazine gets a lot of marketing materials described as studies, surveys, and reports. The flow of those documents increases as major trade shows approach. For example, in the two months leading up to the RSA Conference, we received 56 before we stopped counting. More have come in since but it is now a trickle. We read each one. Luckily, our chief editor can read at 6,000 words per minute. He still grits his teeth whenever he reads the email pitch.
That doesn’t mean all turn into content on our pages because, for the most part, the information contained within is not news. Much can be expressed in a few sentences like, “C-level executives are concerned about data breaches” and “Cybercrime to cost more than $9 trillion by 2025.” In the first instance, our response is, “No kidding?” The second instance is just wrong with no evidence to support it. As often as we tell company representatives, they still produce the same banal and inaccurate assumptions.
About half the time, the “study” was not done by the company pitching the document, but by someone else with a specific twist highlighting the pitching company’s capabilities. For example, we recently received a copy of a “report” about the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) Catalog. It is a monstrously large document, remarkably distilled by a private company into a report that, wondrously, pointed to the company’s products as a solution to the problems notated in the report.
Because these documents rarely provide insight but are meant to validate product claims, they are little more than advertising masquerading as information and that puts them in the junk pile. That, however, is not always the case.
Occasionally, we get truly independent research that, for the most part, says nothing new. But buried in the obvious and the inaccurate, is a nugget of truly interesting data. It’s not enough to make an entire story, although it makes for an interesting LinkedIn post. In our review of the bland cornucopia of data received over the past two months, we saw enough nuggets to see a larger story. There is more to come in the next weeks, but we want to start with this interview with Metomic CEO, Rich Vibert. Their recently released survey on CISO opinions in the UK and US had a lot of obvious statements, but we found a couple of nuggets… and what could be an interesting vein for future discussions.
Episode 8.12 - Madison Horn wants to increase Congress' tech IQ
A few people know that I am something of a political junkie. I did some presidential campaigning in high school, then I got into journalism and covered national politics during Watergate. I'm less focused on it now but anyone can drag me into a conversation about it
A few weeks ago I got a call from the press secretary for Madison Horn, who is running for the US Congress out of the 5th Oklahoma congressional district, asking if I wanted to interview her.
Really? Why does a candidate in Oklahoma want to talk to a cybersecurity journalist in California. I was intrigued, so “sure.” Ms. Horn, who also ran for the US Senate a couple of years ago, is optimistic about the state (which is a positive thing) and, to the point, she’s a white-hat hacker who founded a pen-testing company. So there is the hook.
We talked for about 30 minutes and she educated me on some of the more positive things about her state and, in particular, the political leanings of her district. More importantly, we talk about how our legislators need to be tech-savvy.
Episode 8.11 - An interview with Rohit Ghai of RSA.
The RSA Conference was a firehose of information, some of it good, some of it absolutely false, but always a good way to get perspective on the industry. I met with Rohit Ghai, CEO of RSA to get his particular take and he did not disappoint. More to come next week on Cyber Protection Magazine.
PR, the Press, and Technology: A rant
Had a disappointing two weeks trying to cobble together an interview for this week, and had no luck for a variety of reasons. Plenty of content, just little worth reporting. But as I head off to the #RSAC in San Francisco this week, I thought I'd give a history lesson about the relationship of public relations, the press, and technology companies, and explain our policies about press releases, embargoes, and interviews.
Thanks for listening to by LOU talk.
Episode 8.10 -- Google needs news. News doesn't need Google
Last week, Google started removing California-based news sites from search results in retaliation for the legislature advancing the California Journalism Protection Act. The act requires Google to pay the sites when they provide links to news coverage that people are searching for. (See article in Cyber Protection Magazine)
Google has tried to strongarm governments in Australia and Canada when they passed national "link taxes" designed to keep publications financially stable and both times Google has backed down and came to an agreement.
We talked with veteran award-winning journalist and publisher Marty Weybret about his personal experience with the devastation caused by Google to local news. He establishes some reasoning why the financial model for news may need to change but acknowledges that laws like this are a necessary first step, especially since Google seems to think they are more important than local news .
Episode 8.9 - Crystal Morin, tea ladies and personal responsibility
We are neck-deep in politics here in the US, but did you know that by the end of this year, two-thirds of the planet will be making some sort of political decision about their country? That means election interference will be at a historical high. We will have a larger story on this next week in Cyber Protection Magazine but today we talk with Crystal Morin, the cybersecurity strategist for Sysdig about the ethical use of AI and social media and how we can all play our part in keeping all of us safe.
We also discuss how a group of teacup aficionados took on a scammer group and sent them packing. And if you want even more context, check our Ireland's Classic Hits where Lou Covey talked about #sextortion and cyber security,
Episode 8.8 - Red teaming AI
We have written several articles at Cyber Protection Magazine under the title of Defense Against the AI arts and this interview today falls into that category. The company’s name is Enkrypt and the CEO is a nice guy named Sahil Agarwal. What the company does, among other things is it provides a red-team service for companies integrating a new AI, either homegrown or third party, and tells the company if the AI has any security holes or other common flaws.
Also check out the book review, mentioned in the intro
TikTok: Hoist on its own petard
A very, special episode providing some perspective, without offering an opinion on the legislation, about the TikTok controversy,
The debate over the appropriateness of the Congressional action against TikTok can be debated for a long time and probably will until the Senate takes action—which could be weeks. What is less debatable is TikTok’s, and pretty much all of the social media industry’s contribution to the situation. In essence, social media has been hoist on its own petard.
Episode 8.7: Arming insurance companies for cyberbattle
With the exception of people in insurance, nobody like to talk about insurance. That's why, three years ago, few people felt sorry for the insurance industry as it reeled from claims due to multiple natural disasters, rising costs of automobile repairs and, more specifically, data breaches.
Last year, however, was a banner year for cyber insurance while cyber criminals took the financial hit. The size of the global cyber insurance market is predicted to see rapid growth the total market size increasing $20 billion (U.S.) by 2025. That turnaround is largely due to insurance companies requiring heavy prerequisites for cyber awareness, basic cyber hygiene an mandatory, ongoing audits.
One of those companies is Upfort, providing a variety of services to the insurance industry to vet potential clients and make sure they stay secure through training, unique firewalls, and red teaming services. We talked to their CEO XingXin about how companies like his are turning the tables on criminals and making insurance affordable.
Episode 8.6 -- Bad month for cyber criminals.
It has been a bad month for cybercrime. Yes, attacks are on the way up. Yes, they are still extorting money and causing infrastructure chaos. But there is a massive, shadow-busting spotlight on them right where they live and defense technology is advanced enough that they are hearing footfalls of law enforcement behind them.
Recently a faked call from "President Joe Biden" to New Hampshire Democrats urged them not to vote in the state’s primary. It only took a few weeks using AI-detection tools to not only identify what company provided the technology but also the user himself.
For today’s episode, we followed this theme and called one of our favorite technologists, Vijay Balasubramaniyan, CEO of Pindrop, whose technology can reliably identify AI-generated video and audio tech. Vijay would not confirm whether his product was used in this investigation.
You will hear him demur that “we can’t comment on an active investigation.” But he said it in such a way that I’m pretty sure it was. Also, he was interviewed for articles in Wired where he said his tool identified the call as a fake with a factor “north of 99 percent.” Independent researchers at first claimed that number was hard to believe, but after running their own tests grudgingly admitted, “Yeah, that's pretty close.”
BTW, this episode is sponsored by Safety National Insurance
Episode 8.5 -- FIDO, PCI fighting the good fight for security with payment cards
Biometric multi-factor authentication is all the rage in security. And yet it is also the cause of terror for security-minded folk. For every breakthrough we get a news story about how it has caused harm.
Some systems can’t identify people of color as well as it can caucasian people, which has been a problem of photographic technology for decades. Police using the systems have ended up surveilling if not arresting the wrong people. Using DNA to get an AI to develop a suspect’s face has similar weaknesses.
Most recently in Southeast Asia, thieves set up a video call employing deep fake videos to pose as a CFO and financial team and get an employee to transfer $25 million to the thief’s account. In Thailand and Vietnam, hackers stole biometric data to drain accounts in local banks.
The last example demonstrates the need for industrywide cooperation in establishing safeguards. The theft was facilitated by the banks using their facial ID recognition software, not that has been developed to industry standards or even state-of-the-art software from companies like Apple. Two organizations have taken the lead in securing the use of biometrics in payment cards (credit, debit, and gift): The PCI (Payment Card Industry) Security Standards Council and the Fast Identification Online (FIDO) group. Both are separate but have worked together for about a decade. We talked with Dennis Gamiello, executive VP for identity products and innovation at Mastercard, about their involvement with FIDO and what it means for all of us.
Episode 8.4 - Making your personal medical data safe
Generally speaking, 70-90 percent of digital breaches in the world result from human error; someone just not taking proper precautions like not clicking on a link in an email from someone you don't know. But in the healthcare industry, human error is the least of their problems. A whopping 84 percent of breaches are the result of vulnerabilities in the network, both hardware and software. One of those vulnerabilities is in how a clinic or other provider collects and stores that data, so we talked with Hari Prasad, CEO of Yosi Health, about that particular problem and how we can protect that important information.
Episode 8.3 - Centific is fixing AI before it becomes Skynet
This interview was conducted in October and my apologies for the delay. If it is true that we have a certain number of things to finish before we die, then I am so far behind I may live forever.
Episode 8.2 --The most dangerous people on the Internet: Our take
Every year, Wired Magazine publishes an article naming the most dangerous people on the internet and, quite frankly, who gets chosen is fairly obvious, but not altogether accurate. At least that is what we think at Cyber Protection Magazine. So this year, we took our shot at naming the most dangerous people. Give a listen and tell us what you think.
Episode 8.1 -- Harri Hursti makes me feel stupid about elections
Harri Hursti is an internationally recognized expert on election security and was a focal point in two HBO specials on the subject: Hacking Democracy (2006) and Kill Chain: The Cyber Wars Against America's Elections. So when we decided to do a special issue on election security at Cyber Protection Magazine this year, getting an interview with him was high on our priority list. We didn't expect it to happen so early, but it's a great start.
Hursti runs the Voting Village program at DefCon every year in Las Vegas, under the sponsorship of the Election Integrity Foundation
In this longer-than-normal interview we got deep into whether the world's elections are secure (they aren't but it is getting better), what companies are producing secure technology for voting (they aren't), and how good intentions make voting insecure. Forget the coffee, get an adult drink and listen.
This is also the first episode of many this year to be sponsored by Safety National Insurance, providing protection for large organizations. Visit www.safetynational.com for more details.
Episode 7.29 - Would you bet your job on that post?
Disinformation (intentional misinformation) has become a major support for both sides of all conflicts in the world. Once called propaganda, technology, mostly social media, has turned state-controlled information into a virtually immortal beast that can end up turning on its creator.
Episode 7.28 -- Privacy Not Included, in pretty much anything
Two years ago we interviewed Jen Caltrider, head of Mozilla foundation's Privacy Not Included group and got an earful about how bad Meta's privacy was in its products. This year we caught up to Jen and she said they are still bad, but in two years they've been surpassed by Amazon and Google. Before you head out to buy those IoT gifts for Christmas, you might want to listen to this podcast and then check out the site.
Episode 7.27 - Deep fake acceptance increasing but at what cost?
Synthedia, a data research company focused on generative AI and synthetic media markets, dropped a study recently on awareness of deep fake and voice cloning technology that raised some interesting numbers. We are doing a deeper dive on the subject at Cyber Protection Magazine next week, but we sat down with Vijay Subramaniyan, the CEO of PinDrop, a study sponsor, to talk more generally about the findings and what the dangers of the technology are.
Episode 7.26 -- Update your software, but pay no attention to the statistics
The bulk of this episode is about the importance of updating your software no matter how painful it is, and we learn some valuable information about the FREE services of Trackd from its CEO Mike Starr that will help you do that with minimum fuss.
But the REAL reason I did this interview is that in their pitch to me and in Mike's interview, they used some statistics about the problem of cybercrime and its effects that are not based on truth. They've just been repeated over and over again.
That is an inherent problem in technology companies in particular: nobody checks their "facts" and, eventually, the customers learn that the vendors don't know what they are talking about, which kills sales. That is at the heart of the SEC lawsuit against SolarWinds. What the company thought their services and tools could do was not accurate. They weren't trying to fool the customers, but they did fool themselves.
For the next few months, I'll be digging into the theme of "Lies, damn lies, and statistics" in this podcast and on Cyber Protection Magazine. This is the first shot. That's why people like me exist...and there aren't many of us left, which explains why mis/disinformation is so widespread.
Episode 7.25: Linkedin account hijacked? It's not hopeless
Instances of LinkedIn users having their accounts hijacked are a familiar occurrence on social media. Reddit has multiple discussions about the nightmare of trying to restore access to this crucial business tool. So when a friend called me in a panic about having it happen to him, I knew it would be a great opportunity to test out the advice I give to others who have been hit.
It isn't easy. It requires patience. And you need all the help you can get from friends. But it can be done.
Episode 7.24 -- MGM Grand Breach, Social Engineering, and how to protect yourself
Episode 7.23 - Defense against the AI Arts
The rise of generative AI products for commercial use is probably the fastest and most controversial of any technological advance in history. Governments are scrambling to understand and regulate its use. Billions are being invested in development. At the same time, the general public’s interest in the technology has waned and industry pioneer OpenAI announced a potential bankruptcy in 2024 unless significant new investment is forthcoming.
But there is apparently no putting the genie back in the bottle and it is left to all of us to figure out what we can do with it without causing outright disaster. So, for this episode, we have brought this panel of experts to talk about how we can defend against the malicious use of the technology while we mine the benefits. Hyrum Anderson, co-Not With a Bug But a Sticker and an accomplished data scientist with a historical understanding of the tech going back decades; Haseeb Khan, Generative AI Ambassador and at Google; and representing the user base, Milan Lazich, a senior marketing executive, who will discuss concerns and best practices of generative AI.
The transcript of this discussion will be available in the AI special issue of Cyber Protection Magazine and will be distributed to attendees at the it-sa exhibition and conference October 10, and then available to the magazine subscribers in an electronic version after the conference
Episode 7.22 -- Canada in the crosshairs for cyber attack
An August report from the Canadian Centre for Cyber Security said over the next two years, Canada is going to face significant threats from state-supported cyberattacks from Russia, China and North Korea.
Canada? What the heck did Canada do to earn the ire of those folks. Canadians are arguably the nicest people in the world. So we called up our favorite Canadian “cybersleuth”, Ian Thornton-Trump, Cyjax’s CISO. to get the skinny.
Episode 7.21 - Security is dependent on your access to the internet
Most people don't think about accessibility when it comes to the internet. We think of ramps and braille signs and audiobooks. But physical and developmental issues are much more complex than being able to get into a restaurant, especially when it comes to security. I talked with Justin Merhoff, chief of security for Deque (pronounced Dee-cue) Systems in Virginia about the need to make software and digital systems usable for all people, not just most people. And there is an action item for all you in the audience. The National Institute for Science and Technology is working on the first draft of NIST SP 800-50, a standard for cybersecurity and privacy learning, but this draft contains virtually nothing related to people with physical and learning disabilities. If you or people you care about fit that category, now is your chance to give feedback for that standard≥ Go to the site and download the form for comments. Make your voice heard now.
Episode 7.20 -- There's a hard wind coming for cybersecurity companies
There are several reports indicating that the gravy train is about to come to a screeching halt in the cybersecurity industry. Fortune 1000 companies are freezing or cutting back on purchasing budgets for tools and services, which will hit the majority of private and start-up companies that have focused on that segment for 10 years. It's not all bad news. 80 percent of the potential market is all blue water, but it comprises small to medium businesses (SMB) that are not cyber-savvy, and are ready to buy... as long as you can explain what you do in their terms, and demonstrate it works. We talked with Richard Stiennon, founder and chief analyst for IT-Harvest, and Grant Wernick, CEO of Fletch that is enjoying remarkable success and growth by serving the smaller customers.
While you are listening, drop us a line and we will send you information about how you can sponsor our special edition to be distributed at it-sa365 in Germany this year.
Episode 7.19 - ETSI is doing the heavy lifting on AI protections
As generative AI (GAI) platforms become more commonplace, concern over their security issues is growing. As with any digital product, security relies on four arenas. User responsibility, corporate accountability, government regulation and industry standards. The first two are unreliable because users feel put out by having to protect themselves and corporations don’t like to spend money on security upfront. That leads to the third arena, legislation produced by people who don’t know the difference between a thumb drive and a thumbtack.
That put a lot of the load on industry standards and one of the most active is the European Telecommunications Standard Institute (ETSI). Cyber Protection Magazine’s (CPM) editors Lou Covey and Patrick Boch sat down with Scott Cadzow, chair of ETSI’s Specification Group for Securing Artificial Intelligence about the progress and problems of standardizing safe GAI.
Episode 7. 18--Ethics in an AI platform? Shut the front door!
One of the major points of contention in the SAG-Aftra/Writers Guild strike is over ownership of the image and voice of performers. Bob Iger said allowing actors to control the use of the image is disruptive to the current paradigm. But my conversation with Anna Bulakh of Repeecher revealed what the studios want is actually the disruption. Anna is the head of ethics for Respeecher. Yes, you heard that right. The HEAD OF ETHICS. Blows my mind.
Episode 7.17 - Generative AI as a defense against cyber attacks
Most of the discussion about generative AI is either focused on how good or bad it is, without ever discussing that it is JUST a tool. We talked with Anurag Gurtu, chief product officer of StrikeReady, about how the technology can enhance, not replace human involvement.
Episode 7.16 -- Perspective: Things are getting better
It's hard to stay positive about the state of the world as long as you listen to everyone complain about it. One truth overrides that for me: Nothing is as bad as it seems nor as good as some people might tell you. The trick is to focus on the goal. When you see progress... anywhere... take heart.
Episode 7.15 - VR Headsets: Boondoggle or Breakthrough?
The team at Cyber Protection Magazine doesn't just look at cybersecurity technology. Sometimes we just argue about tech in general. Chief editor Lou Covey and co-founder Patrick Boch have been talking about the Apple Vision Pro headset since it was first announced and still don't agree on it, but we thought the discussion would help others make up their mind on whether to invest $3500 now or wait until the price comes down, So we recorded our last discussion.
Episode 7.14 -- Taking a step toward stopping AI fraud with Pindrop
Generative AI is BIG business. Maybe too big. In the rush to commercialize and cash in on billions of dollars of investment, Big Tech is letting security slip through the cracks again. Adversaries are weaponizing AI to supercharge phishing attacks, destabilize governments and blackmail innocent people. This episode is the first entry in a months-long series of storeis, podcasts, videos and panels on "Defense Against the AI Arts (with Apologies to Harry Potter". Our first subject Vijay Balasubramaniyan, CEO of Pindrop.
Episode 7:13 -- How companies can assure customers their data is safe
Telesign is part of a growing security niche market dedicated to providing the infrastructure companies need to keep customer data safe. We talked with company CMO Kristi Melani about how the industry needs to educated not just corporations but the users in what is available to them.
Episode 7.12 -- Data for All by John K. Thompson: A book review
This episode is our very first book review. I edited Data for All late last year and had my eyes open to both the massive amount of customer data collected by almost every corporation in the world, and the amount of digital waste produced by the effort. There is also a mini-review of Not with a Bug, but with a Sticker. These are two books that if you read them (and they are both easy reading) will make you sound like an expert in AI and data science in any gathering of people. That may not be a good thing but I enjoy it.
Episode 7:11 -- Rohit Ghai on the promise and problem of generative AI
#GenerativeAI was front and center at the RSA Conference 2023 in San Francisco. Companies were either promoting it as a means of improving security or warning against it as a security weakness. It was even the keynote on Tuesday by RSA CEO Rohit Ghai, who took a neutral position that leaned positive on its potential.
But as he spoke, for the most part, glowingly about the AI age we are entering there were some questions that arose. So we contacted him through his PR agency and he graciously accepted an interview appointment to answer those questions. Our focus was, primarily, on the ethical use of generative AI and the failure of the tech industry to live up to its own stated ethics. The conversation was frank and illuminating.
Episode 7.10--What's up with Generative AI
You cannot spit without hitting a news story about generative AI (AKA ChatGPT, Bard, etc.). Some of the news is good, some of it bad, and all of it fairly confusing. Cyber Protection Magazine has been digging through the detritus and find what really is good or bad about it and today we continue that with an interview with a very smart man: Dr. James Norrie, a full-time professor in the Management, Marketing, and Entrepreneurship department at York University and founder of the cybersecurity company CyberconIQ. He holds advanced degrees in cybersecurity and intelligence analysis, copyright law, and project management. And he has a very specific take on generative AI.
Episode 7.9 -- Getting to the bottom of the TikTok issue
TikTok has been in the news for quite a while, but at Cyber Protection Magazine, we are pretty sure we aren't getting the whole story, so we are starting a series of articles and podcasts to get to the bottom of the issue, starting with this episode.
We talk to Ian Thornton-Trump -- raconteur, iconoclast, cyberwarrior, and CISO for Cyjax -- and he, as usual, has a lot to say. As you listen you will find that the real problem is not in the app, but in ourselves... and in bad algorithm design.
Also, this is an ad-free episode. If you want to support the work we are doing, go to Cyber Protection Magazine and donate to the cause. The button is on the bottom of the page.
Episode 7:8 - Advertising isn't what you think
You can't talk in polite company about politics or religion, but everyone can talk about how they hate advertising. And for good reason. I take a break from discussing technology to rant about what tech companies do to get you to buy their stuff, and why you don;t trust them.
Episode 7.7 -- Sextortion is a thing. How big a thing is questionable. But it is scummy
“Sextortion” is a popular theme in media and the news, but it may or may not be a big deal. No one can really come up with a consensus about what it is and how widespread it is. It’s even difficult to pin down whether it is a crime. We talked with Ken Kuglin from Digital Forensics Corporation, a cybersecurity firm in Ohio, about how to deal with the attacks and their free services to educate people about how to avoid or deal with sextortion.
Episode 7.6 -- Axiado seeks to crowd source a "data lake" for comprehensive cyb ersecurity
Cybersecurity has a healthier and older relationship with artificial intelligence (AI) than pretty much any other industry niche. That’s because the information available on cyber threats is better vetted than 90 percent of what is fed into ChatGPT and the Google and Microsoft versions of generative AI. But putting that data to use in security is not that easy… yet.
Cyber Protection Magazine has been tasing with companies for several weeks as we study the constructive uses of AI in security, and try to find a way through the hype. We interviewed the CEO of one company recently, Gopi Sirineni of Axiado. They are about to launch a security co-processor driven by a unique AI that will be based on the Sirineni calls a “data lake” of attack schemes. This information is a “living” database that will constantly be updated. But to make sure it is as comprehensive as possible, they are enlisting the help of the worldwide cybersecurity community. To participate, you can contact Axiado through their website, on the corporate Linkedin page, or to Sirineni directly. More will be available at the magazine in the next two weeks.
Episode 7.5 - That IRS agent that called you is a criminal
Vishing, short for "voice phishing," is on the rise again. But then, it’s been rising almost exponentially for the past two years. Last summer various organizations were reporting anywhere between 500-650 percent increases over the previous six quarters. Now, as US citizens prepare their tax returns, the scam is getting another bump. We had a chat with Brian McDonald, director of product development and Mutare, about their technology and the problem of vishing.
Episode 7.4 -- Avoid being a big, stationary target
Being a security company that gets hit with a data breach or malware attack is embarrassing, besides the fact that it scares the hell out of your customers. But the current tech fad of "decentralization" has a pretty good lesson for anyone thinking about establishing a security operations center, virtual or otherwise. We talked with the CEO of Dispel about how they've been decentralizing security operations in infrastructure clients for years now.
Episode 7.3 -- All things Data Privacy!
If you're like us, #dataprivacyweek snuck up on you and almost got by before you knew it. But we were still busy. This podcast includes an interview with Brandon Rogers, a senior security engineer at Halo Security, an attack surface management company, who discusses the rash of data breaches at T-Mobile over the past couple of years and what they SHOULD be doing about it (Note, T-Mobile has not responded to requests for input), and then we have our first All Hands discussion with the team at Cyber Protection Magazine as we talk about the larger issues of data privacy.
Episode 7:2 -- Diversity and Civil Rights Progress with Rockwell's Nicole Darden Ford
It's Martin Luther King day today, which is an important holiday for me. This interview was incredibly satisfying because it demonstrates how far we've come since Dr. King Spoke in Washington DC in 1963. We have a long way to go, but this is a celebration of what is being accomplished.
Marketing and Media: Most of what you know is wrong
To kick off the new year and our seventh season, Joe Basques and I tackle the conundrum of distrust in media and why marketing doesn't work the way it's supposed to in the technology world.
Episode 6:19 - End of the Year finale with Ian Thornton-Trump
For the second year we are publishing predictions for 2023 in Cyber Protection Magazine by asking people and organizations to submit a brief, one-paragraph statement. Our friend and Cyjax CISO sent an entire presentation. And it was fun and scary all at the same time.,So we went with it. Check out the other predictions on the magazine and let us know what you think.
Episode 6.18 - Account takeover attacks are inevitable
A personal bank account was hacked this week, but because I was getting regular alerts from my bank we kept the damage at a minimum. As luck would have it, I had scheduled this interview with Bruno Farinelli of Clearsale who explained how even when you do everything you can to keep your finances safe, criminals have a way to get around your protections.
Episode 6.17 - Avoid Black Friday deals. Enjoy your time off
Guess what? Black Friday doesn't give you good deals and the ones you may be looking at may be scams. Take 15 minutes and get smart.
Episode 6.16 - The future of democracy, technology and media
A few weeks ago I was on a panel at San Jose State, #yesyoucan, about the future of democracy and how it intersects with technology and media. It went over an hour, which twice longer than what I normally do, but it included Harry Hursti speaking on election security and Sari Stenfors regarding a "hopeful future." After what we've been through the past few months, it might help.
Episode 6.15 - As tech investors cower, Cybersecurity looks like a good bet
You've read the headlines about the stock market and the tech sector in particular. Self-proclaimed genius tech bros are hemorrhaging wealth, portfolios are crashing. But while the cybersecurity industry isn't completely unaffected, it is still attracting billions in new investment and private equity acquisitions. We talk to Brad LaPorte of Lionfish Advisors about why investments are falling in tech and why cyber is the new darling.