The UNSECURITY Podcast – Episode 56 Show Notes

Brad and I hope you had a wonderful Thanksgiving holiday! We have so many things to be thankful for, including our faith, our families, our work families (FRSecure and SecurityStudio), our friends, our partners, our clients, and last, but not least, our UNSECURITY Podcast listeners!

Our listeners make our podcast worthwhile.

If you missed last week, we introduced you to one of the most amazing 15 year-old kids you’ll ever meet, Zoe Bundy. She’s an all around awesome gal, and the founder of Brainy Ladies. Give it a listen. You won’t be disappointed!

This week we welcome another special guest, Justin Webb. Justin is a “Data Privacy & Cybersecurity Attorney / Chief Information Security Officer at Godfrey & Kahn, S.C.”. We’re going to talk to Justin about all sorts of legal information security and privacy stuff. It’ll be like 30-40 minutes of free legal advice (sort of)!

I’m (Evan) leading the show this week, and here are my notes.


SHOW NOTES – Episode 56

Date: Monday, December 2nd, 2019

Show Topics:

Our topics this week:

  • Introducing Justin Webb
    • Who is Justin Webb?
    • Target vs. Chubb
    • The California Consumer Privacy Act (CCPA)
    • China’s Cryptography Law
  • New Show Format (reminder)
  • News
Opening

[Evan] Welcome back! Unless you’re lost, you know this is the UNSECURITY Podcast. This is episode 56, and I’m Evan Francen, your host. The date is December 2nd, and joining me is my buddy Brad Nigh. Sup Brad?

[BradShares some of the simple things in life.

[Evan] How was your Thanksgiving holiday?

[Brad] Great, duh!

[Evan] We have another awesome show planned today! A couple of weeks ago, I read a news story about Target suing Chubb, their insurance provider, about claims related to the infamous Target breach of 2013. Here we are, six years later, and the fallout continues.

People who know my past, know that I spent twenty-one months consulting the Special Litigation Committee (SLC) of Target Corporation’s Board of Directors who addressed the derivative claims
arising out of the December 2013 data breach. I mention this only because I’m still obligated to maintain confidentiality from this work, and for perspective. I was privileged to see almost everything about this breach, or at least it seemed that way.

So, I read the news about this lawsuit, and I figured I’d reach out to my favorite cyber-insurance guy, David Kruse and get his take. David introduced me to this cool cat, Justin Webb, an information security stud and data privacy attorney with Godfrey & Kahn, a leading law firm out of Milwaukee, Wisconsin.

Welcome Justin!

[Justin] Justin does Justin.

[Evan] I’m sort of looking at this like we get 30 minutes or so of free legal advice. Right?

[Justin] Probably not right, but whatever.

[Evan] We’re very excited to have you join us Justin!

Discussion with Justin

Conversation items:

[Evan] Good stuff! Legalling is exhausting. Thank you Justin for providing your insight and advice!

New Show Format Discussion (reminder)

[Evan] Just a quick reminder about the upcoming new addition to the show, starting after the first of the year. We’re devoting ten minutes of each show to anyone who’s looking for a job in the information security industry. Email us at unsecurity@protonmail.com if you want your slot! We’ll respond to you on a first come, first serve basis.

We’ve already received some emails, which is super cool!

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

If you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Evan] Alright, what the heck happened this last week? Let’s see…

Closing

[Evan] That’s it. Episode 56 is a wrap. Thank you to Justin Webb for joining us and for sharing your perspective.

Thank you to our listeners! Keep the questions and feedback coming. We’re still a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh. Justin, how do you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies there too!

That’s it! Talk to you all again next week!

#S2Roadshow Recap – Week Eight

Kansas City (MO) and Irvine (CA)

Monday was spent catching up in the office before heading off to Kansas City early Tuesday morning.

A day in Kansas City and three days in Orange County, California this week. Not bad!

SecurityStudio Roadshow Summary

If you’re new, or you’re confused about this #S2Roadshow thing, start here (maybe).

Previous Week’s Recaps:

The purpose of the SecurityStudio Roadshow (#S2Roadhow) is to meet people and make partners. We want to meet people, understand their businesses, and help them grow using simple, fundamental, and compliant solutions (S2Score, S2Org, S2Vendor, and S2Team/S2Me).

Our mission is to fix the broken information security industry. Success requires collaboration, partnership, and transparency.

BBQ Reviews

In full transparency, we have a secondary mission on the #S2Roadshow. We eat as much BBQ as we can. After stuffing ourselves, I summarize our BBQ reviews at the end of each recap article (see below).

Kansas City, Missouri

The Roadshow officially started on early Tuesday morning with a five something AM flight to Kansas City. The primary purpose for making the trip back to Kansas City was an important meeting with Lockton, our awesome partner. We had four people visiting from our office; myself, John Harmon, Alex Titze, and Chris Dian. I took a earlier flight than the other guys, so my job was to get the car and come back to pick them up.

I was greeted in Kansas City by the happiest and most encouraging rental car bus driver you could imagine. Ross was great!

Got the car, grabbed a coffee (red eye) at Starbuck’s, then came back to the airport to pick up the guys. Love these guys!

This slideshow requires JavaScript.

Lockton Meeting

The meeting with Lockton went great! We gave an introductory presentation to personnel in offices throughout the United States and discussed logistics about how we work together. Before heading back to the airport, we had to make a BBQ stop. This time we drove to Slaps BBQ (review below).

At the airport, we had great meeting with Chubb, a new potential partner. Chubb is reviewing the entire SecurityStudio platform, and seems most interested in using the S2Team/S2Me for their clients.

After this meeting, I was off to Irvine/Orange County, while the others headed back to Minneapolis.

Irvine, California

California is a beautiful place, that’s for sure! I had meetings with partners and potential partners while I was here, but things were low-key for the most part. Low-key is good when I have many days worth of email to catch-up on. The primary purpose for this visit was to preach at Webster University on Thursday evening.

My rental car was nicer than usual. Enterprise upgraded me (for no cost) to a Mercedes GL 320. If you know me, you know that I’m not a flashy guy who feels the need to drive a flashy car. At home, I drive a base model F250, so this is a change. A friend  told me that it looks like I’m driving a storm trooper helmet. Take a look at the picture below, yes?

John Harmon joined me on Thursday morning. We decided to check under the hood. Looks complicated.

This slideshow requires JavaScript.

We had some extra time on Thursday afternoon, so we took in a few sights. Like I said earlier, California is a beautiful place!

This slideshow requires JavaScript.

ISSA-OC

My talk is part of the “Cybersecurity Seminar Series”, a joint effort of ISSA of Orange County and Webster University. I wasn’t scheduled to be there until 6:00(ish) PM, so we made a stop at an In-N-Out Burger on the way. On all my travels, this was my first ever experience with an In-N-Out Burger. I can’t believe what I’d been missing!

This slideshow requires JavaScript.

We arrived on time (yay us!) and were greeted by the event organizer, Dr. Brian Dozer. Brian is the Director at Webster University and the ISSA Program Director. Super cool and nice guy! The facility was great, the audience was great, and we met some great people here!

Here’s a copy of my slide deck. Use it (or not) in any manner you wish! I added a slide to the usual deck, a simple challenge for audience members to get a free copy of my book. The challenge is to solve a simple monoalphabetic substitution cipher of one of Robby Bragg’s poems. If you don’t know (or remember), Robby was a wonderful person who used to work at FRSecure before he tragically took his own life on May 17th, 2018. I keep Robby’s memory alive on the #S2Roadshow by highlighting the need to address mental health issues head-on. The slides with Robby’s tribute and the challenge are pictured below.

This slideshow requires JavaScript.

After giving the talk, it was back to the hotel. More meetings on Friday, then back to Minneapolis Friday afternoon. Another great trip!

BBQ Reviews

You know how we roll, right?! BBQ man! As much as we can get, and yes, we (well I am) are gaining a few pounds along the way.

Four BBQ reviews this week. One in Kansas City (Slaps BBQ) and three in California (Fire Breather BBQ, RIBBRO BBQ, and Bad to the Bone BBQ). Reviews below!

Slaps BBQ – https://slapsbbqkc.com/ – Overall: 8 

  • Atmosphere – 8, this was a pretty cool place, located in an industrial part of town. The all brick building featured an indoor eating area, plus there were two more eating areas outside. The eating area on top of the building featured a great view of the Kansas City skyline.
  • Service – 9, I love when the BBQ is made to order right in front of you. They cut the meat and dish it out as you order it, right in front of you. The staff was very courteous and very helpful.
  • Portion/Value – 8, definitely above average. We got filled up at a very reasonable price.
  • Taste – 7, the brisket was good and the pulled pork was good. The best part was the jalapeno cheddar sausage. All the BBQ was good, but not amazing.

This slideshow requires JavaScript.

We went to Slaps on a recommendation from a close friend. She’s a local and told us this was her favorite BBQ in all of Kansas City. It was good, but I’ve had better in this town.

Fire Breather BBQ – http://www.firebreatherbbq.com/ – Overall: 7

  • Atmosphere – 6, there wasn’t anything special about this place. It was located in a strip mall type setting and sort of felt like fast food.
  • Service – 7, average(ish). The staff was courteous and helpful, but nothing special.
  • Portion/Value – 8, definitely above average. Again, I got my fill and I didn’t have to mortgage my house for it.
  • Taste – 7, the brisket had a great fat cap on it, and it was an excellent cut of meat, but there was no smoke ring at all. It was hard to taste the smoke flavor in the other meat too (pulled pork).

This slideshow requires JavaScript.

Overall, I could take it or leave it. I’d stop here again if I was driving by, but I wouldn’t go out of my way for this place.

RIBBRO BBQ – https://www.ribbrobbq.com/ – Overall: 7.25

  • Atmosphere – 8, This BBQ joint is also located in a strip mall setting, but they did a great job making it feel homey. Classic country music playing on the sound system seemed to round out a good atmosphere.
  • Service – 6, service was less than great. There were three people working here when we arrived and they were all busy trying to fill a catering order, which made the wait longer than it should have been. They were really nice people though!
  • Portion/Value – 7, the price was OK for what you get.
  • Taste – 8, the taste was definitely above average, but not great. The brisket was nice and moist. The ribs were good, but had some sort of weird spice in the dry rub. I couldn’t put a finger on what the spice was, and I wasn’t sure if I liked it or not.

This slideshow requires JavaScript.

John was VERY hungry after he got off the plane from Minneapolis, so we got here right when they opened. The service (which was what scored the lowest) might have been better if we’d gotten there a little later in the day.

Bad to the Bone BBQ – https://www.badtothebone-bbq.com/ – Overall: 6.75

  • Atmosphere – 8, this place felt like a BBQ joint on the one hand and a little like a sports bar on the other. Overall, the atmosphere was very good.
  • Service – 7, nothing special about the service. You order at the counter, grab a number, then wait for someone to bring your food.
  • Portion/Value – 5, the worst part about this place was the price for what you get. Even by California standards, this was too costly.
  • Taste – 7, the taste was good, but they put sauce on my meat. I don’t like sauce on my meat unless I’m the one putting it on.

This slideshow requires JavaScript.

I was expecting better, but maybe that’s what I get for having expectations. I probably wouldn’t visit this place again, primarily for the value/price factor.

BBQ Summary

Four new BBQ joints to add to our list. This was an OK BBQ week. The winner this week was Slaps BBQ (Kansas City). Pecan Lodge is still on top as the overall #S2Roadshow leader with a score of 9, and Bowlegged BBQ is still in the #2 spot. The current overall standings are listed below.

NOTE: I’ll organize this list with links to the reviews next week.

Overall Standings (at the end of #S2Roadshow Week Eight):

  • Pecan Lodge – 9
  • Bowlegged BBQ – 8.75
  • Divine Swine – 8.5
  • Dinosaur BBQ – 8.25
  • Big Ed’s BBQ – 8.25
  • Mission BBQ – 8
  • Slaps BBQ – 8
  • Q39 BBQ – 7.75
  • Cousin’s BBQ – 7.75
  • Blackwood BBQ – 7.5
  • Broad Street BBQ – 7.5
  • Hard Eight – 7.25
  • Spring Creek Barbeque – 7.25
  • Redd’s BBQ – 7.25
  • RIBBRO BBQ – 7.25
  • Iron Horse – 7
  • Lucille’s Smokehouse BBQ – 7
  • Texas Bar-B-Q Joint – 7
  • Fire Breather BBQ – 7
  • Smoque – 6.75
  • Sweet Lucy’s Smokehouse – 6.75
  • Red Coal BBQ – 6.75
  • Bad to the Bone BBQ – 6.75
  • Unkl Moe’s – 6.5
  • Hambone’s Smokehouse – 6.25
  • Shakedown BBQ – N/A (wasn’t open when it was supposed to be, wasted trip)

Next Week’s #S2Roadshow

No trip planned this week. We’re taking the week off for Thanksgiving. HAPPY THANKSGIVING!

Stay tuned for next week’s #S2Roadshow updates. You can follow us on Twitter (@evanfrancen, @HarmonJohn, @StudioSecurity, and the #S2Roadshow hashtag) and on LinkedIn.

See you next week! If you want to collaborate with us, get in touch!

The UNSECURITY Podcast – Episode 55 Show Notes

Here we are, show notes for the UNSECURITY Podcast, episode 55!

Last week’s show featured pioneer virus researcher and keynote speaker Kenneth Bechtel. We learned from his wisdom, and he also shared some of his recent struggles with landing a job. UPDATE: Ken informed us that he’s landed a job, and we’re pumped about it! If you know Ken, reach out an congratulate him.

This week we have another super special guest! Zoe Bundy, the teenage founder of Brainy Ladies is joining us. We’re going to dedicate the show to learning more about her, her company, and her cause! This is going to be amazing!

This is Brad’s show to lead this week, and these are my (Evan) notes.


SHOW NOTES – Episode 55

Date: Monday, November 25th, 2019

Show Topics:

Our topics this week:

  • World Meet Zoe!
    • Who is Zoe Bundy?
    • Introduction to Brainy Ladies
    • What’s next?
    • How can we help?
  • Thanksgiving – What’s one thing we’re thankful for this year?
  • New Show Format
  • News
Opening

[Brad] Welcome to the UNSECURITY Podcast. The date is November 25th, 2019 and this is episode 55. My name is Brad Nigh and joining me in studio is Evan Francen. Sup Evan?

[EvanThings and such.

[Brad] So, Evan. You meet a lot of really awesome people on the SecurityStudio Roadshow. There are few, if any, that you mention with more admiration than our guest this week, Zoe Bundy. Before we introduce her, tell me how you met and your thoughts about what she’s doing.

[Evan] You’re absolutely right, by far the best part of being on the SecurityStudio Roadshow is meeting the people I get to meet. One of the most incredible people I’ve met is Zoe Bundy. She’s the CEO of Brainy Ladies, an organization with this super cool mission of helping more girls get into STEM.

I first met Zoe in November 2018 at Network Center’s nVision Conference in Fargo, North Dakota. Steve Marsden, FRSecure employee #3 ran up to me and told me he’d met the most fascinating girl who’s got this awesome mission to help girls get into STEM. She gave a talk at nVision 2018 and he was blown away by her poise, her ambition, and her mission. When we met in 2018, I put her in touch with some of the great women we have working at FRSecure like Megan Larkins and Lori Blair.

Fast forward to this year’s nVision conference, and I ran into Zoe again. She came by our SecurityStudio booth with her brother Grover. She’s still trucking along, making a huge difference in the world. I felt like we needed to get her on the show, get to know her a little, and help her spread the word about her noble mission!

[Brad] Awesome! Well, let’s introduce Zoe. Hi Zoe, welcome to the UNSECURITY Podcast!

Discussion with Zoe
  • World meet Zoe and Brainy Ladies!
  • Open, unscripted discussion.
  • Getting to know Zoe.
  • Questions we may/may not get to:
    • How old are you?
    • Do you come from a family with a STEM/technical background?
    • How did she come upon her mission?
    • What motivated her to do something?
    • Tell us about Brainy Ladies.
    • What plans do you have for the future of Brainy Ladies?
    • How can we get involved with helping Brainy Ladies or you?
    • What do her friends at school think?
    • Does she recruit girls into STEM? If so, what works and what doesn’t?
    • What advice does she give girls who have an interest in STEM, where should they go?
    • What about girls who are struggling with STEM, what help can we give?
    • If there was one thing you’d like our listeners to know about girls in STEM, what is it?
    • If there was one thing you’d like our listeners to help you with, what would it be?

[Brad] Wow! There are tons of opportunities to encourage girls to get into STEM. STEM isn’t for everyone, but for everyone who’s got an interest, there’s plenty of opportunity! Amazing.

Thanksgiving

[Brad] OK, this is Thanksgiving week. We all have things to be thankful for this year, starting with you Zoe, what’s one thing you’re particularly thankful for this year?

[Zoe] She can choose whatever she wants or nothing at all. This is her time.

[Brad] How about you Evan, what’s one thing you’re thankful for this year?

[Evan] We’ll see what he/I say…

[Brad] Good stuff! I’m thankful for ______________.

New Show Format Discussion (quick)

[Brad] Next let’s talk quick about an upcoming show format change, starting the first of the year. We’re going to devote ten minutes of each show to anyone who’s looking for a job in the information security industry. You email us at unsecurity@protonmail.com sometime before the next episode, and we’ll respond to you on a first come, first serve basis.

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

So, if you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Brad] There’s always plenty of news to choose from. Here’s just a couple of stories that caught our eye this week.

Closing

[Brad] Alright! Episode 55 is a wrap. Thank you again to Zoe Bundy from Brainy Ladies for joining us! We’re very excited to keep up with what she’s doing.

Thank you to our listeners! Keep the questions and feedback coming. We’re a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Zoe, how do you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies there too!

That’s it! Talk to you all again next week!

#S2Roadshow Recap – Week Seven

Rochester (NY), Kansas City (MO), and Sacramento (CA)

A good week that started with serving a great FRSecure customer in Rochester before heading off to preach in Kansas City and Sacramento. This was the first week that we ran into a person (or group of people) who epitomized something that’s wrong with our industry. Read on.

SecurityStudio Roadshow Summary

If you’re new, or you’re confused about this #S2Roadshow thing, start here (maybe). It’s hard to believe that each week gets better, but it’s true, it does! Week #6 (this one) was the best yet.

Previous Week’s Recaps:

The purpose of the SecurityStudio Roadshow (#S2Roadhow) is to meet people and make partners. We want to meet people, understand their businesses, and help them grow using simple, fundamental, and compliant solutions (S2Score, S2Org, S2Vendor, and S2Team/S2Me).

Our mission is to fix the broken information security industry. Success requires collaboration, partnership, and transparency.

This is the first time we’ve done three cities in one week! It was tough, but very rewarding. The week started of in Rochester to work with a long-time FRSecure customer, then west to Kansas City (Greater Kansas City ISACA Chapter), then further west to Sacramento (Sacramento Valley ISSA Chapter).

Ryan Abraham from FRSecure joined me in Rochester. John Harmon was with me in Kansas City and Sacramento.

BBQ Reviews

In full transparency, we have a secondary mission on the #S2Roadshow. We eat as much BBQ as we can. After stuffing ourselves, I summarize our BBQ reviews at the end of each recap article (see below).

Rochester, New York

Flew to Rochester on Sunday evening. The week started off with some customer project work. I don’t get to work on many customer projects anymore, and I miss it sometimes. This project is a big one, and it requires the development of a new methodology (or two). Sort of cool. Here’s what I can tell you…

  • There are numerous projects.
  • Two of the projects include SecurityStudio products; S2Org and S2Team.
  • We’re putting together a board presentation for S2Org and their S2Score.
  • The customer wants to take the S2Org, S2Score, S2Team, and one of the new methodologies we developed to their group of other like companies. This could become a really big deal!

Honestly, these are some of my favorite people in the security business! We got a ton of work done and collaborated on some very cool things.

Ryan Abraham has worked at FRSecure for a couple of years now, and this is the first time we’ve had the opportunity to work on anything together. It was awesome! Ryan’s an incredible asset to FRSecure, our customers, and this industry. Had a great time getting a bunch of work done and preaching the good (security) news.

This slideshow requires JavaScript.

We nabbed some good BBQ at Dinosaur BBQ in Rochester (twice, review below).

This slideshow requires JavaScript.

It snowed 8(ish) inches while we were in Rochester. First snow storm of the year for me.

Got back to the Twin Cities late on Tuesday night. On to Kansas City Wednesday.

Kansas City, Missouri

The purpose of the trip to Kansas City is to meet with the local ISACA chapter and spread some love. Met John Harmon at the airport and we were off to Kansas City. On the way, we decided that we both needed a new pair of Bose noise cancelling headphones. Impulse buy, but these things are awesome!

This slideshow requires JavaScript.

John and I landed in Kansas City, grabbed our rental car, then got down to business. By business, I mean find BBQ. The rental car bus driver told us we had to try Q39, so that’s what we did (review below). After BBQ, I texted my Mexican son (long story that I’ll share in person if you find me), Officer Salinas of the Lenexa Police Department. We found him on patrol and hung out with him until he got a call he had to get to. I can’t begin to tell you how proud I am of this guy! He’s amazing.

This slideshow requires JavaScript.

Finished the day in Kansas City with some frozen yogurt (froyo) before checking in at the hotel and getting work done. You know, the real work.

Greater Kansas City ISACA Chapter

We met up with the great people who represent the Greater Kansas City ISACA Chapter on Thursday at the University of Kansas Edwards Campus. The venue was beautiful, and the people were even better. Preached the normal(ish) sermon about fixing our broken information security language problem, and encouraged everyone to get their free SecurityStudio account and complete their free  S2Org and S2Me assessments. Yes, they’re completely free!

My sermon has evolved a bit. The (newish) agenda goes from housekeeping (introduction) to the meat (our language, simplification, and fundamentals problem) to the dream (securing America) to the call to action (get our assessments, give us feedback by being part of our community, and preach). If you haven’t heard it yet, come get me. I’ll preach to you too!

I made some new friends including (but not limited to) J.J., Jennifer, Brian, Joan, and Beth. Seriously awesome people! They all stand out, and J.J. Widener is a champ. His support for what we’re doing is super helpful and appreciated! This guy gets it.

Here’s some pictures that John took at the event.

This slideshow requires JavaScript.

After the ISACA talk, we headed out for more BBQ and the airport. Last stop before heading home this week was Sacramento. The weather there doesn’t suck.

Sacramento, California

This turned out to be a quick stop for us. We arrived at 1am (local time) Friday, got some rest at the hotel, gave our talk at the Sacramento Valley ISSA chapter meeting, and got back on a plane for a long flight back to the Twin Cities. No BBQ, which was sort of sad, but I don’t know what kind of BBQ they have in Sacramento anyway.

Sacramento Valley ISSA

This was a relatively small gathering, and one where we hit our first snag on the SecurityStudio Roadshow. Seven weeks in, and our first snag, not bad! Here’s the deal.

We make numerous points in our Roadshow presentation, and two key points are #1, we need to simplify information security for “normal” people and #2, we need to get much better on agreeing what the hell it is we do as a profession. We learned the first point based on what “normal” people have told us after asking ~1,000 of them in a survey and through experience. Yes, we asked people what they think instead of telling them what they think. Big difference!

We learned the second point through basic logic.

The snag came not because the points are invalid, but because we had someone in the audience who liked to think that he was the smartest person in the room.

On point #1. We asked almost 1,000 “normal” people (business people and people who don’t do information security for a living) what we (information security people) can do to make information security more useful, and what we can do to serve them better. Once we received their answers, we made a word map of the raw data (see pic below). The most common word in their answers was “simple”. We need to make information security more simple. This is a good thing because complexity is the enemy of information security (thank you Bruce Schneier).

On this point, most people in this audience agreed (based upon their head nodding and facial expressions); however, I could already sense trouble brewing from the person I alluded to above.

My talk then goes on to tackle an issue that simplification requires a common agreement among security professionals. We will never effectively translate our language to “normal” people’s language until we agree on our language first. Logical, right? Let’s start with the most basic issue at hand, what is “information security”? We should all be able to agree on this fundamental definition. Things started to get sideways here.

Information Security is… (the question posed to the audience). Most audiences give some definitions, then I offer mine. Not that mine is the end all, be all.

I go on. Information Security is managing risk. On this point, I haven’t received disagreement from anyone before, but our guy starts starts chiming in. He doesn’t chime in from an angle of disagreement, but more to add his two cents.

Next. Information Security is NOT eliminating risk, despite what some people think. General agreement on this point too, but our guy still has to add his two cents.

Next. Information Security is NOT compliance, despite the fact that most information security dollars are spent from this motivator. Now our guy feels the need to completely sidetrack the conversation and before we know it, we’re deep in a rabbit hole.

It took almost full hour to get to what I was hoping would be our common definition of information security as “managing risk to unauthorized disclosure, alteration, and/or destruction of information using administrative, physical, and technical controls“. It’s not so much that our guy disagreed with the definition or (God-forbid) gave us an alternative definition as much as his deep desire to be the smartest guy in the room. I called him out for this during the presentation (whether I should have or not is debatable) and it got tense, but whatever. You call it like you see it.

Eventually, we got through the presentation. Due to the monopolization of time, we didn’t have any left for visiting afterwards. We had to run immediately after the talk to catch our flight back to the Twin Cities.

Here’s what I learned from this talk:

  • Everyone is entitled to their opinions.
  • There is a time and a place for opinions and wasting everyone’s time is not the place for your opinions.
  • I could have done a much better job of controlling the dialog during my talk.
  • As long as we’re all fighting to be the smartest guy in the room, we’ll never solve our industry’s problems.
  • Once you choose your hill to die on, you will probably die on that hill.

Made it back safe and sound in Minneapolis. Overall, it was an incredible week!

BBQ Reviews

Three BBQ reviews this week. Three is better than two, which is all we got in the previous few weeks. Our BBQ visits this week included Dinosaur BBQ in Rochester, Q39 in Overland Park, and Iron Horse BBQ in Platte City.

Dinosaur BBQ – https://www.dinosaurbarbque.com/rochester/ – Overall: 8.25

  • Atmosphere – 8, it’s a cool place with a great vibe. The lighting is perfect for a BBQ joint, there’s a lot of wood, and the view of the river is super cool.
  • Service – 9, great service all-around. These people make you feel at home.
  • Portion/Value – 7, a little pricey for how much food you get, but what place isn’t?
  • Taste – 9, incredible, especially the ribs and wings.

In full transparency, I’ve eaten at Dinosaur BBQ in Rochester many times. It’s a great BBQ joint and I’ve enjoyed every visit I’ve made. This was Ryan Abraham’s first visit to Rochester, so we made sure to stop in. Actually, we ended up eating here twice during this trip. Poor us!

This slideshow requires JavaScript.

I’ve visited Rochester more than a dozen times and eaten BBQ at just about every place this city offers. Dinosaur is the best BBQ in Rochester. On this trip, I ate their ribs, brisket, wings, and pulled pork. The brisket and pulled pork were good, but the ribs and wings were friggin’ amazing! The ribs were arguably the best I’ve had on the SecurityStudio Roadshow so far. If you’re in Rochester, and you like BBQ (even if you don’t like BBQ), a visit to Dinosaur is a must!

Q39 – https://q39kc.com/ – Overall: 7.75

  • Atmosphere – 7, this is a little too upscale feeling for me. A very nice restaurant, but not down-homey enough for my taste.
  • Service – 8, great service. I was in the middle of a conference call at the beginning, so I might have missed something here. Guess, I’ll have to visit again!
  • Portion/Value – 7, a little spendy.
  • Taste – 9, super! The burnt ends and brisket were the bomb!

This was the first stop for me and John after landing in Kansas City. We received a tip to visit this place from our rental car terminal bus driver, and obviously this guy knew what he was talking about! Kansas City is known for their BBQ and we had dozens of places to choose from, but we made a good call here.

This slideshow requires JavaScript.

This was a great welcome to Kansas City and we highly recommend visiting Q39!

Iron Horse BBQ – no website – Overall: 7.0

  • Atmosphere – 5, I’m not a big fan of the strip mall BBQ joint vibe, so this was a downer.
  • Service – 9, great service! These guys gave us some free burnt ends and came out from behind the counter to visit with us. Really cool people here!
  • Portion/Value – 8, very reasonably priced for large portions of food.
  • Taste – 6, the taste was too bland and overall disappointing.

We were in a bit of a rush after the ISACA talk, but we had to fit in one more BBQ visit before we left. It’s Kansas City for crying out loud!

This slideshow requires JavaScript.

We’ll give these guys the benefit of the doubt. I think they recently moved into this new location, and I don’t think they’ve gotten completely settled yet. It’s worth trying again some time in the future, but it might be hard to get back here given all the awesome BBQ joints in Kansas City.

No promises.

BBQ Summary

Three new BBQ joints to add to our list. This was a good BBQ week. The winner this week was Dinosaur BBQ (Rochester). Pecan Lodge is still on top as the overall #S2Roadshow leader with a score of 9, and Bowlegged BBQ is still in the #2 spot. The current overall standings are listed below.

Overall Standings (at the end of #S2Roadshow Week Seven):

  • Pecan Lodge – 9
  • Bowlegged BBQ – 8.75
  • Divine Swine – 8.5
  • Dinosaur BBQ – 8.25
  • Big Ed’s BBQ – 8.25
  • Mission BBQ – 8
  • Q39 BBQ – 7.75
  • Cousin’s BBQ – 7.75
  • Blackwood BBQ – 7.5
  • Broad Street BBQ – 7.5
  • Hard Eight – 7.25
  • Spring Creek Barbeque – 7.25
  • Redd’s BBQ – 7.25
  • Iron Horse – 7
  • Lucille’s Smokehouse BBQ – 7
  • Texas Bar-B-Q Joint – 7
  • Smoque – 6.75
  • Sweet Lucy’s Smokehouse – 6.75
  • Red Coal BBQ – 6.75
  • Unkl Moe’s – 6.5
  • Hambone’s Smokehouse – 6.25
  • Shakedown BBQ – N/A (wasn’t open when it was supposed to be, wasted trip)

Next Week’s #S2Roadshow

A less busy week, but still a great one planned. The Roadshow starts on Tuesday with another visit to Kansas City, then it’s on to Webster University in Irvine, California. We’re giving the standard sermon at a joint seminar between Webster University, ISSA, ISACA, and OWASP. Pretty pumped!

Looking forward to another great week!

Stay tuned for next week’s #S2Roadshow updates. You can follow us on Twitter (@evanfrancen, @HarmonJohn, @StudioSecurity, and the #S2Roadshow hashtag) and on LinkedIn.

See you next week! If you want to collaborate with us, get in touch!

The UNSECURITY Podcast – Episode 54 Show Notes

Show notes are almost on time this week! Yay us.

I started writing our show notes on Thursday night in the Salt Lake City airport, and now I’m finishing them on a plane back from LA. Ugh. The life.

This was a crazy week, but what’s new? While Brad’s been bustin’ his tail keeping up with FRSecure’s sales and operations, I’ve been traveling the country on the SecurityStudio Roadshow. My travels this week took me to Rochester (NY), Baltimore (MD – layover), Kansas City (MO), Salt Lake City (UT – layover), Sacramento (CA), and Los Angeles (CA – layover).

I’m supposed to get home late on Friday night. We’ll see. 🙂

If you’d like to follow the SecurityStudio Roadshow, I write a recap every week on my/this site. Keep up with me, and give me some BBQ tips.

I’ve met some amazing people on my travels, and one really cool cat is Kenneth Bechtel. I met Kenneth during week one of the SecurityStudio Roadshow. On week one, John Harmon and I traveled to Harrisburg, Pennsylvania for BSides. I was speaking in a mid-morning session and Kenneth was the keynote speaker.

I have a lot of respect for Kenneth because he’s been at his game for a long time. He’s been doing threat hunting before threat hunting was a thing. Big props to this guy. During our time together at BSides, Kenneth shared his recent troubles finding a job. This bugs me. So, I invited him to be a guest on the podcast.

We’re honored to have him share some of his wisdom. We’ll try to get to the bottom of his job search struggle too.

Special thanks to Brandon Matis for putting together last week’s anniversary show! That couldn’t have been easy.

Pretty sure I’m supposed to lead this episode, so here goes.

My show to lead this week and these are my notes.


SHOW NOTES – Episode 54

Date: Monday, November 18th, 2019

Show Topics:

Our topics this week:

  • What’s up man?
  • Introducing Kenneth Bechtel
    • The earlier days versus today. What’s changed and what’s the same?
    • The (alleged) infosec labor crunch. Kenneth isn’t the first person who’s had trouble finding work. What gives?
  • New show ideas
  • News
Opening

[Evan] Hey UNSECURITY Podcast listeners! This is episode 54, and the date is November 18th, 2019. I’m Evan Francen, and it’s my show this week. Brad’s here with me too. Care to chime in Brad?

[BradYou know he’s got something to say. Probably something good too!

[Evan] Alright, we’ve got another great show planned!

  • Brad and I are going to catchup with our craziness quick.
  • We’re going to get real with a true information security pioneer Kenneth Bechtel. He’s got an incredible amount of wisdom to share and we want to get to the bottom of why people like Kenneth are not getting hired when we have this alleged talent shortage.
  • We’ll talk about an upcoming show idea that we have, then we’ll wrap with some newsy things.

I’m pumped about this show! So, let’s get on with it, eh?

[Brad] Brad’ll agree probably.

[Evan] So, what’s up man?! I’ve been out for the past two weeks preaching to folks everywhere and stuff. I missed you man.

Catchin’ up with Brad (quick)

[Evan] Alright, enough of that. We are excited and honored to have Kenneth Bechtel on the phone, so let’s welcome him. Hi Kenneth.

[Kenneth] He’ll confirm (unless of course we have some tech issue or something).

[Evan] Can’t tell you how grateful and pumped we are to have you on the show! We’re going to get to know each other more, and discuss things. I’d like to start off with you telling us about you, then we can talk about how the industry has evolved, then lastly, let’s discuss this whole infosec talent shortage thing.

I found an old photo of you on your Team Anti-Virus website.

About Kenneth:

I have been actively involved in Anti-Malware defense and research since 1988 at both a corporate and international level, with close ties to the international Anti-Malware efforts and fellow researchers.

In the corporate world, I have worked as both a Virus Laboratory and Field researcher for major organizations, providing expert support for malware outbreaks.

Internationally, I was a Founding Members of AVIEN – Anti-Virus Information Exchange Network, and served as Chairman of its Disciplinary Committee and well as member of the Advisory Board to the Administrator.

I have presented at international conferences, including the Virus Bulletin Conference, at which I am a regular attendee.

My work has been published in trade magazines and specialized websites such as Security Focus.

I have written a handbook on Anti-Virus Security and was one of the co-authors of the AVIEN Malware Defense Guide. 

I am regularly asked to speak at small organization and company conferences and training seminars.

Media requests, Opportunities and general inquiries are welcome at kbechtel@teamanti-virus.org

Discussion with Kenneth Bechtel
  • Introductions
  • The earlier days versus today. What’s changed and what’s the same?
  • The (alleged) infosec labor crunch. Kenneth isn’t the first person who’s had trouble finding work. What gives?
  • Your recent post about your cowboy hat

[Evan] Alright. Let’s see what we can do here to help each other. Kenneth, I sincerely appreciate your tireless work for this industry and for being on our show!

News

[Evan] Some interesting news stories for us to discuss this week. The first one is interesting because we’ve warned about this and sadly things are going to get much worse before they get better.

Closing

[Evan] OK, cool! Episode 54 is a wrap. Thank you again Kenneth for being on our show. I think our discussion will benefit others!

Thank you to our listeners! Keep the questions and feedback coming. We love it, well Brad does, but I don’t. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. Kenneth, do you have a way you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 53 Show Notes

We’re celebrating our one year anniversary with a special episode! Last week was the one year anniversary of the UNSECURITY Podcast, in case you missed it.

Brad and I are taking the week off from doing a live show this week while Brandon Matis (FRSecure’s Marketing All-Star) puts together the show. This week’s show will highlight some of the most memorable moments of the past year, and should be a must-listen.

Brad and I will be back next week (episode 54) with a live special guest, Kenneth Bechtel. I ran into Kenneth at the Harrisburg BSides event during week one of the SecurityStudio Roadshow (#S2Roadshow), where he was the keynote speaker. Kenneth is a pioneer in malware research and threat intelligence, but he’s having some troubles landing a job. We’ll find out what gives. This is sure to be a great show next week, so tune in!

We’re excited about the second year of the UNSECURITY Podcast! We’ve learned a lot about podcasting and we’re planning to have a ton of interesting guests in the weeks ahead.

#S2Roadshow Recap – Week Six

Fargo, ND and Rochester, NY

If you’re new, or you’re confused about this #S2Roadshow thing, start here (maybe). It’s hard to believe that each week gets better, but it’s true, it does! Week #6 (this one) was the best yet.

Previous Week’s Recaps:

The purpose of the SecurityStudio Roadshow (#S2Roadhow) is to meet people and make partners. We want to meet people, understand their businesses, and help them grow using simple, fundamental, and compliant solutions (S2Score, S2Org, S2Vendor, and S2Team/S2Me).

Our mission is to fix the broken information security industry. Success requires collaboration, partnership, and transparency.

John and I spent half the week together and the other half in separate towns.

BBQ Reviews

In full transparency, we have a secondary mission on the #S2Roadshow. We eat as much BBQ as we can. After stuffing ourselves, I summarize our BBQ reviews at the end of each recap article (see below).

Fargo, North Dakota

If you’ve never been to Fargo in November, you’ve got to give it a try sometime. You can visit Bonanzaville USA, the Fargo Air Museum, or you could come to do what we did, attend Network Center’s nVision conference. We left on Tuesday for the 3-1/2 hour drive to Fargo, and got there just in time for the vendor social hour.

Network Center is a great company, and we’re big fans. It helps that they’re a trusted SecurityStudio partner.

On my trip up north, I was joined by three of my favorite SecurityStudio people; John Harmon, Justin Kallberg, and Steve Krause (all pictured below).

nVision 2019

We’ve been at the nVision conference for years now, and this one was the best yet. There were 500+ people packed into the Fargo Holiday Inn Conference Center, all there to learn and network together. Of course, there were plenty of vendor booths there (including ours – below) too.

This slideshow requires JavaScript.

There were so many incredible people at this event, and it was great catching up with people I hadn’t seen in a while. After spending a few hours hanging out with cool people, I gave my talk on the main stage at 1:00. I changed my talk at the last minute (as per usual) and decided to give the “How do we secure America” sermon that I developed the week prior.

This slideshow requires JavaScript.

The place was packed and the audience was amazing! We hung out at our booth afterwards and gave out a whole box of UNSECURITY books for free. I met countless awesome people, including Zoe Bundy (pictured below with her brother Grover), Frank LaLonde (from Nativity Church of Fargo – also pictured below), John Nagel (Cybernet Security), and Larry Schwab (Discovery Benefits CISO).

This slideshow requires JavaScript.

One person who stands out from the rest is Zoe. She’s incredible, and she’s the founder of Brainy Ladies. Brainy Ladies is a cool organization with an awesome purpose; “We help young girls find their inner genius by helping them remain interested in STEM.” I met Zoe for the first time at last year’s nVision conference, and it was wonderful to see her again. Read her story here, and tell me you’re not impressed! I’ll get her on the UNSECURITY Podcast one of these days, hopefully soon.

nVision was a great conference. Sadly, we didn’t have time to grab any BBQ in Fargo. Curious, is there any good BBQ in Fargo? The platter of bacon laid out at the nVision lunch buffet will have to do.

Rochester, New York

Made it back to the Twin Cities early enough to grab five hours of sleep before catching my 5:15am flight to Rochester. I have an affinity for Rochester because one of my favorite customers (@FRsecure) is Excellus BlueCross BlueShield. Funny thing is (sort of), I’ll be back in Rochester to do some work for Excellus the following week.

The purpose for this particular visit was to attend and present at the Rochester ISSA chapter meeting being held on Thursday night.

Two trips to Rochester in five days. Weird.

First thing after landing in Rochester was to find BBQ. Took out my phone, opened my Apple Map and typed “BBQ”. The closest BBQ joint that looked legit was Unkl Moe’s BBQ & Catering at 493 West Ave (review below). That’ll do.

After BBQ, it was time for an early check-in at the hotel and a short nap.

Rochester ISSA

The Rochester ISSA meeting started at 6:00pm, and I was almost late. I started doing some work in the hotel and got a little caught up in it. The meeting was held at the offices of Nixon Peabody, a nice law firm located at 1300 Clinton Square. Guess what they had catered in? BBQ! Before the meeting started, we enjoyed some Dinosaur BBQ (one of my favorites in Rochester) while we got to know each other.

The meeting was great! Attendance was good, participation was awesome, and they let me preach for a full hour and a half. I preached about mental health, getting our industry’s security #*(! together, and civic duties for security people. Great talk and discussion!

Gave away a few books, and headed back to the hotel at 10:00pm. Ray Feldman left me a nice shoutout before I got back.

Most of the day Friday was spent at Starbucks catching up on email and other things that I’d neglected over the week. Tried another BBQ joint before heading to the airport, Texas Bar-B-Q Joint in Spencerport (review below).

Overall, this was another great week. Met a ton of new and wonderful people!

BBQ Reviews

Only two BBQ reviews again. We still need to step up our game.

Unkl Moe’s BBQ & Catering – no website – Overall: 6.5

Hard to believe that I didn’t nab any BBQ this week until Thursday after getting off the plane in Rochester. It is what it is. I chose Unkl Moe’s because it was the closest BBQ joint to the Rochester airport and it got fairly good reviews.

I walked in the front door and the smokey smell hit me nicely. The inside of this place reminded me of a small town southern diner with most of the seats occupied by regulars. My hopes were high. I bellied up to the counter, grabbed a menu, and ordered the BBQ ribs and pulled pork platter (choosing french fries and cabbage as my sides).

This slideshow requires JavaScript.

Sadly, I was a little disappointed by the place, except for the conversations I had with the regulars. One conversation in particular was great! While eating, I struck up a conversation with a retired OTR trucker named Howard and we talked about all sorts of things; politics, his hometown in Georgia, etc.

The food definitely wasn’t the best thing about this place. The pulled pork had a nice texture, but the flavor was missing. The ribs were OK, but they were smothered in sauce. I’d go back to this place for the conversation, but not the food.

Texas Bar-B-Q Joint (Spencerport) – https://www.bbqrochester.com/spencerport – Overall: 7.00

I didn’t realize that this was a small chain of BBQ joints until I sat down to write this. This was my first trip to Spencerport and I was excited to try this place. The reviews were good and I felt like I could almost taste the pictures online.

This slideshow requires JavaScript.

Walked in and ordered my food at the bar (sliced brisket, pulled pork, and sausage with macaroni and cheese and steamed vegetables for sides). The guy taking my order was helpful, and I took my seat at one of the open booths in the corner. This joint looked very promising and the it smelled amazing. It was lunch time and there were maybe eight people in the place.

It didn’t take long before I realized how cold it was. They must have had the thermostat set at 60! Whatever, I blew it off. I came here for some meat.

The cook called my name, and I jumped to grab my tray. I was excited and hungry. Turned out, I was also a little disappointed. Everything was OK, but nothing was exceptional. The portions were good. The pulled pork was a little watery. The brisket was OK, but it was cut too thick and it wasn’t smokey enough. The best part of the meal was sadly the macaroni and cheese.

Remember how I said the place was cold? A cold BBQ joint makes things suck more. This is because the meat on your plate starts cooling off too quickly and by the time you’re getting towards the end, the meat is cold, dry, and chewy.

The BBQ wasn’t bad. Just not sure I’ll be back. Maybe in the summer.

BBQ Summary

Again, two new BBQ joints to add to our list. This was a disappointing BBQ week. The winner was Texas Bar-B-Q Joint (Spencerport, NY). Pecan Lodge easily retains it’s top place as overall #S2Roadshow leader with a score of 9, and Bowlegged BBQ is still in the #2 spot. The current overall standings are listed below.

Overall Standings (at the end of #S2Roadshow Week Three):

  • Pecan Lodge – 9
  • Bowlegged BBQ – 8.75
  • Divine Swine – 8.5
  • Big Ed’s BBQ – 8.25
  • Mission BBQ – 8
  • Cousin’s BBQ – 7.75
  • Blackwood BBQ – 7.5
  • Broad Street BBQ – 7.5
  • Hard Eight – 7.25
  • Spring Creek Barbeque – 7.25
  • Redd’s BBQ – 7.25
  • Lucille’s Smokehouse BBQ – 7
  • Texas Bar-B-Q Joint – 7
  • Smoque – 6.75
  • Sweet Lucy’s Smokehouse – 6.75
  • Red Coal BBQ – 6.75
  • Unkl Moe’s – 6.5
  • Hambone’s Smokehouse – 6.25
  • Shakedown BBQ – N/A (wasn’t open when it was supposed to be, wasted trip)

Next Week’s #S2Roadshow

This is a crazy week. I’ll be back in Rochester, NY on Monday and Tuesday, flying back to Kansas City, MO on Wednesday, then out to Sacramento, CA. John joins me in Kansas City and Sacramento.

I’m pumped about Kansas City BBQ, but I’m there to talk with members of Greater Kansas City ISACA Chapter . This will be a good meeting for sure. Some of the members have been hyping it up online.

On Friday, I’m speaking at the Sacramento Valley ISSA meeting. I’m excited to meet a bunch of cool people, but I’m also excited about the weather!

Looking forward to another great week!

Stay tuned for next week’s #S2Roadshow updates. You can follow us on Twitter (@evanfrancen, @HarmonJohn, @StudioSecurity, and the #S2Roadshow hashtag) and on LinkedIn.

See you next week! If you want to collaborate with us, get in touch!

#S2Roadshow Recap – Week Five

St. Paul, MN and Dallas, TX

If you’re new, or you’re confused about this #S2Roadshow thing, start here (maybe).

Previous Week’s Recaps:

The purpose of the SecurityStudio Roadshow (#S2Roadhow) is to meet people and make partners. We want to meet people, understand their businesses, and help them grow using simple, fundamental, and compliant solutions (S2Score, S2Org, S2Vendor, and S2Team/S2Me).

Our mission is to fix the broken information security industry. Success requires collaboration, partnership, and transparency.

Together again! This week, John and I were together doing our thing. Good times!

BBQ Reviews

In full transparency, we have a secondary mission on the #S2Roadshow. We eat as much BBQ as we can. After stuffing ourselves, I summarize our BBQ reviews at the end of each recap article (see below).

Sideshow – Cyber Security Summit

This wasn’t a stop on the SecurityStudio Roadshow, but a stop for FRSecure. FRSecure rocks and I love getting to preach for us/them! The Cyber Security Summit is an annual event that brings all sorts of great security folks together in the Minneapolis Convention Center for three days of security awesomeness. I gave my talk on Monday, titled “Tackling the Talent Shortage Problem: An Honest Look at Challenges Related to Finding and Retaining Information Security Talent.”

I’m the guy with the beard (in the pic). If you’d like a copy of my deck, it’s available here. Use it. Steal it. Distribute it. Do whatever you’d like with it. 😉

Great conference. Great attendance. Great everything. It was fun.

St. Paul, Minnesota

In case you didn’t know, John and I are both from Minnesota, so this is a short road trip. We traveled all the way from Minnetonka (where our offices are) to St. Paul on Wednesday.

John and I both spoke at the Minnesota Counties Computer Cooperative (MNCCC) Halloween Cybersecurity Workshop titled “The Wicked Web”. There were a hundred (or so) people there representing local governments throughout the state. Originally, only John was scheduled to speak at this event, but a scheduled speaker backed out at the last minute. The fine folks at MNCCC asked if I would fill in.

Sure I said! What will I talk about though? I whipped up a presentation titled “How do we secure America?” Why not, it’s fitting for government people, right? It turned out to be a good talk, primarily because the audience was awesome!

If you’d like a copy of this deck, I put it here. Same as the last one, feel free to use it however you’d like.

John gave a demonstration of the S2Org tool for the audience and we invited them all to use it. It’s free for crying out loud! It was nice to see many counties/cities (~10) take us up on our offer. If you haven’t tried the free S2Org tool yourself, do it!

Dallas, Texas

John and I left for Dallas on Thursday morning. We grabbed our car from Wonder Woman, then headed to our first meeting.

We drove straight to Hard Eight BBQ where we had a meeting scheduled with some of the guys from @Risk Technologies. The BBQ was good (see below) and the meeting was great! @Risk has some really cool things going on and we’re happy to be friends!

We took a partner phone call in the car while we drove to another meeting. This meeting was with Ryan at FRG Solutions to collaborate on some cool go to market ideas. Great ideas and a great call!

Along the way, we were a little troubled with this picture.

Our next meeting was with John Ross, a super cool technology executive from Dallas. John was in the audience during my ISC2 keynote a few weeks back. In the middle of that talk, he went out to the lobby and grabbed me a cup of coffee. How cool is that! Anyway, we’re meeting again. He chose this coffee shop called Ascension, and these guys take coffee to a whole new level!

This slideshow requires JavaScript.

It was cool to catch-up with John and talk about ways to work together. We talked a lot about starting businesses, finding the right path, and our faith. I LOVE good people and I love working with them too. This was a wonderful way to end my day (John went on to have another meeting or two after this one).

ICI Events

On Friday, we attended a really cool event put on by ICI Events at the Four Seasons Resort and Club. The event featured a unique format for bringing vendors, partners, and business consumers together, starting with a speed dating round where a few business consumers would sit at your table for six minutes while you told them about your solution. After the six minutes was up, people would switch places, and you’d do it again. This would continue until all business consumers had seen all vendors. After the speed dating round, consumers would vote on which vendors they’d like to know more about. It was pretty cool and we made a lot of friends!

This slideshow requires JavaScript.

JP Hill (pictured above) was a key player in putting this all together and he made us feel very welcomed. JP was the key person who put together the ISC2 Cyber Aware Dallas event too, and he’s Dallas ISC2 Chapter President. In his free time (joking), he’s the CISO at Secutor Consulting.

Like I said, we made a lot of friends here.

Trip Home

Normally, my trip home is spent working on the plane, but this trip home was a little different. I met a guy named Chad on the plane. Chad is a social worker from MN, and we somehow got to talking about Jesus. We talked about everything from marriage and family to work and hobbies, and everything in between.

Well, that was that. Great trip(s) this week!

BBQ Reviews

Only two BBQ reviews again. We need to step up our game.

Hard Eight – https://hardeightbbq.com/ – Overall: 7.25

We met the guys from @Risk here and they paid for it, so the value was great! I don’t even know how much our food cost. The experience was unique. You walk up to a big pit full of meat and grab what you want. There’s everything in this pit; turkey, pulled pork, brisket, ribs, sausage, etc. There were even some kind of weird shrimp kabob things. Once you grab your meat, you go inside to pick your side dishes and beverages. At the end of the line is the cashier, and after paying, you go find a seat somewhere.

This slideshow requires JavaScript.

The meat was OK. It tasted sort of rushed and bulk-prepared where I like meat that feels like it was cooked in the back yard. I could hardly notice the smoke in the meat and the pulled pork was watery. The best meat I had was the turkey, which was really good. Overall, this place was OK. I’m not sure if it’s a place that I’d make a special trip to go back and visit.

Cousin’s BBQ – https://www.cousinsbbq.com/ – Overall: 7.75

I arrived at the DFW airport for the trip home and realized that I’d only done one BBQ joint so far on this trip! I sort of panicked a bit before finding this little gem in the DFW airport. Thank God! A man can’t take a trip with only one portion of BBQ.

This slideshow requires JavaScript.

My expectations for this place were low to begin with. After all, what kind of BBQ can you expect to get in an airport? Needless to say, I was very pleasantly surprised! I ordered pulled pork and brisket, with broccoli salad and cole slaw on the side. The meat was surprisingly moist a very flavorful. The smoke ring was good too. In a pinch, this place will definitely do!

BBQ Summary

Again, two new BBQ joints to add to our list. The winner this week was Cousin’s BBQ. Pecan Lodge is still the the overall #S2Roadshow leader with a score of 9, and Bowlegged BBQ is still in the #2 spot. The current overall standings are listed below.

Overall Standings (at the end of #S2Roadshow Week Three):

  • Pecan Lodge – 9
  • Bowlegged BBQ – 8.75
  • Divine Swine – 8.5
  • Big Ed’s BBQ – 8.25
  • Mission BBQ – 8
  • Cousin’s BBQ – 7.75
  • Blackwood BBQ – 7.5
  • Broad Street BBQ – 7.5
  • Hard Eight – 7.25
  • Spring Creek Barbeque – 7.25
  • Redd’s BBQ – 7.25
  • Lucille’s Smokehouse BBQ – 7
  • Smoque – 6.75
  • Sweet Lucy’s Smokehouse – 6.75
  • Red Coal BBQ – 6.75
  • Hambone’s Smokehouse – 6.25
  • Shakedown BBQ – N/A (wasn’t open when it was supposed to be, wasted trip)

Next Week’s #S2Roadshow

John and I are together again for the first half of the roadshow, then I’m going solo for the second half. We’re excited to go up to Fargo, ND this week to hang out with Network Center, our partners to the north. They put on this amazing event every year called nVision, and both John and I are speaking on the main stage there. John comes back home and I head out to Rochester, NY to make some new friends. I’ll be speaking at the ISSA chapter there.

Looking forward to another great week!

Stay tuned for next week’s #S2Roadshow updates. You can follow us on Twitter (@evanfrancen, @HarmonJohn, @StudioSecurity, and the #S2Roadshow hashtag) and on LinkedIn.

See you next week! If you want to collaborate with us, get in touch!

The UNSECURITY Podcast – Episode 52 Show Notes

Yay us! This is the one year anniversary of the UNSECURITY Podcast! 

Episode 52. One year, one episode per week, fifty-two episodes. Hard to believe it’s already been a year. We didn’t miss a single week, and if you know us (well, me anyway), you know that’s almost miraculous. Some weeks were tough to get something recorded, but we did it anyway.

Last week was a good one around here. I’m not sure what Brad’s been up to because we haven’t caught up with each other yet.

For me, I gave a couple talks at a couple of conferences, made a short Dallas trip, and did some other neat stuff.

Last week was a great show with special guest, lead pen-tester, and all around awesome guy Eric Hanson. We’re pleased to have another special guest this week! David Kruse is joining us to share his perspectives on things. It’s gonna be another great show!

My show to lead this week and these are my notes.


SHOW NOTES – Episode 52

Date: Monday, November 4th, 2019

Show Topics:

Our topics this week:

  • One Year Anniversary
  • Introducing David Kruse
    • How’d you get here? 
    • Cyber Insurance
    • Speaking
  • Industry News
Opening

[Evan] Hey UNSECURITY Podcast listeners! This is episode 52, the date is November 4th, 2019, and I’m your host, Evan Francen. My guy is with me, Brad Nigh. Tell the folks something Brad.

[BradWords, words, words, etc.

[Evan] Alright, we’ve got a great show planned!

  • We’re going to talk about 0ur first year of podcasting, and some of what we’ve learned.
  • We’re going to welcome our guest David Kruse. He’s an awesome dude who’s got a cool career story. He also knows a ton about cyber insurance, so we’re going ask him all sorts of challenging cyber insurance questions.
  • After all this, we’re going to discuss some interesting news stories, including Google’s Fitbit purchase announcement.\

Ready Brad?

[Brad] Of course he is.

[Evan] OK. Joining us this morning is a pretty swell guy, David Kruse. Good morning David!

[David] Unless we have technical issues, David will probably say something.

[Evan] You guys, I can’t believe this is the one year anniversary of the UNSECURITY Podcast! We’ll do the official One Year Anniversary Show next week, but let’s talk about this.

One Year Anniversary Discussion
  • Reminiscing – some cool and some funny show moments
  • People we’ve met, and some of our favorite peeps
  • What’s next? Ideas.

[Evan] It’s been a good year. Here’s to an even better one ahead! OK, now let’s talk about you David. 

Introducing David Kruse
  • How’d you get here? – One of the most fascinating things David shared with me was his career path. It’s pretty wild. There are some interesting parallels between his path and mine. Should be a good talk!
  • Cyber Insurance – David has some awesome cyber insurance experience and advice.
  • Speaking – David does some speaking, including keynotes. Let’s get his perspective, tips, and tricks on this too.

[Evan] It’s great talking to you and it’s great knowing you David! Thanks for sharing brother. Let’s wrap the show up with some news stories. 

News

[Evan] We’ve got two (maybe three) news stories to discuss this week, but one news story in particular that caught my eye was Google’s intended purchase of FitBit. Ugh.

Closing

[Evan] Episode 52 is a wrap. Well, almost. Thank you for joining us David! Hopefully we can do this again in the future.

Thank you to our listeners! Keep the questions and feedback coming. We love it,. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. David, do you have a way you want people to social ice with you? 

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies!

That’s it! Talk to you all again next week!