UNSECURITY Podcast Episode 16 Show Notes

Each Friday, I’m going to do my best to post the notes for the UNSECURITY Podcast episode that Brad Nigh and Evan Francen (me) will record on the following Monday morning. Each week, Brad and I alternate leading episodes, so I lead the odd episodes and Brad leads the even ones.

If you missed episode 15, you can still give it a listen.

These are the notes we use to guide our discussion for the UNSECURITY PODCAST – Episode 16. This will end in disaster, or it will be great. Hard to tell where this one will go.

Saturday, February 23rd, 2019 @ 4:00pm

Description

This podcast is led by Brad and he’s invited two special guests for this one; his wife and Evan’s wife. We’ll talk about what it’s like to be married to an information security person and ask a bunch of questions that we think might help us learn more about maintaining a healthy relationship at home while working like we do (long hours, hard challenges, and mission-driven).

Opening

[BRAD] Alright, welcome to the UNSECURITY Podcast. My name is Brad Nigh, and I’ll be your host for today’s show. Joining me as always is Evan Francen. Hi Evan.

[EVAN] Hi Brad. Good afternoon.

[BRAD] That’s right. We had to switch it up a little this week because Evan is travelling to a client on Monday and Tuesday. Instead of recording our podcast on a Monday morning, like usual, we’re recording on Saturday afternoon.

We’re excited for today’s show because we have not one, but two special guests.

[EVAN] That’s right. We’re excited. Tell the listeners why we’re so excited Brad.

[BRAD] We’re excited because we’ve invited our wives to participate in today’s show!

[EVAN] Oh boy.

[BRAD] No, I think it’s OK. They promised they’d be nice, and only tell half-truths to protect us.

[EVAN] OK, good.

[BRAD] Ladies, welcome. Say “hi”

[GUEST ONE AND GUEST TWO] Hello guys. Thanks for having us (or whatever).

Interview Questions

These are interview questions for our guests, or more accurately, our own wives.

All our questions are addressed to both wives; however, other questions may come up during the interview that could be addressed to one or the other specifically.

[BRAD] Alright, you guys ready? You’re sort of the stars of the show today. Remember, no bashing and be nice! We can delete this recording if we need to.

Our sample questions. Depending on how things go, we might skip some or add some. We’ll see…

  1. What’s it like to be married to someone who works in information security?
  2. Share some of the hardest challenges in balancing your marriage with his job.
  3. Do you have any interest in being an information security professional yourself?
  4. Do you notice times of increased stress in your spouse’s life that you know come from their work?
  5. How often do you notice increased stress?
  6. Can you share any tips on how to handle your spouse’s work stress?
  7. Do you give advice to your spouse when he’s stressing from work? If so, what advice have you given him that helped (or not)?
  8. How many hours per week does you husband work? Is it too much? What’s the right number of hours?
  9. What’s the best advice for getting your husband to stop thinking about work?
  10. What do you think is different about being married to a person who works in information security versus some other careers?
  11. If you could give one piece of advice to your husbands related to work/life balance, what would it be?
  12. If you could give one piece of advice to other spouses who are married to information security people, what would it be?

ENDING ON A HAPPY NOTE…

What are some of the greatest benefits to your family that have come from your husband’s work in information security?

[BRAD] Phew. Alright then. Thank you, ladies! We made it out of that alive, right?

DIALOG AS NEEEDED…

Week Recap

Quick recap of anything exciting that happened to either one of us last week…

We’re always looking for feedback from you, our listeners. Tell us how you liked our show, make suggestions, or volunteer to be a guest. Whatever. Just email the show at unsecurity@protonmail.com.

By now, you should know where to find me and Evan. Find me on Twitter at @BradNigh. You can find Evan on his website https://evanfrancen.com or on Twitter at @evanfrancen.

News

OK, let’s get to some news quick. I think we have some time. Ladies, feel free to chime in. You’re perspective matters too.

Closing

Well, that just about wraps it up for this week’s show, episode 16. This was another good show. A special thank you to our special guests. Ladies, thank you! I know that both Evan and I are very grateful to be supported like we are.

Any parting words Evan?

Next week, we’re not sure what we’re doing yet. We’ve always been pretty good at winging it anyway. Another quick reminder to send your questions and suggestions to us at unsecurity@protonmail.com

Thank you and see you next week!

UNSECURITY Podcast Episode 14

Each Friday, I’m going to do my best to post the notes for the UNSECURITY Podcast episode that Brad Nigh and Evan Francen (me) will record on the following Monday morning. Each week, Brad and I alternate leading episodes, so I lead the odd episodes and Brad leads the even ones.

If you missed episode 13, which featured MN State Rep. Jim Nash, you can still give it a listen.

These are the notes we use to guide our discussion for episode 14.

Opening

OK, here we go. Today is Monday, February 11th, 2019, and this is episode 14 of the UNSECURITY Podcast. My name is Brad Nigh and joining me as always is Evan Francen. Good morning Evan, how are you today?

Also joining the show today is a special guest, he goes by the name M1ndFl4y or “Ben”, depending upon how well you know him. For the sake of today’s show, we’ll call him Ben. Good morning Ben and welcome.

Everyone knows me and Evan, but Ben, people may or may not know who you are. what would you say you do here? Ben discusses what he does. (NOTE: Don’t let him off easy. He’s a social engineer, pen tester, researcher, mentor and creator of cool things.)

My day today. Evan’s got next week.

Week Recap

Let’s replay some of the things we did this week. Although we all work together at the same place, we don’t often get a chance to hear what each other is doing. Ben, start us off.

Ben

(NOTE: Don’t let him off easy again. Make sure he mentions his https://haveibeenpwned.com/ bash script, and the fact that it’s posted on Troy Hunt’s site and he should also share some goodies from his most recent pen test).

Brad

Well, this is what I did this week. Brad’s leading the show and has the liberty to take this wherever he wants.

Evan

Excellent meetings and collaboration this week. Met with a CISO from a large company this week (We’ll leave out the name because nothing’s been cleared with him). The company is a top 50 company in terms of size. Great meeting (Discuss). Maybe give some other highlights, if there’s time.

Awesome. We have a lot to cover in this week’s episode, so let’s get going. But, before we get started, we want to make sure everyone knows how to get in touch with us. Send us your suggestions, questions, or cool things you might want us to know. Use unsecurity@protonmail.com.

Social Engineering

The main theme for today’s episode is social engineering. You know anything about social engineering Ben?

Ben, Evan, and I will share between 3 – 5 real stories from our own personal experiences. The exact number will depend on time.

Three questions:

  1. How does someone go about becoming a social engineer?
  2. Can you suggest any good educational resources (classes, books, podcasts, etc.)
  3. If you could give one piece of advice to our listeners on how to protect themselves, what would it be? (We’re not really gonna hold you to one!)

Alright, good stuff. You can follow M1ndFl4y on Twitter, although he doesn’t post much, at @M1ndFl4y. Be careful though! He probably only uses Twitter as some sort of OSINT source for his next project.

By now, you should know where to find me and Evan. Find me on Twitter at @BradNigh. You can find Evan using his website https://evanfrancen.com or on Twitter at @evanfrancen.

OK, let’s get to some news…

Topics for Discussion

Any other topic before we get into some of the news?

Recent News

Oh yeah, Apple released a security update on Thursday. The biggest fix was for the FaceTime bug that blew things up last week. The update is iOS version 12.1.4, go apply it!

Closing

Well, that just about wraps it up for this week’s show, episode 14. Thank you, Ben, for coming on. Always fun catching up with you.

Next week, I think we might be starting a series about incident response. We’ll see what Evan decides to do. As always, be sure to send your questions and suggestions to us at unsecurity@protonmail.com.

See you next week!

UNSECURITY Podcast Episode 13

Each Friday, I’m going to do my best to post the notes for the UNSECURITY Podcast episode that Brad Nigh and Evan Francen (me) will record on the following Monday morning. Each week, Brad and I alternate leading episodes, so I lead the odd episodes and Brad leads the even ones.

These are the notes we use to guide our discussion.

Show Notes

Monday, February 4th, 2019 @ 6:45am

OK, here we go. Today is Monday, February 4th, 2019, and this is episode 13 of the UNSECURITY Podcast. My name is Evan Francen and joining me as always is Mr. Brad Nigh. Good morning Brad, how are you today?

Also joining Brad and me is a special guest, Assistant Minority Leader of the Minnesota House of Representatives and FRSecure’s Chief Storyteller, Jim Nash. Welcome Jim.

As you know, this is my day to lead the show.

We had an eventful week last week. The Polar Vortex, board meetings, travel stories, a panel discussion, and some incident response stuff.

We have a lot to cover in this week’s episode! Let’s get going.

Speaking of incident response stuff… I want to discuss two topics with you guys this morning, and I’d like to start with incident response, more specifically the importance of incident response planning.

The Importance of Incident Response Planning

  • A couple of incidents that you and I worked on last week.
  • In all the calls we’ve received for incident response, how many of the companies had an incident response plan? Can you name one?
  • Last week’s trip and the IRT meeting
  • Talk about another incident or two? How would’ve an incident response plan helped

What’s happening at the State/States – State of Minnesota

State Security Conference

  • Jim, you recently attended a pretty important security event.
  • You attended the NCSL (National Convention of State Legislatures)
  •  You’re one of 22 legislators from across the nation on the task force.
  • “We talked about the California initiative for IOT security, Elections Cyber, GDPR and the California initiative to Americanize it, the veracity of consolidated IT to reduce risk, and pudding” – the “pudding” part is/was a joke

If you have thoughts or suggestions for us about the UNSECURITY Podcast, you can email the show at unsecurity@protonmail.com.

Topics for Discussion

Any other topic before we get into some of the news?

Recent News

The BIG NEWS of the week – On Monday, news broke about an Apple FaceTime bug
It’s crazy how quickly these things blow up, among the stories:

Other News

2.2B hacked user details found in new ‘Collections’ freely shared databases and 2.2 billion emails found in new Collection data dumps

Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts (This was the only news story I saw about this)

Lastly, if we have time:
Microsoft 365 Underwent Two Day Outage, Outlook and Exchange Down

Closing

Be sure to follow Evan (@evanfrancen), Brad (@BradNigh), and Jim (@JimNashMN). Also, be sure to send your questions and suggestions to us at unsecurity@protonmail.com

Catchup on past episodes of the UNSECURITY Podcast here, or on you’re favorite podcast app.

See you next week!