Posts

The UNSECURITY Podcast – Episode 60 Show Notes – 2019 Year End Review

Goodbye 2019. It’s been real.

Where did the time go?

A common question, we ask ourselves. This year I decided to take a stab at answering it.

Here’s where my time went, for what it’s worth (roughly):

  • 38.58% (or 3,380 hours) working
  • 27.09% (or 2,373 hours) sleeping
  • 23.90% (or 2,094 hours) personal (family, friends, etc.) quality time
  • 10.42% (or 913 hours) other

I spent ~15% more time working than I did making memories with my family in 2019. Some priority adjustments are overdue for me in 2020.

Thank God for the gift of reflection.

The end of the year is a good time to reflect. Reflection is healthy. As I reflect on 2019, I can think of many good things about us like improved industry diversity, great personal growth, business accomplishments, and amazing people working round the clock for our collective benefit.

Unfortunately, there are also bad things. Since we’ve got plenty to cover, both good and bad, we’ll use this episode (#60) to discuss the bad. We won’t want to leave a sour taste in your mouth for too long, so we’ll cover the good things, and the things to look forward to in 2020, in next week’s episode (#61).

Now, the bad.

I already mentioned one of the bad things I discovered from 2019, that my priorities are out of whack, but I also learned things about the sad state of our industry. I learned that we’re (still) losing the war, and we’re losing it on multiple fronts.

Are you wondering what war?

The war where the bad people take advantage of the good people. The war where the immoral ones take advantage of the decent ones. Where the informed and corrupt beat the ignorant and noble every single time.

Let me preface the rest of this by saying I’m not a doomsayer. I’m a realist. I’m a realist with a deep desire to share the truth. If you’ve been paying attention, and can be objective, you’ll find it easier to predict our future. Predicting where a path leads is easier when there’s no (or little) change of course.

Our discussion points for episode 60’s year-end review:

  • Front #1 – Breaches are more common than ever, but we seem to care less than ever.
  • Front #2 – Our local governments and schools are losing their battles.
  • Front #3 – Our homes are part of the battleground and we’re not prepared.

All is not lost, and there’s hope. There’s good news too. We’ll cover good news next week. 2020 is the year for you, me, and our industry to get real. It’s time for us to tackle our most significant issues head-on, together!

I am (Evan) leading the show this week, and these are my notes.


SHOW NOTES – Episode 60

Date: Monday, December 30th, 2019

Show Topics:

Our topics this week:

  • Opening
  • The year (2019) in review.
    • Priorities and life adjustments
    • Front #1 – Breaches are more common than ever, but we seem to care less than ever.
    • Front #2 – Our local governments and schools are losing their battles.
    • Front #3 – Our homes are part of the battleground and we’re not prepared.
  • Closing
Opening

[Evan] Welcome to the last UNSECURITY Podcast episode of 2019! We’ve got a great show planned for you. The date is December 30th, and this is episode number 60. Joining me as (almost) always is my guy Brad Nigh. Hi Brad.

[Brad] Early morning version of Brad…

[Evan] No guest today. It’s just me and you. How you doing?

[Brad] More early morning version Brad things…

[Evan] When I put together today’s show notes, I felt like I was a little harsh, maybe even depressing. It’s not like I was depressed when I wrote the notes, but when I take an objective look at what took place this year, it’s sort of depressing to me. 2019 brought with it a record number of breaches, a record number of records disclosed/stolen, ransomware everywhere, etc. Crap man. Do I seem depressed to you?

[Brad] He’s got something to say.

[Evan] Maybe I take this too personal, but I HATE seeing people get taken advantage of. There were too many times this year that we read about people being taken advantage of, and it sucks. Ugh. Maybe I am depressed.

[Brad] More things…

[Evan] Alright, let’s get to it. The 2019 year-end review…

The year (2019) in review discussion
  • Priorities and life adjustments
  • Front #1 – Breaches are more common than ever, and we seem to care less than ever.
    • Another record year for breaches, do we care?
    • Sources; https://www.cnet.com/news/2019-data-breach-hall-of-shame-these-were-the-biggest-data-breaches-of-the-year/ and https://lifehacker.com/the-worst-data-breaches-of-2019-1840616463
    • “total number of breaches was up 33% over last year”
    • “medical services, retailers and public entities most affected”
    • “5,183 data breaches for a total of 7.9 billion exposed records”
    • Risk Based Security stated that 2019 is/was the “worst year on record” for breaches
      • January – Marriott breach (383 million)
      • February – 617 million accounts, from 16 websites and for sale on the dark web
      • March – 100s of millions of Facebook and Instagram accounts
      • April – 540 million Facebook records
      • May – 885 million First American Financial records
      • June – 20 million patients, bill collector American Medical Collection Association
      • July – Capital One and 100 million credit card applications
      • August – MoviePass and 160 million unencrypted/unauthenticated records
      • September – 218 million Words with Friends accounts
      • October – 4 billion social media profile records (???)
      • November – Facebook again…
      • December – we’re still waiting…
    • Breach fatigue.
    • Are we getting better at finding/reporting breaches? Are breaches happening more often? Are we getting worse?
  • Front #2 – Our local governments and schools are losing their battles.
    • Ransomware nails our local governments and schools.
    • A great article by Michael Mayes at CPO Magazine; the Top 10 Ransomware Stories of 2019.
      • “As the year ends, it’s time to declare 2019 the Year of Ransomware Escalation.”
      • Baltimore was “just one of 82 cities and municipalities to publicly report being struck by ransomware” in 2019.
      • “By December 1, a total of 72 US school districts have fallen victim to ransomware, impacting 867 individual schools and over 10,000 students.”
      • Nine “school districts representing 98 individual schools have been attacked by ransomware just in November. They include:
        • Wood County Schools, Parkersburg, West VA
        • Port-Neches Grove Independent School District, Port Neches, TX
        • Penn-Harris-Madison School Corporation, Mishawaka, IN
        • Livingston New Jersey School District, Livingston, NJ
        • Chicopee Public Schools, Chicopee, MA
        • Claremont Unified School District, Claremont, CA
        • Sycamore School District 427, DeKalb, IL
        • Sunapee Middle High School, Sunapee, NH
        • Main School Administrative District #6, Buxton, ME”
      • Louisiana declared a state of emergency twice in 2019
    • Do we just accept it?
    • We started a civic duty push in 2019, calling for citizens to inquire about ransomware protections from their local government officials. We’ll need to pick this up again this year, and include schools too.
  • Front #3 – Our homes are part of the battleground and we seem ignorant about it.
    • Security, privacy, and safety at home.
    • We still don’t emphasize information security, privacy, and safety enough at home.
    • Did this problem get worse in 2019?
    • Will this get worse before it gets better?

[Evan] That wasn’t too depressing, was it?

[Brad] Gives his honest opinion.

[Evan] We’ve got a lot of work to do, and there are no easy answers. No easy buttons. I think the answer is found in learning and applying information security fundamentals. We spent 2019 working hard at SecurityStudio and FRSecure to reach people with simple, but practical information security solutions like our vCISO, S2Org (information security risk assessment for all organizations), S2Vendor, S2Me (information security risk assessment for all people) and others. We even made some of our tools free! We’ll continue our quest to reach people and help wherever we can!

Got anything to add Mr. Nigh?

[Brad] Adds if he wants to add.

Closing

[Evan] That’s a wrap for another show. Heck, not just another show, but another year!

Thank you and Happy New Year to our listeners! Be sure to tune in next week, when we’ll cover some positive developments from 2019 and maybe a prediction or two. We love recording these shows for you, and we hope you enjoy them. Send us your questions and feedback at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and this other guy is @BradNigh.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 59 Show Notes

If you’re an information security consultant, you know how crazy the end of the year is. It’s crazy!

We’re trying to wrap up all the projects that needed to be completed before the end of the year, and it’s always a challenge. Thank God for Project Managers and a top-notch operations group!

If you missed last week’s episode, we talked about information security in schools with Mike Dronen, the Executive Director of Technology for Minnetonka Public Schools (District 276). Mike shared some great insight and advice for addressing the unique information security challenges facing K-12 schools. If you missed the episode, give it a listen here!

It was no coincidence that last week I also gave the keynote at the East Central Minnesota Education Cable Cooperative (ECMECC) School Security Summit. The Summit was held at the Braham Event Center on December 19th, and was attended by a few hundred K12 school administrators, technology coordinators, facilities staff, and law enforcement. Met a ton of cool people and my keynote was well-received.

If you’d like a copy of the ECMECC presentation, you can go grab it here.

This is Christmas week! For those of us working this week, please take some time off to spend with your loved ones. Merry Christmas to all of you!

Brad is leading the show this week, and these are his notes.


SHOW NOTES – Episode 59

Date: Monday, December 23rd, 2019

Show Topics:

Our topics this week:

  • The SecurityStudio Roadshow Recap (not all the questions, but I have some surprises)
    • Let’s talk about who we met on the Roadshow; different roles, titles, experience levels, etc.
    • Anyone stand out in particular?
    • Was there a specific event that really stood out to you, and why?
    • What was something you learned that surprised you?
  • News
Opening

[Brad] Welcome back! This is episode 59 of the UNSECURITY Podcast, and I’m your host this week, Brad Nigh. Today is December 23rd, and joining me is my co-host, Evan Francen. Good morning Evan.

[Evan] Lots of words of wisdom I’m sure.

[Brad] We have an in-studio guest today. FRSecure and Security Studio President, John Harmon. Good morning John.

[John] John says something I hope.

[Brad] Before we dive in, we like to check-in. John, how you doing? How was your week and what do you expect this week?

[John] John wonders why he agreed to do a podcast again this early in the morning but is a good sport and says something.

[Brad] And Evan. How are you and what’s up?

[Evan] Probably isn’t sure what to do with himself since he isn’t traveling all the time.

[Brad] Sounds like everyone is ready for the holidays to recharge and prepare for the next year.  We thought it would be fun to answer some questions and hear from Evan and John their thoughts on the recently completed roadshow, so without further ado let’s dive in.

SecurityStudio Roadshow Recap
  • Some surprise questions will be asked…
  • Let’s talk about who you met on the roadshow, roles, titles, experience levels, etc.
  • Anyone particular stand out?
  • Was there a specific event that really stood out to you, why?
  • What was something you learned doing this that surprised you?

[Brad] Great discussion.  Always fun talking with Evan and John.

Let’s do some news…

News

[Brad] Always plenty of things to talk about in the news, and here’s a few stories that caught my eye this week:

Closing

[Brad] That’s it. Episode 59 is a wrap. Thank you to John for joining us again, although this is the first time I’ve been here for it.

Thank you to our listeners! Keep the questions and feedback coming. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh, and Evan is @evanfrancen. John, is there a way you prefer for people to interact with you?

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 58 Show Notes

We welcome Mike Dronen to be our guest in episode 58 of the UNSECURITY Podcast! Mike is the Executive Director of Technology for Minnetonka Public Schools (District 276), and he’s joining us to talk about information security challenges facing K-12.

In case you missed the past couple of weeks, we talked a ton about legal and privacy stuff with our favorite data privacy and “cybersecurity” attorney, Justin Webb. Justin works for Godfrey & Kahn, S.C. in Milwaukee, and here’s what we covered:

Lots of good content and advice in these past couple of episodes. This week with Mike Dronnen is sure to be great too!

I’m leading the show this week, and here are my notes.


SHOW NOTES – Episode 58

Date: Monday, December 16th, 2019

Show Topics:

Our topics this week:

  • Information Security Challenges in K-12
    • Article: The Cybersecurity Threats That Keep K–12 CIOs Up at Night
    • How does information security work in K-12?
    • What makes K-12 different than everywhere else?
    • What are there differences between large school districts and smaller ones?
    • What tips do we have for administrators?
    • What tips do we have for educators?
    • What tips do we have for parents?
  • News
Opening

[Evan] Welcome back! This is episode 58 of the UNSECURITY Podcast, and I’m your host this week, Evan Francen. Today is December 16th, and joining me is my co-host, Brad Nigh. Good morning Brad.

[Brad] We’ll see how awake he is this fine Monday morning.

[Evan] We’ve had a couple of great shows the past couple of weeks. We learned a lot from our guest, Justin Webb. We talked a ton about privacy things and legal things. This week we’re going to shift gears a bit, and talk about information security in K-12. To help us navigate these waters, I’ve invited the Executive Director of Technology from Minnetonka Public Schools to our show. Minnetonka is my alma mater, and Mike Dronnen is a good friend. Welcome Mike!

[Mike] Mike’s a good guy. He’ll surely say “hi” or something.

[Evan] Mike, we’re excited to have you on the show for a number of reasons. You’re a good guy, I’m a Skipper, and Brad’s got some kids in your district too. Thank you for joining, especially on short notice.

Before we dive in, I like to check-in. Mike, how you doing? How was your week and what do you expect this week?

[Mike] Mike shares what he’d like to share.

[Evan] And Brad. How are you and what’s up?

[Brad] Sharing is caring.

[Evan] We’re all busy. Hopefully, health busy. My quick recap…

Alright, let’s talk about information security in K-12, shall we?

Discussion about information security challenges in K-12
  • Article: The Cybersecurity Threats That Keep K–12 CIOs Up at Night
  • How does information security work in K-12?
  • What makes K-12 different than everywhere else?
  • What are there differences between large school districts and smaller ones?
  • What tips do we have for administrators?
  • What tips do we have for educators?
  • What tips do we have for parents?

[Evan] Another great discussion. There are some real challenges for K-12, and I think we’ve all got some skin in this game to do the best we can. Thanks Mike!

Let’s do some news…

News

[Evan] Always plenty of things to talk about in the news, and here’s a few stories that caught my eye this week:

Closing

[Evan] That’s it. Episode 58 is a wrap. Thank you to Mike for joining us and for sharing your perspectives on K-12 information security!

Thank you to our listeners! Keep the questions and feedback coming. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. Mike, is there a way you prefer for people to interact with you?

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 57 Show Notes

This week we continue the conversation with our special guest, Justin Webb. Justin is a Data Privacy & Cybersecurity Attorney, and the Chief Information Security Officer at Godfrey & Kahn, S.C. in Milwaukee.

If you missed last week’s show (episode 56), we talked about Target’s lawsuit against Chubb and China’s Cryptography Law. China’s Cryptography Law goes into effect on January 1st, and there are multiple perspectives about what it will mean for commerce, including this recent take from International Financial Law Review (IFLR).

Justin’s insights were so good, we invited him back! This week, we’re going to talk about the California Consumer Privacy Act (CCPA).

Brad’s leading the show this week, and here are my notes.


SHOW NOTES – Episode 57

Date: Monday, December 9th, 2019

Show Topics:

Our topics this week:

  • The California Consumer Privacy Act (CCPA)
    • What is CCPA?
    • How is CCPA similar to GDPR, and how is it different?
    • Who does CCPA apply to?
    • What are the consequences of non-compliance?
    • What advice do we have for organizations?
    • What do we think is in the future with CCPA?
    • What do we expect other states to do?
  • New Show Format (reminder)
  • News
Opening

[Brad] Welcome back! This is episode 57 of the UNSECURITY Podcast, and I’m your host this week, Brad Nigh. Today is December 9th, and joining me is my co-host, Evan Francen. Good morning Evan.

[EvanIs it? We’ll find out.

[Brad] We have a great show planned today. This is the 2nd part of our first two-part show, and we welcome back our favorite data privacy attorney, Justin Webb. Hi Justin.

[Justin] Justin will likely say “hi” and some other things.

[Brad] In last week’s show, episode 56, we discussed a lot. We talked at length about the Target lawsuit against Chubb and we talked about China’s Cryptography Law. We intended to talk about the California Consumer Privacy Act (or “CCPA”), but we decided to move it to today’s show in order to give it more of the attention it deserves.

Before we dive in to CCPA, let’s check in quick. Guys, how was your week last week? We’ll start with you Justin.

[Justin] Justin shares what he’d like to share.

[Brad] My week was…  How about you, Evan?

[Evan] Sharing is caring.

[Brad] Alright, let’s get into this whole CCPA thing.

California Consumer Privacy Act (CCPA) discussion

Most of this show is dedicated to this discussion.

A few California Consumer Privacy Act (CCPA), references:

[Brad] Awesome discussion! I think our listeners will get some real value out of this. One quick housekeeping thing before we get into the news.

New Show Format (reminder)

[Brad] Just a quick reminder about the upcoming new addition to the show, starting after the first of the year. We’re devoting ten minutes of each show to anyone who’s looking for a job in the information security industry. Email us at unsecurity@protonmail.com if you want your slot! We’ll respond to you on a first come, first serve basis.

We’ve already received some emails, which is super cool!

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

If you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Brad] OK, lots of things this week, but we’ll focus on a few news stories.

Closing

[Brad] That’s it. Episode 57 is a wrap. Thank you to Justin for joining us and for sharing your perspective again! We’ve got another great show planned for next week, but we’re not letting the cat out of the bag just yet.

Thank you to our listeners! Keep the questions and feedback coming. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. If you’d like to get in touch with Justin, you can find him on LinkedIn.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 56 Show Notes

Brad and I hope you had a wonderful Thanksgiving holiday! We have so many things to be thankful for, including our faith, our families, our work families (FRSecure and SecurityStudio), our friends, our partners, our clients, and last, but not least, our UNSECURITY Podcast listeners!

Our listeners make our podcast worthwhile.

If you missed last week, we introduced you to one of the most amazing 15 year-old kids you’ll ever meet, Zoe Bundy. She’s an all around awesome gal, and the founder of Brainy Ladies. Give it a listen. You won’t be disappointed!

This week we welcome another special guest, Justin Webb. Justin is a “Data Privacy & Cybersecurity Attorney / Chief Information Security Officer at Godfrey & Kahn, S.C.”. We’re going to talk to Justin about all sorts of legal information security and privacy stuff. It’ll be like 30-40 minutes of free legal advice (sort of)!

I’m (Evan) leading the show this week, and here are my notes.


SHOW NOTES – Episode 56

Date: Monday, December 2nd, 2019

Show Topics:

Our topics this week:

  • Introducing Justin Webb
    • Who is Justin Webb?
    • Target vs. Chubb
    • The California Consumer Privacy Act (CCPA)
    • China’s Cryptography Law
  • New Show Format (reminder)
  • News
Opening

[Evan] Welcome back! Unless you’re lost, you know this is the UNSECURITY Podcast. This is episode 56, and I’m Evan Francen, your host. The date is December 2nd, and joining me is my buddy Brad Nigh. Sup Brad?

[BradShares some of the simple things in life.

[Evan] How was your Thanksgiving holiday?

[Brad] Great, duh!

[Evan] We have another awesome show planned today! A couple of weeks ago, I read a news story about Target suing Chubb, their insurance provider, about claims related to the infamous Target breach of 2013. Here we are, six years later, and the fallout continues.

People who know my past, know that I spent twenty-one months consulting the Special Litigation Committee (SLC) of Target Corporation’s Board of Directors who addressed the derivative claims
arising out of the December 2013 data breach. I mention this only because I’m still obligated to maintain confidentiality from this work, and for perspective. I was privileged to see almost everything about this breach, or at least it seemed that way.

So, I read the news about this lawsuit, and I figured I’d reach out to my favorite cyber-insurance guy, David Kruse and get his take. David introduced me to this cool cat, Justin Webb, an information security stud and data privacy attorney with Godfrey & Kahn, a leading law firm out of Milwaukee, Wisconsin.

Welcome Justin!

[Justin] Justin does Justin.

[Evan] I’m sort of looking at this like we get 30 minutes or so of free legal advice. Right?

[Justin] Probably not right, but whatever.

[Evan] We’re very excited to have you join us Justin!

Discussion with Justin

Conversation items:

[Evan] Good stuff! Legalling is exhausting. Thank you Justin for providing your insight and advice!

New Show Format Discussion (reminder)

[Evan] Just a quick reminder about the upcoming new addition to the show, starting after the first of the year. We’re devoting ten minutes of each show to anyone who’s looking for a job in the information security industry. Email us at unsecurity@protonmail.com if you want your slot! We’ll respond to you on a first come, first serve basis.

We’ve already received some emails, which is super cool!

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

If you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Evan] Alright, what the heck happened this last week? Let’s see…

Closing

[Evan] That’s it. Episode 56 is a wrap. Thank you to Justin Webb for joining us and for sharing your perspective.

Thank you to our listeners! Keep the questions and feedback coming. We’re still a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh. Justin, how do you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies there too!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 55 Show Notes

Here we are, show notes for the UNSECURITY Podcast, episode 55!

Last week’s show featured pioneer virus researcher and keynote speaker Kenneth Bechtel. We learned from his wisdom, and he also shared some of his recent struggles with landing a job. UPDATE: Ken informed us that he’s landed a job, and we’re pumped about it! If you know Ken, reach out an congratulate him.

This week we have another super special guest! Zoe Bundy, the teenage founder of Brainy Ladies is joining us. We’re going to dedicate the show to learning more about her, her company, and her cause! This is going to be amazing!

This is Brad’s show to lead this week, and these are my (Evan) notes.


SHOW NOTES – Episode 55

Date: Monday, November 25th, 2019

Show Topics:

Our topics this week:

  • World Meet Zoe!
    • Who is Zoe Bundy?
    • Introduction to Brainy Ladies
    • What’s next?
    • How can we help?
  • Thanksgiving – What’s one thing we’re thankful for this year?
  • New Show Format
  • News
Opening

[Brad] Welcome to the UNSECURITY Podcast. The date is November 25th, 2019 and this is episode 55. My name is Brad Nigh and joining me in studio is Evan Francen. Sup Evan?

[EvanThings and such.

[Brad] So, Evan. You meet a lot of really awesome people on the SecurityStudio Roadshow. There are few, if any, that you mention with more admiration than our guest this week, Zoe Bundy. Before we introduce her, tell me how you met and your thoughts about what she’s doing.

[Evan] You’re absolutely right, by far the best part of being on the SecurityStudio Roadshow is meeting the people I get to meet. One of the most incredible people I’ve met is Zoe Bundy. She’s the CEO of Brainy Ladies, an organization with this super cool mission of helping more girls get into STEM.

I first met Zoe in November 2018 at Network Center’s nVision Conference in Fargo, North Dakota. Steve Marsden, FRSecure employee #3 ran up to me and told me he’d met the most fascinating girl who’s got this awesome mission to help girls get into STEM. She gave a talk at nVision 2018 and he was blown away by her poise, her ambition, and her mission. When we met in 2018, I put her in touch with some of the great women we have working at FRSecure like Megan Larkins and Lori Blair.

Fast forward to this year’s nVision conference, and I ran into Zoe again. She came by our SecurityStudio booth with her brother Grover. She’s still trucking along, making a huge difference in the world. I felt like we needed to get her on the show, get to know her a little, and help her spread the word about her noble mission!

[Brad] Awesome! Well, let’s introduce Zoe. Hi Zoe, welcome to the UNSECURITY Podcast!

Discussion with Zoe
  • World meet Zoe and Brainy Ladies!
  • Open, unscripted discussion.
  • Getting to know Zoe.
  • Questions we may/may not get to:
    • How old are you?
    • Do you come from a family with a STEM/technical background?
    • How did she come upon her mission?
    • What motivated her to do something?
    • Tell us about Brainy Ladies.
    • What plans do you have for the future of Brainy Ladies?
    • How can we get involved with helping Brainy Ladies or you?
    • What do her friends at school think?
    • Does she recruit girls into STEM? If so, what works and what doesn’t?
    • What advice does she give girls who have an interest in STEM, where should they go?
    • What about girls who are struggling with STEM, what help can we give?
    • If there was one thing you’d like our listeners to know about girls in STEM, what is it?
    • If there was one thing you’d like our listeners to help you with, what would it be?

[Brad] Wow! There are tons of opportunities to encourage girls to get into STEM. STEM isn’t for everyone, but for everyone who’s got an interest, there’s plenty of opportunity! Amazing.

Thanksgiving

[Brad] OK, this is Thanksgiving week. We all have things to be thankful for this year, starting with you Zoe, what’s one thing you’re particularly thankful for this year?

[Zoe] She can choose whatever she wants or nothing at all. This is her time.

[Brad] How about you Evan, what’s one thing you’re thankful for this year?

[Evan] We’ll see what he/I say…

[Brad] Good stuff! I’m thankful for ______________.

New Show Format Discussion (quick)

[Brad] Next let’s talk quick about an upcoming show format change, starting the first of the year. We’re going to devote ten minutes of each show to anyone who’s looking for a job in the information security industry. You email us at unsecurity@protonmail.com sometime before the next episode, and we’ll respond to you on a first come, first serve basis.

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

So, if you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Brad] There’s always plenty of news to choose from. Here’s just a couple of stories that caught our eye this week.

Closing

[Brad] Alright! Episode 55 is a wrap. Thank you again to Zoe Bundy from Brainy Ladies for joining us! We’re very excited to keep up with what she’s doing.

Thank you to our listeners! Keep the questions and feedback coming. We’re a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Zoe, how do you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies there too!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 54 Show Notes

Show notes are almost on time this week! Yay us.

I started writing our show notes on Thursday night in the Salt Lake City airport, and now I’m finishing them on a plane back from LA. Ugh. The life.

This was a crazy week, but what’s new? While Brad’s been bustin’ his tail keeping up with FRSecure’s sales and operations, I’ve been traveling the country on the SecurityStudio Roadshow. My travels this week took me to Rochester (NY), Baltimore (MD – layover), Kansas City (MO), Salt Lake City (UT – layover), Sacramento (CA), and Los Angeles (CA – layover).

I’m supposed to get home late on Friday night. We’ll see. 🙂

If you’d like to follow the SecurityStudio Roadshow, I write a recap every week on my/this site. Keep up with me, and give me some BBQ tips.

I’ve met some amazing people on my travels, and one really cool cat is Kenneth Bechtel. I met Kenneth during week one of the SecurityStudio Roadshow. On week one, John Harmon and I traveled to Harrisburg, Pennsylvania for BSides. I was speaking in a mid-morning session and Kenneth was the keynote speaker.

I have a lot of respect for Kenneth because he’s been at his game for a long time. He’s been doing threat hunting before threat hunting was a thing. Big props to this guy. During our time together at BSides, Kenneth shared his recent troubles finding a job. This bugs me. So, I invited him to be a guest on the podcast.

We’re honored to have him share some of his wisdom. We’ll try to get to the bottom of his job search struggle too.

Special thanks to Brandon Matis for putting together last week’s anniversary show! That couldn’t have been easy.

Pretty sure I’m supposed to lead this episode, so here goes.

My show to lead this week and these are my notes.


SHOW NOTES – Episode 54

Date: Monday, November 18th, 2019

Show Topics:

Our topics this week:

  • What’s up man?
  • Introducing Kenneth Bechtel
    • The earlier days versus today. What’s changed and what’s the same?
    • The (alleged) infosec labor crunch. Kenneth isn’t the first person who’s had trouble finding work. What gives?
  • New show ideas
  • News
Opening

[Evan] Hey UNSECURITY Podcast listeners! This is episode 54, and the date is November 18th, 2019. I’m Evan Francen, and it’s my show this week. Brad’s here with me too. Care to chime in Brad?

[BradYou know he’s got something to say. Probably something good too!

[Evan] Alright, we’ve got another great show planned!

  • Brad and I are going to catchup with our craziness quick.
  • We’re going to get real with a true information security pioneer Kenneth Bechtel. He’s got an incredible amount of wisdom to share and we want to get to the bottom of why people like Kenneth are not getting hired when we have this alleged talent shortage.
  • We’ll talk about an upcoming show idea that we have, then we’ll wrap with some newsy things.

I’m pumped about this show! So, let’s get on with it, eh?

[Brad] Brad’ll agree probably.

[Evan] So, what’s up man?! I’ve been out for the past two weeks preaching to folks everywhere and stuff. I missed you man.

Catchin’ up with Brad (quick)

[Evan] Alright, enough of that. We are excited and honored to have Kenneth Bechtel on the phone, so let’s welcome him. Hi Kenneth.

[Kenneth] He’ll confirm (unless of course we have some tech issue or something).

[Evan] Can’t tell you how grateful and pumped we are to have you on the show! We’re going to get to know each other more, and discuss things. I’d like to start off with you telling us about you, then we can talk about how the industry has evolved, then lastly, let’s discuss this whole infosec talent shortage thing.

I found an old photo of you on your Team Anti-Virus website.

About Kenneth:

I have been actively involved in Anti-Malware defense and research since 1988 at both a corporate and international level, with close ties to the international Anti-Malware efforts and fellow researchers.

In the corporate world, I have worked as both a Virus Laboratory and Field researcher for major organizations, providing expert support for malware outbreaks.

Internationally, I was a Founding Members of AVIEN – Anti-Virus Information Exchange Network, and served as Chairman of its Disciplinary Committee and well as member of the Advisory Board to the Administrator.

I have presented at international conferences, including the Virus Bulletin Conference, at which I am a regular attendee.

My work has been published in trade magazines and specialized websites such as Security Focus.

I have written a handbook on Anti-Virus Security and was one of the co-authors of the AVIEN Malware Defense Guide. 

I am regularly asked to speak at small organization and company conferences and training seminars.

Media requests, Opportunities and general inquiries are welcome at kbechtel@teamanti-virus.org

Discussion with Kenneth Bechtel
  • Introductions
  • The earlier days versus today. What’s changed and what’s the same?
  • The (alleged) infosec labor crunch. Kenneth isn’t the first person who’s had trouble finding work. What gives?
  • Your recent post about your cowboy hat

[Evan] Alright. Let’s see what we can do here to help each other. Kenneth, I sincerely appreciate your tireless work for this industry and for being on our show!

News

[Evan] Some interesting news stories for us to discuss this week. The first one is interesting because we’ve warned about this and sadly things are going to get much worse before they get better.

Closing

[Evan] OK, cool! Episode 54 is a wrap. Thank you again Kenneth for being on our show. I think our discussion will benefit others!

Thank you to our listeners! Keep the questions and feedback coming. We love it, well Brad does, but I don’t. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. Kenneth, do you have a way you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 53 Show Notes

We’re celebrating our one year anniversary with a special episode! Last week was the one year anniversary of the UNSECURITY Podcast, in case you missed it.

Brad and I are taking the week off from doing a live show this week while Brandon Matis (FRSecure’s Marketing All-Star) puts together the show. This week’s show will highlight some of the most memorable moments of the past year, and should be a must-listen.

Brad and I will be back next week (episode 54) with a live special guest, Kenneth Bechtel. I ran into Kenneth at the Harrisburg BSides event during week one of the SecurityStudio Roadshow (#S2Roadshow), where he was the keynote speaker. Kenneth is a pioneer in malware research and threat intelligence, but he’s having some troubles landing a job. We’ll find out what gives. This is sure to be a great show next week, so tune in!

We’re excited about the second year of the UNSECURITY Podcast! We’ve learned a lot about podcasting and we’re planning to have a ton of interesting guests in the weeks ahead.

The UNSECURITY Podcast – Episode 52 Show Notes

Yay us! This is the one year anniversary of the UNSECURITY Podcast! 

Episode 52. One year, one episode per week, fifty-two episodes. Hard to believe it’s already been a year. We didn’t miss a single week, and if you know us (well, me anyway), you know that’s almost miraculous. Some weeks were tough to get something recorded, but we did it anyway.

Last week was a good one around here. I’m not sure what Brad’s been up to because we haven’t caught up with each other yet.

For me, I gave a couple talks at a couple of conferences, made a short Dallas trip, and did some other neat stuff.

Last week was a great show with special guest, lead pen-tester, and all around awesome guy Eric Hanson. We’re pleased to have another special guest this week! David Kruse is joining us to share his perspectives on things. It’s gonna be another great show!

My show to lead this week and these are my notes.


SHOW NOTES – Episode 52

Date: Monday, November 4th, 2019

Show Topics:

Our topics this week:

  • One Year Anniversary
  • Introducing David Kruse
    • How’d you get here? 
    • Cyber Insurance
    • Speaking
  • Industry News
Opening

[Evan] Hey UNSECURITY Podcast listeners! This is episode 52, the date is November 4th, 2019, and I’m your host, Evan Francen. My guy is with me, Brad Nigh. Tell the folks something Brad.

[BradWords, words, words, etc.

[Evan] Alright, we’ve got a great show planned!

  • We’re going to talk about 0ur first year of podcasting, and some of what we’ve learned.
  • We’re going to welcome our guest David Kruse. He’s an awesome dude who’s got a cool career story. He also knows a ton about cyber insurance, so we’re going ask him all sorts of challenging cyber insurance questions.
  • After all this, we’re going to discuss some interesting news stories, including Google’s Fitbit purchase announcement.\

Ready Brad?

[Brad] Of course he is.

[Evan] OK. Joining us this morning is a pretty swell guy, David Kruse. Good morning David!

[David] Unless we have technical issues, David will probably say something.

[Evan] You guys, I can’t believe this is the one year anniversary of the UNSECURITY Podcast! We’ll do the official One Year Anniversary Show next week, but let’s talk about this.

One Year Anniversary Discussion
  • Reminiscing – some cool and some funny show moments
  • People we’ve met, and some of our favorite peeps
  • What’s next? Ideas.

[Evan] It’s been a good year. Here’s to an even better one ahead! OK, now let’s talk about you David. 

Introducing David Kruse
  • How’d you get here? – One of the most fascinating things David shared with me was his career path. It’s pretty wild. There are some interesting parallels between his path and mine. Should be a good talk!
  • Cyber Insurance – David has some awesome cyber insurance experience and advice.
  • Speaking – David does some speaking, including keynotes. Let’s get his perspective, tips, and tricks on this too.

[Evan] It’s great talking to you and it’s great knowing you David! Thanks for sharing brother. Let’s wrap the show up with some news stories. 

News

[Evan] We’ve got two (maybe three) news stories to discuss this week, but one news story in particular that caught my eye was Google’s intended purchase of FitBit. Ugh.

Closing

[Evan] Episode 52 is a wrap. Well, almost. Thank you for joining us David! Hopefully we can do this again in the future.

Thank you to our listeners! Keep the questions and feedback coming. We love it,. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. David, do you have a way you want people to social ice with you? 

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies!

That’s it! Talk to you all again next week!