Posts

UNSECURITY Podcast – Ep 104 Show Notes – Stigma Against Healthy

Last week was nuts. Is “nuts” the norm? God, I hope not.

The week started off with what seemed like a run of the mill ransomware attack against a healthcare client. The investigation led us to threat hunting with another client. During the threat hunting exercise, Brian Krebs called. He claimed to have information about 427 healthcare organizations who could be attacked by Wednesday (10/28). This led us down all sorts of paths with a few renowned researchers, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, Secret Service (don’t ask), and others.

Eventually, CISA issued a joint cybersecurity advisory with the FBI and Department of Health and Human Services (HHS). See: Ransomware Activity Targeting the Healthcare and Public Health Sector.

On Friday, FRSecure issued their own statement and hosted a very well-attended webinar. See: Situation Update: RYUK Ransomware in Healthcare.

One thing we learned is that incident response in the United States, in terms of our readiness across the public/private sector is in bad shape. It shouldn’t take 3+ days to legitimize a threat and coordinate a response. Thank God we didn’t witness a coordinated attack against 427 hospitals at once. Had this been a real attack against 427 hospitals, we would have been in a world of hurt!

Other things that happened last week include:

  • Episode 103 of the UNSECURITY Podcast, Part Two with Neal O’Farrell of the PsyberResilience Project was awesome! If you missed it, you should go check it out.
  • FRSecure is rocking it! We’re running on all cylinders and making a positive difference in our industry. I’m very proud and humbled at the same time.
  • SecurityStudio finished another incredible month! People are buying into the concept of focusing on the fundamentals and simplification. In case you didn’t know, complexity is the worst enemy of information security.
  • The Security Shit Show was awesome on Thursday night! Personally, I needed the time to talk shit with my peers, Ryan Cloutier and Chris Roberts. It’s like therapy. The title for our discussion was “Kiss and Make Up?” and we talked about what life might look like after the election.

There was probably other important stuff sprinkled in last week too, but the brain can only handle so much!

On to the show!

Episode 104 Topic and Special Guest

A few important things about this episode:

  • This is episode 104, the two-year anniversary of the UNSECURITY Podcast! Holy crap, where did the time go?! It’s been an incredible ride so far, and we’ve met 100s of amazing people along the way.
  • Our topic (or, I guess title) is “The security industry’s stigma against healthy stuff“. Is there a stigma against healthy stuff in our industry? Maybe. We’ll look into it in this episode.
  • We have another special guest, and he’s a good one! We call him Richie Breathe, and he’s a great guy with interesting perspectives on wellness. He’s the perfect guest to wrap up what turned into another semi-series about us and our health.
  • Next week, we’re going to dive back in to incident response. We’ve seen some very interesting (and alarming) trends, and it’ll be good to share with you.

Let’s get on to the notes…

Oh yeah, one more thing before we forget.

GO VOTE!


SHOW NOTES – Episode 104

Date: Tuesday November 3rd, 2020

Episode 104 Topics

  • Opening
  • Happy Anniversary (to us)
    • What’s been your favorite thing about the UNSECURITY Podcast?
    • What’s been your favorite moment or episode?
  •  Special Guest Richie Breathe and the security industry’s stigma against healthy stuff
    • Who’s Richie Breathe?
    • Is there a stigma? If so, how bad do we think it is?
    • Ideas for improving wellness in our industry.
    • Where to go next.
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hi again everyone. Welcome to another episode of the UNSECURITY Podcast! This is episode 104, the date is November 3rd, 2020, and I’m Evan Francen, your host. Joining me is my good friend and co-worker, Brad Nigh. Good morning Brad.

[Brad] Cue Brad.

[Evan] Also joining us, is a good friend Richie Breathe. Good morning Richie.

[Richie] Cue Richie.

[Evan] First things first. Today is election day. Did you guys vote?

[Brad & Richie] Well, did they?

Happy Anniversary (to us)

[Evan] This is our 104th episode in a row, meaning 104 weeks in a row, meaning two years! I can hardly believe it. Seems like yesterday we did our first episode together Brad. Happy anniversary!

[Brad] Cue Brad

[Evan] I gotta tell you man. I’ve loved every minute of this with you. Sincere gratitude for being my pal in this journey.

[Brad] Cue Brad

[Evan] Now, Richie. You’ve been listening for a while, and we actually met through the podcast, didn’t we?

[Richie] Cue Richie

[Evan] I’ve met 100s of amazing people over the past two years from this show. So many incredible memories. Brad, what’s your favorite thing about the UNSECURITY Podcast?

[Brad] Cue Brad

[Evan] How about you Richie?

[Richie] Cue Richie

[Evan] My favorite thing.

I couldn’t have imagined so much and I’m VERY grateful. How about a favorite moment or episode? Brad?

[Brad] Cue Brad

[Evan] Richie?

[Richie] Cue Richie

[Evan] My favorite moment/episode.

Like I said, it’s been an amazing ride. Here’s to many more episodes and lots more memories!

Transition

Special Guest –  Richie Breathe and the security industry’s stigma against healthy stuff

[Evan] Richie, thanks for being here man. I know we talked about this a while back, and the time has finally come. You first learned about me and Brad through the UNSECURITY Podcast, then started coming to the Daily inSANITY Checkin, right?

[Richie] Cue Richie.

[Evan] The Daily inSANITY Checkin is another HUGE blessing for me. I’ve met some incredible people there and I love sharing life with them. Shout out to you guys!

For people who want to know more, the Daily inSANITY Checkin is just what it says. It’s a daily informal meeting with people who care about each other. It’s a safe place to come, share thoughts, share ideas, or share whatever else comes to mind. The only real rules are to show respect and be yourself. Simple.

We started the Daily inSANITY Checkin immediately after the COVID-19 lockdowns started in March and we’ve been going strong ever since. It’s been incredible. So, Richie. You’re there almost every day, and I’m grateful to have gotten to know you. I know you, but tell the listeners a little about yourself.

[Richie] Cue Richie.

Begin Discussion

The security industry’s stigma against healthy stuff

  • Who’s Richie Breathe?
  • Is there a stigma? If so, how bad do we think it is?
  • Ideas for improving wellness in our industry.
  • Where to go next.

[Evan] Awesome! Great discussion. Thanks again Richie!

Now, we’re at the part of the show where we review a few news items that caught our eye this past week. Richie, please feel free to comment anytime too!

News

[Evan] Always plenty of interesting things going on in our industry. Here’s a few stories that caught my attention recently:

Wrapping Up – Shout outs

[Evan] Great! Episode 104 is just about complete. Thanks guys! Next week we’re going to tackle some incident response stuff. Things like what’s going on, what people are doing wrong, and how to do things better. Episode 105 will be great, and maybe we’ll invite a guest to boot!

Richie, loved having you join us this week. Thank you!

Any shout outs for either of you?

[Brad and/or Richie] We’ll see.

[Evan] Always grateful for our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Richie, how can listeners find you?

[Richie] Cue Richie.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!

UNSECURITY Podcast – Ep 103 Show Notes – PsyberReslience Project Pt. 2

Happy Tuesday (again)!

There are always 100s of things to talk about each week, and if you’re ADHD like me, you know how hard it can be to stay focused on one thing for too long!

Here are a few things that are top of mind right now:

  • Security ABCs:
  • Election is next week. Please vote. Regardless of who you vote for, you have a voice. The voice might seem insignificant, but when millions of voices speak together, you have something special. This election season has been crazy, just like 2020 has been crazy. I’m looking forward to it being over, so we can return our focus to serious issues facing all of us.
  • Last week on the Security Shit Show, we talked about election security. The title of the show was “Is My Vote Secure?”. This week it’s Chris Roberts‘ topic, and he hasn’t announced it yet. Stay tuned!
  • Business is good – FRSecure is running at or near full capacity and SecurityStudio is serving people well with simple, fundamental, and effective information security risk tools. Good things! FRSecure is hiring BTW.
  • Incidents and calls for our incident response team continue to roll in. There was an incident that occurred this past weekend. Sadly, the way the incident was handled by the client provided good examples of what NOT to do. I’ll right a separate blog post on this story later, but here’s two things you need to do RIGHT NOW. Drop what you’re doing and make sure you’re squared away on:
    1. Check your incident response plan and be sure you know who to call.
      • Double-check the contact information.
      • Is there 24×7 response? Incidents will inevitably happen at the worst time.
      • Who do you call, and who do you call first? Your incident responders, your insurance provider, your legal team, executive management, law enforcement, or…?
    2. Make sure your preferred 3rd-party incident handler/provider is on your insurance provider’s approved list for reimbursement.
      • You waste precious time, energy, and money when you don’t know.
      • Engaging with a 3rd-party incident responder who isn’t on the list will force you into declined reimbursements and/or changed providers (losing more time).
  •  Not a sales push at all, but here’s what FRSecure provides. At a minimum, it makes sense to register with your incident responder (See: IR Registration Services).

  • Not digging the cold weather, but I do live in Minnesota, so…

Episode 102 Quick Recap

Originally, we weren’t planning on making the discussion with Neal O’Farrell into a series, but the talk in episode 102 was too AWESOME! Brad was out sick for the show, but Neal and I had a great talk about his 40(ish) years in our industry, his background growing up in Ireland, his organization (the PsyberResilience Project), our personal mental health issues (stress, burnout, etc.), and mental health in our industry. This is a serious issue in our industry, and we’re not doing a good enough job in tackling our problems.

I’m VERY excited to welcome Neal back again! We’ll talk about resources people can use to improve their lives. Sure to be another great discussion!

These are my (Evan) notes.


SHOW NOTES – Episode 103

Date: Tuesday October 27th, 2020

Episode 103 Topics

  • Opening
  • Special Guest – Neal O’Farrell from the PsyberReslience Project
    • Recap episode 102 – Where we left off.
    • Mental Health Discussion.
    • Specific self-help approaches, what we’ve learned from trying them.
    • Other resources and what you can do to help.
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hi everybody. Welcome to another episode of the UNSECURITY Podcast! This is episode 103, the date is October 27th, 2020, and I’m Evan Francen, your host. Joining me is my good friend and co-worker, Brad Nigh. Good morning Brad.

[Brad] Cue Brad.

[Evan] Also joining us, for the second week in a row is our good friend and founder of the PsyberResilience Project, Neal O’Farrell. Good morning Neal.

[Neal] Cue Neal.

[Evan] How are you guys today? What’s new?

Quick Catch-up

Discussion about any current events, life or otherwise…

Transition

 

Special Guest – Neal O’Farrell from the PsyberReslience Project

[Evan] Neal, thanks for joining us for the podcast again this week. Last week we had a great talk. So great, in fact, we didn’t leave any time for news stuff. No matter though, people can always read news things for themselves.

Anyway, we talked about your background, both of us shared our personal struggles with mental health, and we talked about your organization (the PsyberResilience Project). This week Brad’s joining us, and we’re going to focus on specific self-help approaches that we’ve tried. Before we jump in, Brad, did you get a chance to listen to last week’s podcast?

[Brad] Cue Brad.

[Evan] What did you think about it?

[Brad] Cue Brad.

[Evan] Great! Let’s dig in.

Begin Discussion

Topics to discuss (or ideas):

  • Recap episode 102 – Where we left off.
  • Mental Health Discussion.
  • Specific self-help approaches, what we’ve learned from trying them.
  • Other resources and what you can do to help.

Discuss whatever else comes to mind.

[Evan] Excellent discussion, and I’m sure our listeners found value in it!

Now, we’re at the part of the show where we review a few news items that caught our eye this past week. Neal, please feel free to comment anytime too!

News

[Evan] Some interesting nation-state stuff caught my attention this week. God knows, there’s always plenty of nation-state stuff going on!

Wrapping Up – Shout outs

[Evan] Great! Episode 103 is just about complete. Thanks guys! Neal, it was great having you on the show again this week. I’m looking forward to working together to make our industry better. Brad, always happy when you’re here. Glad you’re feeling better this week!

Any shout outs for either of you?

[Brad and/or Neal] We’ll see.

[Evan] Always grateful for our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Neal, remind our listeners again how they can get in touch with you.

[Neal] Cue Neal.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!

UNSECURITY Podcast – Ep 101 Show Notes – Election Security

Well, it’s already mid-October and the election is 21 days (three weeks) away. Things have never seemed crazier or more divided, at least not in my lifetime. Good fodder for discussion in episode 101 of the UNSECURITY Podcast!

Work-wise things are also crazy, but good. Fourth quarter is always nuts for an information security company, and doesn’t matter is it’s consulting (FRSecure) or SaaS (SecurityStudio). Everyone is running at full capacity and finding life margin is a challenge!

Hope you’re happy and healthy! On the the show; I’m (Evan) leading this show and these are my notes.


SHOW NOTES – Episode 101

Date: Wednesday October 14th, 2020

Episode 101 Topics

  • Opening
  • Catching Up (as per usual)
  • Election Security
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey there, thank you for tuning into this episode of the UNSECURITY Podcast. The date is October 14th, 2020 and this is episode 101. I’m Evan Francen, your host for this show. Joining me is my good friend and co-host Brad Nigh. Good morning Brad.

[Brad] Brad does Brad.

[Evan] I know we’re a day late getting the podcast out again this week, but holy cow we’ve been busy! We’ll try to get back on track next week.

Brad, I want to reiterate how I enjoyed our discussion the past couple of weeks about the social dilemma, a Netflix documentary about social media and its effects on society. Lots to think about. In fact, I’m planning to watch it again this week.

[Brad] He might comment here.

Catching Up

[Evan] So, what’s new? Tell us what a day in the life of Brad looks like.

[Brad] Cue Brad.

[Evan] I’ll share some stuff too (probably).

Transition

Election Security

[Evan] As you know, we’re only 20 days from the election. If you haven’t registered to vote yet, you should. Go to vote.gov and check it out. Brad have you registered to vote?

[Brad] Cue Brad.

[Evan] I’m registered and ready to cast my ballot! The date is November 3rd.

There’s been much said about election security. A simple Google search of “election security” produces over 2.2 million results! Election security isn’t a new thing, even though it’s been front and center the past few election cycles.

There’s more to election security than protecting voting machines, so let’s talk about this.

Resources

[Evan] There’s a lot more to election security than infrastructure. What about voter intimidation, disinformation, and security after election night? We’re talking about disinformation on Thursday night’s Security Sh*t Show because this is a significant issue in today’s society.

Election Security Discussion

Open discussion

[Evan] Good discussion! Securing an election has never been more difficult. Let’s catchup on some news quick.

News

[Evan] Here are some recent and interesting news stories to talk about.

Wrapping Up – Shout outs

[Evan] Great! Episode 101 is just about complete. Thanks Brad, do you have any shout outs this week?

[Brad] We’ll see.

[Evan] Always grateful for our listeners! We’re behind on email, but we’ll promise to respond soon. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!

UNSECURITY Podcast – Episode 97 Show Notes

Good morning! Happy Tuesday!

Thinking Brad is back again this week. I dig that because I dig Brad!

Last week, Brad was out feeling sick. This led to a solo recording of the UNSECURITY Podcast; go check out episode 96 if you want to hear me do my most awkward podcast yet.

Busy, Busy, Busy

We’ve been very busy around here, and it sounds like many of you are too. There are many good signs recently that the economy may be rebounding. The positives:

  • Elections – although the next 50ish days are going to be chaotic, there will be some settling in after the elections are complete. Regardless of which way you swing (blue or red), the completion of an election cycle brings a sense of stability.
  • COVID-19 – there’s been a lot of positive news about medical treatments and possible vaccines. The sooner we can put the pandemic behind us, the better. Once the pandemic is behind us (closer with each passing day), the economy should settle.
  • Markets – the stock and housing markets have held there own through all the chaos of 2020. This is a good sign of good things ahead in our opinion.

Busy is good, and it would take a small book to tell you all the good things going on at SecurityStudio and FRSecure! SecurityStudio is well on it’s way to being a very healthy and profitable SaaS company and FRSecure is exploring expansion (acquisition, merger, and/or geographic expansion).

I sincerely hope you and your family are well!

Why Can’t We All Just Get Along?

Today’s topic is about our divisiveness in world today and what it means to our industry. We’ll be careful to be respectful of other people’s opinions as we navigate these waters, and this may be a good segue into a future series we’ve been thinking about recently; “Politics and Information Security”.

Let’s get on it. The show notes…


SHOW NOTES – Episode 97

Date: Tuesday, September 8st, 2020

Episode 97 Topics

  • Opening
  • Catching Up
  • Why Can’t We All Just Along?
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Good morning everyone. Thanks for tuning in. The date is September 15th, 2020 and this is episode 97 of the UNSECURITY Podcast! I’m your host, Evan Francen, and back with me this week is my good friend, Brad Nigh! Good morning Brad.

[Brad] Good things from this dude.

[Evan] Well, you were out ill last week. How you feeling? What’s new?

Catching Up

[Evan] Regular listeners to our show know that Brad and I normally start off with catching up with each other. Let’s do it.

Topics:

[Evan] Did you get a chance to hear last week’s episode? It was definitely awkward doing the show alone for the first time!

Transition

Why Can’t We All Just Get Along?

[Evan] It’s crazy how much information security reflects life and vice versa. I’ve been thinking about what our next series should be, and I’m always interested in tackling serious topics. We’re in the middle of an election cycle right now and I can’t remember a time when our country has been more divided than it is today. Me being me, I want to talk about it with you (Brad).

What are your first thoughts about the divisiveness in our country today?

[Brad] Chimin’ in.

[Evan] Here’s what I’d like to explore with you:

  • General divisiveness (political, social, information security, etc.)
    • Intimidation/bullying for sharing your thoughts, opinions, disagreements, etc.
    • When you find someone being a jerk or speaking/writing nonsense.
  • Outside Influences to Information Security
    • Today’s political climate.
    • Where do we find facts vs. opinions?
  • Within Information Security
    • How do we think our divisiveness affects information security?
    • Putting down others (competition, other professionals, etc.).
    • The divide between us and the business.
  • A couple of podcast reviews.

 

[Evan] I’m thinking about doing a series titled “Politics and Information Security”. We could interview special guests form both sides of the isle and get their opinions on all sorts of things. What would set us apart is respectfulness. We would do this in a way that respects opinions without attacking and bullying. This could be a great opportunity to set an example for others on how to discuss hot topics without beating each other up. What do you think?

[Brad] We’ll see what he thinks…

[Evan] The timing seems right to do a series like this. Alright. More to come on that! Let’s do newsy stuff now.

News

[Evan] Here’s some news I thought was interesting:

Wrapping Up – Shout outs

[Evan] OK. That’s about it. Episode 97 is almost a wrap. Brad, any shout outs this week?

[Brad] Shout out…

[Evan] It’s nice to have you back man. We’re very grateful for our listeners and we love hearing from you. Send us messages by email at unsecurity@protonmail.com or check us out on Twitter, @UnsecurityP.

If you wanna socialize with me or Brad directly, we dare you! I’m @evanfrancen, and Brad’s @BradNigh. We work for people and if you want to follow those people, SecurityStudio is @studiosecurity and FRSecure is @FRSecure.

That’s it, talk you all again next week!

The UNSECURITY Podcast – Episode 78 Show Notes – Working From Home

Keeping the show notes short again this week. It was another crazy week at FRSecure and SecurityStudio. We make progress towards our mission each and every day, regardless of COVID-19. Our mission is to fix the broken information security industry, which can be summed up by this statement:

Information security isn’t about information or security as much as it is about people.

When we help people, we help our industry. After all, would anyone care about information security is nobody suffered when things go wrong?

We’ll keep on trucking! We’re grateful for the people who put their trust in us and our credibility.

Let’s just get to it, episode 78 show notes below…


SHOW NOTES – Episode 78

Date: Monday, May 1st, 2020

Episode 78 Topics

  • Opening
  • Catching Up (as per usual)
  • Working from home
  • S2Me/S2Team
  • Listener Mail
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey guys and gals. Welcome to the UNSECURITY Podcast. This is episode 78, the date is May 4th, 2020, and I’m Evan Francen. With me today is my co-host, Brad Nigh. Good morning Brad!

[Brad] It is a good morning and Brad’ll be in a good mood for sure. Let’s see how he responds.

[Evan] Another good show planned for today, but before we jump in, let’s catch up. It’s sort of our usual thing to do about this time.

Catching Up

Quick discussion about some of the cool things we’re doing.

[Evan] We’ve been talking a lot lately about working remote or working from home. This has been a hot topic for some time, but since the COVID-19 outbreak, this is one of the top trending topics in the information security world. Let’s discuss another take on this, more of a future looking strategic perspective.

Working from home

Discussion about:

  1. What work from home looked like before COVID-19.
  2. What happened because of COVID-19.
  3. What the future looks like after COVID-19.

There are plenty of news articles about these topics and there’s no shortage of “expert” advice. Here’s just a few:

  • Is Working From Home The Future Of Work? – https://www.forbes.com/sites/nextavenue/2020/04/10/is-working-from-home-the-future-of-work/#4260c2c846b1“An early-April 2020 MIT survey of 25,000 American workers found that 34% of those who’d been employed four weeks earlier said they’re currently working from home. Combined with the roughly 15% who said they’d been working from home pre-COVID-19, that means nearly half the U.S. workforce might now be remote workers.”
    • “The Brookings Institution’s Katherine Guyot and Isabel V. Sawhill just wrote their take on remote work and COVID-19, calling the pandemic “among other things, a massive experiment in telecommuting.”
    • ‘In a March survey of HR execs by the Gartner IT research firm, 76% said the top employee complaint during the pandemic has been “concerns from managers about the productivity or engagement of their teams when remote.”’
    • “In Buffer.com’s9 State of Remote Report, 19% of remote workers called loneliness their biggest struggle with working from home and 17% cited collaborating and/or communication.”
  • Some May Work From Home Permanently After COVID-19: Gartner – https://www.crn.com/news/running-your-business/some-may-work-from-home-permanently-after-covid-19-gartner“Gartner last week released results from a March 30 survey of 317 CFOs and business finance leaders that found 74 percent of those surveyed expect at least 5 percent of their workforce who previously worked in company offices will become permanent work-from-home employees after the pandemic ends.”
    • “According to Gartner, about 25 percent of those surveyed expect 10 percent of their employees will remain remote, 17 percent expect 20 percent will remain remote, 4 percent expect 50 percent will remain remote, and 2 percent expect over 50 percent of employees now working from home to permanently work from home after the pandemic subsides.”
  • Working from home has a troubled history. Coronavirus is exposing its flaws again – https://www.theguardian.com/commentisfree/2020/apr/12/working-from-home-history-coronavirus-uk-lockdown“According to the Office for National Statistics, only 5% of the UK labour force worked mainly from home in 2019, but well over a quarter had some experience of home-working.”
    • “With all but key workers confined to their homes, the virtual office is now the new norm – a development that could prove to have far-reaching consequences.”
  • As working from home becomes more widespread, many say they don’t want to go back – https://www.cnbc.com/2020/04/24/as-working-from-home-becomes-more-widespread-many-say-they-dont-want-to-go-back.html“States of Play, a joint CNBC/Change Research survey of swing states, finds 42% of respondents nationwide saying they are working from home.”
    • “Once the economy reopens, 24% say they’d like to work either entirely or more from home compared to how they worked before, while 55% plan to head back to the office.”
    • “Some 60% report being either as productive or even more productive than they were working from the office.”

But what about information security?

There is no shortage of information security tips for people working from home. Just a small sampling:

A different approach – S2Me and S2Team

[Evan] In early 2019, SecurityStudio release its first version of S2Me. The S2Me was released (well ahead of COVID-19) to gauge people’s information security habits at home and S2Team was a way to share the results with an employer without violating privacy at home. Last week, SecurityStudio released version two of S2Me and I’d like to talk about all this.

  • What is S2Me?
  • What is S2Team?
  • How do S2Me and S2Team work together?
    • S2Me is a simple, personal information security risk analysis tool for use at home. S2Me helps people understand their risk related to security, privacy, and safety. Once these risks are understood, S2Me attempts to motivate people to build better information security habits at home.
    • S2Team is a collection of S2Me aggregated results to help organizations understand their employees information security habits. Organizations use S2Team to develop better, more personal information security training programs.
    • A couple of quotes from the “Introduction to S2Team and S2Me Topic Descriptions” draft document:
      • “The problem isn’t people. The problem is managing risk related to people.”
      • “People are creatures of habit. People will occasionally deviate from their habits, but habits are their default. Habits create peoples’ baseline and become nearly (or in some cases completely) involuntary.”
      • “People choose to form new habits because if they desire the positive outcome or because they fear a negative one.”
  • A quick peek into S2Me.
  • A quick peek into S2Team

[Evan] I think we’re on the right track, trying to help people build better information security habits at home where everyone ultimately benefits.

Listener Mail

[Evan] A loyal listener, one who got a shout out from me last week, Jason Dance, sent us this article that I thought was interesting and worthy of a brief discussion; It’s Not Just Zoom. Google Meet, Microsoft Teams, and Webex Have Privacy Issues, Too. – https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/

Brief discussion

[Evan] Alright, now some newsy things quick.

News

[Evan] It’s easy to find interesting things to talk about in our industry! Here’s a few that caught my attention:

Wrapping Up – Shout outs

[Evan] Wow. Lots of things. Well, episode 78 is almost in the can. Brad, got a shout out or two?

[Brad] Maybe he does, maybe he doesn’t…

[Evan] Here’s mine…

[Evan] Seriously, a huge thank you to our listeners! We love your encouragement and we don’t take your advice lightly. You’re all great! Keep the questions and feedback coming. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Have a great week!