UNSECURITY Podcast Episode 23 Show Notes

[My Notes (Evan)] <— tuple nested within a list, but my syntax sucks. 😉

Happy Saturday! Friday came and went before I could get this update done. It was good to spend the entire week at home (finally). Reconnecting with the people I love is refreshing for my soul. Had a great week! Hope you did too.

My happy place (see pic).

This was a crazy week. What week isn’t for someone who works in security?

The highlight in last week’s show (episode 22) was our discussion about dealing with toxic co-workers. I can’t tell you how grateful I am for the people I get to work with every day. You may think I’m exaggerating, but we have amazing people where I work; from top to bottom. 100% awesome.

It wasn’t always this way though. We’ve had some toxic employees and co-workers in our past. Today, we’re better off for having dealt with our issues head-on.

If you didn’t catch episode 22, check it out here.

We have a jam packed show planned today, so let’s get to it.

Episode 23

Date: Monday, April 15th, 2019

These are the notes we use to guide the discussion. These notes were written by me (Evan) this week. 

Today’s Topic(s): The FRSecure CISSP Mentor Program, Security Podcasting, and #100DaysofTruth

[Evan]: Hello listeners! Here we are, today is Monday, April 15th, 2019 and this is episode 23 of the Unsecurity podcast. I’m Evan Francen, and I’m your host for today’s show. Joining me is my favorite security pal, Brad Nigh. Say “Hi” Brad.

[Brad] Hi.

[Evan] How was your week last week? Give me at least two highlights and something you learned.

[Brad] He’ll say cool stuff because he’s Brad!

[Evan] Man, it was a great week. I worked a lot, probably a lot more than I should have, but I had a blast! Some of the highlights were:

• The CISSP Mentor Program (more on this later)
• Lunch with a CISO that I really respect.
• Launched the #100DaysofTruth campaign (more on this later)
• Made 5 out of 6 coffee meetings this week (explain quick)
• Wrote and sent my research survey (explain quick)

[Brad] More cool stuff because he’s still Brad!

[Evan] Alright, we’ve got some good topics for today’s show. So many things to choose from, but today I chose The FRSecure CISSP Mentor Program, Security Podcasting, and #100DaysofTruth. Let’s start with the FRSecure CISSP Mentor Program.

Open Discussion, the FRSecure CISSP Mentor Program

Notes: Kicked off, no technical issues, registrations, support, best one yet, I talk too much, etc.

Open Discussion, Security Podcasting

Hard to believe that this is already episode 23. We have made 23 consecutive weeks without missing one! That’s almost six months. Our listeners are rewarding us with their loyalty, and we’re VERY grateful. The show has grown steadily since our 1st recording, and we’ve both learned so much.

THANK YOU!

Notes: The start, the progression to today, where we go next (studio improvements, video, more guests, etc.), advice, what’s good/what’s not so good, etc.

Open Discussion, #100DaysofTruth

[Evan] Last Monday, I started a new campaign called #100DaysofTruth. Each day at 8:00am (Central), I post a new truth about information security. I post them on my Twitter and LinkedIn accounts.

Some of them are obvious, some of them aren’t. I hope to spur some good discussions and thought sharing. We’ll see. This past week’s truths were:

• Day One – Information security isn’t about information or security as much as it is about people.
• Day Two – Information security is a business issue, not an IT issue.
• Day Three – Data breaches are inevitable, no matter how good you are.
• Day Four – One of the best tells of a novice (or poor) security professional is their inability to put risk into context. 
• Day Five – You don’t need a degree to be awesome at information security.
• Day Six – Cybersecurity and information security are different things. – if you’re reading this before Saturday at 8am, you get the scoop.
• Day Seven – There’s a lot of snake oil for sale in the information security industry. – if you’re reading this before Saturday at 8am, you get the scoop.

Let’s talk about the #truth quick.

Now for some news… 

News

[Evan] You know I always appreciate your take on things Brad. Thank you.

[Brad] Words from the mouth of Brad.

[Evan] OK, news stuff. I want to start us off with something positive.

• Women Now Hold One-Quarter of Cybersecurity Jobs – https://www.darkreading.com/risk/women-now-hold-one-quarter-of-cybersecurity-jobs/d/d-id/1334319
• Homeland Security warns of security flaws in enterprise VPN apps  – https://techcrunch.com/2019/04/12/enterprise-security-flaws/
• Hackers publish personal data on thousands of US police officers and federal agents – https://techcrunch.com/2019/04/12/police-data-hack/
• Amazon Auditors Listen to Echo Recordings, Report Says – https://threatpost.com/amazon-auditors-listen-to-echo-recordings-report-says/143696/

We have plenty more news we could talk about, but you and I have some work to do today. We’re billable assets for crying out loud!

Closing

[Evan] What say you Brad? Give us wisdom.

[Brad] Brad imparts wisdom here.

[Evan] Don’t forget, you can follow me or Brad on Twitter; @evanfrancen and @BradNigh. Email us on the show at unsecurity@protonmail.com.

That’s it for episode 23. Have a great week everyone! Thank you and see you next week!