Crucial Tech

This week is a short one and a two-fer. ABC fired a long-time reporter for expressing an opinion on social media. One might be tempted to call it censorship and bowing to our weak and failing leader. But I understand the reason and took some time to explain it.But on a more positive note, I talked with Spencer Timmel of Safety National Insurance about the current retreat of the US government from securing the internet. He provides a refreshing idea that it might not be so bad.

Yes, AI is a problem in the hands of bad actors, especially when they use bots to automate brute force attacks on identity. There are also a ton of companies dedicated to protecting your identity to keep the bad guys from impersonating you and those you care about. One of those companies is Ping (no, not the guys that make the golf clubs). In a continuation of our series on bots, we talk with Peter Barker, chief product officer for Ping and what they are doing about AI-based attacks.

A few weeks ago I posted what was supposed to be an interview with Dale Hoak, CISO for RegScale, on understanding Zero Trust. Unfortunately, the audio was of yet another interview that I have to repost on a different subject. That's what comes from having to wrangle 50 hours of fecordings from the RSAC Conference along with follow ups/.So, I promise, this is the right one.

During @RSAC Conference in April I met with Matthew Gracey-McMinn, VP of Threat Services for Netacea and we talked about the damage malicious bots can do. His company is one of a handful of companies dedicated to protecting users against that threat, in particular media companies. It was a short conversation and I decided it was worth going into a bit more depth.

Physical authentication keys are a common trope in movies, TV and spy thrillers and they have been around for almost 20 years. But they are still hard to find in real life. We talked with Alex Summerer, head of authentication for Swissbit, which is a relatively new player in the field, headquartered in ...of course, Switzerland. Frankly, after talking with him I'm wondering why I haven't bought one of these things.

Still digging through dozens of hours of recordings and pages of notes from #RSAC_Conference last week. But while looking into the issue of bots, both good and bad, discovered a fairly recent story about how scammers use bots to steal financial ait. And as I always say, if I don't know about something, I know someone who does. So I called up an old friend, Craig Mosher, who teaches history and political science about what he has experienced with fake students and how to deal with them.

This was another exhausting #RSAC in San Francisco but I think I'm finally getting a handle on it. There will be more to come, but Bruce Schneier gave a keynote on Tuesday that I think bodes well for journalism.And we had a visit with our friend at Safety National Insurance, Spencer Timmel, about just how far insurance can cover cybersecurity wweaknesses.

This is a short episode previewing what I'll be doing at RSAC 2025 next week, kudos to the California Franchise Tax Board, and a how-to on working with the press.

There comes a moment in many abusive relationships, when observant friends encourage the abused party to leave the abuser.I consider myself a friend of the cybersecurity industry, aside from its bad marketing practices, I see it as important to the well-being of society worldwide. And that’s why I say now, it’s time to leave the federal government, at least for the next two years.The actions persecuting Chris Krebs and SentinelOne for merely for doing their jobs without political bias, demonstrate that no amount of money is worth working with the Trump administration.I spend much of the past week unsuccessfully trying to get members of the US cyber industry to comment publicly on this issue. I was able to get public comment from a few outside the country. Some of that can be found in my piece this week on Cyber Protection Magazine. This podcast is with one of the commenters, James Bore, a British cybersecurity consultant and speaker. He says what everyone is thinking.It’s time to divorce the orange git.

When it comes to polite discussion, there are two things you should never discuss: Politics and Religion. At the same time, most people would also rather not talk about insurance or data encryption. Well, I can’t say I’m all that polite, because that is exactly what this episode is about.The need for encryption on or data has never been more important, but msot of us don’t know what is or isn’t encrypted and that knowledge has a direct bearing on how much cybersecurity insurance might cost. So we sat down with Spencer Timmel, head of cybersecurity and technology insurance for Safety National, the primary sponsor for this podcast, and we discussed the unmentionable topics.