Data Security and Privacy with the Privacy Professor-logo

Data Security and Privacy with the Privacy Professor

Podcast Networks

There are more information security and privacy threats than ever before. As more technologies emerge, more surveillance tactics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands. Rebecca offers information about these existing and emerging security and privacy risks and provides fresh insights into the impacts of exploiting these risks, and gives guidance, tips, expert advice and news, with fascinating guests, to help all organizations, and the general public, understand what they need to do to mitigate these risks.

Location:

United States

Description:

There are more information security and privacy threats than ever before. As more technologies emerge, more surveillance tactics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands. Rebecca offers information about these existing and emerging security and privacy risks and provides fresh insights into the impacts of exploiting these risks, and gives guidance, tips, expert advice and news, with fascinating guests, to help all organizations, and the general public, understand what they need to do to mitigate these risks.

Language:

English


Episodes
Ask host to enable sharing for playback control

The History, Mystery, and Rise of AI at CornCon!

10/7/2023
Dr. John Johnson describes why he created the wildly popular cybersecurity conference, CornCon! It was first held in 2015, in Davenport, Iowa on the banks of the Mississippi River. He also describes the goals for the conference, how it is unique from others in offering a children’s hacking bootcamp, and a hacking contest for teens, along with two days of sessions and activities for professionals. Rebecca is also excited to be a speaker with her talk, “It’s Not Always a Rattlesnake Just Because It Rattles: Everything I Learned About Risk Management I Learned on the Farm,” and picks John’s brain to get some tips. Plus, a Bill Murray after-party…oh, yeah, we’re there! Please listen in! #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #PersonalData #Awareness #Education #Compliance #Law #JohnJohnson #CornCon #ProfessionalDevelopment

Duration:00:56:06

Ask host to enable sharing for playback control

Need More Privacy? Write the Privacy Law We All Need!

9/2/2023
Do you see a need for more privacy in certain areas of your life? Or within certain industries? Or throughout society? Well, don’t just sit there; get up offa that thing, and get that new privacy law drafted into a bill, and then passed into law! It’ll make you and everyone else who cares about privacy feel better, while also strengthening privacy protections. Want to know how? Tom Kemp, author of the newly released book, “Containing Big Tech: How to Protect Our Civil Rights, Economy, and Democracy,” is on the show to tell you how! . Please listen in! . . #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #PersonalData #Awareness #Education #Compliance #Law #TomKemp

Duration:00:57:27

Ask host to enable sharing for playback control

A Romance Scammer Took All My Dying Mother's Money

8/5/2023
April describes the horrific harms that romance scammers caused her mother while terminally ill with cancer, and Kathy describes the upcoming World Romance Scam Prevention Day that her organization established. A must-listen-to episode!

Duration:00:54:56

Ask host to enable sharing for playback control

GDPR Compliance Stats Everyone, Everywhere, Needs to Know!

7/1/2023
The EU General Data Protection Regulation (GDPR) has been in effect for 5 years now. What have been the impacts to organizations who must comply? What have been the penalties applied? And for what specific non-compliance issues? Which EU country has been most active in applying GDPR non-compliance penalties? Have there been any countries where no fines/penalties have been applied? What is the largest GDPR fine/penalty to date and to what entity was it applied? What was it for; which GDPR Article(s) were violated? Rebecca speaks with Tara Taubmann-Bassirian, a well-known GDPR expert and Privacy Hero of the Year award winner to get answers to these, and more questions. Please listen in! #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #GDPR #Compliance #EUPrivacy #PersonalData #Law

Duration:00:54:07

Ask host to enable sharing for playback control

Individuals & Businesses: Mitigate! Those! Risks!

6/3/2023
Everyone is at risk of cybercrime, privacy breaches, and associated physical risks. Individuals in their personal lives, as well as businesses and their employees within work areas…which are often in homes, and other locations outside of physical business facilities…are at risk. Each and every one of them needs to understand how to recognize information security and privacy risks, and basic ways to mitigate those identified risks. But most folks don’t know how to do this. More needs to be done to raise awareness of these important life-encompassing risks if we have any chance at all of slowing down and preventing security incidents and privacy breaches. We dedicate this episode to supporting that goal! In this episode Rebecca has a highly informative discussion with Ron Woerner, a noted international consultant, keynote speaker, teacher, blogger, and writer in the Privacy and Cybersecurity industry. The show starts with the inaugural episode of the new game show, “Mitigate! That! Risk!” Discussion then covers the following: • What are risks in personal lives, as opposed to in business? • What is risk management? • What has been the most significant change in risk management since Ron started his security and privacy career? • What has stayed the same for risk management since the beginning of Ron’s career? • What is zero trust, as it relates to risk management? • What is data centric security, as it relates to risk management? • And more… Please listen in! #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #RiskAssessment #RiskAnalysis

Duration:00:55:28

Ask host to enable sharing for playback control

IoT Stalking, IoT Jewelry, JuiceJacking, AI, CheckWashing & More!

5/6/2023
In this episode Rebecca continues answering a few more of the hundreds of questions she has received from listeners and readers throughout the past few months, covering a wide range of topics. Some of the questions include: • What happened to those men, bar owners, who were arrested for stalking a woman by using digital tracking devices there in Des Moines, Iowa? Did they go to prison? What laws apply? Hear Rebecca’s answers, in addition to other associated news and points about IoT trackers, and how to identify if they are stalking you. • The FBI and FCC recently warned that those free USB charging stations in public spaces, such as airports, hotels, hospitals, etc., can have devices hidden within them to steal data, spread malware, etc. Didn’t you discuss this in a previous episode? What are some other ways to prevent such skimmers from stealing data? What other harms can result from such skimmers and modified charging cords? Rebecca answers these, and provides some additional helpful information for this threat. • A family member was a victim of check washing! Are there any more tips you have about how to prevent check washing that you can provide in addition to those your described in your December 2022 Privacy Professor Tips message? • I received a pretty “smart” necklace for Hanukkah that, if you press the button on the charm twice, texts and GPS location will immediately be sent to up to five friends/family members to let them know help is needed. With an option to also contact 911. It sounds like it could be extremely privacy-invasive. What tips do you have for me to use this in a secure, privacy-protecting way? Rebecca provides several suggestions, along with a real-life case of IoT being used to track down an assault victim. • Do you think AI and ML will help to reduce financial cybercrime or make it worse? Rebecca’s answer may surprise you! • And more… Rebecca provides answers that all listeners, anywhere in the world, can use. #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #Spam #Spoofing #Dobbs #DobbsLeak #Government Security #IoT #IoTSecurity #IoTPrivacy #LocationTrackers #IoTAssaults #IoTCrime #AI #ArtificialIntelligence #ML #MachineLearning #CheckWashing #StalkingLaws #CyberStalking #USBSkimmers #JuiceJacking #Malware

Duration:00:55:05

Ask host to enable sharing for playback control

AI Challenges & Risks: Security, Privacy, Bias & Ethics

4/1/2023
AI has quickly become pervasive in all our lives. But, how can it impact us? Consider a couple of examples. Lensa is an app that takes real photos and uses AI to make art images from them. Millions have used it. Others are concerned about the related privacy and intellectual property rights problems it creates. Lensa uses a huge open-source collection of data to train its AI that contains than 5 billion publicly accessible images that it categorizes as “research.” However, it not only includes copyrighted work, but also personal medical records and images, as well as disturbing images of violence and sexual abuse, many from police reports. This creates privacy, copyright and other intellectual property rights, legal and compliance concerns. Another AI tool, ChatGPT, surpassed 100 million users early in 2023 and is creating a large and growing number of concerns about security, privacy, intellectual property and legal risks. Use of artificial intelligence (AI) is predicted to grow by more than 25% each year for the next five years and could contribute over $15 trillion to the global economy by 2030. Many questions need to be answered about AI! Listen in to hear my conversation with Pamela Gupta about a wide range of AI issues. • Who is ensuring the AI algorithms are secure? And accurate? • What happens if someone’s private photos show up incorporated into an AI generated image? • What are the privacy risks? • What are the security risks? • What are the ethical considerations for AI use? • What are the dangers of biased AI? • What are the “Essential Trusted AI Pillars”? Pamela answers these and many more questions. See more about Pamela Gupta at https://www.outsecure.com/. #PamelaGupta #AI #ArtificialIntelligence #ChatGPT #Lensa #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #Cybercriminals

Duration:00:57:01

Ask host to enable sharing for playback control

“Romance Scammers Have Used My Photos Since 2016”

3/4/2023
Bryan Denny served as an officer in the U.S. Army for 26 years. In 2016, Bryan’s photos were stolen and used to build thousands of fake profiles. Kathy Waters has logged over 4,000 volunteer hours helping those like Bryan Denny whose identity has been stolen, as well as the women and men who have fallen victim to the scammers. Each day new headlines report the financial and emotional destruction that romance scammers wreak on their victims’ lives, who include both the targeted victims of the scams, and those whose images are used by the criminals to commit the crimes. Listen in to hear my riveting conversation with Bryan Denny and Kathy Waters as they describe the vast amount of damage romance scammers are increasingly causing. • How did Bryan discover his identity was being used for romance scams? • How did Kathy get involved with helping hundreds of romance scam victims? • What tactics do romance scammers use? • What are some of the real-life experiences of romance scam victims? • Why are romance scammers so successful with their crimes? • How can you spot a likely romance scammer? • To what groups, agencies, etc. should romance scammers be reported? Kathy and Bryan answer these and many more questions. See more about Kathy Waters and Bryan Denny at https://advocatingforu.com/meet-the-board #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #IDTheft #IdentityTheft #IDFraud #IdentityFraud #Cybercriminals #RomanceScams #ScamVictims

Duration:00:54:41

Ask host to enable sharing for playback control

Dobbs Leak, Airtags, Spam, Spoofed Email, & Data Privacy Day!

2/4/2023
It has been almost three years since Rebecca has done a show answering listener questions; it is time she did another one! In this episode she answers a wide range of questions. Some of the questions include: • Why are location trackers (Apple Airtag, Tile, etc.) bad from a privacy perspective? They aren’t even sending any personal information; just location. Should they be outlawed if they are actually bad? Listen in to hear not only her answer, but how she explains what engineers need to consider in the design of these, and other types of, IoT products. • How do you think the Dobbs decision was leaked last year from the US Supreme Court? Rebecca provides some insightful theories that have not yet been discussed anywhere else! • Some spam blockers, like AOL spam blocker, are not effective against email addresses. How can more email spam be blocked? Rebecca provides some good advice in response. • How can spoofed emails be prevented? Everyone needs to hear Rebecca’s answer to this. • Should spoofed emails be reported? To where? Rebecca provides answers that all listeners, anywhere in the world, can use. Listen in to hear the answers to these, and more, questions. #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #Spam #Spoofing #Dobbs #DobbsLeak #Government Security #IoT #IoTSecurity #IoTPrivacy #LocationTrackers #IoTAssaults #IoTCrime

Duration:00:53:56

Ask host to enable sharing for playback control

A Cybersecurity Expert’s Real Life Identity Theft Experience

1/7/2023
Everyone is a target for identity thieves. Even the most brilliant cybersecurity and privacy experts. Why? One significant reason is because when those organizations and individuals who possess and use your personal data do not effectively secure that data, they leave it vulnerable, leaving YOU at the mercy of cybercrooks. Listen in to hear my riveting conversation with Christine Abruzzi, cybersecurity expert with 30 years of experience, and owner of Cacapon Cyber Solutions describe her current real-life experiences in helping a family member who is an identity theft victim. • What tipped them off that something was wrong? • How they first react and respond? • How did this identity theft situation occur? • What actions are they taking to clean up the victim’s credit files? • What are the lessons learned? • How can listeners protect themselves, family and friends from being identity theft and fraud victims? Christine answers these and many more questions. See more about Christine at https://www.linkedin.com/in/christine-abruzzi-738aa913/ See the identity theft & fraud resource list mentioned during the show at https://privacysecuritybrainiacs.com/privacy-professor-blog/ It will be posted on 1/7/2023 #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #IDTheft #IdentityTheft #IDFraud #IdentityFraud

Duration:00:55:41

Ask host to enable sharing for playback control

Privacy & Cybersecurity for Your Life During the Holidays

12/3/2022
Are you armed with the privacy and security knowledge and awareness necessary to identify all the holiday scams and cybercrooks that emerge and try not only new scams and crimes, but also all the same scams and crimes that have proven to be effective year after year for decades? Are you prepared to help those to whom you give tech gifts so that they use them in the most secure and privacy-protecting way possible? Can you secure those tech gadgets that you receive as gifts to keep the hackers from accessing them and using them to steal your money or commit identity fraud to basically steal your life? You all need to maintain a high-level of awareness and knowledge about privacy and cybersecurity for your life during the holidays. Listen in to hear my conversation with two cybersecurity and privacy experts answer these and many more questions. Cheryl Jackson and Todd Fitzgerald have spent their entire careers dedicated to educating and raising the awareness of security and privacy issues for their co-workers, clients and the general public. Todd and Cheryl also share a huge amount of information about awareness events and education they’ve provided over the years, including those that were huge successes, and a few they were not so successful, and describe why. Please tune in! #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #HolidayScams #PersonalData #Awareness #Education

Duration:00:54:58

Ask host to enable sharing for playback control

Let’s Stop the Robocall Scammers!

11/5/2022
Everyone is inundated with robocalls! Many of them are legitimate, such as those providing notifications about environmental threats such as hurricanes and tornadoes. And those giving alerts about missing persons. And there are many others that are legal, but can still be quite annoying, such as from political candidates. There are also increasingly more robocalls that are used to commit scams and a wide range of crimes. Security expert Ben Rothke is fed up with all these robocall scammers! Ben has been researching this longtime, and constantly evolving scam for many years. In fact, he has amassed over 100 recorded scam calls that he provides to the public to raise their awareness for identifying these scammers. During this episode Ben describes many different ways that robocalls are used to commit crimes. Such as for spreading ransomware, gaining access to bank and other types of financial accounts, tricking people into buying high-dollar items, or for compelling the targeted robocall victims to send the crooks money. Listen in to hear Ben discuss these and many more different types of robocall crimes, and the tactics used. Mr. Rothke will also describe the overall problem, the security and privacy risks that they can bring, and what needs to be done to get rid of this scourge. Please tune in! #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #RoboCalls #RobocallCrimes #RoboCallScams #PersonalData #Awareness

Duration:00:56:33

Ask host to enable sharing for playback control

“Wacky Tobaccy” Laws, Privacy & Security!

10/1/2022
At this time in our current enlightened period in history, we're actually not enlightened with regard to cannabis benefits, medicinal uses, how to debunk disinformation that has been being spread since the 1930s, and how to protect the privacy of cannabis users, as well as their associated personal data, and the business data of the dispensaries. Have you used cannabis, of any kind in any form? Have any of your family members or friends? For recreation and/or for medicinal purposes? Do you know how or if the associated data you provided to the dispensaries was protected, shared, and used? At least 38 U.S. states, along with Washington, D.C. and 16 US territories, have legalized cannabis of some type, in some way. Want to hear which ones? Do you know which of these laws include requirements for privacy and/or data security? Do you know the current status of federal regulations for cannabis legalization? Including how HIPAA may or may not apply? Do you know what the difference is between cannabis, medical cannabis and marijuana, if any? What about the differences between CBD and THC? Do you know the medical benefits of cannabis? Do you know the ways in which the cannabis dispensaries put your data at risk? And your privacy at risk? Were you aware of the recent data privacy breaches at cannabis dispensaries? Or, about a huge security flaw that allowed 85,000 cannabis dispensary customers’ personal data to be searchable and viewable online, by anyone? Do you realize the harms that could occur to those whose personal data and associated cannabis purchasing history and related details were obtained by others? Or, if even just the financial data of a cannabis store was breached and used by competitors? Hint: They are significant! Popular guest and medical cannabis security and privacy expert Michelle Dumay returns for this fourth in a series of shows about current cannabis laws and regulations, personal data privacy and security risks involved with in-person and online sales, and provides some wise advice for all these issues. Please tune in to hear this enlightening discussion! #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #MedicalCannabis #Cannabis #Laws #Marijuana #WackyTobaccy #Dispensaries #Breach #PersonalData #HIPAA #CBD #THC

Duration:00:56:34

Ask host to enable sharing for playback control

Action is Necessary to Improve Voting & Elections Security!

9/3/2022
Many claims have been, and still are being, made about elections and voting security, more than ever since the 2020 election. Some claim there was widespread “voting fraud.” While no process or technology, of any kind for any purpose, is 100% secure, the 2020 general elections were determined through audits and assessments by dedicated elections workers, federal and state civil servants, and cybersecurity experts, to have been the most secure in history, based on the combined results of over a thousand audits and risk assessments. However, as misinformation grows, and increasingly more types of voting devices are used, elections officials must ensure security is continually be monitored, updated and improved to address newly discovered vulnerabilities and threats. Here are some facts important to know up front: Voting machine equipment, standards and procedures vary greatly from state to state, and even county to county. And, there is great diversity in the types and ages of the over 100,000 voting machines used throughout the U.S. These facts make it necessary to perform ongoing review and assessment of voting machines and procedures physical security, cyber security, and procedural security. Just a few key issues that must be considered for elections and voting technology security include: • How widely are voting security standards used by the over 100,000 polling locations throughout the U.S.? Who provides oversight of this? • Who are “insiders” within the election and voting ecosystem? And, what types of insider threats exist that need to be addressed? • Is the internet a threat vector to voting systems? Are the voting systems ever connected to the internet? • In what ways are voting procedures throughout the states and territories different? Would committing widespread fraud be possible? • What are actions can elections officials and workers take to better protect voting systems, and the full elections process? • Where can U.S. states and territories obtain help to strengthen the security of the technologies, activities and physical components of the elections systems? Listen in to hear Marci Andino, the Sr Director, Elections Infrastructure Information Sharing & Analysis Center (EI-ISAC) at Center for Internet Security, answer these questions, and more! #Cybersecurity #Privacy #RiskManagement #Education #MarciAndino #CISecurity #Voting #Elections #Democracy #VotingSecurity #ElectionsSecurity

Duration:00:54:41

Ask host to enable sharing for playback control

Secure Coding Fixes the Top 25 Most Dangerous Software Weaknesses

8/6/2022
In the news every day are security incidents and privacy breaches caused by software programming errors, sloppy practices, lack of sufficient testing, and many other engineering-, coding-, and programming-related reasons. This has been progressively getting worse for the past 40, 50 years as technology has been proliferating, along with code, and different programming languages. Case in point: At the root of most Zero Day exploits is unsecure software code, created by programmers and coders who did not create the code to be secure to begin with. For the past several years the US Cybersecurity and Infrastructure Security Agency (CISA), has published their Top 25 Most Dangerous Software Weaknesses list. When looking at this list, it is clear that most, if not all, are a result of poor coding practices. A lack of secure coding! These software weaknesses are getting worse, not better, as time goes on! Listen to this episode to hear expert, pioneer, current practitioner and thought-leader for software security, Dr. Mich Kabay, discuss many of real-life examples of poor coding that have resulted in problems, incidents and breaches, occurring long ago and up through those that are still occurring today. And, hear how code can be made more secure. We will also go through as many of the CISA top 25 dangerous software weaknesses as time allows to point out the coding errors and problems that made the software weak, unsecure, and dangerous. All software engineers, programmers and coders do not need to be cybersecurity experts. However, all of them *DO* need to be experts in secure coding and the applicable security and privacy standards involved in the software development life cycle (SDLC). #SecureCoding #Cybersecurity #Privacy #RiskManagement #Education #MichKabay #ZeroDay #SDLC

Duration:00:54:52

Ask host to enable sharing for playback control

IoT Data Creates Frankenstein Profiles Claiming to Be You

7/2/2022
There are an estimated 20 – 30 billion “smart” internet of things (IoT) devices currently used in the world. Most of them are listening devices, meaning everything heard within the vicinity of the device is sent to cloud systems, analyzed, and actions are taken. This number is projected to increase to 75 – 100 billion by 2025. This data and results of artificial analysis (AI) using the words and conversations of people, and sounds, in the vicinity of the device are sent to numerous, sometimes thousands, of other third parties who then perform their own data AI and take even more actions. In most cases profiles about the individuals are made using the IoT data and AI results that are used for making many assumptions about, then taking activities impacting, the associated individuals. Targeted marketing. Loan rates and approvals. Health determinations. Deciding who is a good or bad parent. Identifying pregnancies. The list is unlimited. Even real-life activities described in science fiction, such as determining those who, in the future, are likely to commit crimes, likely to get a disease, or likely to have some other significant impact. These projections are also sent to numerous entities. Those can include law enforcement, government agencies, home owners associations, political campaigns, marketers (of course!), and many others. Even ransomware gangs and other criminals are using these digital profiles to target their victims. Wait, it gets worse! Around 10% - 25% of AI results are incorrect. And when considering people of color, this number increases, due to continuing problems with bias in AI. That translates to 2 – 7.5 billion current devices sending data about those in the vicinity of the devices, who then are having erroneous profiles made about them. And, possibly actions are being taken that will harm them in some way as a result. Digital personas that are Frankenstein creations resulting from often faulty AI resulting from the use of audio voices of others, and sounds around you! In this episode, Dr. Joseph Turow, author of “The Voice Catchers: How Marketers Listen In to Exploit Your Feelings, Your Privacy, and Your Wallet,” discusses his in-depth and insightful research into this topic. Dr. Turow also provides many examples, and also provides some very good advice. Please join us for a very interesting and informative discussion! #IoT #IoTPrivacy #IoTSecurity #Stalkerware #JosephTurow #TheVoiceCatchers #VoiceAnalysis #Surveillance #AI #PersonalData #MonetizingPeople

Duration:00:53:57

Ask host to enable sharing for playback control

Catching KGB Hackers with 75¢ and a 2400 Baud Modem

6/4/2022
Nation state hackers have been trying to get into the secrets stored on computers for decades. The Russian KGB has been trying, and often succeeding, to hack into computer systems before there was a publicly accessible internet; back when the Arpanet was used primarily to connect university and government computer systems. Do you know who caught the KGB in the act of their hacking activities within these computer systems when no one else, not even the FBI or the military, was interested in finding a hacker that was getting into some of the Arpanet connected computers? Why, an astronomer, of course! Tune in to hear Dr. Clifford Stoll describe in great detail how he caught the KGB hackers, without the use of network security tools (what has been used during the past thirty years didn’t exist back then!), using his brilliance and other tools available to him at the time, such as dial-up phone line modems and reams of paper printouts. Through his perseverance and patience, he was able to catch the hackers. Dr. Stoll wrote the book, The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage, in 1989 which provides his first-person account of his hackers-catching odyssey. A 1990 PBS documentary, “The KGB, the Computer, and Me,” provided additional information. In this episode we cover additional facts about the hack, that include more discussion of the technical and security perspectives, still applicable, and some of the specific work that Dr. Stoll did during his tracking of the wily hackers, that actually seem to have inspired some of the tools commonly used by cybersecurity pros today…that they probably don’t even realize were first established by Clifford Stoll! We also hear Dr. Stoll’s thoughts about cybersecurity, education, technology, the importance of asking questions and curiosity, the polarimetry of Jupiter at large phase angles, Klein bottles, and much, much more. See more about Clifford Stoll at https://www.ted.com/speakers/clifford_stoll. See Dr. Stoll’s paper, “Polarimetry of Jupiter at Large Phase Angles” at https://repository.arizona.edu/bitstream/handle/10150/282394/azu_td_8020326_sip1_m.pdf?sequence=1&isAllowed=y #CliffordStoll #TheCuckoosEgg #KGB #Hacking #NationState #CyberEspionage #HoneyPots #DigitalSpying #RiskManagement #CyberCrime #CyberSecurity

Duration:00:55:36

Ask host to enable sharing for playback control

How Stalkers & Assaulters Track & Find Victims with IoT Tech

5/7/2022
Assaulters and stalkers are increasingly using technologies to target, surveil, and attack their victims. IoT tech in particular is increasingly being used. • What types of IoT tech are being used to track down and ultimately attack the targeted victims? • What types of popular, tiny, inexpensive IoT devices are increasingly used by assaulters and stalkers for surveilling and then tracking down victims to abuse and assault? • In what ways are a variety of different types of IoT tech devices being used for these nefarious purposes? • How common are these types of attacks where IoT is used to facilitate these crimes? • In what ways do IoT devices provide a sense of false security, that then actually makes weaponizing them to commit crimes easier? • Why don’t more of the victims know that their IoT devices are being used by abusers and stalkers to track them down? • What aren’t there more publicized criminal court cases for these incidents where IoT tech was used to facilitate attacks on the targeted victims? • What can people do to keep from being victims of assaults through the IoT devices they use? Tune in to hear Adam Dodge, founder of Ending Technology-Enabled Abuse (EndTAB), provide answers to these and many more questions, along with valuable insights and advice. See more about Adam Dodge at https://endtab.org/about-hayden #IoT #IoTPrivacy #IoTSecurity #DomesticAbuse #AdamDodge #EndTAB #AirTags #Stalkerware #DigitalLiteracyAgainstDigitalViolence

Duration:00:51:18

Ask host to enable sharing for playback control

What Do UNIX, Linux & Dirty Pipe Have in Common? Listen To Hear!

4/2/2022
A lot of news has been released lately about the Dirty Pipe vulnerability in the Linux OS. How is this related to UNIX? Listen in to hear Rik Farrow, the world’s most experienced and knowledgeable expert on UNIX and Linux, explain! Rik will provide his advice about careers in UNIX and Linux security, and answer a wide range of questions Rebecca has received from listeners about these topics. A few of the questions covered include: • How many versions of UNIX are there? • What makes Linux different than UNIX? • Which has more security capabilities; UNIX, Linux, Windows, Android or iOS? • How many web servers run UNIX? Or Linux? Why? • Basically, what is the Dirty Pipe vulnerability? • What types of devices are impacted by Dirty Pipe? • How to avoid being a victim of the Dirty Pipe exploit? • What about running shell scripts? Can that be done securely? Tune in to hear Rik provide valuable insights to these and many more questions. See more about Rik Farrow at http://rikfarrow.com/about/ #UNIX #Linux #DirtyPipe #Cybersecurity #PersonalData #RiskManagement #Privacy #TechCareers #SecurityCareers

Duration:00:55:00

Ask host to enable sharing for playback control

Transportation Cybersecurity & Privacy: Highway to Digital Hell?

3/5/2022
There have been many reports about over-the-road trucking delays causing problems throughout the full supply chain and delaying deliveries of critical products throughout all industries. However, what about the cybersecurity and privacy risks within the transportation industry? There has been little, if any, thoughtful public discussion of the wide range of surface transportation cybersecurity and privacy risks. Cybersecurity vulnerabilities could cause many more disruptions within this critical part of infrastructures within all countries! And privacy risks within the transit system are many, but usually not recognized. These weaknesses and vulnerabilities could be exploited in ways that cause a vast array of significant harms. Hear the world’s most experienced expert in transportation cybersecurity and privacy, David Elfering, discuss the issues in this episode. We will cover: • The largest cybersecurity risks within over-the-road trucking/transit systems and supporting physical structures • The greatest privacy risks within the transportation industry • The complexity of the systems used within all components of the transportation industry, including the widespread and increasing use of IoT throughout, which also increases risks • The risks that third parties and othats within the supply chain bring to the transportation industry • Some significant cybersecurity and privacy risks and challenges with personnel in the transportation industry, that are not found in most other industries. See more about David Elfering at his LinkedIn page: https://www.linkedin.com/in/aroundomaha/ #Transportation #TransportationRisks #Cybersecurity #PersonalData #RiskManagement #Privacy #TruckingRisks #CriticalInfrastructure

Duration:00:55:01