Socializing Security

In this episode of Socializing Security, the hosts dive into the question of whether the cloud is safe. They discuss the evolution of cloud security, comparing it to on-premises solutions, and emphasize the importance of understanding the shared responsibility model between cloud providers and users. The conversation also covers different types of cloud services, compliance, and the significance of data control. Ultimately, they conclude that the cloud can be a safer option for data storage and management, provided users are informed and vigilant.And if you've ever wanted to know how The Chum Bucket and leaky buckets relate to cloud security, this is the episode for you.Chapters00:00 Introduction02:32 Understanding Cloud Security Practices09:25 Defining Cloud Types15:20 Shared Responsibility19:29 A SpongeBob Reference?20:08 You Still Need to Secure Data In The Cloud25:18 Pick Your Clouds Wisely29:03 Summarizing Cloud Safety31:52 Outro

Telemarketing compliance isn’t exactly the hottest topic in tech circles… but maybe it should be.In this episode, Milou and Brian sit down with Kevin Mayfield, Manager of Marketing Compliance at CompliancePoint, to dig into the often-overlooked world of do-not-call laws, TCPA risks, and the real impact of telemarketing rules on tech companies (yes, even yours). This episode breaks down what really gets companies in trouble with telemarketing—and what you can do to stay out of the spammy danger zone.We talk about:- Why marketing compliance is more high-risk than CAN-SPAM implies- What “do not call” really means (and why systems integration matters)- State-by-state surprises (looking at you, Virginia)- Why privacy and marketing compliance are merging fast- How compliance isn’t red tape—it’s proactive guardrailsIf you’ve ever wondered how many times you can legally call a customer before it’s a lawsuit—or why unsubscribe pages are getting increasingly complex—this one’s for you.Chapters00:00 Introduction to Telemarketing Compliance05:29 Proactive Compliance Strategies05:32 Introduction to Marketing Compliance08:45 The Role of a Compliance Consultant11:36 Understanding Marketing Compliance Challenges14:27 The Importance of Compliance in Telemarketing17:22 Navigating State and Federal Regulations20:40 The Impact of Private Right of Action23:39 Consumer Perspectives on Compliance29:29 International Compliance Considerations32:22 The Intersection of Privacy and Compliance44:05 Understanding Risk in Compliance

In this episode of Socializing Security, Brian goes SOLO for an episode and breaks down the complex world of cybersecurity, exploring how cyber warfare, espionage, and ransomware are reshaping the digital landscape. From real-world impacts of data breaches to the silent threat of cyber spies, we uncover why your personal security matters more than ever.Tune in as he discusses/rants about:- How ransomware works like a digital hostage crisis- The role of cyber espionage in stealing and manipulating sensitive data- Why everyday people are often the weakest link in information security- How cyber attacks can have serious, even life-threatening, consequences- What you can do today to protect your data and stay safe onlineIf you’ve ever wondered what’s really at stake when you hear about a breach or hack—this episode is your frontline briefing."You could be the first target. Prevention is key in cybersecurity."Chapters:00:00 Introduction to Cybersecurity Concepts01:28 Understanding Cyber Espionage08:34 The Rise of Ransomware18:03 Exploring Cyber Warfare27:33 The Role of Individuals in Cybersecurity

In this episode of Socializing Security, hosts Brian and Milou discuss the importance of cybersecurity in everyday technology use. They share insights on setting up new devices, the significance of encryption keys, and practical security practices for personal and work devices. The conversation highlights the challenges of modern technology and the need for effective security tools.LinksInnoTech Austin: https://www.innotechaustin.com/Chapters00:00 Introduction and Podcast Growth 03:25 Community Engagement and Feedback 09:29 Setting Up New Devices 13:24 Security Practices for New Devices 17:42 Device Encryption and Key Management 25:29 The Personal Security Calculus 34:43 Essential Security Tools 39:08 Navigating Communication in a Digital Age

In this episode, the hosts discuss the recent bankruptcy of 23andMe, exploring the implications for data privacy and genetic testing. They reflect on personal experiences with genetic testing, the risks associated with genetic material, and the ethical considerations surrounding consent and privacy. The conversation highlights the importance of regulation in data privacy, particularly in the context of GDPR and HIPAA. The hosts also emphasize the need for companies to build cyber resiliency and respond effectively to data breaches. Finally, they provide actionable steps for individuals to protect their data and navigate the fallout from the 23andMe situation.LinksE026 - Cyber Resilience: https://www.socializingsecurity.com/e/cyber-resilience | https://youtu.be/v5DGxcCHQjo Chapters 00:00 Introduction 02:48 The 23andMe Bankruptcy and Implications 08:26 Consent and Family Privacy in Genetic Testing 12:33 History of 23andMe 17:02 How Companies Respond to a Breach Matters 23:52 Regulatory Protections 28:48 23andMe Customer Action Plans 38:35 Closing 39:31 Outro

In this episode of Socializing Security, the hosts reflect on their recent experience at the HIMSS conference, discussing the importance of networking in the healthcare sector and the challenges of communicating cybersecurity concepts to medical professionals. They delve into the topic of ransomware, its implications for healthcare, and the need for better understanding among non-technical staff. The conversation also touches on cultural references to compliance and cybersecurity in popular media, emphasizing the significance of edge cases in data breaches.Links:NIST definition of ransomware: https://www.nist.gov/itl/smallbusinesscyber/guidance-topic/ransomwareIRAP Glossary: https://www.cyber.gov.au/learn-basics/view-resources/glossaryA Golden Girls commentary on healthcare: https://nursingclio.org/2018/09/25/golden-girls-chronic-fatigue-syndrome-and-the-legacies-of-hysteria/Previous episodes:Episode 21 - Fighting Security Monsters Through Psychology https://youtu.be/G1OASsJRDQc https://www.socializingsecurity.com/e/fighting-security-monsters-through-psychologyChapters00:00 Intro00:41 Reconnecting at HIMSS Conference05:07 Insights from HIMSS08:39 Communicating Cybersecurity and Compliance11:41 Ransomware in Healthcare16:52 Cybersecurity in Popular Culture23:34 Eye Opening Technology for Security27:59 Cybersecurity in Unexpected Places30:50 Bringing a Friend to Conferences36:11 Building Community in Cybersecurity

In this episode, Milou and Brian reflect on their podcasting journey, discussing the challenges and triumphs they've faced while building Socializing Security. They share insights on their personal experiences, the importance of guest interviews, and the logistics of accommodating guests. The hosts emphasize the value of networking and learning from industry professionals, while also addressing the security challenges they encounter in their daily lives. They express excitement for future topics and guests, including discussions on AI regulation and the evolving landscape of cybersecurity.Chapters00:00 Introduction 01:40 The Challenges of Building a Podcast 10:37 Exploring AI Regulation and Auditing Trends 24:49 Conclusion 26:24 Outro

In this episode of Socializing Security, Milou and Brian take a deep dive into the shifting landscape of digital privacy in 2025. With privacy concerns on the rise, they explore the growing adoption of secure communication tools like Signal and unpack the ethical dilemmas of information sharing in an increasingly connected world.From social engineering tactics to network security insights, they discuss the delicate balance between privacy and convenience—how much are we really willing to trade for digital ease? They also break down personally identifiable information (PII) and why even seemingly harmless data points can be powerful in the wrong hands.Beyond personal security, Milou and Brian emphasize the power of community engagement, sharing how everyday users can take control of their digital footprints and advocate for stronger privacy practices. Whether you're a cybersecurity pro or just starting your privacy journey, this episode delivers real-world strategies, eye-opening discussions, and actionable steps to help you navigate the evolving world of online security.💡 Listen into Part 2 and start taking back control of your digital privacy today!Don't forget to check out Part 1Chapters: 00:00 - Introduction & Recap02:00 - Ethical Hacking & Privacy Awareness04:30 - Understanding Privacy & Personally Identifiable Information (PII)07:00 - Data Brokers & The Risks of Location Tracking10:30 - Balancing Privacy with Convenience13:00 - Smart Home & Cloud Privacy Considerations17:00 - Network Security & Privacy Best Practices20:00 - Encouraging Privacy Conversations in Communities23:30 - Future Topics & Closing Remarks

In this episode of Socializing Security, Milou and Brian discuss the current state of privacy in 2025, emphasizing the resurgence of privacy concerns and the importance of secure communication. They explore the adoption of Signal as a secure messaging platform, its unique structure, and the ethical implications of information sharing. The conversation also delves into social engineering, networking insights, and the balance between privacy and connectivity in today's digital landscape. In this conversation, Milou and Brian explore various aspects of privacy, social engineering, and the importance of understanding personally identifiable information (PII). They discuss the ethical implications of social engineering, the significance of encryption in communication, and the impact of data privacy in everyday life. The dialogue emphasizes the need for community engagement and awareness regarding technology and privacy, highlighting the evolving nature of personal privacy in a digital age. 
Part 2 coming next week! Tune in!
Chapters: 
00:00 The State of Privacy in 2025
03:01 Adopting Signal for Secure Communication
06:02 Understanding Signal's Unique Structure
09:01 Social Engineering and Networking Insights
12:07 The Ethical Implications of Information Sharing
15:05 Navigating Privacy in a Connected World
26:19 Experiences and Perspectives on Access
27:11 Social Engineering and Ethical Considerations

Is the Fight for Privacy Still Alive? – A Special Look BackIn this special edition of Socializing Security, Milou takes listeners through Part 2 of a retrospective journey through 2024, revisiting one of the podcast’s most thought-provoking questions: Is there still really a fight for privacy?Inspired by a conversation with a CTO who claimed privacy was a lost battle and security had taken center stage, Milou reflects on the diverse perspectives shared by guests throughout the past year. This episode compiles compelling insights from the Socializing Network—a lineup of expert speakers who weighed in on whether privacy is still worth fighting for or if it has already been overshadowed by broader security concerns.With so many incredible voices and thought-provoking answers, this discussion is just the beginning.Chapters
00:38 Introduction
03:09 Revisiting the Key Question: is the fight for privacy dead?
04:11 Expert Opinions & Discussions
24:55 Closing Remarks: Milou responds to the question herself