Socializing Security

In this episode, the hosts discuss the recent bankruptcy of 23andMe, exploring the implications for data privacy and genetic testing. They reflect on personal experiences with genetic testing, the risks associated with genetic material, and the ethical considerations surrounding consent and privacy. The conversation highlights the importance of regulation in data privacy, particularly in the context of GDPR and HIPAA. The hosts also emphasize the need for companies to build cyber resiliency and respond effectively to data breaches. Finally, they provide actionable steps for individuals to protect their data and navigate the fallout from the 23andMe situation.LinksE026 - Cyber Resilience: https://www.socializingsecurity.com/e/cyber-resilience | https://youtu.be/v5DGxcCHQjo Chapters 00:00 Introduction 02:48 The 23andMe Bankruptcy and Implications 08:26 Consent and Family Privacy in Genetic Testing 12:33 History of 23andMe 17:02 How Companies Respond to a Breach Matters 23:52 Regulatory Protections 28:48 23andMe Customer Action Plans 38:35 Closing 39:31 Outro

In this episode of Socializing Security, the hosts reflect on their recent experience at the HIMSS conference, discussing the importance of networking in the healthcare sector and the challenges of communicating cybersecurity concepts to medical professionals. They delve into the topic of ransomware, its implications for healthcare, and the need for better understanding among non-technical staff. The conversation also touches on cultural references to compliance and cybersecurity in popular media, emphasizing the significance of edge cases in data breaches.Links:NIST definition of ransomware: https://www.nist.gov/itl/smallbusinesscyber/guidance-topic/ransomwareIRAP Glossary: https://www.cyber.gov.au/learn-basics/view-resources/glossaryA Golden Girls commentary on healthcare: https://nursingclio.org/2018/09/25/golden-girls-chronic-fatigue-syndrome-and-the-legacies-of-hysteria/Previous episodes:Episode 21 - Fighting Security Monsters Through Psychology https://youtu.be/G1OASsJRDQc https://www.socializingsecurity.com/e/fighting-security-monsters-through-psychologyChapters00:00 Intro00:41 Reconnecting at HIMSS Conference05:07 Insights from HIMSS08:39 Communicating Cybersecurity and Compliance11:41 Ransomware in Healthcare16:52 Cybersecurity in Popular Culture23:34 Eye Opening Technology for Security27:59 Cybersecurity in Unexpected Places30:50 Bringing a Friend to Conferences36:11 Building Community in Cybersecurity

In this episode, Milou and Brian reflect on their podcasting journey, discussing the challenges and triumphs they've faced while building Socializing Security. They share insights on their personal experiences, the importance of guest interviews, and the logistics of accommodating guests. The hosts emphasize the value of networking and learning from industry professionals, while also addressing the security challenges they encounter in their daily lives. They express excitement for future topics and guests, including discussions on AI regulation and the evolving landscape of cybersecurity.Chapters00:00 Introduction 01:40 The Challenges of Building a Podcast 10:37 Exploring AI Regulation and Auditing Trends 24:49 Conclusion 26:24 Outro

In this episode of Socializing Security, Milou and Brian take a deep dive into the shifting landscape of digital privacy in 2025. With privacy concerns on the rise, they explore the growing adoption of secure communication tools like Signal and unpack the ethical dilemmas of information sharing in an increasingly connected world.From social engineering tactics to network security insights, they discuss the delicate balance between privacy and convenience—how much are we really willing to trade for digital ease? They also break down personally identifiable information (PII) and why even seemingly harmless data points can be powerful in the wrong hands.Beyond personal security, Milou and Brian emphasize the power of community engagement, sharing how everyday users can take control of their digital footprints and advocate for stronger privacy practices. Whether you're a cybersecurity pro or just starting your privacy journey, this episode delivers real-world strategies, eye-opening discussions, and actionable steps to help you navigate the evolving world of online security.💡 Listen into Part 2 and start taking back control of your digital privacy today!Don't forget to check out Part 1Chapters: 00:00 - Introduction & Recap02:00 - Ethical Hacking & Privacy Awareness04:30 - Understanding Privacy & Personally Identifiable Information (PII)07:00 - Data Brokers & The Risks of Location Tracking10:30 - Balancing Privacy with Convenience13:00 - Smart Home & Cloud Privacy Considerations17:00 - Network Security & Privacy Best Practices20:00 - Encouraging Privacy Conversations in Communities23:30 - Future Topics & Closing Remarks

In this episode of Socializing Security, Milou and Brian discuss the current state of privacy in 2025, emphasizing the resurgence of privacy concerns and the importance of secure communication. They explore the adoption of Signal as a secure messaging platform, its unique structure, and the ethical implications of information sharing. The conversation also delves into social engineering, networking insights, and the balance between privacy and connectivity in today's digital landscape. In this conversation, Milou and Brian explore various aspects of privacy, social engineering, and the importance of understanding personally identifiable information (PII). They discuss the ethical implications of social engineering, the significance of encryption in communication, and the impact of data privacy in everyday life. The dialogue emphasizes the need for community engagement and awareness regarding technology and privacy, highlighting the evolving nature of personal privacy in a digital age. 
Part 2 coming next week! Tune in!
Chapters: 
00:00 The State of Privacy in 2025
03:01 Adopting Signal for Secure Communication
06:02 Understanding Signal's Unique Structure
09:01 Social Engineering and Networking Insights
12:07 The Ethical Implications of Information Sharing
15:05 Navigating Privacy in a Connected World
26:19 Experiences and Perspectives on Access
27:11 Social Engineering and Ethical Considerations

Is the Fight for Privacy Still Alive? – A Special Look BackIn this special edition of Socializing Security, Milou takes listeners through Part 2 of a retrospective journey through 2024, revisiting one of the podcast’s most thought-provoking questions: Is there still really a fight for privacy?Inspired by a conversation with a CTO who claimed privacy was a lost battle and security had taken center stage, Milou reflects on the diverse perspectives shared by guests throughout the past year. This episode compiles compelling insights from the Socializing Network—a lineup of expert speakers who weighed in on whether privacy is still worth fighting for or if it has already been overshadowed by broader security concerns.With so many incredible voices and thought-provoking answers, this discussion is just the beginning.Chapters
00:38 Introduction
03:09 Revisiting the Key Question: is the fight for privacy dead?
04:11 Expert Opinions & Discussions
24:55 Closing Remarks: Milou responds to the question herself

Is the Fight for Privacy Still Alive? – A Special Look BackIn this special edition of Socializing Security, Milou takes listeners on a retrospective journey through 2024, revisiting one of the podcast’s most thought-provoking questions: Is there still really a fight for privacy?Inspired by a conversation with a CTO who claimed privacy was a lost battle and security had taken center stage, Milou reflects on the diverse perspectives shared by guests throughout the past year. This episode compiles compelling insights from the Socializing Network—a lineup of expert speakers who weighed in on whether privacy is still worth fighting for or if it has already been overshadowed by broader security concerns.With so many incredible voices and thought-provoking answers, this discussion is just the beginning. Stay tuned for Part Two next week, where even more industry leaders share their take on privacy in the modern era.Chapters00:00 Welcome to a Special Edition00:38 The Big Question: Is Privacy Still a Fight Worth Having?03:15 The Catalyst: A CTO’s Perspective on Privacy vs. Security08:42 Perspectives from the Socializing Network – Key Takeaways from 202418:30 The Evolution of Privacy Concerns in the Digital Age25:12 Why Some Believe the Fight is Over30:45 The Argument for Keeping Privacy at the Forefront36:20 Wrapping Up – What’s Next in 2025?

In this episode of Socializing Security, Milou and Brian take a step back to reflect on the rollercoaster that was 2024. From the explosive rise of generative AI to personal growth and the power of strong relationships, they unpack the biggest trends, challenges, and wins of the year.They dive into AI’s evolving role in security and privacy, debating whether it’s truly transformative or just another overhyped bubble. The conversation also gets personal as they share what they’ve learned from a year of podcasting—navigating adversity, balancing passion with sustainability, and the unexpected friendships formed along the way.They also get into why soft skills are a game-changer in cybersecurity, why going back to basics is still the best strategy for security programs, and what’s ahead for Socializing Security in 2025. It’s a candid, insightful, and (as always) fun conversation you won’t want to miss!Chapters00:00 Reflecting on 2024: A Year of Growth04:09 Generative AI: Boon or Bane?14:39 Personal Highlights and Relationships in 202419:58 The Journey of Podcasting22:26 Facing Adversity Together26:30 Learning from Challenges28:58 The Importance of Soft Skills31:45 Back to Basics in Cybersecurity36:29 Reflecting on Growth and Future Goals

In this episode, Bharat Jogi, Senior Director of Vulnerability and Threat Research at Qualys, discusses the intricacies of threat research, the growing landscape of vulnerabilities, and the importance of responsible disclosure. He emphasizes the need for curiosity and creativity in cybersecurity roles, the challenges of managing an influx of vulnerabilities, and the balance between privacy and security. Bharat also shares insights from Qualys' annual vulnerability report, highlighting the staggering number of CVEs and the need for effective vulnerability management strategies.Bharat Jogi on LinkedIn: https://www.linkedin.com/in/bharat-jogi-3a680b13Qualys Threat Research Unit: https://www.qualys.com/truregreSSHion vulnerability info: https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-serverChapters00:00 Intro00:38 Introduction to Threat Research04:39 The Role of Threat Researchers16:29 Responsible Disclosure and Communication23:24 Annual Reports and Industry Insights27:35 The Challenges of Patch Management34:31 The Balance of Privacy and Security39:37 Reflections48:15 Outro

In this episode, Nathanael Iverson, Chief Evangelist at Zentera, discusses the concept of Zero Trust in cybersecurity. He emphasizes the importance of incremental progress, understanding core principles, and the historical context of Zero Trust. The conversation explores the need for organizational change, executive support, and the business case for cybersecurity investments. Nathanael shares insights on identifying critical assets, risk management, and the journey of implementing Zero Trust effectively.Chapters00:00 Introduction to Nathanael Iverson and Chief Evangelism04:02 The History of Zero Trust07:54 Core Principles of Cybersecurity15:26 Incremental Approaches to Zero Trust Implementation19:13 The Value of Zero Trust24:39 The Zero Trust Journey30:36 Organizational Impacts of Zero Trust33:20 The Fight for Privacy vs. Security37:37 Reflections39:38 OutroNathanael on LinkedIn: https://www.linkedin.com/in/nathanaeliversen/Zentera: https://www.zentera.net