Logo
    Search

    Ep 22: Mini-Stories: Vol 1

    en-usSeptember 15, 2018

    Podcast Summary

    • Paying Attention to Details in Information SecurityIn the security industry, overlooking important details can have dire consequences. Double-checking and paying attention to even the smallest details can prevent unnecessary and accidental hacks.

      This episode of Darknet Diaries includes shorter stories about different cyber security experiences, including a story from Rob Fuller (Mubix) about a routine penetration test with an unexpected twist. The team was trying to hack into a widget company's server, but the website and company information seemed off. Despite a cookie-cutter approach, they discovered the wrong servers and ended up hacking into Coca-Cola instead. This story highlights the importance of paying attention to details and double-checking before starting a task, especially in the information security industry where one mistake can have huge consequences.

    • The Importance of Strong Network Security Measures and Unique Passwords for CompaniesPenetration testing can identify vulnerabilities that can lead to unauthorized access. Strong security measures and unique passwords are crucial to prevent potential damage to a company's sensitive information and products.

      Penetration testing can identify vulnerabilities in a company's network and systems, allowing for malicious actors to gain unauthorized access. Remote code execution and command injection can lead to the installation of tools like Meterpreter, giving attackers control over the system. It is important for companies to have strong security measures in place and unique passwords for different systems to prevent unauthorized access. Without proper security measures in place, attackers can gain access to sensitive information, including emails and code for new products, and cause significant damage to the company.

    • Importance of Attention to Detail in Penetration TestingDouble-check details from clients to prevent accidental unauthorized access. Ensure a robust security protocol to mitigate legal and financial consequences, protecting confidential information from cyber threats.

      Before conducting penetration testing, it's important to double-check all details provided by the client to avoid breaking into another company accidentally. Meticulous planning and attention to detail are paramount to prevent unauthorized access and ensure the privacy and security of confidential information of other companies. Conducting penetration testing without proper authorization can lead to legal and financial consequences. It's crucial to handle such errors with immediate and appropriate measures, including getting in touch with insurance and legal teams, to mitigate potential losses and liability. Companies should build robust security protocols and practices to protect their critical systems and information from unauthorized access and cyber threats.

    • The Serendipitous Outcome of a Penetration TestProperly vetting vendors, providing accurate information, and thoroughly examining IP ranges can lead to surprising positive outcomes and potentially avert lawsuits.

      Penetration testing can lead to unexpected outcomes. A company that was broken into was surprisingly pleased with the result, eventually becoming a regular client. Testing can help companies identify and solve security problems, but it's important for them to properly vet their vendors and provide accurate information. For pen testers, it's crucial to thoroughly examine IP ranges and do due diligence. Serendipity played a role in this story, with the name and activity of the accidentally targeted company being so similar to the intended target's. However, this turned out to be a fortunate mistake that helped the tester gain a new client and potentially avert a lawsuit.

    • Hackers Can Mine Cryptocurrency Through Small-Scale Wind FarmsRenewable energy companies should safeguard their IT infrastructure against cyber attacks and monitor their networks for suspicious behavior to prevent potential losses. Incident response teams must be vigilant in detecting such attacks on the affected computers.

      Hackers can compromise computers in small-scale wind farms to mine cryptocurrencies like Bitcoin. The affected computers may not exhibit any obvious signs of malicious activity and could patch themselves autonomously. An incident response team may need to investigate the network and look for abnormal behavior to detect such attacks. Since these wind turbines aren't connected to the electric grid and don't operate like conventional utilities, they are vulnerable to attacks from hackers. Companies operating in the renewable energy sector and other similar niche domains should be proactive in securing their IT infrastructure and monitoring their networks for suspicious activities to prevent losses from cyber attacks.

    • Small companies take big risks with cyberattacksEven small companies may make risky decisions when it comes to cyberattacks, ignoring the potential consequences even when they know the risks. It's important to prioritize cybersecurity measures to minimize potential threats.

      In a small junior company, even though the IT department had a slow patch cycle, the business leaders decided to let the adversary stay but just put some additional monitoring in place since they were affected and had deployed patches across the environment. This decision was made although they knew the risk that they don't know what else the IP connections would be used for and that when they eventually make a mistake, all that risk is completely on them. The operations team decided to let the hacker stay on the systems and mine the Bitcoin even though industrial operators in industrial control environments wouldn't allow it. This is not a common practice but it shows that even small companies may make risky decisions.

    • How Attending Defcon Led to a Passion for Social EngineeringAttending conferences like Defcon and participating in contests can open doors to unexpected opportunities and experiences, leading to new passions and connections in the industry.

      Attending Defcon, the largest hacker conference in the world, can lead to life-changing experiences. Learning about social engineering at the conference led Snow to a newfound passion for it. She competed in the social engineering village contest for three years and won the Black Badge at Defcon 22. This win opened doors for her, and people in the audience who saw her perform came up to her asking if she would work for their companies. Attending conferences and meeting new people can lead to opportunities and experiences you never thought possible.

    • The Importance of Social Engineering Tests in Company Security Assessments.Social engineering tests are an important tool for companies to assess their security by detecting vulnerabilities in their employees' behavior. These tests also help educate employees on security measures and the importance of being vigilant.

      Social engineering tests are becoming increasingly popular in order to assess the security of companies by testing their weakest link - their employees. Such tests can also serve as an opportunity to teach them how to be safer. The main security controls tested are physical security, phishing, vishing, and open-source intelligence gathering. However, while testing security in a brand-new European headquarters building, the tester found difficulty in getting into the building due to stringent security measures. The challenge was to blend in and get onto the floors without being detected, but the tester's cover was blown when the receptionist at the entrance kicked them out. Despite the challenge, social engineering tests are crucial for companies to ensure the safety of their assets.

    • Importance of Physical Security and Risks of Social Engineering TacticsCompanies need to implement strict security measures and educate employees about the dangers of social engineering to prevent unauthorized access to sensitive information.

      The man faked his identity and used his social engineering skills to gain access to a building in order to gather investor information. He pretended to be an investor relations manager and successfully convinced the receptionist to help him out. He was able to obtain a tour of the building and gather information from the facility manager. This shows the importance of physical security in a building and the dangers of social engineering tactics. Companies should implement strict security measures to prevent unauthorized access and educate their employees about the risks of social engineering.

    • How Simple Tactics can Exploit Vulnerabilities in Building's Security SystemCompanies must double-check credentials, avoid strangers tailgating, and always verify strange calls. Remember Ronald Reagan's maxim of 'trust but verify' while dealing with suspicious situations to prevent severe security breaches.

      Social engineering is a common test for companies, and this story showcases how easily attackers can exploit vulnerabilities in a building's security system through simple tactics like lying or spoofing phone numbers. Companies should double-check credentials, avoid letting strangers tailgate into a building, and always verify strange calls by contacting the person back or emailing them to confirm. Ronald Reagan's Russian maxim of 'doveryai, no proveryai' (trust but verify) should always be kept in mind while dealing with suspicious situations. Such simple precautions can prevent severe security breaches, especially for companies with sensitive data and expensive equipment.

    Recent Episodes from Darknet Diaries

    146: ANOM

    146: ANOM

    In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.

    This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.

    Darknet Diaries
    en-usJune 04, 2024

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    Related Episodes

    Ep 21: Black Duck Eggs

    Ep 21: Black Duck Eggs
    Ira Winkler's specialty is assembling elite teams of special forces and intelligence officers to go after companies. Ira shares a story about a time he and his team broke into a global 5 company. A company so large that theft of intellictual property could result in billions of dollars of damage. Ira's consulting company: Secure Mentum. His books: Spies Among Us, Advanced Persistent Security, Through the Eyes of the Enemy.  Learn more about your ad choices. Visit podcastchoices.com/adchoices

    Ep 30: Shamoon

    Ep 30: Shamoon
    In 2012, Saudi Aramco was hit with the most destructive virus ever. Thousands and thousands of computers were destroyed. Herculean efforts were made to restore them to operational status again. But who would do such an attack? Very special thanks goes to Chris Kubecka for sharing her story. She is author of the book Down the Rabbit Hole An OSINT Journey, and Hack The World With OSINT (due out soon). This episode was sponsored by Eero. A solution to blanket your home in WiFi. Visit https://eero.com/darknet and use promo code "darknet". This episode is also sponsored by Cover. Visit cover.com/darknet to get insured today. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    73: WannaCry

    73: WannaCry
    It is recommend to listen to episodes 53 “Shadow Brokers”, 71 “FDFF”, and 72 “Bangladesh Bank Heist” before listening to this one. In May 2017 the world fell victim to a major ransomware attack known as WannaCry. One of the victims was UK’s national health service. Security researchers scrambled to try to figure out how to stop it and who was behind it. Thank you to John Hultquist from FireEye and thank you to Matt Suiche founder of Comae. Sponsors Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial. This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    The Real Story of Cybersecurity - Special Guest: Peter Schawacker

    The Real Story of Cybersecurity - Special Guest: Peter Schawacker

    Peter Schawacker has been involved in cybersecurity long before data breaches commonly made the headlines. In fact, he’s been helping businesses secure their data long before it was even called cybersecurity. Currently, he is heading the IT Security Team for Axiom Technology Group. In his career, he has been working with some of the biggest names in the business to protect their data and that of their customers. 

    The demand for the kinds of services that Peter provides has gone up a lot in recent years, particularly amongst private equity (PE) firms. In the past, such businesses didn’t concern themselves much with cybersecurity, leaving it up to the portfolio managers and others to deal with. However, the sheer number of security breaches and the resulting scrutiny that brings has forced them to rethink their priorities and take responsibility for their own security. Many of these PE firms are also small to mid-size, which is partly why they haven’t been able to keep up with the latest developments. They just don’t have the scale and resources needed to handle security on their own. That also makes these firms tempting targets. They have enough data and money to make it worth attacking but not so much that the companies or the government will spend a lot of resources to go after the hackers.  Fortunately, Axiom is there to pick up the slack. 

    One of the most important services that Axiom provides is a full survey of the weaknesses a given firm might have, delivering around 200 security assessments a year, with approximately a quarter of those experiencing some kind of cyberattack. Performing this task well and transparently has earned both Axiom and Peter solid reputations as transparent, honest, and interested in keeping the client’s interests foremost. This seems like it should be a no-brainer but as Peter points out, there are a lot of charlatans in the cyber world, less interested in helping their clients solve problems than they are in making as much money as possible from each client. This is just bad practice. It means not only that a given security company will lose the trust and business of their clients when they figure out that they are being taken for a ride, but it also harms the trust in the cybersecurity industry as a whole. 

    There is also the fact that most firms, PE and otherwise are looking to implement the least amount of security possible. This isn’t because they don’t care about their clients’ data, but because at the end of the day they need to make money, which in turn means any Axiom client is looking for the lowest cost services that will bring their risk of a data breach down to an acceptable level. Because the sad truth is that it is incredibly unlikely that data will ever be 100% protected. Someone will always leave a password out or share it when they shouldn’t and a hacker will use it to disrupt a firm’s systems, only letting them go when their ransom is paid. 

    When interacting with clients, it is important to keep all of this in mind so you don’t oversell them. It’s also worth keeping in mind that most people don’t know the details of cybersecurity and frankly, they don’t want to know. All they want to know is how you can help them and how much it is going to cost. If someone is ever trying to convince you how awesome security is, they are almost certainly trying to sell a bill of goods. 

    Another thing Peter goes into is who makes the best cybersecurity professionals. It isn’t who you might think. People who go through a specific IT program are usually farther behind the curve on the latest development and too rigid in their thinking. The best hires for him tend to be high school teachers and musicians. Both are capable of thinking critically and still improvising when needed. 

    What does Peter think is the most important thing to keep in mind when it comes to dealing with cybersecurity? Finding who you can trust. The person who knows his stuff, can deliver on time and isn’t trying to oversell you. That is the person who has your interest at heart, who wants to make your systems secure without taking you for a ride.

    What’s your security worth? www.tartle.co

     

    Tcast is brought to you by TARTLE. A global personal data marketplace that allows users to sell their personal information anonymously when they want to, while allowing buyers to access clean ready to analyze data sets on digital identities from all across the globe.

     

    The show is hosted by Co-Founder and Source Data Pioneer Alexander McCaig and Head of Conscious Marketing Jason Rigby.

     

    What's your data worth?

     

    Find out at: https://tartle.co/

     

    YouTube: https://www.youtube.com/c/TARTLE

     

    Facebook: https://www.facebook.com/TARTLEofficial/

     

    Instagram: https://www.instagram.com/tartle_official/

     

    Twitter: https://twitter.com/TARTLEofficial

     

    Spread the word!