エピソード
-
Whenever someone says humans are the weakest link in cybersecurity, besides educating through fear, they are crafting a narrative, creating a reality in people's heads, and making them feel helpless against cyber criminals.
My guest, Lianne Potter, feels utterly differently about how to educate people on cybersecurity. Instead of fear, she advocates for empowering them through trust, autonomy, and, above all things, reciprocity.
Lianne is a Cyber Anthropologist, Head of Security Operations at Asda, a published author, host of the Compromising Positions podcast, keynote speaker, and multi-award-winning cybersecurity specialist. She recently won Computing.com's Security Specialist of the Year award, and, in 2021, she was named one of the Security Leaders of the Year and Woman of the Year in the Enterprise category.
This conversation is yet another opportunity to discover the dedication, kindness, and thoughtfulness that brought Lianne all these well-deserved achievements.
Throughout our conversation, she brought her brilliant and unique vision of cybersecurity. We discussed cybersecurity's own microculture in the tech space, its rituals and habits, and how cybersecurity specialists can transform how they educate the people they serve.
Lianne proposed brilliant ideas like ritualizing protection, empowering people through trust and autonomy instead of micromanaging and fear, cultivating the' hero mentality, and more.
Episode highlights:
The moment Lianne fell in love with cybersecurity (6:40)What makes cybersecurity's micro-culture so attractive (10:20)The 3 main traits of cybersecurity (14:30)Why reciprocity is crucial in cybersecurity (17:20)Why trust and autonomy are the biggest gifts cybersecurity can offer (20:00)Lianne’s experience with joining her first cybersecurity team (26:30)The importance of how we communicate things (37:10)Why educating through fear never works (42:00)Resources Mentioned:
Lianne on LinkedInLianne on Twitter / XThe Compromising Positions podcastLianne on Tom Eston’s Shared Security PodcastWhat is a Cyber Anthropologist? Lianne Potter on The Brainy Business PodcastWearables, Shareables, Unbearables - The IoT and AI Tech Nobody Asked For but Cybercriminals Love!Let's connect!
WebsiteLinkedInTwitter -
Joshua Corman is a security strategist, philosopher, and co-founder of I am The Cavalry, a collective of professionals from technology, law, and public policy who work to mitigate the impact software-enabled and always-connected devices have on public safety and human life.
We had a deeply moving conversation about Joshua's influential work in cybersecurity, the birth of I Am The Cavalry, and his experiences navigating tough life transitions.
Using his masterful ability to capture thoughts, feelings, and experiences, Joshua brings to life the essence of building genuine connections, fostering trust, and caring deeply for others - and the role these play in using cybersecurity for a worthy goal.
Episode Highlights:
Joshua shares a valuable lesson a stranger taught him about empathy (3:10)About the feeling that gave birth to I Am The Cavalry (8:00)Why bother? Because we want to be safer sooner (15:40)There's nothing more intoxicating than having an impact, material progress, and tangible wins (22:40)What is the next wave of empathy in cybersecurity (28:20)You don't need to be famous to make the world better (36:40)Resources Mentioned:
I Am The Cavalry websiteI Am The Cavalry TwitterI Am The Cavalry - Hippocratic Oath for Connected Medical DevicesSwimming with sharks - security in the Internet of Things: Joshua Corman at TEDx NapervilleJack Daniel's LinkedIn profileBeau Woods's websiteClaus Cramon Houmann's LinkedIn profileCyber Summit 2020: Opening Remarks from Josh Corman10 Years After…My Thoughts on Josh Corman's BSides Las Vegas 2023 KeynoteEverclear - Heartspark DollarsignBSides Las VegasShmooConConnect with Joshua:
LinkedInLet's connect!
WebsiteLinkedInTwitter -
エピソードを見逃しましたか?
-
Javvad is a brilliant Security Awareness Advocate, Speaker, sharp industry commentator, and one of the most prolific bloggers in the community. His natural talent for making the cybersecurity industry's most technical and complicated matters easy to understand is a gift and an inspiration.
Join me as Javvad masterfully dissects the negativity and the rationalization bias, using brilliant analogies to explain the disconnect between cybersecurity specialists' expectations and people’s responses to digital challenges.
And, if you’re up for it, help us answer this question: how can we make cybersecurity fun for people?
PS: This is not my AI-generated voice, but rather my adapter-damaged one. I only noticed the terrible quality after the recording, so please bear with me - or just skip to Javvad's parts, which are flawless!
Episode Highlights:
What we really need to be teaching people about cybersecurity (4:50)How to deal with the curse of knowledge (10:10)The best way to keep cybersecurity connected to people's realities (19:20)How to rebrand the cybersecurity team - and why we need this (24:10)The problem with rational thinking (28:30)Why cybersecurity is evolving beyond tech-focused conversations (38:50)Resources:
Book - Javvad Malik - 50 Ways To Survive & Thrive In CybersecurityConnect with Javvad:
WebsiteLinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
How many accounts on different websites do you have?
Sharing our personal information online as a condition to access content has become a reflex. We hit the "I've read and agree to the terms and conditions" button without thinking about it. In fact, only a handful would notice if anything else is written in that box.
Yet things are starting to change; those worried about data privacy aren't only hackers anymore. The wave of awareness that questions what companies do with the personal information we share with them has started spreading to every corner of the cybersphere.
My guest, the brilliant and passionate Merry Marwig, is optimistic about the future of the data privacy landscape and believes it is already going through a positive transformation.
Merry is a Volunteer Advisor at The Plunk Foundation, a Privacy Consultant at DataGrail, and, as you'll see throughout our conversation, overly excited about data privacy tech.
Merry's thoughts on the evolution of data privacy programs stay firmly rooted in the reality of her research and data-driven approach, factors which also fuel the change seeping into people's perception over these issues, and the link between privacy and security.
With Merry’s help, you’ll also understand the emotional toll privacy harms have on you, me, and everyone else, and how ethical use of consumers' information can actually boost a company's growth, plus much more.
Episode highlights:
How privacy and security are different, but related (1:20)The emotional toll of privacy harms (6:50)Understanding how our data gets resold online (15:10)Why now is the right time to do the right thing about data privacy (17:20)How younger generations see data privacy (24:40)Why privacy is part of our culture (29:30)How our understanding of privacy is deepening (38:50)Why even marketers are moving to privacy (46:40)Connect with Merry:
LinkedInLet's connect!
WebsiteLinkedInTwitter -
If you boil cybersecurity down to its essence, you'll find a hacker doing their best to educate, communicate, and help people see the world the way they do: with curiosity and the innate desire to understand it and make it better.
Yet what's the community reaction when a message fails to land as expected? It’s (still too) often victim-blaming, a sarcastic remark, or a vague piece of advice to do more of… something.
To our guest, Alyssa Miller, it all comes down to self-awareness and understanding that, frequently, impact is more important than intent. Being more aware of how and what we communicate may seem like a simple adjustment, but it is definitely the cornerstone of a more transparent, more thoughtful, and empathetic communication style in cybersecurity.
As SVP and CISO, Alyssa is responsible for aligning strategic security initiatives with business line objectives to protect customers' data and privacy. She is also a lifelong hacker, RSA and TEDx speaker, and the Author of "Cybersecurity Career Guide," a book she wrote to address the disconnect between the perceived scarcity of specialists in cybersecurity and all those pounding on the door trying to figure out how to get into the industry.
Throughout our conversation, you'll hear Alyssa's thoughts on the meaning of being a hacker, emotional intelligence, and self-awareness. She also talks about the importance of conferences in cybersecurity, why it is preferable to make friends instead of fans, her book, the lessons learned along the way, and much, much more.
Listen to this episode to discover:
When Alyssa started to see the world from an empathetic point of view (4:40)What changes she experienced and witnessed since the industry began discussing empathy (14:00)What (ethical) hackers actually do (18:50)Why it’s better to make friends than to make fans (24:20)What is a hacker? (31:30)How to get into cybersecurity (42:10)Resources mentioned:
Book: Alyssa Miller - Cybersecurity Career GuideIppSec - We think we know how to build differentiating skills in offsecSolving the Tech Skills Gap at Your Local Coffee Shop | Alyssa Miller | TEDxLSSC -
I’ve had dozens of conversations exploring the need for empathy and compassion in cybersecurity, from supporting victims of cybercrime to acknowledging the data we protect are not numbers on a screen but real people’s experiences.
Yet the transformation empathy is capable of goes way beyond cybersecurity. It seeps into the teams and companies we build, the relationships we influence through technology, it guides leadership, and so much more!
That’s why I’m delighted to open Season 5 of Cyber Empathy with a trailblazer in the community, known for his generosity, empathy, and honesty.
Vivek Ramachandran, Founder of SquareX, joins me to discuss the importance of optimism, perseverance, compassion, and vulnerability and their instrumental role in every aspect of his life.
Discover how Vivek's commitment to accessible education and his genuine desire to help others have shaped his career and inspired the entire offensive security community (and continues to do so).
Listen as Vivek recounts personal stories, including the astonishing support he received when transitioning a personal project into a full-time venture, and the profound impact of his empathetic approach on individuals and teams across the world.
This conversation sets the tone for this new season in which we’ll dive even deeper into the layers of our humanity and how they shape technology and the way we show up for ourselves and others.
Tune in to explore:
Why people tend to give back when the opportunity arises (11:10)How to be kind, compassionate, and empathetic when it is challenging to be it (18:40)How to carve time for yourself when building a company and doing deep research in cybersecurity (25:00)How Vivek balances accountability, flexibility, and trust at SquareX (29:50)The role empathy plays in Vivek’s SquareX and other tech companies (37:50)Connect with Vivek:
LinkedInTwitterSquareX's websiteLet's connect!
WebsiteLinkedInTwitter -
In an industry whose goal is to protect people, purely profit-driven marketing makes no sense - and certainly doesn’t work.
After over a decade of running digital marketing for high-growth B2B technology startups, my guest, Dani Woolf, realized marketing is wildly different in information security.
It took her four years after joining the cybersecurity industry in 2018 to create Audience 1st, a customer research agency built on four pillars:
curiosity to truly understand audiencesempathy to listen first and identify cybersecurity buyers' pain pointsdedication to provide insights that promote growthand honest connection to establish authentic relationships with buyers.Dani Woolf continues to do meaningful work for people who care as the Creator and Host of the Audience 1st podcast and the WTF Did I Just Read? Tech Sales and Marketing Edition Podcast.
Throughout this conversation, Dani shares her thoughts on marketers' role in cybersecurity, her "mission before money” mindset, and why repetition and messaging consistency are crucial in this space.
You'll also hear why we need leaders who choose peaceful and kind ways of communicating and why Dani believes the creative tension between old-school and modern marketers in cybersecurity is a good thing.
Additionally, Dani explains how she uses honesty to get real, deep insights from tech and IT pros, why she doubles down on being pragmatic and practical, and more ways to create positive change.
Listen to this episode to learn:
Why Dani advocates for slowing down and opening our hearts in cybersecurity (3:00)How to avoid leaving people out through black-and-white approaches in communication (7:50)Why having creative tension is a good thing (14:40)How marketers can make a meaningful contribution to cybersecurity (18:30)How to set expectations to have in-depth conversations with tech and security leaders (27:00)Why it’s crucial to connecting with audiences beyond data (34:00)Which benefits come from being pragmatic, practical, and prescriptive (41:20)Resources from this episode:
What vendor looks really good, but is it actually GREAT?Jason Vana's LinkedIn profileEveryone Hates MarketersBehind the mask: Managing high-functioning anxietyYour audience insights = Your foundationThe biggest problems in the cybersecurity industryDani's post about her interview at Cyber EmpathyMarketers can learn a great deal from security researchersHere's how I flipped from reactive to proactive as a marketer in my 14+ years in B2BHow to build authentic relationships in cybersecurity to scale growth Vulnerability management in cybersecurityPeep Laja's websitethe Jobs to be Done frameworkConnect with Dani:
WebsiteLinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
The blame game is a strong reflex in cybersecurity for many people. Pointing fingers at the human error that caused the breach, complaining about the CEO who didn't invest enough resources or training in cybersecurity, and taking it out on the CISO are all common occurrences. And they don’t help anyone.
Blaming harms everything that empathy in cybersecurity represents and works so hard to change in the industry: connection, trust, personal growth, and making meaningful progress.
But there’s hope! One of the most powerful solutions, actually born out of an empathetic approach to human connection: Nonviolent Communication.
Today’s guest, Octavian Istrate, explains how this technique can end the blame game, change perspectives, and get people to open up.
Octavian is a Certified Trainer with the US Center for Nonviolent Communication (CNVC) and a dedicated Association for Nonviolent Communication (ACNV) member. He discovered Nonviolent Communication in 2010, and 7 years into applying it to his personal life, he decided to share it with others through courses, workshops, and practice groups. In 2019, he became a Certified Trainer and turned his passion into a core part of his work.
In this episode, we explore how Nonviolent Communication contributes to developing empathy in cybersecurity, what makes it a powerful tool for personal growth, and how it helps build healthier relationships.
You'll hear Octavian's thoughts on emotional needs in the workplace, what drew him towards Nonviolent Communication, and how to use this approach to manage difficult situations.
Additionally, Octavian talks about the changes he experienced as someone coming from a technical background, empathy blockers, and how he ended up becoming a change strategist. We even go through a real-life exercise on how to apply Nonviolent Communication!
Listen to this episode to learn:
How Nonviolent Communication can remove blame from cybersecurity conversations and behaviors (4:10)What was going on in Octavian’s life when he learned about Nonviolent Communication (11:00)How to separate observation from judgment (14:20)What made Octavian decide to become a Nonviolent Communication trainer (28:00)A real-life exercise on Nonviolent Communication (37:50)How empathy blockers affect communication (48:20)Resources from this episode:
Book: Marshall B. Rosenberg - Nonviolent Communication: A Language of Life: Life-Changing Tools for Healthy Relationships (Nonviolent Communication Guides)Center for Nonviolent Communication's websiteEmpathy BlockersConnect with Octavian:
Octavian’s website (Romanian)Octavian as a change strategist (Romanian)Let's connect!
WebsiteLinkedInTwitter -
Cybersecurity has a human heartbeat.
The variety of backgrounds that people in this space have enriches an industry that is day by day more interested in its human side. Different experiences bring new perspectives and ways of doing things to a community that craves human connection.
Our guest, the extraordinary Maril Vernon, is the perfect example. Coming from the social media marketing space, Maril took the cybersecurity industry by storm, becoming the 2023 Cybersecurity Woman Hacker of the Year, claiming the 2023 CyberJustu Pentest Ninja Award, and being recognized as one of the Top 10 Women Influencing Cyber by CyberSHEcurity.
Maril is the Senior Application Security Architect at Aquia Inc., Contributing Writer at CSO Online, COO at Teach Kids Tech, Co-host and Co-founder of The Cyber Queens Podcast, Purple Team Program Manager, and a 24/7 advocate for amplifying female and LGBTQ diversity in cybersecurity.
Throughout our conversation, Maril shares her thoughts on creating space for recognizing emotions in the workplace, how she sees and experiences empathy in cybersecurity, and the positive impact of her social media marketing background on her development as a hacker. Maril also talks about remote work cultures and human connection, generational differences, self-care, her commitment to increasing equality and diversity in cybersecurity, and more.
Listen to this episode to learn:
How Maril sees the importance of empathy in cybersecurity (3:10)Why there’s rising interest in the human side of cybersecurity (7:50)How inclusive the industry really is (18:00)Why Maril decided to start The Cyber Queens Podcast (26:00)How different backgrounds enrich the cybersecurity industry (34:50)How radical acceptance can be a life-changing hack (41:50)Resources from this episode:
The Cyber Queens PodcastMaril's BioHacker Valley Media - Unleashing the Power of Cybersecurity Purple Teams with Maril VernonThe Cyber Guild - Spotlight on Maril VernonMaril on Twitter - What Makes Hacking Ethical or Unethical?Phillip WileyTracy Z. Maleeff (InfosecSherpa) on CyberEmpathyLesley Carhart (hacks4pancakes)Connect with Maril:
LinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
A̶l̶m̶o̶s̶t̶ every route in cybersecurity lands on empathy. Despite its ultimate goal of protecting data, information security remains a people-focused discipline, with paths that lead to it as varied as they come.
Yet the magic happens when hackers with the most unconventional backgrounds use their hacking skills to break down things and reconnect them in surprising ways. My guest, Pete Herzog, a humble giant in the cybersecurity space, is the perfect example of this.
Pete is the Co-founder and Managing Director of ISECOM and the Co-founder of Urvin AI, Mewt, and Invisibles. On top of his immense contribution to cybersecurity, his diverse range of interests also materialized in a collection of fascinating neurohacking tools.
Join us for an exploration of the hacker mindset at the intersection of hacking, neuroscience, and music!
Pete's unconventional route to cybersecurity has a lot to teach us, as does his innate ability to combine multiple disciplines in remarkable ways. I talked to Pete about Hacker Highschool, the project he started to bring cybersecurity education to teenagers, the spark that lit the creation of neurohacking music and Invisibles, the Open Source Security Testing Methodology Manual (OSSTMM), his thoughts on trust, empathy in cybersecurity, and much more.
Tune into this episode to get:
A glimpse into Pete's background and how his passion project - neurohacking music - started (4:00)Insight into Pete's "unconventional" background and how it molded his approach to cybersecurity (16:30)Why our difficult experiences are what (should) make us empathetic (23:30)Why Hackers Highschool is such an important project for this community (26:00)Pete’s thoughts on "zero trust" and the creation of the OSSTMM (31:10)Resources from this episode:
Pete's post on what's cybersecurity aboutPete's tweet on being nice in cybersecurityHacker HighschoolInvisibles' website@GenXBanshee tweet on Pete's Invisibles neuro hacking musicNeurohackingXavi De La IglesiaBinaural BeatsTranscranial direct-current stimulationOSSTMM (The Open Source Security Testing Methodology Manual)2600.comConnect with Pete:
WebsiteLinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
Among the undeniable advantages of the hyperconnected world we learned to live in, some adverse effects lurk behind the algorithm's rewards. They’re damaging our personal and professional relationships and younger generations' sense of reciprocity, attention span, and ability to assess danger.
Our world is already a mesh between digital and analog experiences, rapidly leaning into making virtual interactions the norm.
So what can we expect to happen to us, biological beings, in non-biological settings?
In this episode, Catherine Knibbs joins us to talk about cybertrauma, how it feels, how it works, and how we can deal with it.
As a Cybertrauma Clinician and Researcher, international educator, Consultant, TEDx Speaker, and the Author of "Cybertrauma: The Darker Side of the Internet for Children and Young People," Catherine’s experience pierces deep into the invisible effects of the cyber territory on our bodies, emotions, and minds.
Throughout our conversation, she invites us to rethink our relationship with technology, the impact of social media on the development of children, and how our phones' omnipresence affects our relationship with our kids, significant others, and colleagues.
Catherine also shares why she started studying this issue and explains the importance of self-care and creating healthy boundaries with social media.
We also discuss cyberbullying, the effects traumatic content has on our minds and bodies, smartphone addiction, and more.
In this episode, you will learn:
What cybertrauma really is (3:40)How the body absorbs and responds to cybertrauma (11:00)The devastating effects of the constant presence of cell phones (18:20)Why we feel compelled to jump onto social media (24:00)The effects of virtual reality environments on our brains (28:20)What led Catherine to dedicate herself to studying cybertrauma (32:10)What we can do to help ourselves adapt to these challenges (40:00)Resources mentioned:
Bodies, Brains, and Technology - The Real Social Dilemma | Catherine Knibbs | TEDxDoncasterBook: Catherine Knibbs - CYBERTRAUMA: THE DARKER SIDE OF THE INTERNET FOR CHILDREN AND YOUNG PEOPLEDr. Gabor Maté's websiteThe Social DilemmaThe Polyvagal TheoryTransactional analysisEpigeneticsBreneé Brown about EmpathyAlexithymiaCleveland Clinic - Heart Rate Variability (HRV)Mark Zuckerberg: First Interview in the Metaverse | Lex Fridman Podcast #398Book: Daniel J. Siegel, M.D. and Tina Payne Bryson, Ph.D. - The Power of Showing UpConnect with Catherine:
WebsiteLinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
The world has seen many transformations in the workspace during the last few years; some of them stuck, some didn't. Workers prioritizing personal relationships over economic benefits, for instance, is not considered a fad anymore; it is the norm.
The relationship people developed with their jobs has radically changed, and empathy played a major role in that transformation. Slowly but surely, we are witnessing how cybersecurity detaches from the old and cold "it's just business" approach.
Today, Molly McLain Sterling joins us to share her thoughts on empathy and the role of connection in cybersecurity, while exploring communication techniques in cybersecurity, leadership, and more.
Molly is the Director of Global Security Culture at Medtronic, CISO Advisor, Top Rated SANS Speaker, Security Evangelist, and Behavioral Science Human Risk Management Leader.
Molly has a Bachelor's degree in Fine Arts (B.F.A in Music Theater), which is a testament to how fertile the cybersecurity space is. People with virtually any background can repurpose their skills and flourish in cybersecurity.
Throughout this episode, you'll hear about Molly's journey into cybersecurity and the acting techniques she adapted to her leadership role to improve her communication skills. Molly also talks about how she transformed Security Awareness into Security Empowerment and grew it into a security culture that now supports over 100000 people in 150 countries. This also led to discuss how scalable empathy really is, the power of delivering a consistent message, bringing leadership's attention to the importance of cybersecurity, and more examples from Molly’s fantastic work.
Tune into this episode to learn:
Why building a security culture is a job we can do alone (3:30)What you need to bring people together around a topic that’s not their primary job (12:10)How to scale the use of empathy within an organization (16:50)Acting tips and advice for improving how you communicate (23:40)How to get leadership to take an interest in cybersecurity (32:40)Connect with Molly:
LinkedInLet's connect!
WebsiteLinkedInTwitter -
In today's episode, I'm joined by one of the first people who raised the empathy flag in cybersecurity and inspired the creation of this podcast, Jayson E. Street. Despite National Geographic describing him as a "World Class Hacker," he sees himself simply as a Hacker, a Helper, and a Human.
Discover the transformative power of conscious kindness as he bares his soul in a deeply personal and heart-stirring conversation. Navigating the intricate dance of human imperfections, Jayson shares moving tales of sacrifice, flawed humanity, and the hidden emotional labor behind genuine acts of goodness.
This isn't about feel-good stories or being the hero; it's about choosing to be kind even when the world doesn't seem to reward it.
Come along to discover Jayson's candid journey, from roadside moments of compassion to profound responsibilities, and uncover the true essence of self-improvement and the impact of small gestures. Let his vulnerability inspire you to embrace your own complexities and fuel a more compassionate way of being in the world.
This episode might move you to act, think, and love with greater intention.
Listen to this episode to learn:
What makes Jason keep fighting alongside the good guys in cybersecurity (5:00)Why Jason decided to plunge into cybersecurity and never look back (9:40)How to bridge the gap between security specialists and the people they serve (16:00)Why it’s essential to address the emotional side of cybersecurity work (23:10)How our polarized society negative impacts the cybersecurity space (32:20)Why being kind and doing the right thing are conscious choices (39:00)Resources mentioned:
A high-functioning sociopath's guide to empathySeth's BlogPenetration tester Jayson E. Street helps banks by hacking themBreakthrough S02E02 Cyber TerrorBook: Jayson E. Street - Dissecting the hack: The F0rb1dd3n NetworkHacker Adventures WorldDefCamp the hacking conferenceConnect with Jayson:
WebsiteJayson's MediaLinkedInTwitterTruesecLet's connect!
WebsiteLinkedInTwitter -
The "good vs. evil" battle is an integral part of cybersecurity's origin story. While it’s motivating and energizing, it also comes with language derived from military vocabulary, that brings a certain level of hostility and aggression.
That’s why, often, the language we use in cybersecurity alienates the very people we’re trying to help.
In this episode, the kind and compassionate Dr. Jessica Barker joins me for a conversation about the most underrated skill in cybersecurity: empathy. We also touch on using psychology and data to improve cybersecurity awareness and culture, optimism as a confidence builder, and more.
We had a fantastic conversation about the evolution of cybersecurity culture and Jessica's massively influential work on revamping cybersecurity vocabulary, whose impact reaches far beyond industry confines. Blending introspection and actionable insight, we also discuss imposter syndrome, balancing constant evolution with self-compassion, and other essential topics we deeply care about.
Listen to this episode to discover:
Why the world is actually way better than we perceive it (4:50)Why cybersecurity is about protecting people (14:00)The origins of Jessica's social approach to cybersecurity (19:40)How to strive for improvement without damaging our health (29:20)Dr. Jessica's tips for fighting imposter syndrome (35:50)Why empathy is the most underrated skill in cybersecurity (45:30) -
“Knowing and not doing is the same as not knowing.”
Join Sebastian Avarvarei and myself as we dive deep into the layers of self-development, cybersecurity, and the crucial blend of technical acumen with soft skills.
Sebastian, with his rich experience in security, sheds light on his evolution from proficient technical leader to becoming a deeply compassionate leader in the cybersecurity industry.
I can’t wait for you to discover his unique approach to leadership, the influence "The 7 Habits of Highly Effective People" had on his managerial style, and the power of practice in transforming knowledge into actionable wisdom.
From overcoming the fear of public speaking to leading with the heart, and the role of empathy in cybersecurity, this conversation overflows with inspiration for professional growth and personal development. We’ll also touch on the importance of being kind to ourselves, of acknowledging that it’s okay not to be okay, why practicing appreciative listening can be life-changing, and so much more.
Whether you're a seasoned expert or a newbie in cybersecurity, there's a nugget of wisdom for you in this conversation.
In this episode, you will learn:
How Sebastian discovered the power of speaking from the heart (6:40)How Stephen Covey's book influenced Sebastian (11:10)Be ready to learn at any moment (24:50)Why we must be kind to ourselves (34:00)The importance of time management in empathetic leadership (37:20)The clarifying question that creates alignment (46:40)Resources Mentioned:
Book: Stephen Covey - The 7 Habits of Highly Effective PeopleSebastian Avarvei at DefCamp 2022 - What if I told you that Security is here to help? DefCamp websiteBook: Ryan Holiday - Ego is the EnemyBook: Douglas Stone, Sheila Heen - Thanks for the Feedback: The Science and Art of Receiving Feedback WellThe Cyber Empathy ManifestoCyber Empathy. Episode #1 - Why I chose an empathetic approach to cybersecurityAbout Sebastian's happy placeAppreciative Listening on WikipediaSituational Leadership Theory on WikipediaConnect with Sebastian:
LinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
"To see others more clearly, set aside your opinions, advice, and judgment, and put their truth above your own." Greg McKeown
In this episode, as an opener for Cyber Empathy's fourth season, I'll take you through some updates on the show and my personal life and share the topics we will be exploring this season. I’ll share how my loved ones’ unconditional love supported me through the taxing situations I had to deal with in the last year, and how our community granted me the honor of two awards at the 2023 European Cyber Security Blogger Awards, making Cyber Empathy the Most Educational Podcast, and the Best New Cybersecurity Podcast!
Today's episode is also a reminder of why Dave and I embarked on this podcasting adventure that brought us nothing but joy; you'll hear about the most significant lessons podcasting taught us, my favorite reads for this year, and more.
In this episode, you will learn:
A bit about how challenging last year was for me (2:20)Not everything has to be as hard as we think (6:10)A refresher on why this podcast exists and how I hope to serve you (9:40)The key topics we’ll dig into in season 4 (13:20)Resources:
The art of listening - Cyber Empathy season 2, episode 9 Book: Greg McKeown - Effortless: Make It Easier to Do What Matters MostBook: Cixin Liu - Remembrance of Earth's Past: The Three-Body TrilogyDave’s latest workLet's connect!
WebsiteLinkedInTwitter -
Thinking of The Hacker Manifesto solely as a rant against corporations, the government, and all authorities is reductive. The volume also appeals to curiosity and a constructive rebellious spirit, which form the basis of hacker culture.
Curiosity fuels hackers to break things down and figure out how they work so they can improve them. It also drives them to ask questions that are different, unexpected, and that lead to paths less traveled.
In today's episode, we go down one of those paths with experienced leader, team manager, and security professional, Tom Eston. In his over 20 years of cybersecurity work, Tom has successfully led ethical hacking teams and improved industry-standard testing methodologies. He has also been creating podcasts since long before they were cool, and now you can listen to him on the Shared Security Podcast, which he co-founded and co-hosts.
Throughout our conversation, Tom looks at the 1986 Hacker Manifesto from an unexpected angle, shares his thoughts on the potential of the massive amount of information available for aspiring ethical hackers, and shares examples of how to guide young white hat hackers and help them calibrate their moral compass.
We also talk about the time Tom faced an ethical dilemma as a leader and his experiences being on the receiving end of empathy in cybersecurity.
In this episode, you will learn:
What drives people to invest their mental and emotional energy in cybersecurity (4:40)How to deal with burnout as a cybersecurity fiend (8:20)Why we live in the golden age of training and how to take advantage of it (14:10)A practical example of how to deal with ethical dilemmas in cybersecurity (21:40)How young hackers can learn to balance the power they have to manipulate systems with being on the right side of history (30:00)The importance of "knowing your audience" when reporting cybersecurity issues (39:50)How The Hacker Manifesto holds up today and what could make it even more useful for ethical hackers (45:43)Resources:
Visit Tom’s blog SpylogicThe Shared Security podcastThe Shared Security podcast - Exploring the Role of Empathy in Cybersecurity with Andra ZahariaThe Shared Security podcast - Juice jacking debunked, photographer vs. AI dataset, Google authenticator risksThe Hacker ManifestoConnect with Tom:
LinkedInTwitterInfosec ExchangeLet's connect!
WebsiteLinkedInTwitter -
Regardless of the power, wealth, or influence a person or company might have, the only thing that can protect them from being hacked is another great (ethical) hacker.
Although the dark side of cybersecurity has several routes to explore and experiment with, they all have the same destination, and – spoiler alert – it is never a happy place. That’s why empathy in cybersecurity is about picking a side: you either use your skills to harm people or to protect them from cybercriminals.
In today's episode, I'm joined by the incredibly talented and eloquent Jenny Radcliffe, The People Hacker. She is a Social Engineer, Author, Burglar for Hire, Award-winning Podcast Host, Keynote Speaker, Panelist, and a 2022 Infosec Hall of Fame Inductee. Her latest book, "People Hacker: Confessions Of A Burglar For Hire," reveals how she gains access to top-grade private and commercial properties using her inimitable blend of psychology, stagecraft, and charm.
We had a fantastic conversation about what it really means to be a social engineer, why she believes empathy in cybersecurity is about picking a side, and the importance of learning to manage emotions as a defense mechanism against malicious hackers. Jenny also shared her thoughts on gaps in the education system, the importance of mastering so-called "soft skills," and so much more!
In this episode, you can expand your views with:
A bit about Jenny's background and why she became a social engineer (3:10)How understanding our emotions prepares us to deal with cybercriminals (8:00)What it really means to be a social engineer and why it’s not what most people think (11:30)What readers got from Jenny’s book and the impact it’s had (17:00)Why empathy, just like cybersecurity, only works when you use it (24:20)Why the gaps in the education system make entire generations susceptible to bad actors’ tactics (33:20)Why Jenny doesn't use the word "mentor" to describe her guides in the industry (39:00)Resources:
Book: Jenny Radcliffe - People Hacker: Confessions Of A Burglar For HireJenny’s Human Factor Security podcastTedX Talk - Surrounded by lies (but never happier)How I Fooled A £2 mil Security SystemMeet Jenny Radcliffe, the People HackerHow To Protect Yourself From Hackers | Inside The Mind Of The People HackerPeople Hacker TV seriesBrett Johnson - TwitterI’m not Snow White. I have to think like a criminal’: how I became a burglar for hireResources:
Book: Jenny Radcliffe - People Hacker: Confessions Of A Burglar For HireTedX Talk - Surrounded by lies (but never happier)How I Fooled A £2mil Security SystemMeet Jenny Radcliffe, the People HackerHow To Protect Yourself From Hackers | Inside The Mind Of The People HackerPeople Hacker TV seriesBrett Johnson - TwitterI’m not Snow White. I have to think like a criminal’: how I became a burglar for hireConnect with Jenny:
WebsiteLinkedInTwitterLet's connect!
WebsiteLinkedInTwitter -
Do you know what happens when "the ask is too high and the trust is too low" in cybersecurity? Requests related to cybersecurity fall flat.
If you’re frustrated that clients and colleagues don’t see the value of your work and don’t take your advice to heart, this episode offers the fix you need.
Along with Advisory CISO and Cybersecurity Strategist J. Wolfgang Goerlich (“Wolf”), we delve into the critical roles of empathy and communication in addressing complex security challenges.
Join us to see how the perspectives we gain through travel can broaden and add nuance to our understanding of global issues.
Get hooked by Wolf’s powerful storytelling that makes cybersecurity relatable and engaging, while exploring the human OS and its limitations.
Find out how empathy, better communication, and Wolf’s heart, head, and hands storytelling method helps demystify risks and potential solutions.
Uncover the value of creativity, interdisciplinary collaboration, and "wandering outside of the box" by looking at the surprising intersection of cybersecurity with art – and even sexuality.
Find inspiration for your next actions in this eye-opening conversation that redefines cybersecurity and puts empathy and effective communication at the heart of the solutions to this industry's challenges.
Tune in to learn:
How language and tone massively influence how effective what we say in IT security is (5:09)Why vulnerability is necessary for good communication, yet carries such a negative connotation in cybersecurity (10:01)Why empathy is only effective when it becomes a practice ( 14:41)What made Wolf pay so much attention to the importance of communication in cybersecurity (17:42)Why how we do things has a massive impact on the industry (27:01)Why there’s a place for art in cybersecurity (29:58)How cybersecurity apply to all areas of our lives, including sexuality (40:16)Resources mentioned:
DefCampJeffrey SnoverWhy effective leaders must manage up, down, and sidewaysBSides 2022 - Wolfgang Goerlich - And the Clouds Break: Continuity in the 21st CenturyTell a story with the project name – Design MondayCognitive DissonancePrinciples for Designing Security CapabilitiesBook: Effortless: Make It Easier to Do What Matters MostNoah ScalinSecurity SexualityConnect with Wolf:
WebsiteLinkedInMastodonTwitterLet's connect!
WebsiteLinkedInTwitter -
Many young writers feel every subject in cybersecurity has already been exhausted. This is probably true for many topics, but that doesn't mean the conversation is over.
Diversity is one of the industry's main traits, which means people from around the world can (and should!) bring their own perspectives and experiences, making an already culturally wealthy space even richer.
Today's guest is Joe Pettit, Director at Bora, the go-to place for IT Security marketing professionals needing to improve their brand awareness and generate high-quality sales leads. He’s a Business and Marketing graduate who left the UK for Spain for a change of lifestyle, pursuing his curiosity and appetite for adventure.
One of the main things for which I respect Joe is how he pays it forward! After receiving support from others to break into IT security, he's now offering young writers the chance to do the same. Through collaboration and the power of expression, they spread the word on the importance of cybersecurity while exploring their passions.
In this episode, you'll hear about Joe "fell" into the industry and his view of cybersecurity as a marketing and communications professional. Joe also shares his perspective on practical empathy, how helping young writers find their voice can improve cybersecurity, and how working in this space changed his standpoint on taking risks and directing a company.
Plus, Joe explains what it takes to create content about topics that have been wrung dry, the difference between hackers and cybercriminals, and much more.
In this episode, you will learn:
How Joe got into cybersecurity (3:24)How things changed in cybersecurity over the years (11:16)Why there are endless ways of creating content about a single topic (14:37)How cybersecurity transformed Joe's views on taking risks (20:29)The difference between good and bad hackers (27:57)Practical ways to use empathy to improve lives and the cybersecurity space (34:12)Resources:
Bora websiteWendy NatherConnect with Joe:
LinkedInTwitterEmail: [email protected]Let's connect!
WebsiteLinkedInTwitter - もっと表示する