Politically High-Tech
A podcast with facts and opinions on different topics like politics, policy, technology especially AI, spirituality and development! For this podcast, development simply means tip, product and/or etc. can benefit humanity. This show aims to show political viewpoints and sometimes praises/criticizes them. He is a wildcard sometimes. For Technology episodes, this show focuses on products (mostly AI) with pros, cons and sometimes give a hint of future update. For Development episodes, the podcast focuses on tips to improve as a human spiritually, socially, emotionally and more. All political, AI lovers and haters, and all religions are welcome! This is an adult show. Minors should not be listening to this podcast! This podcast proudly discriminates bad characters and nothing else.
Politically High-Tech
242- The Crucial Role of Certifications in Business Security with Kevin Barona
Unlock the secrets to securing your startup in our latest episode with Kevin Barona, founder and CEO of Cycore Secure. Gain invaluable insights as Kevin shares his entrepreneurial journey and the motivations that drive him beyond mere financial success. Discover why creating genuine value is a magnet for business success and how early and mid-stage companies can navigate the complexities of cybersecurity compliance to land large contracts.
As we navigate through the current landscape shaped by COVID-19, Kevin emphasizes the heightened necessity for robust cybersecurity measures, regardless of company size. Learn how small businesses and large organizations alike are grappling with the challenges posed by remote work and the escalating importance of protecting sensitive information. Understand why achieving certifications like SOC 2 and ISO 27001 is critical for establishing trust with potential customers and overcoming the hurdles to 100% cybersecurity compliance.
Dive deeper into the human element of cybersecurity, where even the most secure networks can be undermined by human errors. Kevin sheds light on the importance of fostering a cyber-safe culture, effective governance, and thorough documentation. Moreover, we explore the dynamic nature of security systems, including the dual role of AI and the importance of both cloud and local backups for data preservation. This episode is a must-listen for any business leader aiming to stay ahead in an increasingly digital world.
Follow Kevin at ...
https://www.cycoresecure.io/
Linkedin
https://www.linkedin.com/in/kbarona/
Twitter
https://x.com/kevbarona
If you want to be a guest on my podcast, join PodMatch by clicking on the provided link
https://www.joinpodmatch.com/politically-high-tech
Follow your host at
YouTube and Rumble for video content
https://www.youtube.com/channel/UCUxk1oJBVw-IAZTqChH70ag
https://rumble.com/c/c-4236474
Facebook to receive updates
https://www.facebook.com/EliasEllusion/
Twitter (yes, I refuse to call it X)
https://x.com/politicallyht
Welcome everyone to politically high tech with your host, elias. I have a guess here we could go a little different here. I've been covering a lot of cyber security stuff and, trust me, some is dark, some is scary. But I don't believe in just promoting, you know, false lies. I'd rather give you the brutal truth. Especially with the previous guests, we talked about how easy it is to hack into devices and once they get your device information, you're pretty much done, even if you change the passwords and all that, which is crazy. But and then he insists, the future is bright. After all that, I know some of you are still spooked about that.
Speaker 1:Um, this one here. It might not be as dark, but you know I'm kind of bad at keeping my promises. Say it's going to be dark, ends up being light. I say it's going to be light, ends up being dark. So don't take me seriously when it comes to that, my listeners and viewers. So I can make this run along pretty long, but I'm not going to do that, I'm just getting more straight into it.
Speaker 1:Okay, I have a guest here who has a company that specializes in security compliances, especially for early start on businesses, and we're going to dive more into that as well, because I think it's good, because I think just starting a business can be possibly the hardest part of the journey. Can be possibly the hardest part of the journey. You don't know what you're doing, you don't got foundation, you don't have a lot of experiences. It could be curveballs, legal, financial, what have you. You're going to get overwhelmed pretty easily. Shoot, I did when I officially turned this to a business. Woo, I had to learn real quick, because ignorance it blissful. I'm quoting for one guess that you're eventually going to hear from. But yeah, as I was saying so he's going to introduce himself to you, my listeners, and he had a company right here I want to make sure I got it right it is I-Core Secure and he has a. We talk about a diverse team. Oh, he got that. He got that. So Wokesters, don't be attacking him by. Oh, that team's not diverse. Shut up.
Speaker 1:Shut up you can check the website yourself in the link in the description. Okay, just don't do that. If you're going to do that, that at least attack the right people, not just anybody who disagrees with you. Feels like a personal attack. But let me shut up. Let's introduce kevin barona, the founder ceo, the boss of the whole dang company thanks, elias.
Speaker 2:Uh, appreciate that intro.
Speaker 2:Quite an intro, like you might have mentioned.
Speaker 2:So Psycore Secure is essentially a cybersecurity consulting firm and we do help a lot of early stage companies as well as mid stage companies just spin up cybersecurity programs for these organizations and the main reason why you might find someone needing a cybersecurity program is especially in the early stage companies.
Speaker 2:When you are just starting out, you might have some type of you know, you might start getting some momentum in sales. You eventually start, you know, going up to the market and you might eventually try to land a big whale per se. A large enterprise customer wants your services or your product and essentially, before you do sign on to those contracts, there's a lot of requirements, especially security requirements, that are necessary in order for you to just continue moving in the sales cycle. So typically when companies reach that point is when they start looking for cybersecurity services just because they might not have the skill set within the company, and they look for organizations like Sitecore to help them just get up to speed on their cybersecurity programs and eventually speed up their sales cycles and land larger contracts. That's in a nutshell.
Speaker 1:Oh yeah, oh well, I might dig a little deeper on that, you know. So my question I have for you is I ask a lot of guesses. What inspired you? You could have just done sales, make money and say piss off to the rest of the country, I'm rich, leave me alone.
Speaker 2:I mean. Well, there's, there's a deeper meaning for it. I always knew I wanted to be an entrepreneur, I wanted to do something on my own. I never had no idea what exactly. I just remember growing up and just thinking a lot about how people make money and I just, I used to be so astonished by just learning you know, friends, parents, on how they were making money. You know, selling hairpins right, like just a hairpin manufacturer, and just seeing how much money they make, um, and that's not to say that I was after the money. I was just more intrigued by how people made money, um, and there was other ways, other than, you know, sitting, you know, into-5, working for a corporate, a large organization, and I wanted to challenge myself. I wanted to see how there was other people who did it, who went the entrepreneur route, and there's no doubt in my mind that I can also take up on the challenge as well as make an impact for others, right, such as our team members, my family in itself.
Speaker 1:There's a lot of layers to it that doesn't necessarily just relate to the money Of course, because this is why I've told so many people if you just want to chase money, money will grow wings and fly away pretty easily. Yes, if you somehow, if you have a value magnet, then the money comes. I sadly had to learn that the hardware I want money. You know that question has my personal projection to it. I used to think like that the pastor's eyes on make money, screw it, don't bother me. It was the easiest way possible Get rich quick scheme, all of that.
Speaker 1:A lot of us has been there, except for you morally clean people which don't, don't tell me that you're just going to rattle me. All right, just don't rub your moral superiority. Okay, love, he was trying to survive. It's tough out here, okay, but um, anyways, enough of me trying to joke in self in a self-disparaging way. Um, so now you mentioned a lot of important stuff. Yeah, you know that I think that's very inspirational, because I don't.
Speaker 1:I don't hear a good amount of entrepreneurs say I'm doing this with friends and families, they can help them out, but that's very, you know, that's pretty selfless. Yeah, you make a lot of money for yourself, but if you get a lot of money, I believe money is not the root of all evil. I think it is the extension of the person. The person, that's generally good, they're gonna try to do good things with it. The person's bad, they're gonna do bad things with it. Okay, to me it's just that simple. Yeah, it's an extension of a person, it reveals a person. That's why I didn't, I don't, I always disagree with the money is the rule of all evil? No, it it's.
Speaker 1:Uh, I'm not gonna get biblical here because it's not a type. This is not the episode for it. Um, I could channel so many hats here, but I'm not going to. Um, no, but that's really like a good thing and so I'm gonna say it's a very, very, very, very, very good thing. So, when it comes to what kind of okay, what comes to the side core or what kind of customers do you normally deal with? What's the average business size? Is it medium, small? I overheard you said large at one point, because they have tons of requirements and normally that small businesses cannot comply just because you have the manpower and the scope to do so right, right, yeah, I mean, it spans, it spans, uh.
Speaker 2:But we, we typically work with a lot of organizations that span within five employees anywhere up to a thousand. Um, it all depends on whether these companies have an internal team, a security team or an IT team that can help in the security side of things, and that's why it varies. So, as you may know, you know, I mean, cybersecurity is something that's been around for a while, but relatively not a while, relatively not a while, you know, everything just pretty much became at the forefront. You know, after covid or during covid, right, where everyone started going remote, uh, they started realizing, right, a lot of these organizations, five-person organizations where you would come into the office and everybody kind of knew what was going on, who was doing what, where, where they were. All of a sudden, you know these five people, in this specific instance, go back home. You really have no idea. You know they're taking their laptop. You have no idea if they're traveling, if they're outside of the US, if they're, you know, connecting to Wi-Fi at Starbucks, who's looking at the screen, what type of data is available?
Speaker 2:So it made a lot of business owners anxious, right, just thinking about. You know, are we safe? Is there anything that can happen to us that's just going to make us ruin our reputation or just, you know, have some type of incident that we're not going to be able to recover from? Not to do the fear, not to do the fear tactic but, yeah, there's a lot to it on the security side of things, so it's something that's just becoming a lot more prevalent, right. Like I mentioned, a lot of these contracts have a lot of clauses in there, requirements that, hey, unless you can demonstrate this, show us evidence, we can't sign this contract with you no, yeah, absolutely.
Speaker 1:I mean we was already going virtual little by little, but you know, the pandemic that just went terrible speed. Yeah, it just it forced so much businesses and a lot of workers too, I mean I'll say I think it's safe to say almost the majority of them, uh, except for retail and health care and all that. You know you still have to use computers. But he started to go to the site. You know the essential workers. Yeah, their dynamics a little different, but they still got to use computers or computerized machines. I mean that's what they. I mean it's so prevalent. I mean of course it's going to be important. I mean I will hope so. I hope they focus on that, because we talked about this in two, 20, even 2010s. It's like it's OK, but now it's just we use it so much that of course it's going to be prevalent. So that's good that at least there's a societal focus and emphasis on that and, especially very recently, there's a lot more massive data breaches.
Speaker 2:Oh yeah, oh yeah, yeah, yeah, yeah, yeah, it's just, it's almost like. It's like every time you look at the news you hear something, right, um, you see something uh. So a lot of people you know they ask about when they think about cyber security. They're like oh, you know, there's no way I'll get breached. You know, I'm too'm too small. Um, my industry like we don't, we don't necessarily like deal with that stuff. It doesn't matter.
Speaker 2:But you know, everybody has something uh that's either in the cloud and your computer that somebody, if they get a hold of it, and especially if it falls in the wrong hands, they'll, they'll use it against you. So you know, if you, if you have a customer list that has emails, addresses, um date of birth, all these things, these things are, you know, sensitive information. It's private information, personal information that you have an obligation to protect. So you know, even even the, the people who think like, no, there's no way, there's nothing sensitive, that I hold A name, an email address. That's something you're pretty much You're not obligated, but you have a responsibility to make sure you're doing your best to protect that.
Speaker 1:Yeah, well, I'll go a step further. I think it should. I mean, this is my personal belief. I'm going to project it to somebody. That I don't think is an obligation. It is an obligation, especially if we sign a bunch of stuff, trust it. Then we say, oh, we accept protection, especially when we go through that whole long acknowledgement crap that 99.99% of us are free.
Speaker 1:For, somewhere in there deeply buried, all that corporate language, all right, I mean, I mean I get a little far. I mean I was personally hacked twice and I didn't think I had anything. So I would have been like I got nothing important. Oh, no, you'd be surprised. It's not always monetary, like you say. Reputation yes, reputation is another very important one are very important. That's right, they were just blackmail, so that's a. You know, that's a very good point.
Speaker 1:We'll think, oh, I don't have anything valuable, but not going to hack me. No, it's not always that Maybe we'll use just your identity to cover their tracks or do something shady and then say, okay, we got this guy right here. You know it also has. It could also even automate or expedite the fraud process and bait. So you know people, just you're more valuable than you think. Start protecting your humble account and your reputation like it's super valuable. Just shift that mindset, because I used to have. Even though I set up security and all that, I'm not going to hack Maybe I'll just do it just in case.
Speaker 1:But oh, I got hacked twice and even though I resolved it, but it was very, very annoying and I'm going to talk about the one that happened to me last month I almost got hacked of $3,000. It's a good thing I was able to prevent it. Quick thinking call someone. And thinking call someone. And I had to run to the nearest bank. It was one block away with new york urgency. I run the bum ruts to the crowd as it gets to the bank take out the money, put it. Take it out, put it back in so that the the transaction could be canceled because there'll be insufficient funds whatever. And if I didn't do that, the outcome would have been dire. I would have permanently lost $3,000 because I was going towards cryptocurrency.
Speaker 2:Yeah.
Speaker 1:There is no refund on that, yeah.
Speaker 2:Definitely, definitely and Sally thinking about it from an individual perspective. A lot of older people get targeted and they fall for it. So it's, it's when I think about it, I mean there's, there's definitely an opportunity in that space, if you're thinking about it from a business perspective, just to somehow come up with something to protect, you know, the older generations, just because they they fall for it too easily. And that's, you know, I mean hackers are taking advantage of that.
Speaker 1:And yeah, especially those who want cash, they're going to target them because they generally have a lot of cash, you know, and they're more vulnerable. Yeah, exactly, I mean they. One of them even targeted my mother. It's a good thing, I pick up the patterns very quickly. So now stop talking to this man. Let's just say, long story short, he was playing her emotions like a fiddle. I mean, he was just channeling all the right emotions oh, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no. It's a good thing none happened. I was able to prevent it. But yeah, they will target elders. Protect your elders.
Speaker 1:And I'm going to go a step further too, because even younger are getting targeted. Gen Z is getting targeted because they are a lot more online, they're a lot more plugged in, so they're pretty easy to catch. And I have a family member who is part of that generation that well, I'm a millennial who was part of that generation. That well, I'm a millennial. But you know, he got caught because of the AI mimicking his older brother closed so perfectly. That's all he got to fall for it. Just give him stuff and gave him information. Yeah.
Speaker 2:Yeah, it's kind of scary how easy it is now, right to. I mean, you used to be able to tell, right, you would get these emails from the Nigerian prince, right, like, hey, send me this money, I need it really bad. Now you see pretty sophisticated emails, right, that you should not click on, but you know, I would easily fall for it. Like a week ago I had something that was sent to me. I had to do a lot of research, I was like I can't tell if this is real or not and it turned out to be just one of those malicious emails. So, yeah, it's just getting a lot easier for hackers and we got to find a way. We got to find a way to just make sure everybody's educated. Everybody's educated on at least looking at, you know, the first few context clues and all that.
Speaker 1:I absolutely agree, and you should agree with this, unless you've been living on the rock. I mean, back then it was so easy, without even trying. You will know it's fake. Ok, even when you're drunk or tired, you will know it's a fake email. Ok, you would have probably a com, a com. What kind of email has a com, a com or two at signs, or something that's just spelled so weird. You just know it's off. It was spelled with all caps. Remember those good old days when it was simpler people. You know simpler times.
Speaker 1:But now those fraudulent emails are polished to almost perfection. You have to look at every single character. I saw one. I almost fell for it. I was in a rush too. So when it gets you the pressure, oh, that's a good one too.
Speaker 1:It's also psychological. I saw I had two dots on the dot com. Everything else is perfect, perfect, it's. Just wait a minute. What's those two dots? You, I almost felt, for I was. I was almost mad myself. I got to calm down. Just yeah, I really take your time with emails. That's, that's the only non-technical advice I could say. Really scan through your email, just not to scan like really, really see through even even the from the to all of that, because not just the body of the email. I know a lot of programs see just the from the sender, the body of the email. No, check out everything because you'll be surprised. You'll be surprised. The subject and all that good stuff, it's not yet. No, it's really. And the emails are polished just as professional or sometimes even a little better than a legitimate email yeah they got the grammar down packed.
Speaker 1:I mean, sadly there's still those stupid emails, but I don't get them because they see that I'm one of the more intelligent ones. Like I say, I consider myself mid-tier. I'm not a used tech. I don't consider myself an expert either, but there's people that's just falling for please send this ASAP with some weird number or whatever. Yeah, no, you got to be careful people. You got to really be careful. Don't just click and just respond right away just out of pressure. No, take your time. I don't care if that email say hurry up, do this ASAP. No, no, you take your time. Okay, just take your time.
Speaker 1:If you're calm, you'll be able to detect some of it or some of it. I think you're going to need some kind of tool just to scan it, because some of it are just close to perfect at this point. It's really really insane. That's why security is important. It's very, very important. It's essential. This is an essential thing. Back then, this was considered luxury of a hobby. It's essential, it's part of everyday life, except if you're an ambish or a cave person. That's different. They're the only ones that are practically immune to this, but for every other normie including you and me and the guests. We use computers, okay, and laptops, smartphones, even anything smart is computerized Smart refrigerators, smart TV, smart radio, whatever it's just spread throughout.
Speaker 1:I mean, I could just yammer on and on and on and on, but I want to keep it focused, eli, just focus. I could go off the tangent. I could really go off the tangent because I actually love the subject. So I want to get to the compliance angle and correct me if I'm wrong here, because, to be honest, I am not the most informed person comes to this. This is why I'm asking you compliance, even though I know it's important because we got to fulfill requirements. Big businesses some of it don't achieve a hundred percent. I get why they have large people. There's always one or two who's either rebellious or just super forgetful. And if a small businesses, they just can't because they're just too busy dealing with urgent stuff all the time. Even they got less people, but it's much harder because they don't got, you know, the manpower. Just alternate, yeah, and take care of important stuff. So why is it important? And also why the heck is so difficult to achieve 100%?
Speaker 2:Yeah, it's important because it's essentially a standard, right Like you're. There's a handful of standards that relate to security and there's no real other way of knowing right. If you're a potential customer, right and you want to get someone's product, there's no other way of telling them unless you create like a list yourself, be like hey, can you show me evidence of these 10 controls, security controls and send it over to me and make sure that you know you have evidence attached so I can see if you actually are doing something in the cybersecurity side. On the cybersecurity side. Instead of doing something like that, all you have to do is go to your vendor, your potential vendor, just ask them specifically hey, do you have SOC 2, which is a framework, or do you have ISO 27001? If you do, can you show me the certification For SOC 2,?
Speaker 2:There's a report that's also put together, which is the end product. You can share that with your potential customer. They're able to just get a snapshot look of what your info, you know, your security, uh, process, uh, people, technology look like um, so it's, it's just a uh you knowization, just something that's become pretty mainstream. I would say it's almost becoming commoditized at this point right now, just because everyone's asking about SOC 2 and SOC 2 and ISO and all this stuff. So it's just, it's kind of like a putting, like a notch on your belt, pretty much, where it's just you're pretty much demonstrating to the rest of the world, your potential customers, hey, we're the real deal, you know we're. We're a organization that follows, you know, protocol, um, we're open to business, to everybody. Just because we know what we're doing here at this, you know, at this company so, company so, um, it's also it's it's difficult to implement, just because, typically, you know, when you start a company, you're not thinking about hiring.
Speaker 2:You know a security guy. Right, like, the first things that you're thinking about is all, right, we got to get a bookkeeper. Uh, we got to get a sales guy and maybe someone's going to help me with marketing right, I'll do the sale. Maybe I'll do the sales guy. Maybe someone's going to help me with marketing right, I'll do the sale, maybe I'll do the sales or I'll do the operations. And then the security portion comes in.
Speaker 2:When you're talking to a large enterprise client and you're thinking about it, you're like, well, maybe I can figure out how to do this. I don't know a thing about security. If I read enough about it, I could probably get through this. So you know, it's more of uh, educating right yourself if you're, if you're gonna go through it on your own, which is very difficult to do, especially if you don't have, you know, if you're not technology savvy, right, or it savvy, so it's it. It's difficult to kind of get through it. It's not saying that you can't, it's just it's probably going to take you two, three, four times longer, right? Instead of just bringing maybe in like a freelancer, right, who does this for a living, or just an outsource security team who can just help you get this. You know, get these frameworks in place quickly where you're able to generate more revenue.
Speaker 1:Well, plug-ins, self-cycle. Right there, that's the source of all your security concerns. Right there, plug-in, plug-in. That was a good opportunity for you to plug it in. I'm all about shameless plug-ins. Listen, yeah, listen, you know. So there you go, go right there. That's the easy solution. Right there, don't worry, the link is going to be in the description and his social medias and all that.
Speaker 1:We'll get a little more to that um later when we wrap this up. But, um, I seriously give it a shot. People, just give it. Give it a shot. Um, I see, as he definitely has a track record. So he's not a new kid in the block. Yeah, just because he's young looking doesn't mean he's new in the block. He has plenty of experience, he has a team, so just give him a shot. Okay, just give him a shot. All right, especially if you're having trouble with security, if you don't have someone who is just like he said, a strong background, knowledge and working experience with it. There you go, right there. Psycho security there you go, inject yourself right there. All right. So and you know, ooh, look, security.
Speaker 1:I think they have to put it as a top, just like operations, sales bookkeeper and all that. They got to put it out there. They got to put that as essential. You know, that's like the sales bookkeeper and all that. They got to put it out there. They got to put that as essential. That's like the heart, the lung and all that. They're very important. Why would they have to get it? Just forget life. Okay, if you don't have those, just don't bother, they're too essential. You got to put it almost just the same level as a heart and a lung at this point.
Speaker 2:It's too essential. On that, right? Yeah, that's, that's essentially the way I'm I'm looking at it, right. So, just like, how you know, you open an organization, you start an llc, right, um, you're you're finding your accountant, right, who's going to help you with doing your taxes? Right, because there's certain things that you have to follow or else you get fined. You're also going to have that on the security portion, right? So, like, a lot of things are becoming digitized, right, a lot of products are digital.
Speaker 2:Um, you're doing a lot of business through computers, right, uh, over a network and things of that nature. So, a lot of you know, a lot of states currently are are passing a lot of privacy laws. Um, the state of new york in itself, they, they have, you know, they. Lot of states currently are are passing a lot of privacy laws. Um, the the state of new york in itself, they, they have, you know, they have a privacy law. They also have a, you know, a security law, like, if you want to do business with the state government, um, you have to follow certain types of of controls, requirements, security requirements, in order to even just get into the marketplace to, just, you know, pitch right.
Speaker 2:So, like that, that is something that um will eventually spread through the rest of the us, spread rest of the world. If you're in a specific industry, it doesn't matter who you're selling to. You're probably going to have to get, you know, some type of audit in place, right, to demonstrate, hey, our product is safe, right? You can't be really selling products that are not safe from a security perspective, cyber security perspective. So, um, it's going to become necessary oh yeah, people, it's not a matter.
Speaker 1:If it's a matter of when, okay, when it's gonna happen. Like new york and california the two states like that comes to mind when they have cyber security laws already in place. Sadly, states like I, like you, don't take it the wrong way, not call you country bumpkin you could think that all you want, that's fine. That's your ego, that's your problem. You know, states like arkansas, montana they're not thinking as much about that. I mean, they don't mind suing, but they're not thinking as much as laws to. You know, set up safeguards and standards just to do business. And, yeah, you know, even though I think north carolina has a not north carolina, I'm mixing North Dakota, doug Berger has some intellect in there but that state itself they don't have a lot of laws.
Speaker 1:Based on that, unless you want to correct me in the comment section, go right ahead. Feel free to prove me wrong. I'm not an expert here. But the ones that have the most stringent laws is definitely New York and California State, because they're pretty Populous. Yeah, you know they're, they're pretty, you know, populist. Yeah, populist progressive. I was looking for progressive, but populist is correct too. Populist is definitely correct. Um, texas, um, I see they have it or not. I'm not going to say too much about it. I don't know about Florida.
Speaker 2:Maybe they're populist states. Um, yeah, texas has something called a text ramp, which is, um, again, if you want to do business with the government, you, you have to pass through this certification called text ramp, and it's quite a pain to go through it. It takes quite some time. You have to get like a sponsor. Someone has to sponsor you, um, and it's, it's tough. There's a lot of money involved. So you know, these, these things aren't cheap uh, either. So you know, eventually they might, it might, become cheaper, but yeah, it's, it's. It's kind of like the wild, wild west right now. Right, there's a few pilot programs that you're you're seeing, um, some that work, others that are just disastrous. But, um, yeah, it's, it's very, uh, trial and error at this moment interesting choice of words wild, wild west and texas.
Speaker 1:I could help, but just just make that connection right away. Oh, that's good, get mad all you want, it's good, it's a very good description. I mean, you can't put Florida with that description. It just doesn't make any sense. It's more tropical and beach, okay, and it's pretty darn urban too, compared to Texas. You know, texas got their three big cities, but Texas is a huge desert.
Speaker 2:We got Florida man.
Speaker 1:Yeah, so you know what about Florida? Does Florida have any cybersecurity or just any electronic?
Speaker 2:states. No, yeah, so yeah, there's not much. What I do know is that there is I might be wrong on the number, the number but there's about nine states that are trying to introduce privacy laws, uh, into their state legislature. So, uh, I don't think, I don't think florida is one of them but well, it's a work in progress.
Speaker 1:Remember, it's a matter of when, it's not an if question. It's a matter of when, eventually, all 50 states are going to have their version of it might agree something as like alaska I call it the winter wildland over there, all right, where it's constantly night. Okay, you're in a interesting state. Um, we'll probably visit there once if I decide to go there, but not in the winter, hopefully. Oh, no, no, no.
Speaker 1:I asked if I want to dive, if I want to commit suicide, I'll go to Alaska during winter. Yeah, be like an ice cube. And of course, I'm going to protect my ice cube for our museum and exhibition. Look at this dumb idiot who decided to go to Alaska during below 20 degrees. This is what happens. Yeah, that's crazy. But yeah, no, it's crazy.
Speaker 1:I won't do that, obviously. And even if you want to poll, if you say 90% want me to do that, I'm not doing that. I'm going to override a majority. You are all morons. This is the terror of a majority. I'm going to override that. That's my executive decision. They have my executive privilege. I to override that. That's my executive decision. They're my executive privilege. I'll override that if they ever do a poll for me just to do that, just for derrick. 60, 90 of you want me to do it. No, you're crazy, you're evil. You're just documenting your evilness, listeners, and I'm just gonna take it as a sick joke and troll right back. But anyways, I like to have a little fun while these conversations no, but they also lighten it. This brings some value into it. So let me bounce back to the breach. I'm sure you have a good answer for this. Is there any way just to restore one's privacy after breach? Or you just can't trust that company anymore? What's your thoughts on that?
Speaker 2:Typically when there's some type of large breach right, where it's like not to name any companies, but you know something that you use, that everyone uses, uh, it just means that, well, passwords have been compromised so it's as easy as just changing your password and then just monitoring. You know how, on like Credit Karma, you kind of have like this feature to just be like monitoring. You know if anything changes with, like your social security number or whatever it is, and that really depends on whether your accounts have you know you have your social security number available or something like that. It's just a matter of monitoring, right, like you can't really do much other than change the password and then just monitor, just to make sure you know nothing got leaked. Nothing got leaked.
Speaker 2:And then you know not to say like it's not possible, but like chances of you know if a breach happened of like 5 million people. What that means is someone has access to 5 million accounts, right, what they typically do is try to sell it on like the black market or something like that, right, and then kind of like the odds of someone picking your name and you not. You know changing your password during that time. You know whatever time it took to get that in their hands. Um, I don't want to say it's slim, but like it, you know it's. You gotta have some bad luck, man. So just make sure you know you hear anything on the news like that you think about, like hey, I actually have an account there, not sure if I was breached or not, but I'm going to go ahead and just change my password and just keep a close eye on seeing anything weird come through yeah, exactly, it's better to be safe than sorry.
Speaker 1:You know you, maybe you've been hacked, maybe you have, but you'd rather just change your password, just in case, instead of just wondering should I change your password? Just do it. Just just just change it, all, right? I mean and to his point too, to kevin's point they sell it to the black market, the dark web, whatever the heck you want to call it, and then, of course, get money pay for it. This is why people want to send advice to do these bad things. There's money involved here. Your data itself is very valuable. That's all I'm going to say about that.
Speaker 1:Disclaimer I am not AI cybersecurity expert. I'm just someone who's just learning and trying to stay up to date. That is all you could probably. Just if, at best, you can say I'm an informed customer, if you want to put it like that, but otherwise I'm definitely not an expert. Don't label me as an expert, that's that's. That's like stretching it now. Um, even though I know some things about computers and stuff, because I didn't live with that, I used it since I was five. I mean, of course I know something I don't have like degrees and all that, but I know something about that I don't mind repeating some of these, some of these um tips, because some people may click this episode rather than the other ones. I don't mind a little, a little bit of repeat, because I think it's worth repeating sometimes. Sometimes repetition is necessary, oh yeah, especially when crazy things keep on happening. Anything else you want to add before I do the plug-in and wrap this up?
Speaker 2:uh, no, I mean, I'll say one thing about cyber security which is pretty interesting to me. Um, I, I heard it once. It was from, like, one of my mentors. You know, a lot of people think about cybersecurity and they think that it's very technological, right, very tech-savvy. Unless you're tech-savvy, you really don't have the ability to be in that space.
Speaker 2:But there's a lot of different aspects to cybersecurity and, at the end of the day, when you're thinking about it, computers only do what humans tell them to do, right? So, um, ultimately, what it's about, it's about the human psychology or the interaction with computers. Right, so you can have the most fortified network, you can have the best tools, you can have the best vendors, the best people. But if you have that one person who leaves that password on a sticky pad on top of their laptop, one person passes by. They have a malicious intent, they see the password, they get into their laptop. You know it's about constant, constant, like you mentioned, constant repetition, constant awareness of what's going on and just creating a culture, right, a cyber safe culture. So there's, there's a lot of aspects to it.
Speaker 2:I necessarily I'm not technical at all um, I focus a lot on, you know, governance, which is just like creating the documents, setting a process, a procedure right, uh, gearing or taking someone, giving them recommendations on the type of technology they should use once you get into, like, the hacking portion of it. That's not my expertise, that's, you know, for other people. So, um, a lot, of, a lot of messages there is just more of computers are ultimately bound by humans, at least to this point. You know, who knows what's going to happen with AI? But the other portion of it is, if you, you know, consider a career in cybersecurity, but you don't think you're technical, there's plenty. You know there's plenty of room for outsiders. You know to do things outside of that.
Speaker 1:That's very good. You definitely debunked my perceived notion that I thought you had to be technical. Look at that, you see.
Speaker 2:There's something new every day.
Speaker 1:Come think of it. It makes sense. It's more like a psychological. It's teamwork yeah, vigils, I mean we have to have a good cycle. You have to be good psychologically. Let's be clear If you're a bit of a nut, um, you know, or careless, even it was like the guy just I don't know writing on his password, just having to, you know, stick to the, um, the desk, just because it's easier for him, but it's also easier for that malicious actor. You got to make it easy for you but extremely difficult for the malicious actor. Don't just, don't just make it convenient for all. You might as well just say here, thief, here's a lot of information, just give it up. You might as well do that if you're gonna be so nice with giving information, which I don't want you to do, by the way, let's be clear. I'm sure kevin could agree with me a thousand percent. Okay, that I know you could. I don't need to speak on that. Or what's next Writing your notebook? You're just leaving it there. You got to be real, real, careful. And if you're going to have that, if you're going to insist on having the paper, you better carry that paper with you or have it locked up or something. If you insist on paper, if you're going to have it locked, that's one thing to advise. Oh, I like it on paper. Well, have it locked up. 're gonna have it locked. That's something, that's something that buys. Oh, I like it on paper. Well, have it locked up. Don't have it out in the open for everyone to see, because it's not public information and it shouldn't be all right. And you know, like I say, governance, documentation, all that, that's that's also very important. I don't, I don't normally think about that, I just think of it as mundane work, but it's also very important. Yeah, because you gotta preserve documents, especially when more digitized space and more clean office space or home. You scanned it, just transfer it to them, to the cloud or your flash drive. You want to be a boomer about it, uh, which I'm sure they're becoming obsolete really soon. That's a matter of when. Again, um is there. You know, everything's just cloud, cloud, cloud, all right, that's, that's the thing. And even though I like cloud, but always been concerned with cloud, I said well, if all it takes is one bad actor to get in there, they got access to so much more than a flash drive or even a z drive or f drive, whatever letter drive we got okay. So, uh, now, that's always been my concern, even before this cloud thing. A lot of people said, oh, but that's the way to go. Okay, fine, that's the way to go, but I prefer to start. I still prefer saving backups on my local drive. Keep it safe, I prefer doing that, even in the Adidas and ones that are cloud. But that's just me personally. I'm not saying to copy me, I'm not an expert here, but I believe in final preservation and having multiple ways of accessing it. Actually, all righty, then I'm gonna call with him his great team, and there's just many, many reasons for it. You just have a I don't know old security system that's getting outpaced because it's it's ever evolving. You know, 10.0 was great last month. You need 11.0. You only need 12.0 down the line, or 15.0, whatever, or to come up with just a brand new thing. Now just forget all these .0s. It's changing. Ai has changed so much, both for the better and some for the worse. That's my perspective of AI. You know I preach AI, ai, ai. But we also got to beware of the bad. You know the bad aspects of it, the potential, and some of it has already happened. Some misery happened. So, yeah, I can't pretend ai is going to be this. All perfect too, and ai makes a lot of mistakes. I've interacted more. I've realized how much ai makes mistakes. So it's flawless and it's not going to replace humans anytime soon, unless you choose to be obsolete. Yeah, if you choose to be obsolete, yeah, it's going to replace you, right? I emphasize that message again. So avoid AI or die in a career sense, don't say literally In a career sense. This is a very daring question and I'm going to press one more time on that. Yeah, so check him out. Check his social medias. I don't think he has that much listed here. He has an ex, which I still call it. Twitter. I refuse to conform, I refuse to. And LinkedIn, of course. Of course. Linkedin. That's where all the professionals are at, of course. So check them out as well and just see what you got to offer, right, especially if you have, you know, especially if you got some resources and you want, so on, just to fill in your security gap. Check them out Anything else you want to add before I really wrap this up.
Speaker 2:No, thanks, eliasise, it was a pleasure. Um, I love, uh, I love, I love the topics that you talk about. Um, I think it's very unique, so congratulations on you know your success thus far?
Speaker 1:uh, with, with podcast uh, thank you, it was not. It's not easy, but you know what? It's just people like you and in my small lovely audience I have, you know, y'all keep me going. I want to thank you really and for that I got my own plugin. Subscribe, share, spread the word like donate if you want. It's only if you want.
Speaker 1:I don't do feedback, I don't do oil-back, I don't, I don't do oil. Please, please, I need the money. No, no, no, no, I don't do that. If this podcast dies, it dies, that's it. I'll be fine with my life. You know I love doing this, but I will be fine. Okay, so just subscribe, follow, share this with other people and donate if you want. The only thing the donation is going to go to is just either better content and definitely upgrading some of my software. That's all. It's going to be just pure business. Being very transparent with you here. There's going to be a couple of paywall-exclusive episodes coming up, especially if it's spoiler-rich. I mean so much spoiler that I can't even I don't think I should share with the public. Yes, you want to call me greedy, that's fine. I don't care. That's fine with me. Everybody does it. So leave me alone. So, from wherever or whenever you decide to listen to this podcast. You have a blessed day, afternoon or night.
