Crucial Tech Lou Covey

I went to a high school graduation for the first time in decades. What I saw and heard filled me with compassion and concern for the next generation.


---

Send in a voice message: https://podcasters.spotify.com/pod/show/crucialtech/message
Support this podcast: https://podcasters.spotify.com/pod/show/crucialtech/support

This week we talked to SlashNext's CEO Patrick Harr and Field CTO Stephen Kowski regarding a study about the growth of criminal activity using generative AI

SlashNext’s State of Phishing Report claimed a 1,265% increase in malicious phishing emails and a 967% increase in credential phishing between Q4 2022 to Q3 2023. . While ransomware attacks get all the publicity, the reality is phishing is a much bigger problem for a much larger portion of the populace.




---

Send in a voice message: https://podcasters.spotify.com/pod/show/crucialtech/message
Support this podcast: https://podcasters.spotify.com/pod/show/crucialtech/support

Cyber Protection Magazine gets a lot of marketing materials described as studies, surveys, and reports. The flow of those documents increases as major trade shows approach. For example, in the two months leading up to the RSA Conference, we received 56 before we stopped counting. More have come in since but it is now a trickle. We read each one. Luckily, our chief editor can read at 6,000 words per minute. He still grits his teeth whenever he reads the email pitch.

That doesn’t mean all turn into content on our pages because, for the most part, the information contained within is not news. Much can be expressed in a few sentences like, “C-level executives are concerned about data breaches” and “Cybercrime to cost more than $9 trillion by 2025.” In the first instance, our response is, “No kidding?” The second instance is just wrong with no evidence to support it. As often as we tell company representatives, they still produce the same banal and inaccurate assumptions.

About half the time, the “study” was not done by the company pitching the document, but by someone else with a specific twist highlighting the pitching company’s capabilities. For example, we recently received a copy of a “report” about the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) Catalog. It is a monstrously large document, remarkably distilled by a private company into a report that, wondrously, pointed to the company’s products as a solution to the problems notated in the report.

Because these documents rarely provide insight but are meant to validate product claims, they are little more than advertising masquerading as information and that puts them in the junk pile. That, however, is not always the case.

Occasionally, we get truly independent research that, for the most part, says nothing new. But buried in the obvious and the inaccurate, is a nugget of truly interesting data. It’s not enough to make an entire story, although it makes for an interesting LinkedIn post. In our review of the bland cornucopia of data received over the past two months, we saw enough nuggets to see a larger story. There is more to come in the next weeks, but we want to start with this interview with Metomic CEO, Rich Vibert. Their recently released survey on CISO opinions in the UK and US had a lot of obvious statements, but we found a couple of nuggets… and what could be an interesting vein for future discussions.


---

Send in a voice message: https://podcasters.spotify.com/pod/show/crucialtech/message
Support this podcast: https://podcasters.spotify.com/pod/show/crucialtech/support

A few people know that I am something of a political junkie. I did some presidential campaigning in high school, then I got into journalism and covered national politics during Watergate. I'm less focused on it now but anyone can drag me into a conversation about it

A few weeks ago I got a call from the press secretary for Madison Horn, who is running for the US Congress out of the 5th Oklahoma congressional district, asking if I wanted to interview her.

Really? Why does a candidate in Oklahoma want to talk to a cybersecurity journalist in California. I was intrigued, so “sure.” Ms. Horn, who also ran for the US Senate a couple of years ago, is optimistic about the state (which is a positive thing) and, to the point, she’s a white-hat hacker who founded a pen-testing company. So there is the hook.

We talked for about 30 minutes and she educated me on some of the more positive things about her state and, in particular, the political leanings of her district. More importantly, we talk about how our legislators need to be tech-savvy.


---

Send in a voice message: https://podcasters.spotify.com/pod/show/crucialtech/message
Support this podcast: https://podcasters.spotify.com/pod/show/crucialtech/support

The RSA Conference was a firehose of information, some of it good, some of it absolutely false, but always a good way to get perspective on the industry. I met with Rohit Ghai, CEO of RSA to get his particular take and he did not disappoint. More to come next week on Cyber Protection Magazine.


---

Send in a voice message: https://podcasters.spotify.com/pod/show/crucialtech/message
Support this podcast: https://podcasters.spotify.com/pod/show/crucialtech/support

Had a disappointing two weeks trying to cobble together an interview for this week, and had no luck for a variety of reasons. Plenty of content, just little worth reporting. But as I head off to the #RSAC in San Francisco this week, I thought I'd give a history lesson about the relationship of public relations, the press, and technology companies, and explain our policies about press releases, embargoes, and interviews.

Thanks for listening to by LOU talk.


---

Send in a voice message: https://podcasters.spotify.com/pod/show/crucialtech/message
Support this podcast: https://podcasters.spotify.com/pod/show/crucialtech/support