Legitimate Cybersecurity Podcasts

LegitimateCybersecurity
  • 5.0 (2)
  • TECHNOLOGY
  • UPDATED WEEKLY

Legitimate Cybersecurity Podcast - designed to empower you with real-world cybersecurity information, stories, and advice.

  1. 4D AGO

    Can AI Agents Actually Hack Systems?

    A new AI is being framed as a tool that can find zero-days fast and even “hack its way out” of containment. If that claim is real, defenders, developers, and everyday users are about to feel the consequences. On this episode of Legitimate Cybersecurity, hosts Frank Downs and Dustin Brewer are joined by Jason Casey, CEO of Beyond Identity, to break down the panic around Anthropic’s “Mythos” discussion, what AI can actually do for offense and defense, and where the marketing may be outrunning the real-world risk. They dig into whether this is a true cybersecurity turning point, or the latest example of the industry turning fear into momentum. They also explore how AI is already reshaping blue team work, governance, detection, and security operations. Plus: hacked smart vacuums, trackable e-ink nails, wearable surveillance, and why convenience keeps creating new attack surfaces nobody asked for. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 The new AI panic begins 00:59 What “Mythos” is supposed to do 02:17 Is this a real threat or brilliant marketing? 07:12 Will this change security budgets and priorities? 10:11 Why cybersecurity leaders amplify moments like this 13:58 How AI actually helps blue teams 21:49 Rules, patterns, and better AI detection 23:59 The idea of an AI “security factory” 31:50 Beyond Identity’s new governance layer 35:30 Hacked vacuums, smart nails, and wearable tracking 45:00 Final takeaways #legitimatecybersecurity #artificialintelligence #cybersecurity #anthropic #claude #aisecurity #zerodayjay #blueteam

    46 min

  2. APR 10

    Why Is LinkedIn Spying on Your Browser?

    A new lawsuit alleges LinkedIn may have been collecting data from inside users’ browsers in ways most people never expected. If that is true, this is not just normal tracking. It is a much more invasive look into how websites can profile you behind the scenes. In this episode of Legitimate Cybersecurity, Frank Downs and Dustin Brewer break down the class-action allegations against LinkedIn, explain browser extension detection in plain English, and talk about why so many people are fed up with paying for platforms that still treat their identity like a product. They also walk through what this kind of tracking could reveal about you, why regulation keeps falling behind, and what everyday users can do right now to limit exposure online. 📩 Media/interview: admin@legitimatecybersecurity.com 🎧 Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 LinkedIn is spying on you? 00:37 What this new lawsuit actually alleges 01:34 Why this one feels different 03:32 Why people are so fed up with LinkedIn 06:04 What websites can already learn about you 08:23 How browser extension detection works 10:13 Why this feels so invasive 14:51 What you can do to protect yourself 18:11 Browser vs app: which gives companies more access? 20:46 Consent, ethics, and hidden tracking 26:56 Will regulation ever catch up? 28:15 Final thoughts #linkedin #privacy #BrowserTracking #cybersecurity #dataprivacy #onlinetracking #surveillance #digitalprivacy #technews #legitimatecybersecurity

    29 min

  3. APR 4

    What’s Inside the White House App?

    You expect a government app to inform you. You probably do not expect tracking capability, mystery dependencies, and sloppy security decisions. This episode breaks down why the White House app is a warning sign for anyone who installs “official” software without asking what it can really do. Frank Downs and Dustin Brewer dig into the White House app as a real-world case study in mobile privacy, dormant GPS functionality, third-party code dependencies, digital supply-chain risk, and the uncomfortable question of who is actually accountable when insecure software gets released. This is not just about one app. It is about the broader problem with modern software: hidden permissions, weak development practices, and the false assumption that “official” means secure. If you use apps from governments, brands, schools, banks, or anyone else you assume you can trust, this episode will make you think twice about what is really happening in the background. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Hosted by Frank Downs and Dustin Brewer on Legitimate Cybersecurity. Chapters: 00:00 – Why this app matters 00:50 – The White House app and dormant GPS capability 02:47 – Why “it’s off for now” is not reassuring 07:47 – Real-world GPS tracking through everyday apps 10:06 – Why taxpayers should care about this one 11:35 – Random dependencies and supply-chain risk 14:05 – How software supply-chain attacks really happen 18:35 – Incompetence vs malicious intent 24:47 – Leftover dev tools, WordPress, and security basics 27:46 – Who is actually accountable? 32:49 – Cybersecurity is a mindset, not a checkbox 36:18 – Which frameworks help and which get gamed 39:34 – Listener shout-outs and close #cybersecurity #appsecurity #dataprivacy #mobilesecurity #supplychainsecurity #privacy #WhiteHouseApp #infosec #LegitimateCybersecurity

    38 min

  4. APR 1

    AI Is Already in Your Tools. No One Wrote the Rules

    AI is being forced into the tools you use every day before most companies have written real rules. That matters because one careless prompt can become a privacy, compliance, or job-risk problem fast. In this episode of Legitimate Cybersecurity, hosts Frank Downs and Dustin Brewer sit down with Walter Haydock to break down what happens when AI shows up in Word, email, HR systems, search, and business workflows before organizations are actually ready for it. They unpack where companies get AI adoption wrong, why “just use it” is dangerous guidance, what accountability should look like, and how frameworks like ISO 42001 and the NIST AI RMF help organizations build rules before the damage is done. They also dig into AI hiring risks, shadow AI, risky models, and why some AI features feel more like forced adoption than useful innovation. If you’ve ever wondered whether AI is helping your company or quietly creating legal, privacy, and security risk, this episode is for you. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Subscribe for more conversations with Frank Downs and Dustin Brewer as they translate the hidden systems shaping everyday technology. Chapters: 00:00 AI is suddenly in your tools 01:14 Meet Walter Haydock 02:41 Every company needs AI rules 04:42 Why gray areas become risk 05:38 Advice for less technical businesses 09:44 ISO 42001 vs. NIST AI RMF 12:44 Who should own AI accountability? 14:24 AI in hiring and HR 20:50 Why bias never fully disappears 27:29 Will the U.S. regulate AI? 30:27 Where AI is being overused 38:27 Shadow AI and risky models 43:10 What StackAware does 44:23 Walter’s best advice #artificialintelligence #aigovernance #cybersecurity #privacy #compliance #shadowai #iso42001 #nist #techrisks #legitimatecybersecurity

    45 min

  5. MAR 20

    AI Is Replacing Tech Jobs With Insecure Code

    AI is starting to replace parts of white-collar work faster than most people realize. The bigger problem is that it may also flood the market with insecure code, weaker judgment, and fewer real entry-level paths. In this episode of Legitimate Cybersecurity, hosts Frank Downs and Dr. Dustin Brewer break down Anthropic’s latest report on the jobs most exposed to AI and explain what the headlines are getting wrong. They dig into the difference between AI exposure and actual job loss, why the data may be skewed toward technical users, and why roles like programmers, analysts, support specialists, and customer service reps are being hit first. They also tackle the deeper issue: if AI keeps making it easier for inexperienced people to ship software, are we about to create a massive wave of insecure code? This is not just a conversation about automation. It is a conversation about who still needs human judgment, where experience still matters, and why “efficiency” can quietly become a security problem. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ #cybersecurity #artificialintelligence #techjobs #softwaredevelopment #jobmarket #anthropic #automation #infosec #legitimatecybersecurity

    45 min

  6. MAR 13

    Your TV Is Recording What You Watch

    Your smart TV may be taking snapshots of what you watch, even when you think you bypassed the built-in apps. That data can be used to identify shows, measure advertisements, and help build a profile of behavior inside your home. In this episode of Legitimate Cybersecurity, hosts Frank Downs and Dr. Dustin Brewer explain how Automatic Content Recognition (ACR) works, why HDMI devices like Apple TV or gaming consoles may not stop it, and how companies correlate TV viewing with other data sources. They also break down why opting out can be difficult, how these systems are used for ad measurement and profiling, and what steps viewers can take right now to reduce the tracking. If you own a smart TV, streaming device, or connected home system, this episode explains what is actually happening behind the screen. 📩 Media and interview inquiries: admin@legitimatecybersecurity.com 🎧 Listen to the audio podcast: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 — Your TV Is Watching You Back 00:45 — What Automatic Content Recognition Actually Is 01:25 — How TVs Identify What You Watch 02:13 — Why HDMI Devices Do Not Stop It 05:25 — How Viewing Data Gets Linked to Your Phone 09:59 — Why Opting Out Is So Difficult 11:37 — Cameras, Microphones, and Smart Device Monitoring 18:51 — What You Can Do to Reduce Tracking 20:22 — VPNs, DNS Blocking, and Practical Limits 26:33 — The Real Takeaway: Every Screen Collects Data #cybersecurity #privacy #smarttv #dataprivacy #surveillance #smarthome #technology #streaming #legitimatecybersecurity

    30 min

  7. MAR 7

    After the Breach, the Legal Crisis Begins

    A cyber incident is not just a technical problem. The legal response can shape what happens next, what gets disclosed, and how much worse the damage becomes. In this episode of Legitimate Cybersecurity, hosts Frank Downs and Dustin Brewer sit down with Kate Hanniford, cybersecurity and data privacy partner at Alston & Bird, to unpack the part of cyber incidents most people overlook: the legal side. Kate explains what really happens when the phone rings after a breach, how executives think under pressure, where regulators draw the line between bad luck and negligence, and why data retention can quietly become one of the biggest risks in an investigation. They also dig into SEC disclosure rules, outdated regulations, AI adoption risk, and the growing sophistication of state and federal regulators. This is a grounded look at what actually breaks after a cyber incident — and why the legal response matters just as much as the technical one. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ #cybersecurity #dataprivacy #incidentresponse #breachresponse #compliance #aigovernance #riskmanagement #legitimatecybersecurity Chapters: 00:00 Cyber incidents are legal incidents too 00:36 Meet Kate Hanniford 01:12 How Kate got into cybersecurity law 05:30 How lawyers specialize in cyber 08:34 What the first breach call feels like 12:32 How technical a cyber lawyer has to be 14:45 Which regulators worry companies most 18:47 Bad luck vs negligence in cybersecurity 19:57 Why data retention becomes a legal problem 22:17 The SEC four-day disclosure rule 27:43 Are cyber regulations outdated? 32:43 Which frameworks actually inspire confidence? 35:28 Does AI create more legal risk? 39:20 The fast question round 44:36 Kate’s best life advice #Cybersecurity #DataPrivacy #IncidentResponse #BreachResponse #Compliance #SEC #AIGovernance #RiskManagement #PrivacyLaw

    46 min

  8. MAR 3

    The FBI Isn’t Your Cyber Defense Anymore (It’s Privatized Now)

    America’s cyber “first responder” isn’t the FBI anymore—it’s private companies. That shift changes what gets prioritized during a breach: mission vs. margin, attribution vs. recovery, and who gets help first. In this episode of Legitimate Cybersecurity, hosts Frank Downs and Dustin Brewer sit down with Milan Patel (Global Head of MDR at BlueVoyant, former FBI) to unpack what breaks when cyber defense gets outsourced—because it already has. Milan shares how the FBI actually works in real incidents, why private-sector response dominates, and the recurring failures that keep breaches happening “the same way, with a different cut of sushi.” You’ll learn: Why the private sector responds first ~95% of the time—and what the FBI really does when they arrive The 3 root causes Milan sees behind most breaches (and why they don’t go away) The hidden risk of “unknown, unprotected” network branches and configuration drift What AI will (and won’t) replace in MDR, SOC work, and incident response The real looming problem: training the next generation when Level 1 work gets automated Why AI agents inside your environment force a rethink of identity + data access controls Media / interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ If you want weekly breakdowns of the hidden systems shaping security (and the incentives nobody admits out loud), subscribe and join the conversation in the comments. Chapters: 0:00 Cold open: “The FBI used to be the frontline…” 0:55 Meet Milan Patel: FBI → private sector MDR 2:30 “How do I get into cyber?” Milan’s origin story 6:50 The FBI hiring gauntlet (and why honesty wins) 11:35 Quantico + the “blind monkey” field office lottery 14:05 “Too bad, you’re going cyber” (how cyber squads really looked back then) 17:35 The big shift: who responds first during breaches (and why) 20:10 Why companies don’t care about “catching the bad guy” mid-crisis 22:55 The same breaches keep happening—what people aren’t learning 23:30 Milan’s “3 causes” of most breaches: culture, funding, configuration 26:10 The generational gap in clicking, trust, and risk behavior 29:10 “What security do I even need?” (coverage vs. cost reality check) 31:15 The brutal truth: validating what’s actually deployed vs. what you think is deployed 33:00 AI in cybersecurity: what’s real vs. hype 34:35 “Don’t make me talk to a robot” — the last-mile human requirement 36:10 The coming SOC shift: fewer Level 1s, more “all Level 3” teams 37:25 The pipeline problem: how do juniors learn when grunt work is automated? 38:40 Vibe coding + security: why Milan’s confidence is rising (with guardrails) 44:10 AI arms race: faster attackers, same fundamentals 46:05 AI agents in your network = identity + data access crisis 49:00 Milan’s one life rule: “Focus on your sphere of influence” 49:40 Outro + “keep on cyberin’” #cybersecurity #incidentresponse #fbi #manageddetectionandresponse #ransomware #cybercrime #aisecurity #SOC #cyberrisk #infosec #legitimatecybersecurity

    50 min
See All (49)

Ratings & Reviews

5
out of 5
2 Ratings

About

Legitimate Cybersecurity Podcast - designed to empower you with real-world cybersecurity information, stories, and advice.

Information

  • Creator
    LegitimateCybersecurity
  • Years Active
    2025 - 2026
  • Episodes
    49
  • Rating
    Clean
  • Copyright
    © Copyright 2025 All rights reserved.
  • Show Website
    Legitimate Cybersecurity Podcasts