454 episodes

Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today's interconnected world. Tune in every week to discover invaluable insights, strategies, and tools to live confidently and safeguard your digital life.

Shared Security Tom Eston, Scott Wright, Kevin Johnson

    • News
    • 4.6 • 29 Ratings

Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today's interconnected world. Tune in every week to discover invaluable insights, strategies, and tools to live confidently and safeguard your digital life.

    New Tracker Warning Features on iPhones & Androids, 2024 Verizon Data Breach Investigations Report

    New Tracker Warning Features on iPhones & Androids, 2024 Verizon Data Breach Investigations Report

    In Episode 330 Tom, Scott, and Kevin discuss the new features for iPhones and Android phones designed to warn users about secret trackers, possibly aiding in identifying stalkers. The hosts discuss Apple and Google's collaboration on a technology called DOLT (Detecting Unwanted Location Trackers), aiming to improve user privacy by detecting Bluetooth trackers like Tiles and AirTags. They also highlight the findings from the 2024 Verizon Data Breach Investigations Report (DBIR), discussing key statistics on company breaches, the average time to remediate vulnerabilities, the rise in ransomware and extortion cases, third-party risks, and the negligible impact of AI on current threats. Additionally, the segment touches on human-related incidents' significant role in breaches. The episode concludes with the announcement of new Shared Security Podcast stickers.

    • 20 min
    Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools

    Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools

    In this first-ever in-person recording of Shared Security, Tom and Kevin, along with special guest Matt Johansen from Reddit, discuss their experience at the RSA conference in San Francisco, including their walk-through of 'enhanced security' and the humorous misunderstanding that ensued. The conversation moves to the ubiquity of AI and machine learning buzzwords at the conference, questioning the genuine impact versus hype, and the saturation of AI claims among vendors. They explore the real-world applications of AI, how it's currently being utilized in cybersecurity, and its potential to assist smaller security teams and raise the 'cybersecurity poverty line.' The discussion also touches on the false positives in AI-driven security tools and the nuanced benefits of AI in improving English proficiency globally, which could indirectly assist cybercriminals.

    • 29 min
    FCC Fines Wireless Carriers $200 million, Google’s Fight Against Malicious Apps

    FCC Fines Wireless Carriers $200 million, Google’s Fight Against Malicious Apps

    In episode 328, Tom and Kevin discuss two major cybersecurity and privacy news stories. The first topic covers the FCC issuing fines to major US wireless carriers for sharing users' real-time location data, totaling nearly $200 million. They express surprise and skepticism over the carriers' actions and deliberate on whether the fines would be impactful or merely seen as the cost of doing business. The second topic revolves around Google's announcement that it prevented 2.28 million malicious apps from reaching the Play Store in 2023, marking a significant effort towards enhancing platform security. The discussion includes insights on the effectiveness of Google's policies, the potential need for more transparency, and the broader implications of policy enforcement in the tech industry.

    • 20 min
    Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up?

    Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up?

    In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant's M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite phishing's decreased prevalence, it remains the second most popular method for gaining initial network access. Discussions include the impact of high-profile vulnerabilities and the potential reasons behind the shift in cyberattack tactics. The episode also explores the challenges of maintaining online privacy within relationships, especially when one partner prioritizes privacy more than the other. Tips on fostering understanding and cooperation on privacy and security practices within a relationship are also covered.

    • 24 min
    Navigating Security Awareness in the Tech Industry with Erin Gallagher

    Navigating Security Awareness in the Tech Industry with Erin Gallagher

    In this episode Erin Gallagher, cybersecurity awareness lead at Fastly, discusses her journey into the field of security awareness and her unique approach to enhancing cybersecurity within tech companies. Erin shares her unconventional path from a communication major to leading security awareness programs at IBM and a large insurance company, before joining Fastly. She highlights the challenges and strategies of tailoring security training to diverse roles within tech companies, emphasizing the importance of role-based training over traditional methods like phishing simulations. Erin also tackles the critical role of communication skills in security awareness, the need for empathetic engagement with employees, and the importance of demonstrating the value of security awareness programs, especially in uncertain economic times. The episode also touches on Erin's success in engaging with all levels of staff, including executives, and her thoughts on the future of security awareness in the tech industry.

    • 22 min
    Linux Backdoor Infection Scare, Massive Social Security Number Heist

    Linux Backdoor Infection Scare, Massive Social Security Number Heist

    In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained commit access and inserted a backdoor. The episode further delves into a cybersecurity incident where hackers stole 340,000 social security numbers from a government consulting firm, emphasizing the implications and broader concerns related to data security in government contractors and the inefficacy of response mechanisms. Additionally, the hosts explore the negative influences of marketing in the cybersecurity industry, particularly following significant security breaches.

    • 17 min

Customer Reviews

4.6 out of 5
29 Ratings

29 Ratings

KWGraves ,

Highly Recommend

I appreciate the sound advice given on current security events as well as other comments! I follow this podcast this every Monday.

obacker19 ,

Entertaining, insightful and actionable! 👏👏👏

Whether you’re well established as someone who can translate creative energy into the impact you want to have on the cyber security industry, or just getting started as a catalyst for change - this is a must-listen podcast for you! Tom and Scott do an incredible job leading conversations that cover a huge breadth of topics related to the ins and outs of building a thriving career in data security, and life you can be proud of - from leaders who’ve actually walked the path. Highly recommend listening and subscribing!

Tony-Stark-0 ,

30% ads 50% useless chatter

Only a tiny fraction of the show is valuable, and that too going over news articles. A lot of wasted time. But that’s just me.

Top Podcasts In News

The Daily
The New York Times
Up First
NPR
The Tucker Carlson Show
Tucker Carlson Network
Serial
Serial Productions & The New York Times
Pod Save America
Crooked Media
The Megyn Kelly Show
SiriusXM

You Might Also Like

Smashing Security
Graham Cluley & Carole Theriault
Risky Business
Patrick Gray
Hacking Humans
N2K Networks
Defense in Depth
David Spark
Malicious Life
Malicious Life
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich