David Shipley

David Shipley, CEO of Beauceron Security and phishing researcher, discusses large-scale research into phishing, training, and security culture. They cover why simulations can mislead, how psychology and AI boost phishing, why small companies sometimes win, and how management tone and reporting nudges reshape organizational security.

Join David Shipley, a savvy security commentator from Beauceron Security, and Laura Payne, a nuanced threat modeler from White Tuque, as they dive into the evolving landscape of cybersecurity. They explore 'living off the land' tactics that hackers are using, the hidden dangers of public Wi-Fi, and the recent Oracle E-Business Suite breach. They also address the risks of social engineering through legitimate tools like Calendly and DocuSign. Plus, learn about vital security practices and the importance of clear communication in combating cyber threats.

Tammy Harper, a cybersecurity professional focused on gaming security, Laura Payne, an expert on enterprise incident response, and David Shipley, CEO of Beauceron Security, dive into pressing cybersecurity issues. They unpack the MongoDB vulnerability, debate ethical disclosure practices, and discuss the implications of AI in vulnerability discovery. The conversation highlights the Rainbow Six Siege hack's impact on the gaming economy and explores the role of private firms in cyber operations, ultimately emphasizing the intersection of cybersecurity with societal norms and human behavior.

Michael Joyce, CEO of the Human-Centric Cybersecurity Partnership and PhD candidate, and David Shipley, CEO of Beauceron Security, delve into the intricacies of cybersecurity training. They discuss the decay of vigilance after training, the impact of awareness programs, and the difference between clicking and reporting phishing attempts. Insights include optimal training frequencies, the importance of ongoing feedback, and caution against sensational claims about training efficacy. Their research promotes a blend of technical and behavioral approaches to enhance cybersecurity culture.

Neil Bisson, a retired intelligence officer, shares insights on human intelligence recruitment and building rapport. David Shipley, CEO of Beauceron Security and phishing expert, discusses the rise of AI in social engineering tactics. They explore the psychological vulnerabilities that cyber attackers exploit, comparing phishing to intelligence operations. Listeners gain practical advice on fostering awareness, applying empathy, and recognizing deception in cybersecurity. Ethical considerations in intelligence work are also highlighted, emphasizing the importance of continuous education.