8th Layer Insights

There has been a lot of buzz for the past few years about the benefits and importance of establishing security champions programs. These are groups of people in your organization who become vital, responsible, and proactive contributing evangelists to the security culture of your organization. I often refer to them as "culture carriers." And, while there is general agreement that these are good programs to have, establishing them is currently a bit of a dark art.On today's show, Perry sits down with Sarah Janes of Layer 8 security to discuss the importance of champion programs and tease out a few best practices.Guest: Sarah Janes (LinkedIn) (Twitter) (Website)Perry's Books (Amazon Associate links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Be sure to check out Perry's other show, Digital Folklore. It's all about the oddities and importance of online culture. Head over to the show's website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, shop for merch, support the show on Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-newsProduction Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.8Li cover art by Chris Machowski @ https://www.RansomWear.net/.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

On this episode, Perry sits down with Chad Peterson, Managing Director at NetSPI, to discuss the importance of penetration testing. We touch on aspects of social engineering, discussing complex security issues with Boards of Directors, the prevalence of Ransomware, and some of the unique challenges facing the healthcare industry.Guest: Chad Peterson (LinkedIn) (Twitter)Books & References (Books are Amazon Associate links) CISO Desk Reference Guide: A Practical Guide for CISOs by Bill Bonney, Gary Hayslip, & Matt Stamper Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman  Practical Social Engineering: A Primer for the Ethical Hacker by Joe Gray Ransomware Protection Playbook by Roger Grimes The Smartest Person in the Room: The Root Cause and New Solution for Cybersecurity by Christian Espinosa Perry's Books (Amazon Associate links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Perry's new show, Digital Folklore kicked-off Jan 16, 2023. It's all about the oddities and importance of online culture. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-newsProduction Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.8Li cover art by Chris Machowski @ https://www.RansomWear.net/.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

On this episode, what cybersecurity professionals need to understand about how social signaling and incentives really work.Today's episode features a conversation with Uri Gneezy. In the field of cybersecurity, we are very interested in identifying proactive and positive ways to encourage the behavior we want. That's where Uri comes in. Uri is a well-known behavioral economist and professor of economics and strategy in the Rady School of Management at the University of California at San Diego.Most of us recognize that many of our behaviors, beliefs, and values are caught rather than taught. So, if you are interested in developing a positive security culture in your workplace, then it’s important to understand the dynamics of how people both receive and signal their security-related beliefs and values so that associated behaviors become a natural result.Listen in as Perry sits down with Uri to discuss key findings from Uri's new book, Mixed Signals: How Incentives Really Work. This is a fascinating deep dive into Uri’s research that has immediate applicability for anyone needing to design programs that work with, rather than against, human nature.Guest: Uri Gneezy (LinkedIn) (Twitter) (Website)Books & References (Books are Amazon Associate links) Mixed Signals: How Incentives Really Work, by Uri Gneezy The Why Axis: Hidden Motives and the Undiscovered Economics of Everyday Life by Uri Gneezy & John List Perry's Books (Amazon Associate links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Perry's new show, Digital Folklore kicked-off Jan 16, 2023. It's all about the oddities and importance of online culture. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-newsProduction Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.8Li cover art by Chris Machowski @ https://www.RansomWear.net/.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

In a captivating discussion, Banachek, a renowned mentalist and the President of the James Randi Educational Foundation, shares his journey from magic enthusiast to skeptic. He dives into the groundbreaking Project Alpha, revealing how he and another teen tricked parapsychologists into believing they had psychic abilities. Banachek also elaborates on the ethics of illusion, the psychology of influence in entertainment, and his new live show in Las Vegas, which intertwines mentalism with critical thinking. Expect insights on deception and the power of perception!

This week's episode is a late Star Wars ("May the 4th Be With You") celebration. We check out a couple interesting articles about security-related lessons embedded in the Star Wars movies, and Perry sits down with Adam Shostack, author of the new book, Threats: What Every Engineer Should Learn From Star Wars to discuss threat modeling principles using Star Wars related examples.Guest: Adam Shostack (LinkedIn) (Twitter) (Website)Books & References (Books are Amazon Associate links) Threats: What Every Engineer Should Learn From Star Wars, by Adam Shostack Threat Modeling: Designing for Security, by Adam Shostack Threat modeling videos from Adam Threat modeling and security-related games by Adam Adam's whitepapers BlackPoint: Learn Their Lesson, They Did Not Gary Hibbard LinkedIn post Perry's Books (Amazon Associate links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Perry's new show, Digital Folklore kicked-off Jan 16, 2023. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-newsVoice Acting for this episode: Darth Vader voice over artist: https://business.fiverr.com/freelancers/mistercorley Darth Vader breathing sound: https://www.youtube.com/watch?v=MBi01iy2db8&ab_channel=chefhawk Production Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.8Li cover art by Chris Machowski @ https://www.RansomWear.net/.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to season 4, episode 1 of 8th Layer Insights!On this episode, Perry speaks with Josiah Dykstra (Senior Fellow, Office of Innovation at the National Security Agency) about the new book he co-authored with Eugene Spafford and Leigh Metcalf. The book is titled Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us, This topic coincides well with Perry's recent studies into folklore and urban legends for his other podcast, Digital Folklore.Guests: Josiah Dykstra (LinkedIn) (Twitter) (Website) Chelsey Weber-Smith (LinkedIn) (Twitter) (Website) Mason Amadeus (LinkedIn) (Twitter) (Website) Books & References (Books are Amazon Associate links) American Hysteria Podcast episode, Urban Legends in the Internet Wilderness with the Digital Folklore Podcast Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us, by Eugene Spafford, Leigh Metcalf, and Josiah Dykstra Essential Cybersecurity Science: Build, Test, and Evaluate Secure Systems, by Josiah Dykstra Folklore 101: An Accessible Introduction to Folklore Studies, by Jeana Jorgensen  Folklore Rules: A Fun, Quick, and Useful Introduction to the Field of Academic Folklore Studies, by Lynne S. McNeill Perry's Books (Amazon Associate links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Perry's new show, Digital Folklore kicked-off Jan 16, 2023. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-newsProduction Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.8Li cover art by Chris Machowski @ https://www.RansomWear.net/.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

For the last episode of season 3, I thought we'd talk about something that's been in the news quite a lot recently: Authentication and Password Managers. As security professionals, we've decried the password for decades. Multifactor authentication (MFA) has started to gain popularity... but not without its own issues. Security leaders and tech teams may have once again hoped for a silver bullet, only to be disappointed to find out that crafty attackers can easily bypass MFA. We've also been touting the benefits of Password Managers for quite a while. After all, in a world where most of us have to manage upwards of 200 passwords in a year, who can keep up? No human can have great password hygiene across all those accounts. But password managers also face their own problems as illustrated by a recent high-profile incident.Our guest today is Roger Grimes. He has a multi-decade cybersecurity career and is the author of 13 cybersecurity books, countless articles, and is a highly sought-after industry luminary. ... Oh -- and he has opinions. Listen in as Roger and I discuss the current state of authentication, MFA, password managers, and more.Guests:Roger Grimes (LinkedIn) (Twitter)Want to submit a question to have answered in a future episode?If you’ve got a question or comment that you’d like me to try to answer or respond to, leave a voice message at https://www.speakpipe.com/8Li. Frankly, that would make it more engaging than if I just read your questions. But, if you aren’t able to record a message or don’t want your voice on the show, then you can email me your questions at perry@8thLayerMedia.com. I’d love to hear from you and answer any questions you have about my thoughts on security topics, creativity, online culture, podcasting… or anything else you have on your mind.Books & References: Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use One, by Roger Grimes Roger's Password Masterclass Roger's Hacking MFA presentation Hacking Multifactor Authentication, by Roger Grimes Cryptography Apocalypse: Preparing for the Day When Quantum Computing Breaks Today's Crypto, by Roger Grimes Ransomware Protection Playbook, by Roger Grimes A Data-Driven Computer Defense: A Way to Improve Any Computer Defense, by Roger Grimes Hacking the Hacker: Learn from the Experts Who Take Down Hackers, by Roger Grimes LastPass Security Incident, December 22, 2022 LinkedIn 2FA Hacking demo by Kevin Mitnick The Humane Interface: New Directions for Designing Interactive Systems, by Jef Raskin Wired Magazine Article -- The Best Password Managers to Secure Your Digital Life Perry's new show, Digital Folklore kicked-off Jan 16. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-newsPerry's Books Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Production Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

Hey all!An announcement and something special!First, the announcement:Here's your chance to participate in the final episode of 8Li season 3. If you’ve got a question or comment that you’d like me to try to answer or respond to, leave a voice message at https://www.speakpipe.com/8Li. Frankly, that would make it more engaging than if I just read your questions. But, if you aren’t able to record a message or don’t want your voice on the show, then you can email me your questions at perry@8thLayerMedia.com. I’d love to hear from you and answer any questions you have about my thoughts on security topics, creativity, online culture, podcasting… or anything else you have on your mind.Now for something special:Here's a quick 10 minute sneak peek from episode 1 of my new show, Digital Folklore. Season 1 kicks off Jan 16.This episode introduces us to two "monsters" who were birthed on the internet, but couldn't be contained there. Their names are Slenderman and Momo, and they are great examples of a few key folkloric concepts. So join us as we take a look at Slenderman and Momo and learn about ostension, monster theory, moral panics, and the defining traits that make something folklore as opposed to just a simple online expression of creativity.Guests appearing on the full episode include: Dr. Vivian Asimos, author of Digital Monsters and Digital Mythology and the Internet's Monster: The Slender Man Ben Brock Johnson, Amory Sivertson, and Quincy Walters from WBUR's podcast, Endless Thread Chelsey Weber-Smith, host of American Hysteria Kathleen Hale, author of Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls Season 1 begins Jan 16, 2023. Subscribe or follow so you don't miss out! You can sign-up for our newsletter and learn more about the show at https://digitalfolklore.fm.Support the Digital Folklore Podcast on Patreon: https://patreon.com/digitalfolkloreFind us on the socials: Twitter: @digiFolklorePod Facebook: DigitalFolklorePod Instagram: DigitalFolklorePod TikTok: digitalfolklore Thanks so much! Learn more about your ad choices. Visit megaphone.fm/adchoices

On this episode, Perry speaks with Chris Cochran and Ron Eddings. Chris and Ron started the Hacker Valley Studio Podcast back in June of 2019 with the goal of exploring the human condition to inspire peak performance in cybersecurity. The podcast is about Chris and Ron’s quest to find inspirational stories and knowledge to elevate themselves and their communities. That podcast eventually kicked off a journey that led them to create their own podcast network (Hacker Valley Media), foster communities, and they recently partnered with SANS to create the Difference Makers Awards.Chris and Ron are passionate about cybersecurity, leadership, creativity, and podcasting — and so on today’s show, you’ll hear us touch on all of those topics and more.Guests: Chris Cochran (LinkedIn) (Twitter) Ron Eddings (LinkedIn) (Twitter) References: Hacker Valley Media Hacker Valley Studio podcast Technically Divided Difference Makers Awards Hacker Valley Discord server Perry's new show, Digital Folklore. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, and more. Coming January 16, 2023 everywhere you listen to podcasts. You can also check a 10 minute sneak peek of episode 1.Perry's Books Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Production Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices

On this episode, Perry sits down with Marta L. Tellado, President and CEO at Consumer Reports, to discuss the digital moment we are in and what that means for consumers and the marketplace: the risks, dangers, traps… and also the places and paths that can lead to progress. They also discuss Marta's new book, Buyer Aware: Harnessing Our Consumer Power for a Safe, Fair, and Transparent Marketplace.Guest:Marta L. Tellado (LinkedIn) (Twitter) (Website)Books and References: Fighting For a Fair Digital World. Consumer Reports resources to empower you to take action Buyer Aware: Harnessing our consumer power for a safe, fair, and transparent marketplace, by Marta L. Tellado Old Consumer reports commercials: Example 1, Example 2, Example 3. Perry's Books Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Production Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com Learn more about your ad choices. Visit megaphone.fm/adchoices