Afleveringen
-
In this episode Perry Carpenter sits down with Rachel Tobac to debrief after her recent KB4-CON session, "How I'd Hack You Live" where she... well... hacked Perry live. Perry and Rachel explore how age-old deception techniques are being revamped for the digital age. The discussion spans the future of social engineering, the increasing role of AI in security, and a few other fun bits.
Guest:
Rachel Tobac (LinkedIn) (Twitter / X) (Website)
Books and References (Books are Amazon Associate Links and help support the show):
KB4-CON 2024 Main Stage Sessions (Registration required)
Deepfake scammer walks off with $25 million in first-of-its-kind AI heist, Ars Technica
The Social Engineer's Playbook: A Practical Guide to Pretexting, by Jeremiah Talamantes
The Art of Deception: Controlling the Human Element of Security, by Kevin Mitnick
YouTube video: 60 minutes Here’s how I used AI to clone a 60 Minutes correspondent’s voice to trick a colleague
YouTube video: It Was Easy to Hack a Billionaire
YouTube video: Inside the Mind of an Ethical Hacker
Perry's Books (Amazon Associate Links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
On this episode Perry sits down with Dr. Matthew Canham to explore ways in which AI can be weaponized against us, and how age old social engineering tactics can be used to trick large language models.
Guest:
Dr. Matthew Canham (LinkedIn) (Website)
Books and References (Books are Amazon Associate Links and help support the show):
Cognitive Security Institute YouTube Channel
Cognitive Security Institute website
YouTube video: BlackHat Presentation -- Me and My Evil Digital Twin: The Psychology of Human Exploitation by AI Assistants
YouTube video: NEW AI Jailbreak Method SHATTERS GPT4, Claude, Gemini, LLaMA
Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them, by Ram Shankar Siva Kumar & Hyrum Anderson
Six Thinking Hats, the de Bono Group
Six Thinking Hats: Looking at Decision in Different Ways, MindTools
AI + Six Thinking Hats, LifeArchitect.ai
8Li Season 4, episode 10: Artificial Intelligence Insights & Oddities
Perry's Books (Amazon Associate Links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Zijn er afleveringen die ontbreken?
-
On this episode Perry sits down with Jeremy Treadwell, a people-first technologist and futurist, to get the lowdown on how a futurist approaches the world.
Guest:
Jeremy Treadwell (LinkedIn) (Twitter)
Books and References (Books are Amazon Associate Links and help support the show):
YouTube Video: What UX/UI Taught Me about Improving Security Awareness [SANS Security Awareness Summit 2022], Jeremy Treadwell
YouTube Video: Reimagine the Future of Data, Privacy + Security with Technologist Jeremy Treadwell
The Institute for the Future website
Four Questions to Turn Everyone in Your Company Into a Futurist, FastCompany article
How Does a Futurist See the Future, LinkedIn Article by Jacob Morgan
The Black Swan: Second Edition: The Impact of the Highly Improbable: With a new section: "On Robustness and Fragility", by Nassim Nicholas Taleb
The Gray Rhino: How to Recognize and Act on the Obvious Dangers We Ignore, by Michele Wucker
William Gibson’s Future Is Now, Pagan Kennedy, the New York Times
8Li Season 1, episode 8: The Risk Episode: Black Swans, Grey Rhinos, Angels & Demons
Perry's Books (Amazon Associate Links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Welcome to season 5 of 8th Layer Insights!
To celebrate Valentine's Day, Perry sits down with Emmy winning reporter Kerry Tomlinson to talk about the time she turned the tables on a romance scammer.
Guest:
Kerry Tomlinson (LinkedIn) (Website) (YouTube)
Books and References:
YouTube video: Inside a romance scam: how to make a catfisher sing
YouTube video: Scammers are stealing people's faces for live video calls
National Cybersecurity Alliance : Online Romance and Dating Scams
National Cybersecurity Alliance : Romance Scams Resource Kit
Federal Trade Commission: Romance scammers’ favorite lies exposed
Know Your Meme: On the Internet, Nobody Knows You're A Dog
‘NOBODY KNOWS YOU’RE A DOG’: As iconic Internet cartoon turns 20, creator Peter Steiner knows the joke rings as relevant as ever
Wikipedia: On the Internet, nobody knows you're a dog
Perry's Books (Amazon Associate Links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
On this episode, Perry celebrates the one year birthday of ChatGPT by taking a look at AI from technological, philosophical, and folkloric perspectives. We see how AI was formed based on human words and works, and how it can now shape the future of human legend and belief.
Guests:
Brandon Karpf, Vice President at N2K Networks (LinkedIn) (Website)
Dr. Lynne S. McNeill, Associate Professor at Utah State University (LinkedIn) (Twitter)
Dr. John Laudun, Professor at University of Louisiana at Lafayette (LinkedIn) (Twitter) (Website)
Lev Gorelov, Research Director at Handshake Consulting (LinkedIn) (Twitter) (Website)
Resources
Interview with the AI, part one, by the Brandon Karpf / the CyberWire
'Hard Fork': An Interview With Sam Altman, by The New York Times
The Exciting, Perilous Journey Toward AGI, Ilya Sutskever TED Talk
Ilya: the AI scientist shaping the world, by The Guardian
Meet Loab, the AI Art Woman Haunting the Internet: Is she a demon? A Cryptid? Or nothing at all..., the Guardian
In 2016, Microsoft’s Racist Chatbot Revealed the Dangers of Online Conversation The bot learned language from people on Twitter—but it also learned values, IEEE Spectrum
Perry's Digital Folklore episode about AI
Handshake's Generative AI Masterclass on Maven
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Be sure to check out Perry's other show, Digital Folklore. It's all about the oddities and importance of online culture. Head over to the show's website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, shop for merch, support the show on Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news.
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Let's face it. Most of us have a love/hate relationship with technology and technological advances. We dream about the new thing... but when it arrives, we are usually a little disappointed. Many of us also lament the constant erosion of privacy, the changes in social norms, and more. And, little-by-little, we allow those aspects of new technology to make us numb. We accept the cognitive dissonance of not totally being happy with the trade-offs; yet we still make the trade.In this episode, we explore a few of the positives and some of the unintended consequences associated with recent technological advancements. We'll hear from Dr. Lydia, Kostopoulos, Dr. Charles Chaffin, Andra Zaharia, and Aaron Barr.Guests:Dr. Lydia Kostopoulos (LinkedIn) (Website)Dr. Charles Chaffin (LinkedIn) (Website)Andra Zaharia (LinkedIn) (Website)Aaron Barr (LinkedIn) (Website)Books and Resources:IEEE Article: Decoupling Human Characteristics from Algorithmic Capabilities by Dr. Lydia KostopoulosNumb: How the Information Age Dulls Our Senses and How We Can Get them Back by Dr. Charles Chaffin (Amazon Associate Links)The Numb Podcast by Dr. Charles ChaffinThe Cyber Empathy Podcast by Andra ZahariaReminder: Your 'smart AI' often involves a low-paid contractor surveilling youHow creepy is your smart speaker?Newton's Laws of MotionUnintended ConsequencesElon Musk's warning regarding AITransformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter (Amazon Associate Link)Everything is Alive podcast by PRX and RadiotopiaProduction Credits:Additional voice talent provided by Kristina Leigh.Additional research by Nyla Gennaoui.Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how:LinkedInTwitterInstagramEmail: hello [at] 8thLayerMedia [dot] com
-
On today's show, Perry sits down with Rick Howard to discuss Rick's new book and the concept of "First Principles" as they apply in the domain of cybersecurity.
Rick Howard is the CSO of N2K and the Chief Analyst, and Senior Fellow at the N2K Cyber, formerly CyberWire. His past lives include CSO at Palo Alto Networks, CISO at TASC, the GM at Verisign/iDefense, the Counterpane SOC Director, and the Commander of the Army's Computer Emergency Response Team (CERT). Rick served 25 years in the Army, taught computer science at West Point, and recently published , "Cybersecurity First Principles: A Reboot of Strategy and Tactics."
Guest: Rick Howard (LinkedIn)
Rick's book, podcasts, and other stuff
Cybersecurity First Principles: A Reboot of Strategy and Tactics (Amazon Associate link)
Promo video for Rick's Cybersecurity First Principles video course
CSO Perspectives Podcast
Word Notes
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Be sure to check out Perry's other show, Digital Folklore. It's all about the oddities and importance of online culture. Head over to the show's website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, shop for merch, support the show on Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news.
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
If you’ve been listening to this show for a while, you’ll know that we’ve touched on the topic of Open Source Intelligence (otherwise known as OSINT) several times. It is an area of information security that penetration testing that’s been getting quite a bit of attention over the past several years. When you think about the digital world we live in, where we have a proliferation of personal, organizational, and governmental data on the internet...and the simple fact that data likes to leak…we can safely predict that OSINT investigation techniques will continue to be in demand.
On this episode, Perry sits down with Rae Baker. Rae is the author of the book Deep Dive: Exploring the Real-world Value of Open Source Intelligence, which was released in April of this year from Wiley publishing. In this discussion with Rae, you’ll hear a bit about her career pivot to OSINT specialist from being a graphic designer, how creativity fuels her job, advice for aspiring cybersecurity and OSINT professionals, and a lot more.
Guest:
Rae Baker (LinkedIn) (Twitter) (Website)
Books and References:
Deep Dive: Exploring the Real-world Value of Open Source Intelligence, by Rae Baker (Amazon Associate link)
Kase Scenarios: https://kasescenarios.com/
The OSINT Curious project
TraceLabs
YouTube Playlist from the 2022 SANS OSINT Summit
YouTube video by The Cyber Mentor: Learn OSINT in 4.5 Hours
Lockheed Martin Cyber Kill-Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
Perry's Books (Amazon Associate Links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Listen in as Perry Carpenter & Dr. Jessica Barker present their joint session, "Conversational Security Awareness" at the SANS Managing Human Risk Summit. ... and stay tuned after the presentation for a quick conversation between Perry, Jessica, and Lance Spitzner (SANS) as they discuss themes from this year's event.
Guests:
Dr. Jessica Barker (LinkedIn) (Twitter)
Jeremy Treadwell (LinkedIn) (Twitter)
Lance Spitzner (LinkedIn) (Twitter)
Additional Resources:
Jessica Barker's great blog post summarizing this session
Jessica Barker's 2020 RSA Keynote
Related 8Li Episodes:
8Li S1 E9: Security ABCs Part 1: Make Awareness Transformational
8Li S1 E10: Security ABCs Part 2: 8th Layer Insights and the Quest for Security Culture
8Li S2 E10: The Next Evolution of Security Awareness
8Li S4 E3: Carrots, Sticks, and Culture: The Art and Science of Social Signaling
8Li S4 E5: We are the Champions
8Li S4 E6: Blending Awareness, Social Engineering, and Physical Penetration Testing -- A Conversation with Jayson E. Street
Relevant Books (Amazon Associate Links)
Confident Cyber Security: How to Get Started in Cyber Security and Futureproof Your Career, by Jessica Barker
Cybersecurity ABCs: Delivering awareness, behaviours and culture change by Jessica Barker, Adrian Davis, Bruce Hallas, & Ciarán Mc Mahon
Mixed Signals: How Incentives Really Work, by Uri Gneezy
Security Awareness Program Builder: Practical guidelines for building your Information Security Awareness Program & prep guide for the Security Awareness and Culture Professional (SACP)™ by Mark Majewski
Perry's Books (Amazon Associate Links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: hello [at] 8thLayerInsights [dot] com -
On today's show, Perry sits down with Jayson E. Street to discuss his unique blend of social engineering, physical penetration testing, and security awareness. Jayson refers to this as being trained by a simulated adversary. At the heart of Jayson's method is intense boldness in his approach to social engineering and penetration testing coupled with an equally intense passion for helping his clients and their employees improve their overall security posture and mindsets. It's about education rather than exploitation.
Guest: Jayson E. Street (LinkedIn) (Twitter) (Website)
YouTube videos of Jayson
2022 Saintcon: Hacker Striptease
Tomorrow Unlocked: Penetration tester Jayson E. Street helps banks by hacking them
Risks & Reels: Who's a Hacker?
Jasyon's book (Amazon Associate link)
Dissecting the Hack: The V3rb0t3n Network
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Be sure to check out Perry's other show, Digital Folklore. It's all about the oddities and importance of online culture. Head over to the show's website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, shop for merch, support the show on Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news. Season 2 starts September 4, 2023.
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Hey all! I'm at BlackHat and Defcon this week. If you're there, track me down. I'd love to meet you!This week's episode is an encore of one of my favorites. My interview with James Linton (a.k.a. The Email Prankster). In 2017, James went on a virtual joyride exploiting the ways that people interact with emails. One of the most interesting things about James' story is that his exploits didn't rely on any type of highly technical method(s); they were simple display name deceptions. But that didn't stop him from fooling CEOs from some of the worlds largest banks, celebrities, and high ranking staff members in the White House.James' success using these simple methods serves as a warning for us all. We don't fall for scams because they are technically sophisticated or because we are stupid. We fall for scams because we are human.Guest: James Linton (LinkedIn) (Website)Books and Resources:Anatomy Of An Email Impersonation Spree: Who Got Pranked And WhyAn email prankster is hitting the CEOs of the world's biggest banksHow to Prank the Rich and Powerful Without Really TryingMorgan Stanley CEO James Gorman falls for email prankThis Man Pranked Eric Trump And Harvey Weinstein — Now He Just Wants A JobMedia Coverage YouTube PlaylistJames Linton -- Wikipedia EntryThe Journal of Best Practices: A Memoir of Marriage, Asperger Syndrome, and One Man's Quest to Be a Better Husband by David FinchPerry -- Interview on Springbrook's Converge Autism RadioPerry -- Security Weekly InterviewPerry Carpenter - The Aspies Guide to Social Engineering - DEF CON 27 Social Engineering VillageTransformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry CarpenterThe Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai RoerProduction Credits:Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks.Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/Want to get in touch with Perry? Here's how:LinkedInTwitterInstagramEmail: hello [at] 8thLayerInsights [dot] com
-
There has been a lot of buzz for the past few years about the benefits and importance of establishing security champions programs. These are groups of people in your organization who become vital, responsible, and proactive contributing evangelists to the security culture of your organization. I often refer to them as "culture carriers." And, while there is general agreement that these are good programs to have, establishing them is currently a bit of a dark art.
On today's show, Perry sits down with Sarah Janes of Layer 8 security to discuss the importance of champion programs and tease out a few best practices.
Guest: Sarah Janes (LinkedIn) (Twitter) (Website)
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Be sure to check out Perry's other show, Digital Folklore. It's all about the oddities and importance of online culture. Head over to the show's website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, shop for merch, support the show on Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
On this episode, Perry sits down with Chad Peterson, Managing Director at NetSPI, to discuss the importance of penetration testing. We touch on aspects of social engineering, discussing complex security issues with Boards of Directors, the prevalence of Ransomware, and some of the unique challenges facing the healthcare industry.
Guest: Chad Peterson (LinkedIn) (Twitter)
Books & References (Books are Amazon Associate links)
CISO Desk Reference Guide: A Practical Guide for CISOs by Bill Bonney, Gary Hayslip, & Matt Stamper
Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman
Practical Social Engineering: A Primer for the Ethical Hacker by Joe Gray
Ransomware Protection Playbook by Roger Grimes
The Smartest Person in the Room: The Root Cause and New Solution for Cybersecurity by Christian Espinosa
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Perry's new show, Digital Folklore kicked-off Jan 16, 2023. It's all about the oddities and importance of online culture. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
On this episode, what cybersecurity professionals need to understand about how social signaling and incentives really work.
Today's episode features a conversation with Uri Gneezy. In the field of cybersecurity, we are very interested in identifying proactive and positive ways to encourage the behavior we want. That's where Uri comes in. Uri is a well-known behavioral economist and professor of economics and strategy in the Rady School of Management at the University of California at San Diego.
Most of us recognize that many of our behaviors, beliefs, and values are caught rather than taught. So, if you are interested in developing a positive security culture in your workplace, then it’s important to understand the dynamics of how people both receive and signal their security-related beliefs and values so that associated behaviors become a natural result.
Listen in as Perry sits down with Uri to discuss key findings from Uri's new book, Mixed Signals: How Incentives Really Work. This is a fascinating deep dive into Uri’s research that has immediate applicability for anyone needing to design programs that work with, rather than against, human nature.
Guest: Uri Gneezy (LinkedIn) (Twitter) (Website)
Books & References (Books are Amazon Associate links)
Mixed Signals: How Incentives Really Work, by Uri Gneezy
The Why Axis: Hidden Motives and the Undiscovered Economics of Everyday Life by Uri Gneezy & John List
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Perry's new show, Digital Folklore kicked-off Jan 16, 2023. It's all about the oddities and importance of online culture. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
In this episode, Perry Carpenter sits down with renowned mentalist and skeptic, Banachek. Banachek (Steve Shaw) grew up with a fascination in magic and a frustration with psychic frauds. As a teenager, he contacted magician and skeptic, James “The Amazing” Randi and ended up working with Randi on a special initiative known as Project Alpha, which set out to expose a general lack of objectivity in parapsychology research. Banachek served as the director for the James Randi Educational Foundation’s “One Million Dollar Paranormal Challenge” for 15 years and is now the President of the James Randi Educational Foundation. Perry and Banachek discuss Project Alpha, the ways of fake psychics and fraudulent faith healers, and issues associated with confirmation bias and framing effects. They also discuss Banachek’s new live mentalism show in Las Vegas, which incorporates theatrical mindreading and other mentalism effects along with a storyline that explores Banachek’s life, antics, and passion for critical thinking.Guest: Banachek (Website) (twitter): Mentalist (Performing in Las Vegas add 'social' for 30% off tickets), Skeptic, President of the James Randi Educational FoundationThis episode also featured a quick comment from: George Finney: (LinkedIn); Chief Security Officer at Southern Methodist University; Founder of Well Aware SecurityBooks and References (Book links are 'Amazon Associate' links which help support the show):Brian Brushwood's podcast, World's Greatest ConBanachek Wikipedia entryProject Alpha Wikipedia entryJames Randi Wikipedia entryArticle about Houdini's efforts to debunk fake mediumsThe Discoverie of Witchcraft Wikipedia entryThe Psychology of the OuijaBarnum Effect Wikipedia entryJames Randi & Project Alpha VideoProject Alpha lookback -- James Randi and Michael EdwardsPsychological Subtleties vol 1, by BanachekBehind the Scenes with the Mediums, by David AbbottThe Discoverie of WitchcraftTransformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors by Perry CarpenterMusic and Sound Effects by Blue Dot Sessions & Storyblocks.Artwork by Chris Machowski.
-
This week's episode is a late Star Wars ("May the 4th Be With You") celebration. We check out a couple interesting articles about security-related lessons embedded in the Star Wars movies, and Perry sits down with Adam Shostack, author of the new book, Threats: What Every Engineer Should Learn From Star Wars to discuss threat modeling principles using Star Wars related examples.
Guest: Adam Shostack (LinkedIn) (Twitter) (Website)
Books & References (Books are Amazon Associate links)
Threats: What Every Engineer Should Learn From Star Wars, by Adam Shostack
Threat Modeling: Designing for Security, by Adam Shostack
Threat modeling videos from Adam
Threat modeling and security-related games by Adam
Adam's whitepapers
BlackPoint: Learn Their Lesson, They Did Not
Gary Hibbard LinkedIn post
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Perry's new show, Digital Folklore kicked-off Jan 16, 2023. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news
Voice Acting for this episode:
Darth Vader voice over artist: https://business.fiverr.com/freelancers/mistercorley
Darth Vader breathing sound: https://www.youtube.com/watch?v=MBi01iy2db8&ab_channel=chefhawk
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Welcome to season 4, episode 1 of 8th Layer Insights!
On this episode, Perry speaks with Josiah Dykstra (Senior Fellow, Office of Innovation at the National Security Agency) about the new book he co-authored with Eugene Spafford and Leigh Metcalf. The book is titled Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us, This topic coincides well with Perry's recent studies into folklore and urban legends for his other podcast, Digital Folklore.
Guests:
Josiah Dykstra (LinkedIn) (Twitter) (Website)
Chelsey Weber-Smith (LinkedIn) (Twitter) (Website)
Mason Amadeus (LinkedIn) (Twitter) (Website)
Books & References (Books are Amazon Associate links)
American Hysteria Podcast episode, Urban Legends in the Internet Wilderness with the Digital Folklore Podcast
Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us, by Eugene Spafford, Leigh Metcalf, and Josiah Dykstra
Essential Cybersecurity Science: Build, Test, and Evaluate Secure Systems, by Josiah Dykstra
Folklore 101: An Accessible Introduction to Folklore Studies, by Jeana Jorgensen
Folklore Rules: A Fun, Quick, and Useful Introduction to the Field of Academic Folklore Studies, by Lynne S. McNeill
Perry's Books (Amazon Associate links)
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Perry's new show, Digital Folklore kicked-off Jan 16, 2023. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
8Li cover art by Chris Machowski @ https://www.RansomWear.net/.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
For the last episode of season 3, I thought we'd talk about something that's been in the news quite a lot recently: Authentication and Password Managers. As security professionals, we've decried the password for decades. Multifactor authentication (MFA) has started to gain popularity... but not without its own issues. Security leaders and tech teams may have once again hoped for a silver bullet, only to be disappointed to find out that crafty attackers can easily bypass MFA. We've also been touting the benefits of Password Managers for quite a while. After all, in a world where most of us have to manage upwards of 200 passwords in a year, who can keep up? No human can have great password hygiene across all those accounts. But password managers also face their own problems as illustrated by a recent high-profile incident.
Our guest today is Roger Grimes. He has a multi-decade cybersecurity career and is the author of 13 cybersecurity books, countless articles, and is a highly sought-after industry luminary. ... Oh -- and he has opinions. Listen in as Roger and I discuss the current state of authentication, MFA, password managers, and more.
Guests:
Roger Grimes (LinkedIn) (Twitter)
Want to submit a question to have answered in a future episode?
If you’ve got a question or comment that you’d like me to try to answer or respond to, leave a voice message at https://www.speakpipe.com/8Li. Frankly, that would make it more engaging than if I just read your questions. But, if you aren’t able to record a message or don’t want your voice on the show, then you can email me your questions at [email protected]. I’d love to hear from you and answer any questions you have about my thoughts on security topics, creativity, online culture, podcasting… or anything else you have on your mind.
Books & References:
Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use One, by Roger Grimes
Roger's Password Masterclass
Roger's Hacking MFA presentation
Hacking Multifactor Authentication, by Roger Grimes
Cryptography Apocalypse: Preparing for the Day When Quantum Computing Breaks Today's Crypto, by Roger Grimes
Ransomware Protection Playbook, by Roger Grimes
A Data-Driven Computer Defense: A Way to Improve Any Computer Defense, by Roger Grimes
Hacking the Hacker: Learn from the Experts Who Take Down Hackers, by Roger Grimes
LastPass Security Incident, December 22, 2022
LinkedIn 2FA Hacking demo by Kevin Mitnick
The Humane Interface: New Directions for Designing Interactive Systems, by Jef Raskin
Wired Magazine Article -- The Best Password Managers to Secure Your Digital Life
Perry's new show, Digital Folklore kicked-off Jan 16. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news
Perry's Books
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com -
Hey all!
An announcement and something special!
First, the announcement:
Here's your chance to participate in the final episode of 8Li season 3. If you’ve got a question or comment that you’d like me to try to answer or respond to, leave a voice message at https://www.speakpipe.com/8Li. Frankly, that would make it more engaging than if I just read your questions. But, if you aren’t able to record a message or don’t want your voice on the show, then you can email me your questions at [email protected]. I’d love to hear from you and answer any questions you have about my thoughts on security topics, creativity, online culture, podcasting… or anything else you have on your mind.
Now for something special:
Here's a quick 10 minute sneak peek from episode 1 of my new show, Digital Folklore. Season 1 kicks off Jan 16.
This episode introduces us to two "monsters" who were birthed on the internet, but couldn't be contained there. Their names are Slenderman and Momo, and they are great examples of a few key folkloric concepts. So join us as we take a look at Slenderman and Momo and learn about ostension, monster theory, moral panics, and the defining traits that make something folklore as opposed to just a simple online expression of creativity.
Guests appearing on the full episode include:
Dr. Vivian Asimos, author of Digital Monsters and Digital Mythology and the Internet's Monster: The Slender Man
Ben Brock Johnson, Amory Sivertson, and Quincy Walters from WBUR's podcast, Endless Thread
Chelsey Weber-Smith, host of American Hysteria
Kathleen Hale, author of Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls
Season 1 begins Jan 16, 2023. Subscribe or follow so you don't miss out! You can sign-up for our newsletter and learn more about the show at https://digitalfolklore.fm.
Support the Digital Folklore Podcast on Patreon: https://patreon.com/digitalfolklore
Find us on the socials:
Twitter: @digiFolklorePod
Facebook: DigitalFolklorePod
Instagram: DigitalFolklorePod
TikTok: digitalfolklore
Thanks so much! -
On this episode, Perry speaks with Chris Cochran and Ron Eddings. Chris and Ron started the Hacker Valley Studio Podcast back in June of 2019 with the goal of exploring the human condition to inspire peak performance in cybersecurity. The podcast is about Chris and Ron’s quest to find inspirational stories and knowledge to elevate themselves and their communities. That podcast eventually kicked off a journey that led them to create their own podcast network (Hacker Valley Media), foster communities, and they recently partnered with SANS to create the Difference Makers Awards.
Chris and Ron are passionate about cybersecurity, leadership, creativity, and podcasting — and so on today’s show, you’ll hear us touch on all of those topics and more.
Guests:
Chris Cochran (LinkedIn) (Twitter)
Ron Eddings (LinkedIn) (Twitter)
References:
Hacker Valley Media
Hacker Valley Studio podcast
Technically Divided
Difference Makers Awards
Hacker Valley Discord server
Perry's new show, Digital Folklore. Check out the website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, check out our merch, and more. Coming January 16, 2023 everywhere you listen to podcasts. You can also check a 10 minute sneak peek of episode 1.
Perry's Books
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter
The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer
Production Credits:
Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound.
Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.
8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/
Want to get in touch with Perry? Here's how:
LinkedIn
Twitter
Instagram
Email: perry [at] 8thLayerMedia [dot] com - Laat meer zien
