Jerry Ozier

What's up? Good morning, everybody. Welcome to the party. If you're looking to stay current on the top cyber news stories of the day while getting additional insights and value to make you a better cyber security professional. Coming from the minds of myself, 20 plus years of experience in the industry alongside the simply cyber community members which you by being here are a member, then you are going to want to stick around for the next hour because this is simply Cyber's daily cyber threat brief episode 1048. And we're cooking every single weekday morning, delivering the hottest news with the coolest takes. Come on now, it's Friday. We got jokes for you at the mid roll. Settle in. We got a great show for you. Yes. Yes. That's right, everybody. Welcome to the party. I am super excited to have you here. It is unbelievable. It's Friday already. This week flew by. I hope you had a great week. Yes, we got some playoff football, pro football in the works for the weekend. I started the Citadel back up yesterday, you guys. How was Zach Hill? Let me know in chat. Did you guys enjoy him for the ama? I did catch some of it on the ride into campus and it seemed like you guys were digging, digging it, you know what I mean? Picking up what he was putting down. Guys, every single episode of the daily cyber threat brief, we go through eight top cyber stories of the day. And I do everything within my power to go beyond those headlines and give you additional value and insights. Now, I want you to know I don't research or prep for any of these stories. I literally have no idea what stories we're going to cover. You know why? Nobody got time for that. Ain't nobody got time for that. You know what? And it makes it a more interesting show. I'm. I'm up here shooting, you know, riding low on the hip on a chain, bound for glory. Come on now. It's all about good times. It's about the hot seat. It's live. We don't know what's going to happen next. Of course. Good to see you. A lot of familiar faces up in here. Space tacos. Marcus Kyler, ad tech tech grunt. Legrot. It's been a minute. Legrand. I hadn't seen you. It's good to see you guys. Okay. Hey, if today's your first episode, welcome to the party. We love welcoming our first timer. So if today is your first episode legit. And it could be your first episode ever, like a friend told you about the show or you just happen to come across it in your feed, it could be your first time live because you catch it on replay normally and your schedule changed. Or maybe you're taking advantage of the audio only version and a lot of people don't know this. We rebroadcast this whole show on audio only through Spotify and Apple Podcast and your favorite podcast app of choice every single day. It goes out about 10am every single day. So if you didn't know that, there you go. Giddy up on that. Go ahead and hit subscribe on Spotify or whatever. Make sure you don't miss a single episode. But for real though, if it's your first episode, hit hashtag first timer in chat. Hashtag first timer in chat. We have a special sound effect, a special emote. It's all about good times. We love it up in this piece. Now, what I love and a lot of other people love is that not only is this show any entertaining and educational, but it also delivers value in the sense of continuing professional education credits. Now, you may not be familiar with CPE's Continuing Professional Education credits, but let me tell you, if you currently hold a cybersecurity certification or you will be holding one, right, you're going to get one in 2026. You have to do two things once you get it. One, you've got to pay an annual fee. Wa. Wa. And two, you have to demonstrate continuing education within our cybersecurity field. And there's a lot of ways to do it, but one banger way to do it is to just show up here and listen to the news. It's worth Half a CPE. Now you might think, oh my gosh, half a CPE. I have to do 40 CP's a year. That's 80 shows. Jerry. I don't know if I can make that kind of commitment for you. Alpha nerd in the house. First timer. Welcome to the party. Alpha nerd. Welcome to the party. Jump point set. Good to see you got a couple first timers in chat. Hey, listen, check it out. Alpha nerd jump point sec. Half a cpe. And all you gotta do is say what's up? In chat. Just like Dennis Keef did. Justin Gold did Miss Julian, right? Just say what's up? Will Willbert. Philippe. Felipe. Nailing it. All you have to do is say what's up? Grab a screenshot. Okay, Windows key s the print screen button. Choose your own adventure. Use your phone and take a picture of your monitor. Whatever you choose, file it away in a folder called 2026 CPES. Once a year, count them up, divide by two because it's half a CPE right? There you go. You got it. You can get up to 120 CPUs a year if you just show up on the regular and be part of the community. It's that easy. And I'm telling you as someone who is gray in the beard and has had to do CPEs for since 2009, I'm telling you right now it can be really burdensome to have to get CPS at the last minute. You're like taking webinars you don't even care about. It sucks. All right, so we got you covered. All right, what do we got here? We got CPEs, first timers and we got some first timers in chat. I love that. Did you know? I know all of you regulars know but first timers every single day has a special segment and guess what happens on Fridays. This guy right here, James McQuiggin at 35000ft. Our very own Simply Cyber community member and MC at Simply Cybercon and dropping. We just become best friends. Yep. And super chat dropper right now. Thanks for the super chat. James McQuigan says it's been a crazy eight days tomorrow. It's a week long cruise with Mrs. McQuigan at 35,000ft. I had the pleasure of meeting Travis Loads team SC at the threat Locker job fair on Tuesday. Coffee cup cheers. Coffee cup cheers to you James McQuigan. I hope you enjoy the cruise and shout out to Mrs. McQuiggin good to see you. But yes. James McQuiggin sends me over piping hot fresh dad jokes and we we rip them off at the mid roll and I also don't research prep. I don't know what the jokes are. I'll be seeing them for the first time with you. So it's all about good times. I love it. Let's spend a minute. Say thanks to the stream sponsors. As always this show doesn't happen without the sponsors. And and I also don't partner with companies that I don't like or don't think are good. Let's get into it. First sponsor Anti Siphon Training. Now Anti Siphon training is the training arm of Black Hills Information Security. They offer all sorts of training. You go to antisiphent training.com but I want to call your attention to this one because in three days from now, three days from now you will be able to to take John Strand's active defense and cyber deception. This is very much a hands on keyboard learn by doing 4 day 4 hours a day training odyssey. I have taken this course myself. I can tell you definitively this is an amazing course. You will learn something, you will pick up new skills, and you will enjoy the living crap out of it. And on top of all that, there's like another thousand students in chat with you. So you're like developing relationships, talking to people. It's all about good times. And John's a really cool guy and instructor. And speaking of CPEs, if you sign up for it, which you can take for as little as $0, you can get 16 CPEs for taking this course. I mean, come on now. I feel like that's pretty dope, right? So check it out. I'll drop a link in chat. As always, love myself some anti siphon training. All those guys are good. Okay, we also got Area. Did you know? Check this out. This is a new sponsor for 2026. But you know what? AI is so hot right now that Hansel's so hot right now. Listen, your leadership team's demanding AI automation. Your employees are using it all over the place. Sales has got one tool, marketing's got another. Carl. And accounting's dabbling with Copilot. There's AI sprawl all over the place. And you as a cyber security professional are like, oh my God, how am I supposed to manage all this risk? One incident could really, really jack you up. Either from a, a a full compromise in business impact to a compliance violation, IP theft. Like it, like it could happen a million different ways, right? But what if I told you there's an opportunity here for AI to become an advantage, not a risk? What if your teams could innovate while being protected? What if you could have the best of both worlds? What if you could eat cake and lose weight? Well, that's what we're doing over here with Area AI Ria. They deliver a unified platform that combines AI security, governance and orchestration. So you don't have to choose innovation or protection. Take control today. Turn your AI stress into AI success. Go to Simply Cyber IO A I R A I R I A to check out Area. You can get a demo. Listen, like, if you are literally working at an organization and you're worried, you're at a place where you are worried about AI usage and risk of data governance, data sovereignty, all these things. Go check out Area. As always, it helps the channel. Clicking on the links helps the channel. Let's hear from Threat Locker. And then we're gonna slide into the news like it's the electric boogaloo. All right, let's do this. I want to give some love to the daily Cyber Threat brief sponsor Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance, visit threatlocker.com DailyCyber. All right everybody. Do me a favor. Do me a favor. Yes, exactly. Space Tacos Drink guys. Hey you first timers. Jump point Sec Alpha Nerd. I'm not ask. I'm not actually asking you to get hammered and drink booze. But we do have a little fun inside joke here and I want. I don't want anyone to not know the joke. I am in my 40s. I culturally capped out in 1997. So a lot of my metaphors, references and jokes are all relative between the years of 1985 and 1997. And when I do make those, we drink. So if you see it in chat, that's what's up. And feel free to play along at home. You can absolutely. If I call one out, jump on it and say drink. Campo. 1, 2, 3. 2. 1. First time or been part of the SC team for a little over a year now, but finally able to catch the live and also just landed a new job as an IT systems tech in my second week. Dude. First of all campa, let's not bury the headline. Congratulations on the new job. Oh yeah, dude, absolutely slay that. And then secondly, I'm super pumped that your job allows you to catch the live. Welcome to the party. Welcome to the party. All right guys, do me a favor. Sit back, relax, slide into the news and let's let the cool sounds of the hot news wash over us in an awesome way. See you at the mid roll.

James McQuiggin

From the CISO series. It's cyber security headlines.

News Anchor

These are the cyber security headlines for Friday, January 16, 2026. Steve I'm Steve Prentice. Jen Easterly to helm RSAC, the RSA Conference, host of the world's largest and most influential cybersecurity conference, also known as rsac announced yesterday that Easterly has been appointed as its chief Executive officer. Easterly is a leading cybersecurity expert, a highly decorated US army veteran and the former director of CISA. As CEO, she will guide RSAC's global portfolio, including its annual flagship conference in San Francisco, expanded international programming, the renowned innovation sandbox contest and startup ecosystem, its emerging professional membership platform, education initiatives and programs focused on AI security, secure software development and global collaboration. End quote.

Jerry Ozier

Okay, so Code Brew, I love it. That's right. Me and simply CyberCon and RSA were, you know, neck and neck. 1A, 1B for Jenny Easterly to take the mantle. But, you know, we wish her the luck at rsa. No, so for real, they said this. Everybody in this community knows who Jen Easterly is in. If you don't. They said it in the story. She's a decorated veteran. She went to West Point, she was director of cesa. I'm a huge fan of her. I think she did a lot of good things for cyber security. If you like the known Exploited Vulnerability catalog, if you like election security being a priority, if you like CESA's shields up and the way that they're interacting with the private sector for threat intelligence sharing, well then you like Jen Easterly. Now here is the, here's the story. Rsa, they said the most influential conference. It's definitely one of the biggest ones. I went to RSA last year. I'm probably gonna go this year. It's, it's not my favorite conference. It's very San Francisco. Not I like. So Elliot Matthias and Phil Stafford are out there and I love seeing those guys. But it's just, it's a lot of money. Like, it's a lot of money going around there. It's a lot of button down shirts with Patagonia vests running around. If you're kind of reading through, reading between the lines here, I couldn't get a sandwich in San Francisco because like every vendor was like bought out by companies. So it, it, it is a little tricky to navigate. I did get my steps in though. Woo. San Francisco, you want to talk about. Everybody in San Francisco must have jacked calves. Like their calves look like Popeye's biceps because those hills out there. Now here's the deal. First of all, when I read this story, which I actually saw this last night, so I didn't know, I didn't know the story was gonna be in today's news. But I, I definitely saw this last night. My first thing was Jen went to Huntress. Okay. John Hammond's over at Huntress. Huntress is a great company. I love what Huntress is doing, but she was only over there for a cup of coffee. So, you know, my first thought is like, did something happen at Huntress or is this just like such a great opportunity that Jen had to jump on it? You know, so I'm a little curious there. More for a personal curiosity than any impact for professional relevance. Number two. Yeah, RSA is big, and having Jen Easterly on the marquee certainly is going to bring people in. I do want to point this out again, not a political show, but directly on the heels of this, I saw this this morning and you'll see that the story from CNN.com says U.S. officials tell agencies to pull out of major cyber conference after former Biden official gets involved. So if you're not following politics in the United States, this, this is a picture of Jen right here when she worked at cesa. And did we just become best friends? Yep. And, you know, obviously she was a Biden appointee. The Trump administration's not a big fan. She left before she got fired. Whatever. It's very political and divisive and stuff like that. But she's now a she. She has done a lot for this country and now she's a private citizen. And she like, basically she went to be CEO of like this huge conference, this huge business. And, you know, basically the US Federal government is threatening the business of RSA effectively by saying we're going to pull out. You know, RSA makes a lot of money from people buying tickets to go to rsa. So if the US Federal government, which is arguably the largest employer in the United States. Am I frozen right now? Like, my entire feed looks frozen. What's up with that? Okay, this is, this is kind of a, a money flex play. So I don't know what's going to happen here, but I do, I do want to say I, I am, I am interested in this story and, you know, it's going to be really, really interesting if RSA immediately, you know, fires or backs away from Jen under this particular decision. Obviously, if you're in a federal employee, but you go in on your own dime, you can do that. But as I mentioned at the beginning, RSA is not cheap. It's expensive to. The hotels are expensive, the food's expensive, the tickets expensive, the flight. Flights are expensive. Uber is not cheap. So I don't see a lot of like, you know, federal employees self funding. So anyways, just, this is more something to. Just something to keep an eye on. Okay, I didn't miss Space Taco super chat here. Space Taco says, I don't know about anyone else, but I actually drink Coffee for all those 90s references. Drink, I hear shots and I look for espresso cups. You know what? I'm right there with you, space talk. Because I will play the game today with my cup of coffee. I don't have the French press out here, but there we go. Let's keep cooking.

News Anchor

Palo Alto fixes flaw that can crash firewalls without login this fix involves security updates for a flaw with a CVSS score of 7.7 that impacts global protect, gateway and portal. According to the company, a proof of concept exploit exists for this flaw. It is described as a denial of Service condition impacting GlobalProtect Pan OS software arising as a result of an improper check for exceptional conditions. Specifically, it impacts PANOs, NGFW or PRISMA access configurations with an enabled GlobalProtect Gateway or Portal. There is no evidence that the vulnerability has yet been exploited in the wild.

Jerry Ozier

All right, so check it out. Palo Alto, a very well known, you know, enterprise grade vendor, okay. They have a lot of product now they, they have been known for their firewalls and like network, you know, security networking devices over the years. But like all these companies, if you haven't, this is another, like if you haven't been paying attention. Another thing to keep in mind is that Palo Alto, Cisco, Microsoft and a couple other of the like the juggernaut players in the cyber security vendor space have been in. Google have been acquiring pieces of the entire tech stack. So while Palo Alto and their next gen firewall and their VPN concentrators and stuff, yes, that's what they're known for. But Palo Alto has Cortex. Palo Alto has unit 42 for threat intelligence. They have MDR services. They have, they have an EDR, I think that is the Cortex. But like they have a lot of the tech stack. I don't even know if they've bought a multi factor authentication or an identity and access management solution. But like Google bought Mandian, Cisco acquired Splunk, right? So there is this race for the, for the, the, the guys at the adult table to pick up and acquire the entire tech stack so they can sell that. So don't, don't think that this affects, you know, Palo Alto is just your firewall, okay? Not that this story says it affects Cortex or anything like that, but they will crack. There is a vulnerability to crash your firewall without logging. Now let me tell you something, okay? Fire marshal. Drink. All right, go. Let me point this out. If you have a firewall, it's inter, you know, typically Internet facing. Like in this Instance, a denialist service attack is where it's sending, you know, either a bunch of data or you can send it a malform packet and when it processes it, it, it dies. Okay, there's two things that can happen here. When the firewall fails or crashes, as it says here. Right? Crashes. You can imagine that a denial of service attack would mean that nobody can access anything in or out, right? So now your company is basically cut off from the Internet unless you have architected alternative paths. And your external workforce, your sales engineers, your partner organizations, your vendors, they cannot come into your organization until you get this resolved. Okay, so that might be what you're thinking first, but I want to point out another reality that you may not know. Again, this is. I love to give information based on practical experience, not just what you would hear in a classroom. So for you junior people in the industry, this might come as a, a shocker, but a lot of the enterprise grade firewalls, like your Gigamons and such, actually have configurations to allow for graceful failover. So imagine if you will, you have your, these are all by the way, like physical appliances that are racked and stacked and the Internet comes in from the outside and plugs in and then, you know, the firewall does its magic and then it comes out the firewall's butt and into your internal network. However, a lot of the really good ones will allow two plugs from the Internet or one plug in the Internet and it does it in software. But if the device fails, usually it's a, it's a second Internet jack. If the device fails, whether it crashes, does something, whatever, the other feed will automatically kick in and bypass the entire firewall. And, and the entire decision point here is we do not want to be down for any amount of time. So given the choice between being down and unable to access the Internet altogether, or being up and having no firewall at all in line, we will choose. As a business having no firewall in line, obviously when this thing fails, you immediately want to get network engineers on it or, or security engineers on it immediately to get it back up and running. I'm not saying businesses are like, ah, to hell with it, who cares? Security, more of a luxury, if you know what I mean. That's not what I'm saying. I'm just saying they, from a business continuity perspective, they've made the decision to go with no firewall and still stay up. And a lot of these enterprise grade devices have that hardware configuration baked into it. So coming back to what does that mean for this story in this instance, I, I don't know definitively, right? Because I, I don't research the story. But it is quite possible since PA is an enterprise grade solution and their NG next gen firewall. So their ngfs, their next gen firewall solution is, is enterprise great. It probably has this failover capability. And if you are, you know, well planned, well organized, nation state threat actor, you could chain this where your opening attack is to bring down the firewall and then immediately go into the organization and start doing nonsense in there. So just, you know, be mindful of that. Now what do we do here? What's the point? CVE2026 0227 I'm go to EPSSLOOKUP.com and drop that CV in there. The CVE is the unique identifier for that vulnerability. It looks like the CVE CVE is not in the EPSS database yet. So this thing is so piping fresh out the oven that we don't even have insight into it. It does have a CVSS score of 77, which is not super high. But again, if you chain it with another part of an attack, the CVSS score is uniquely looking at the vulnerability alone. It's not looking at a chained attack or a threat actor. Using it as an initial entry point into your organization. What you need to do is patch it. Oh, you gotta patch it. Ah, you gotta patch it. That's it. Upgrade your Panos. If you're running Prisma, upgrade that. Upgrade all the things, oh, ngfw. Nextg firewall. Not to be confused with nfg. You know what I mean? I, I wasn't in the military. I just know what NFG stands for. Okay. I do want to point out they say that they're not seeing the vulnerability exploited in the wild, but they are seeing people scanning repeatedly for it. Yeah, yeah. Okay. So seeing. Guys, calm down. If you're seeing repeated scanning of Internet devices, that's literally happening all the time, all the time. Over. It says scanning over the last year like this might seem scary and kind of fear, fear mongering. But bro, everybody is scanning all the time. Shodan is scanning all the time. Nation states are scanning all the time. Stick a honey pot out on the Internet, give it five minutes and you're gonna like, you're gonna see a hot mess express. I mean, come on, look at this. Like, where are we at? Here we go. Let me just, let me just bring up one. I mean, this is effectively a pew pew map, right? This is a pew pew map. Hold on, let's look at Europe. Right? There we go. Get in here. Do you like? I don't know if you can see here, but on the side they're showing, you know, basically the counts and all these things. This is a silly map. No one is using this. We put this up in the knock or the sock. So when the executives bring VIPs through, they're like, oh, my God, look at the eye candy. No analyst is looking at this graph and being like, oh, my God, it looks like we need to reroute through Antwerp. Oh, oh, we. We've got some serious activity east of Berlin. No one's doing that. But, but, but it is showing you how active. I mean, these are real. This is real activity happening, right? Yeah. Oh, yeah. Space tacos. I will tell you, normally I reserve the saxophone for infographics that do communicate effectively, but I, I will tell you, we should do it for fun here. Here we go. It's a Friday Alpha nerd. We do this when the infographics are hot. Oh, look at this. Zoom in. Enhance. Enhance.

James McQuiggin

Oh.

Jerry Ozier

All right, all right, all right. I. I digress. Excuse me.

News Anchor

Patric Palo Alto Windows January update causes login problems. The January 2026 security update, which was released on Tuesday, January 13, is leading to connection and authentication failures in Azure Virtual desktop and Windows 365 related to the Windows app. The update, Microsoft says, can result in credential prompt failures during remote desktop connections using the Windows app on Windows client devices impacting Azure Virtual desktop and Windows 365. This appears to affect every supported version of Windows from Windows 10 Enterprise up to Windows 1125H2, as well as Windows Servers 2019-2025. The company is actively working on a resolution and plans to release an out of band update in the coming days.

Jerry Ozier

All right, so Microsoft's gotcha. Ah, you gotta patch it. Okay, so check it out. Number one for all the vulnerability management analysts out there. Pour a little bit out. Okay. You know, Gangstar said it with big l, rest in peace. You know, big, big vulnerability management analysts. Rest in peace. Rest in peace. Okay, so this is just, you know, Microsoft operating systems. Microsoft Azure environment is incredibly complicated. And occasionally when you patch something, you, you can test all sorts of situations, but then there's like this fringe cases that you didn't think of. And then when you push it to production, it breaks everything. And that seems what's happening here now for most of us, this isn't going to be a problem. Where this is a problem is if you've gone all in on Windows, not Windows, but Azure, Azurill, Azure virtual desktop. So Microsoft has offered this pretty cool option where everybody can have like thin clients essentially and your operating system, your, your, your workstation effectively is hosted in the cloud and you basically I haven't used it personally, but effectively it's like you have a stupid, you know, display and when you like turn it on or whatever, it connects to Azure and like you're, you're getting like a remote desktop interface of a virtualized client endpoint operating system. Now this is awesome. This is awesome because one.

James McQuiggin

You, you.

Jerry Ozier

Don'T have to like do tech refreshes really because the operating system and everything is virtualized. Two, if you fire somebody, it is incredibly easy to shut them out of their stuff because they literally don't physically have any of the things. It's all in the cloud. Of course if someone loses their laptop, you don't have the concern of data at rest on the hard drives and stuff like that. So it's not all about, you know, insider threat and firing people. But like any decision when you decide to go fully virtual and the virtual platform is not available or it breaks or something like that, now you have the risk of being down, which is what's happening here. Again, this is a small group. It's when, it's when you're using Windows app to authenticate to your Azure virtual desktop instance. Microsoft does offer many different ways for you to authenticate to the Windows operating system. So I assume that there are alternative paths for people to get to their machine and log it on. But if you are a business that is beholden to the Windows virtual desktops and you only allow Windows app logins, then you know you better. I don't know, you better schedule some, some in person activities because you can't do anything until Microsoft fixes this problem. Now again, alpha nerd subscribing to the channel. Thanks Alpha nerd. Listen, the one cool thing is this is how Microsoft makes money. Yes, they make a ton of money off LinkedIn, they own that, they make a ton of money off of Microsoft Xbox and they make a boatload of money off of Azure. So when this happens, you, you better believe it is a, you know, quote unquote, all hands on deck. Hey all you nerds in the nerdery go fix this. Microsoft isn't going to let this go very long because this is, this, this is impacting straight cash homie. Straight cash homie. So anyways, tldr, you may have experienced this. Microsoft's on it. If I will say this really quickly. If you are an organization where this broke you, that is an opportunity once you get back up for a lessons learned situation with a retrospective element to determine why you guys were down. Not not that Microsoft screwed up Azure Virtual Desktop and whatever, but like why couldn't we continue operations? Should we buy a bunch of laptops and have them at the ready so people can get back online? Should we allow an alternative authentication method besides Windows app to allow people to authenticate? Should we have downtime procedures? I I don't know. But my point is if you, if you, if your business was down because of this, you need to review and come up with an alternative. So if this happens again because this now has greater than a 0% chance of happening because it literally just happened. Think through it, work through it, use it as a tabletop exercise, right UK.

News Anchor

Police Blame Co Pilot for Intelligence Mistake yeah. AI Chief Constable of West Midlands Police, one of Britain's largest police forces, has admitted that Microsoft's co pilot AI assistant made a mistake in creating an intelligence report that included a hallucination of a non existent soccer match between London team Aston Villa and a visiting team Maccabi Tel Aviv. Initially, the force denied that AI had been used in preparing the report, blaming social media scraping and a Google search result for the Erro. Microsoft has not yet confirmed that Copilot was involved in this particular mistake, but said in a statement to the Verge that the British police force quote, should be reviewing the sources of information that Copilot provides, end quote. It added quote copilot combines information from multiple web sources into a single response with linked citations. It informs users they are interacting with an AI system and encourages them to review the sources, end quote.

Jerry Ozier

Oh okay. So really quickly if you didn't know again you can go to hold on one second. Yesterday on Simply Cyber Firesides, Jason Rebels was my guest. This guy is next level smart. He is a CEO and co founder of a tech startup that's doing security agentic AI security. The He's a c former ciso, he's a former IR leader. This dude is worth the hour. This will melt your face. And don't get wrapped around the axle that the title says AI Governance. We went all over the place, not just in governance. Okay, so very germane to this particular topic. Also really quickly if you don't know about the upcoming shows and whatnot, you can go to luma.com/cyber luma.com/cyber and we are putting all of the shows, upcoming events and stuff there. And the cool thing about this is you can click on it and get a, a calendar invite or whatever. You can get it put on your calendar so you don't have to remember when the show is. You'll just be reminded because of your calendar. So take advantage of this@luma.com simply cyber okay, so let's get back to these UK police being lazy. Oh, I'm sorry, is that what I said? So, so listen, co pilot or insert any AI solution hallucinated and make up, made up fake information. Broseph. You have to review the work. If you literally just said do my job yolo enter and then go, you know, whatever, you know, hit, hit a, get a beer. You know, like, you know, put five on it, whatever you want to do. That is not okay. That is lazy. You have to validate and look through the work. AI is not this like AI is not. If you don't do that, you're literally saying like oh, AI could totally replace me. Why not just I hit the button, do nothing. Look at me boss, I'm crazy. I'm crushing reports all day. Now listen, it sounds like it, it's not too bad because a non existent soccer game is, is not the end of the world. It's not like it hallucinated that like I a, you know, a bank robbery or something and then the police arrested me. But you know, this is, this is law enforcement. We should be dealing with truth and facts. Now the British police here are saying, well, we don't really know. Listen, if it went out and scraped social media, I don't know about you guys there, there's this thing called social media, right? And it allows anyone to write anything that they want on social media whether or not it's true. So if this thing is scraping social media as part of its data ingestion, I, I, maybe it's not even a hallucination. Okay? And I'm going to throw some shade here for a second. I'm a very supportive, inclusive person. But like people talk about the earth being flat, which I just can't wrap my head around. Okay? People talk about flat earth, okay? Or that dinosaurs didn't exist. They put it on social media. If co pilot is scraping social media for facts and you know it's going to think that the earth's flat. Like so don't tell me that social media is a trusted source of information and intelligence for your reporting. Okay, so whatever. This is one of those classic examples where a business, it doesn't matter if it's UK police. This could be anyone. We saw lawyers do this in 2023 where they prepared an entire brief for their case and all of the citations, all of the court cases that they referenced were completely made up and the judge called them out on it. That lawyer who did, that's lucky they didn't get bar disbarred. Excuse me, any organization. This is the risk you have of going YOLO on AI and it is a tool to help you do your job, not a tool to allow you to look like you're doing your job. I in co pilot. Listen, co pilot is being hand jammed into your face. It's on your keyboard, it's on your desktop. This TV back here just got pushed co pilot for no reason. I'm not using my TV for co pilot. But it's on there, so it's it. This is a massive Fortune 5 company's version of AI and it hallucinates. So stop, please. All right, really quickly, Mike. Mike, WG or GWU saying that Jen Easterly is at the board, not employee at Huntress. Well, let me look into that. Let's keep going.

News Anchor

Huge thanks to our sponsor, Threat Locker Want real Zero Trust training. Zero Trust World 2026 delivers hands on labs and workshops that show CISOs EX how to implement and maintain zero trust in real environments. Join us March 4th through 6th in Orlando, plus a live CISO series episode on March 6th. You can get 200 off with the code ZTW CISO26@ZTW.com all right, cool.

Jerry Ozier

And yes, I will be at Threat Locker Zero Trust World in early March doing the show live from the show floor, the daily cyber threat brief. This show right here. So if you're into that, come on down, Mike. GWU 100. Right. And Mike, I wanted to bring this. Thank you very much. This is a story from August 5, 2025. Jenny Easterly joins Huntress Strategic Advisory Board. So she was not a traditional employee. She is a board. And you know, her name carries a lot of gravity. So that's certainly good for Huntress from a marketing perspective. And she's helping guide on innovation and stuff. So she can absolutely be the CEO of RSA as well as strategic advisor. I mean if you look at my LinkedIn profile, I have like seven jobs right now, like legit seven different jobs including board positions. So 100%. Thank you, Mike. Thank you very much, Mike. Okay guys, let's do this. All right guys, we are at the mid roll. I hope you're having a great day. I do want to say thank you all so very much for being here in Just a minute. We're gonna be rocking out on James McQuicken at 35,000ft's Jokes of the week. And you're gonna love that. But first, I got a really cool opportunity to tell you about a partner of the show, a sponsor of the show, Flair. Now, Flare is a cyber threat intelligence platform. And I love Flare. I really do love it. It's a great product. And the people that work at Flare, I really like them. If you get a chance to meet people that work at Flare, I recommend. It's a small company. It's not like they have like a thousand employees. All right? But what they are doing is Flare Academy. If you go to Simply Cyber IO Flare, I'm going to drop a link in chat, click on it, go to it, and follow along with me on January 29th. So what is that? Thirteen days from now, just less than two weeks away, they are running a free two hour webinar, 11am Eastern to 1pm Eastern. Now why am I telling you about this? Well, first of all, they're a sponsor and they asked me to tell you. But what's more important, this webinar is two hours talking about the inside details in day to day life of a ransomware operator. This is gold. The only way to get this information is to have someone tell you or to, you know, establish a sock puppet account, ingratiate yourself to a cyber criminal operation over the course of months, earn their trust, and then figure it out. You know what? I don't have time for a black ops operation where I become a cyber criminal. Ain't nobody got time for that. But what I do have time for is a two hour webinar. And why I'm telling you this is because, first of all, I'm gonna be there. Second of all, I invite you to attend. I'm kind of running like an unofficial watch party. I didn't ask Flair if I could do this. I just started telling people I'm doing it. I will be in the Flare Discord server in their training chat channel, which is where like the active chat is for the webinars. And I'm going to be trying to lead conversations and discussion. So I'm very excited about this session and I hope you can join us. I know several of you have already mentioned that you're going to be there. Shakira is going to be there. I know. TJ said he's going to be there. Go to Simply Cyber IO Flare. I'm gonna drop a link in chat right now and pin it all Right. So every day of the week has a special segment. You know what? I love Fridays, because my man James McQuiggin, the same guy who's about to go on a cruise with his wife, is doing it. All right, check it out. Here we go. By the way, can I. Hold on. Can I mention inter. Okay, really quickly, we got the James O' Quigan at 35,000ft jokes of the week. James wants to know, why did Jerry lose his job as a psychic? A lot of people don't know this, guys. I. You know, I. I'm a man of multiple talents. I play Magic the Gathering. I love cyber security. I also was a psychic, but I did lose my job. And you know what? I. I didn't see it coming. I didn't see it coming. Also, quick, shout out if you. If you do know James O' Quicken or you're just a good person. Him and Mrs. McQuiggin celebrating 27 years of marriage. Happy anniversary, James. All right. Did you know that Jerry was a telemarketer? Oh, I forgot. Early in my career, I was a telemarketer. Just for a hot minute. Gotta pay the bills, you know what I mean? But, you know, at the end of the day, I realized it wasn't my calling being a telemarketer. It wasn't my calling. All right, so why is being a mirror inspector a satisfying job? You know, people out there who are. Look in between jobs, looking for a new gig really quick, maybe a side hustle to pay the bills. Seriously, look into Mirror Inspector. It's a good one. It's very satisfying. I mean, you can. You can really see yourself doing it. You can really see yourself doing it. All right? And then finally, did you know why being a historian is so bad? You know, national treasure. Really glamorized being a historian. But the reality is being a historian is awful. I mean, there's absolutely no future in it. All right, all right, all right. I do want to thank James McQuiggin at 35, 000ft for regularly bringing the jokes every single Friday. I do enjoy, in the moment, embellishing and doing a little bit of improv with the joke. So, James, please, you know, I hope you enjoy me taking your jokes and then kind of, you know, you know, I guess uplifting them with my own kind of hot takes on it. All right, guys, do me a favor. We're running a little behind. Let's finish strong, and then we're gonna get the jawjacking. Hey, you first timers. Alpha Alpha. Nerd jump. Point Sec. We. We have a show at the top of the hour called Jawjacking. It's an ask me anything. And on Fridays, we actually have an entire panel of cyber professionals join us. You're gonna love it. All right, let's finish strong, everybody.

News Anchor

Western cyber agencies issue industrial operation technology Warning and guidance. Britain's National Cybersecure center, ncsc, joined its five eyes partners, along with CISA and the FBI to discover how organizations should, quote, connect equipment such as industrial control systems, sensors and other critical services which are at the heart of critical infrastructure, from energy generation plants through to water treatment facilities, manufacturing lines and transportation networks, end quote. The warnings point out that while historically air gapped from the Internet, many of these systems are now remotely monitored and managed, increasing efficiency, but also the potential attack surface for malicious actors. And end quote, the warnings were used to introduce a new NCSC guidance document which quote, offers a clear practical framework for designing and maintaining secure connectivity, reducing attack surface and boosting resilience. End quote.

Jerry Ozier

All right, for the sake of time, I'm not going to spend a terrible amount of time on this one. Tldr, guys, operational technology industrial control systems have been a weak point. They've been around since the 70s. They weren't designed with security involved. It was usually okay because they were air gapped. But if you're super advanced, you can do malicious USB drives the way that, you know, Israel and the United States did with Stuxnet, destroying the uranium enrichment facilities at the Natanz facility in Iran. Or you can just be YOLO and do what they do today, because IT infrastructure and remote management solutions are being overlaid on traditional industrial control system technology to allow for maintenance and administration of that operational technology in a timely, efficient way. But at the same time, it provides a network path for threat actors to access. If you're looking for an example, look no further than Tuesday's news where Russia tried to destroy Poland. Well, hold on now. It's. This is xenophobia. This is Russian. Poland suffers major cyber attack on grid. Says Russia is likely responsible. This is a literal attack on otics. We saw Volt Typhoon. Go look at this one. Volt Typhoon. This was last year. Volt Typhoon. China. China, right. China attacking US critical infrastructure. And this is from February of 2024. So almost two years ago. So, yeah, if you're, if you're just. If you're just got off the bus and you just showed up here, this is not news. This is just reiterating the, the threat that we need to be mindful of. Of course, we're getting more and more OT ICS guidance and best practices etc. If you are interested in learning more about ICS and protecting those things, may I introduce you to two cyber professionals that I think are absolutely the bees knees. Number one is Don Weber. Here we go. This guy right here, Don Weber, he's a sans instructor, but he's also just a great guy. He's a marine and runs Cutaway security, all ICS stuff. Also want to call your attention to Joe Marshall over at Cisco. This guy is one of my favorite people. Such a kind person, Joe Marshall. Let's see some Joe Marshall. There you go. You can see in his own graphic here he's wearing a hard hat like living, living that engineer's ICS life. There he is, Joe Marshall. By the way, this guy's voice is like a baritone singer. He's such a, and he's, he's got such a big heart. Kind dude. And then finally if you want to get like on a feed or something, Drago Security is kind of like the leader in the space around ics. OT Incident response, Threat intelligence. This is a company but they do have intelligence reports and newsletters that you can subscribe to. Dragos run by Robley, another kind of like well recognized professional in the space of icsot.

News Anchor

South Korean conglomerate Kaiwon confirms ransomware attack. The group says the incident occurred on Saturday, January 10th and that customer information may have been exposed in the incident. Kiowon, spelled K Y O W o N specializes in education and publishing, digital learning tools, hospitality and various consumer services. It has about 5.5 million members. But there is no indication as of yet how many of these may have been affected by the incident. No major group has claimed responsibility for this attack and no suspects have been suggested.

Jerry Ozier

All right, South Korean conglomerate gets hit. When you're a conglomerate, you have a huge attack surface. You got multiple businesses, you probably acquired businesses. Fun fact, when you acquire a business or merge with a business, you know, you're merging your IT infrastructure. You're having multiple apps, multiple contracts, multiple personnel, multiple vendors. Mergers and acquisitions results in like a very much a hot mess express. Just to give you a visual because I'm a big metaphor guy. Imagine if you will that you know that junk drawer and your everybody's got one of these. I don't care if you live in a one bedroom apartment in New York City or a studio apartment in New York City or you live on a palatial, you know, big sky Wyoming ranch with like a hundred thousand acres or whatever. I don't care where you live. Every single person in Chat right now has a kitchen. And every single person has a drawer in that kitchen. And that drawer has all your crap in it. Paper clips, tapes, a Sharpie, Post it notes, that thing you use to light candles, right? Maybe birthday candles are in there. Whatever, whatever. Imagine if you will, you merge with another house, right? You get roommates or whatever, and they bring their kitchen junk drawer. Now you might know where all your crap is in that drawer. And maybe you've gone so far as to put little cubbies in that drawer. So all the paper clips go here and all the birthday candles are in the back, right? And there's a little slot here for the scissors. They come over and they just dump their friggin kitchen drawer into your drawer. And then, you know, give it one of these a couple times. Give it a nice little frying pan. Shimmy, shimmy. Okay? That's what mergers and acquisitions are. You still have all the crap in there. You know, that's where you go. But guess what? It is a mess. That is exactly, not kind of. That is exactly what your IT infrastructure looks like when you merge. And I've done with, I've been the lead AR security architect on a massive, you know, acquisition that was merging these infrastructures. I'm telling you right now, it is, it is a mess. Okay? So just be mindful of that.

News Anchor

Reprompt attack siphons Microsoft and by the.

Jerry Ozier

Way, there's no action here. A large company got hit with ransomware like news @11 data.

News Anchor

Researchers Veronis have discovered and revealed a new attack technique that could allow a threat actor to, quote, exfiltrate user data from Microsoft Copilot using a single malicious link, end quote named Reprompt. The attack bypasses the LLMs data leak protections and allows for persistent session exfiltration even after Copilot is closed. The Varonis researchers added quote, the attack leverages a parameter 2 prompt that is a P2P injection, a double request technique, and a chain request technique to enable continuous undetectable data exfiltration, end quote. They discovered that the protections only applied to an initial URL request, which could be bypassed by supplying each request multiple times. A link to a more detailed explanation of this technique is available in the show Notes to this episode.

Jerry Ozier

Okay, all right. So this is a copilot bypass. You know, prompt injection is kind of like, you know, the hot attack technique, right? That Hansel so hot right now that, you know, researchers are using this one is a little interesting. It's like a double request Technique. So the initial request goes in and then you're able to modify the parameters in the URL. Remember when you're doing like posts of web requests, you can use the URL to pass parameters. It's a well defined standard, right? You got the variable and then equals the value. You just put in the request and the value. It sounds like the copilot checks the initial request but then is not checking it after that. Almost like establishing a trusted session. This would probably be something that could be ported, ported over to other AI platforms like Claude or OpenAI whatever. Definitely interesting. I don't understand it fully how to execute it. Again, you aren't going to be able to patch this or fix this on your own necessarily. This is like a copilot issue. Which is why data governance by the way. This is why data governance and data sovereignty is something you should be thinking about because the second you put in IP or something sensitive into these AI solutions, they have a copy of it, right? You're, you're basically doing the exfil for them. All right, Robert Hendrickson, have a good one. We'll see you later, dude. I will say if you're looking for a personal project, a research project, wanting to make some content for social media as part of your personal branding initiative and AI is super hot right now. Of course this would be a cool one to dig into the details, maybe do a debrief, maybe do a walkthrough, maybe do a demo, maybe explain this like I'm 5 explain this to non tech people, you know, macro level. What does this mean for industry? Like whatever. This is a great one.

News Anchor

This is hot Healthcare Data breach Update.

Jerry Ozier

Oh yeah, ME.

News Anchor

Following up on a story we covered in June of last year, Central Maine Healthcare is Now notifying over 145,000 patients that their personal treatment and health insurance information was compromised in a multi month data intrusion and breach which itself was discovered on June 1st, 2025. The compromised information, Central Maine Healthcare says includes names, dates of birth, Social Security numbers, treatment details, provider names, dates of service and health insurance information. Be sure to subscribe to the.

Jerry Ozier

All right. Hey, you know normally it's the main attorney general letting us know about data breaches in other states, but sometimes the calls coming from inside the house healthcare. Listen, here's the deal guys. The intrusion span several months. That's not good. Usually that's actually kind of uncommon nowadays. Sounds like it's not a ransomware incident. Yep. See here's the main attorney general's office doing their job. Of course this would be covered in that. All right, so normally when it's a ransomware incident, threat actors do smash and grab and then immediately tell you. So the fact that this went on for months tells me two things right off the rip. Number one, this was a deliberate data exfil attack that they did low and slow because it. They were in there months. Two, it wasn't ransomware as far as I can tell, because like I said, they normally would get what they want to get and then immediately try to monetize it. Right? Straight cash, homie. And number two, also this company, this main healthcare company, not good on security operations. They're probably going to fund an mdr. I'll tell you what, if I worked at Expel or Arctic Wolf and I was in sales, I would be calling these people ASAP and being like, hey friend, may I interest you in something that would not allow you to be compromised for months on end? Easiest sell ever. Okay, so whatever. I hate to be flipping about this, but 145000 records is just not a big number nowadays. Patients information got out, which totally sucks. Their treatment, their personal information. Guys, I gotta tell you, like, I'm having a. I mean, I don't mind telling you this, right, But I'm having a colonoscopy next week. Yay for me, right? I am looking at having some other medical procedures. If I wasn't so open, maybe I don't want people to know that there's people who have, you know, socially stigmatized conditions or lifestyles that they don't want their neighbors to know about, right? So if this data gets breached, that could result in, you know, you know, just being, being exposed for whatever reasons, you know, which sucks because then you get a situation where people don't want to go get health care, right? I have a buddy who lives in.

James McQuiggin

Rural rural.

Jerry Ozier

Australia, right? Like outside of Brisbane rural. And you know, there's one physician in town and my buddy, like, knows him and hangs out with him. He's like friends of the family and you know, he's like, I. I gotta get some service done, man. He's like, I really just don't want him to do it because, you know, I don't like, I just don't want to. I don't want to like, have beers with him that also know that he like, you know, just so, like, my buddy's gonna have to travel like three hours to go get a medical procedure done for that reason. So, like, when the healthcare data gets breached, it's not just about fraud. It's not just about identity theft. There are social impacts as well to individuals, but, you know, it sucks. You can't stop all the risks, but you can manage them and mitigate them down. So if you do work in healthcare, just know you're one of the top two industries getting punched in the mouth. Manufacturing is the other one, so be mindful of that. I also worked in healthcare for four, five, six years, and I just got to tell you, it's one of the best industries to work in. If you are a cyber professional and you love a challenge, there's a lot of challenges working in healthcare. And if you have worked in healthcare as a cyber pro, let me hear you sound off in chat because you know I'm telling the dang truth. All right, let's do this. All right, guys. Hey, we had a great show. Just a couple minutes over, but we're on schedule. Not bad if you were here for your first time. Alphaner Jump point Sec. I hope you enjoyed the show. If you're here for a long time. A B, I see you. What's up? A B. Tech Grunt, Mar Levy, Steve Young, others. I hope the show, you know, was a. A comforting continuity of what your expectations were. Listen, I'm Jerry from Simply Cyber. I hope you had a great day. If you kind of hang out, we're going to do jawjacking in just a minute. And if not, go have a great day. Have a great weekend. We'll see you on Monday again. Thank you so very much. And until next time, stay secure. Literally, don't go anywhere. I'll hand. I'll handle handing off to the next show. Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered, and totally free. Let's level up together. It's time for some jawjacking. All right, what's up, everybody? Welcome to Jawjack, and I'm your host, Jerry Guy, coming at you live from the Buffer Ozier Flow studio. We're coming right off the heels of Dr. Gerald Ozer's daily cyber threat brief. The the nerd. Oh, my God. Dude, why don't you calm down about Jen Easterly? Dr. Ozer, bruh. I'm Jerry Guy. I'm the cool side of simply Cyber. And if you like good times and helping people, you're gonna love Jawjacking, because that's all we're doing. And I got a special announcement for you guys. I forgot to do this all week, but hey, you know what? You stuck around, you're hanging out. I'm very excited. I'm gonna give away some stuff. Let me see if I can do this. Where is it, where is it, where is it? Hold on one second. Okay, who do we got here? Oh, perfect. All right, just one second here. We're gonna get the panelists coming in in a second here, but let me just tell you. So some of you may or may not know Jason Haddix. Jason Haddix is, first of all, one of the smartest people I've ever met. He is a cyber professional, an instructor, a hacker, you know, an executive, a motivator. He's inspiring. I love myself some Jason Haddocks. He runs Arcanum Security. They are celebrating their two year anniversary and he jumped into my DMS and he's like, hey, Jerry, would you love. I'd love for you to give out some prizes. Would you like to give out some stuff? Yeah, that's fine. So he gave me some free courses from Arcanium Security and some swag packs which have like shirts, stickers, pens, etc, to give away. So I'm gonna, I'm gonna give some away during the show today. All right, so just remind me, we'll set it up. Very, very cool. Some of this training is like two, three thousand dollars. If I had my crap together, I would have like hyped this up and let everybody know that in five days we're going to be doing this. But you know what? I just, I. You gotta be here. It's live. So we're gonna give it away. But before we do that, let's go ahead and get the panelists going. I'm gonna go ahead and change my screen here. Let's go. All right, here we go. Look at this guy. Really quick shout out to the midnight if you, you know what? The midnight is awesome. And if you don't, go check them out. Ladies and gentlemen, bringing on to the panel the same guy who made you, you know, tickle your ribs and bust your knee laughing at the mid roll. Ladies and gentlemen, James McQuiggin at 35,000ft. Hey, how you doing, James? Ready for your cruise?

James McQuiggin

Oh, yes. Very, very much so. Yeah. Going, going down and checking out the western community Caribbean. Got three different ports and then their little private island. So it should be fun.

Jerry Ozier

I love it. I love it. I'm super pumped for you, dude.

James McQuiggin

Oh, yeah, it's gonna be a lot of fun. I got the drink package. I do have the Internet package, but you know, you can't be without the Internet these days. Sad is it to say, but there were times where be I'd look forward to a cruise because be no Internet, it's like you can't reach me. And that's just not feasible these days.

Jerry Ozier

No, it is not. I. I don't even know. I mean, I did a digital detox the last two weeks of December, and even then I, you know, I was like streaming content. I was playing Xbox. I was on my phone, you know, like, I don't. I don't know if you stuck me in a. In a shack in Montana, like the Unabomber type shack. I don't know if I would be able to handle it. And by the way, Unabomber drink the most weird cultural reference. But yeah, so.

James McQuiggin

So check it out. The mug is a dad joke mug.

Jerry Ozier

Okay, what do we got?

James McQuiggin

Is it reversed?

Jerry Ozier

Yeah, it is. Key elements.

James McQuiggin

Key elements of a dad joke. It's majority of it is size of disappointment followed by corny pun. Dad laughing. The loudest pause for effect after setup. That's way too long. Genuine laughter is the smallest sliver. Yeah, so that's the. The fun coffee mug. You know, thanks to my kids for getting me that. My new mug.

Jerry Ozier

I love it. I love it, I love it, I love it. Hey, thank you for sharing that and thank you for your dad jokes. Of course. Just so people are aware, if you would like to enter the raffle that we were going to be giving away, go ahead and enter the keyword Arcanum. That is the name of Jason's company. It is not super easy to say or spell, but I will tell you, if you want the prize, you're gonna. You're gonna learn. Arcanum security. So shout out to them for two years. Two year anniversary. Simply cyber as a business isn't even two years old. For those who didn't know, although the channel is six years old. All right, are we ready to ask some questions or get some questions answered, James? Sure. All right. Oh, James is equigging at 35, 000ft. First one to enter. All right, you guys are piling in. I love it. I love it.

James McQuiggin

Oh, yeah. Time delay. That'll be. That helps.

Jerry Ozier

All right. Hey, so check it out. Here we go. All right, well, everybody's entering now. So, like, if someone asks a question. Here we go.

James McQuiggin

Oh, there you go. Something. Okay, good.

Jerry Ozier

Yeah. Cruising with Internet package. Is there any reason not to join us daily for the jawjacking from the open water?

James McQuiggin

There is not. And that's a good question. I will probably jump in on The Daily Cyber Threat Brief. It'll be a little earlier because I'll be, you know, near Mexico. But no, I'll. I'll probably join in and listen in for a bit, drop in on the chat that says, greetings from, you know, the Gulf of Mexico. Gulf of whatever the hell they call it these days. But yeah, yeah, the Gulf Coast. Yeah, there you go. So, no, but I'll be dropping in and, and because usually what I love to do in the morning is go walk around on deck or around the track on the ship and listen. Listen into the episode.

Jerry Ozier

Yeah. I will say, I think, I think if I went on my anniversary, Mrs. Ozier would. Would be like. I mean, again, I'm doing this every single day, so maybe that, that would be part of it, but I think I would have to.

James McQuiggin

I was gonna say you took two weeks off, so. And the show kept going. You had some fillers, so if you plan it well enough, you could take a week and go on a cruise or a few days off and take.

Jerry Ozier

Yeah, yeah. I gotta tell Mrs. Ozier, if you're.

James McQuiggin

Listening, he can do it.

Jerry Ozier

I, I really didn't. And you can only enter once for Arcanum, so don't spam it. I will tell you, first of all, I was super pumped that I was able to go on vacation. I haven't taken a vacation in 16 years. And I get why people do it. It's. It's nice. So I'm gonna try to work those in a little bit more over the course of the year. So let's get some questions in here, James. Which Justice League superhero do you feel you are most like? What about you, Jerry? Go ahead, James.

James McQuiggin

You know, I'd like to be, you know, I'd like to identify more with Batman, with all the techie gadgets, but I don't got the money. Superman, I think everybody just goes with. But for whatever reason, I've always liked Green Lantern. You know, the ring, to be able to create any artifacts. There's a term for it, and I'm forgetting what it is. But, yeah, just, you know, Green Lantern, he's kind of one of the guys that always comes through. So for me, I'd have to say Green Lantern.

Jerry Ozier

All right. I am not unbelievably familiar with the Justice League. I actually just Googled, like, give me Justice League roster. There have been over 108 members of the Justice League, if you didn't know that. So I, I, I just don't know enough about them. I, maybe Martian Manhunter is, is me Because I feel like I can kind of like, no matter what, what's going on or the social situation, I can find some common ground. So we'll go with Martian manhunter Darth Looper. I've been looking into internichi Inspector Cert lately. Can you explain where physical building inspections intersect with cyber security? Yeah, I mean, at least from my experience, and James did work in otics, which might have another, you know, wrinkled to it. But from my experience, when you are doing a fisma audit or cyber security audit, you should remember this, okay? If somebody can get physical access to your laptop, physical access to your data center, it's. It's almost game over. Like, you know, obviously they can blow up your system, right? Just kind of a crude attack. But being able to plug a USB drive in it, all of your network controls are bypassed if they can get physical access, because they don't need to ride in on the network. They are physical. So when you're talking about physical building inspections and cyber security, it's very much around two things. One, access control, and then two, like, environmental control. So, like, if. If the data center catches fire, it. Does the fire get put out? If, like, I actually, it's. Find it funny. I did an audit. I. You know, so people may or may not know this. I actually have a consulting company as well, because why not have, you know, another job? And I was doing an assessment for a business, and one of the findings was they actually owned like an electrical fire extinguisher, right? So like an electrical fire, you don't spray water on, right? Because you screw up your stuff. So they had an electrical fire extinguisher, but they had a. They had a small data center, like maybe 10 foot by 10 foot. And when you walk in, they had the rack and all that. And then immediately behind it is where they had the fire extinguisher mounted on the wall. And one of my findings was like, if you ever need to use this fire extinguisher, it means your data center is on fire. You cannot physically get to your fire extinguisher to put the fire out. So that fire extinguisher might as well not be there. So, you know, it's kind of a silly finding, but, like, you need to move that fire extinguisher to the door so you can physically access it. So it's all things like that. Can you turn the water off? Can you turn the water on? Is the air conditioner directly above the data center so it leaks. I also did final one, and then I'll let James, talk. Sorry, the coffee's just working. Another audit I did, I was in. I was in Barrow, Alaska, which put it on a map. It's the northernmost point in Alaska, so it's freaking freezing cold. And there was a research facility I was looking at, and they had a data center. And what. And what ended up happening is they had a. A kitchenette on the other side of the data. So there's the data center in this room and then there's a kitchenette in the room adjoining the data center. And they had a hole in the floor going into the data center from the kitchenette. And what ended up happening is someone left the water dripping over the weekend and the water dripped and it. And there was a blow off valve to outside, but it froze so it was iced shut. And then the water dripped and filled up the kitchenette. And once it hit that, it started filling up the data center and cooked the bottom level of the server racks. So it's these obscure physical security things. But it is part of what we need to be thinking of because we're not just worried about hackers. That's 85 of what we're worried about. But you got to worry about the other 15 of your comprehensive. James Aquigan, what say you?

James McQuiggin

What Jerry said? Yeah, no, ditto. Yeah. Working for the corporate security office at Siemens 15 years ago, we did a lot of assessments, building assessments. And you've got cameras and you've got access controls. You've got a lot of electronic equipment that while it ties back to it, cybersecurity is looking at it from making sure that those are secured, those are protected, those are backed up, audited, checked, and so forth. So when you've got IT infrastructure working to support your physical infrastructure, cyber security comes in and is a part of the audit. Backups, you know, and all the processes that need. And the GRC that goes along with that. Overall, I'm gonna skip back here a sec. Our. I was really curious. I asked Claude, Gemini and Chat G. Oh, and Perplexity. And I did jpt. I asked it, knowing me, what super what Justice League member am I? And the common answer was closest was Batman. But I got Martian Manhunter, I got a Batman. I got a Flash in there. And then the other one was, oh, I didn't do Claude. Never mind. But yeah, I just thought it was pretty funny that Chat GPT signaled me out as, as those particular characters.

Jerry Ozier

There you go. I love it. All right. Hey, real quick. Luma says the branding workshops, the 29th, that's not accurate. It is 28th. That is a mistake on the Luma. Thanks for calling that out, Ember. The interesting thing is the workshops are all hosted on Zoom, so you would actually get the calendar invite from Zoom, so definitely check that out. That's actually just so everybody knows the workshop I'm doing on the 28th is a free workshop. We are running workshops every month here through Simply Cyber Academy. They are paid workshops. Because I'm hosting the first one, I've decided to waive the fee. But all the other workshops are going to be paid because we're bringing in industry experts and we. We have to pay for their time. So it'll, you know, it'll be good. Come check that out. All right, continuing to look through chat really quickly here. Capital A, Arcanum. It doesn't matter. Lowercase A. Uh, we're going to go ahead and, and, uh, raffle off some Arcanum security here. If you want to enter type Arcanum. It's a pin in the common chat. Right now we have 62 entries. There's 265 people here. We're giving away thousands of dollars of training. I just didn't promote this or tell anyone. So, like, this is. Honestly, this is why you have to stay engaged with Simply Cyber, because I just don't have time to do like a proper marketing campaign and get the hype train going. I just. I just do the part that is the value. Okay. Hitting some 20, 26 goals. Kia Aura Ryan, submitting his first CFP for B sides Charm. What is the sweet spot for the speaker bio submitted? I did cover in the workshop, but James, you wanna use. James has probably smoke smoked. James has probably spoke at more conferences than anyone in this community. So, James, what is the sweet spot for the bio?

James McQuiggin

Are we talking about length here or information?

Jerry Ozier

I think just answer both. And I think. I think he means length, but like, I answer both. And can you just very briefly explain to people who are not familiar, like what CFP is and then the abstract in the bio?

James McQuiggin

Yeah. So your CFP or call for papers is essentially you submitting an abstract to a committee for a conference for your talk or workshop to be accepted. A lot of the times, depending on the conference, you may get 250 to 500 words for that abstract to get them to accept it as a speech for their conference. So when you're, when you're writing an abstract, you don't. You. While people like to use large language models to write it for them. For me, that's, you know, I usually like to throw a Whole bunch of ideas and say, write me an abstract for a CFP and then I give it the word length. So if it's 250 words, 300 words, whatever it is. And then I rewrite it based off around that with ideas and because it kind of gives me a. Cuts out a good hour worth of writing to get that and then rework it in my voice and pull stuff, add stuff. But it gives me a good starting point. For your bio. One of the, one of the things that I, you could do. It might be fun if you got a current resume, throw that into chat GBT and ask it to write your bio and then rework it. Because the sweet spot usually actually where is mine? I have my. Because I have, I have like a long bio. I have a short version. I think this is only, I don't know if I can see, if I can see what, how long it is, but it's only like 200 words, I think. So it's, it's, it's short. You wanna, you don't want to give them a book of, you know, of, of information. You want to hit the, give them the highlights. You know, how long you've been in the industry, what your current role is. You also need to find out if your work or your organization allows you to post that kind of thing. But you know, for me, real quick, I, I have my. How long I've been in the industry, what my current role is, what I specialize in, a little background of what's involved, another sentence of what's involved with that role. But then I talk about, because of the time in the industry, what else I've done. So I, you know, time at Siemens, but also my volunteer work with IAC2 that I'm a professor. So anything that's relevant. But it's two paragraphs, probably about 200, maybe about, yeah, 150 to 200 words. If anybody wants to see what mine looks like, you can go out, I can get you a link. Just hit me up.

Jerry Ozier

Yeah, and I, you know, I'd also just add really quick anything that would be reinforcing to whatever the topic is you're talking about. Right. So say you're like an avid Ultra Disc or what do they call Ultra Frisbee or whatever. What, what's the. Yeah, Frisbee. Like say you're. Yeah, Disc Frisbee or whatever. Or like Ryan's a huge beer brewer. Right. Like.

James McQuiggin

Right. That's a fun thing.

Jerry Ozier

Yeah, that's a fun thing. You might include. But like if you're trying to cut stuff, maybe you remove that because that doesn't have anything with your ability to talk about vulnerability management which is like what your abstracts about. So you're trying to demonstrate why they would like you're trying to. It's you're trying to sell your talk to them basically.

News Anchor

Right.

Jerry Ozier

All right. An employee used an unauthorized AI for their job. It was compromised by a promptly from an unknown actor. Company secret spills. You just found out what's your next three steps? Okay, you want to play or you want me to play?

James McQuiggin

I'll play it. I'll play it first. I'll kind of fumble through it so you know if it's been compromised. So first got to figure out all right, is it impacted anything, others, any other systems, which systems it's been impacted by. I take it the company secrets were spilled because of what was put in the prompt that was uploaded. Certainly from a you know, risk standpoint either depending on the size of your organizations, whether you can reach out and have them remove that information. Samsung did it when their guys did it a number of years ago. Nowadays I don't know what the process is with that large language model or the various different ones. What would need to be done.

News Anchor

Then?

James McQuiggin

It's certainly a discussion with them and then maybe looking at from a couple perspectives policy with the organization whether you're going to have to implement some sort of governance, some sort of technology to be able to prevent folks accessing it. But certainly training your users on what they should and shouldn't be uploading. This may have been a lapse in judgment, it may be a one off but if they're doing it, how many other people are doing it in your organization? So certainly having training get out there, you know, I see. You know, find out the high how and why the person downloaded the unauthorized software. You've got people. The kicker may have been they may not have used their computer. They may have already blocked at the network. They may have done it on their home machine, email, whatever it was that was, you know, the material they wanted to upload. So it may not have been done on their personal machine because they knew that policy. But they also may have turned around and done it on their work machine in which case yeah, that's a violation. You know, what's your policy state on that? So for me I always fall back to education, look at what your policy states and then you know, go on and then try to mitigate the risk from what? From the outcome that's already happened and you know, see if there's anything you can do with the larger language model.

Jerry Ozier

If you're just joining us, I know some of you got in here, maybe you saw a live stream. I'm Jerry, he's James. We both worked in the industry of cyber security for many, many, many years. And this is a live stream where we're answering any and all questions. So if you have any cyber security related questions, whether it's career or, you know, certifications, career paths, you know, like technologies, companies, anything like that, whatever it is, this is a very safe space. Ask your questions, get your answers. It's all about good times. Felipe says, how important is it to post your projects on LinkedIn? Does it really help you get recruiters to reach out to you? The answer is yes. I would not. Yeah, I mean, I would not. I mean, I wouldn't post. It depends on what you mean. So like, what I would do is have like a website or a blog, something you control and put your stuff there. Then write complimentary, appropriate posts on LinkedIn that capture attention, deliver value and direct people over to your full blog or, you know, website or whatever you're doing that will help you establish relationships. Maybe not recruiters, but you may not want to be targeting recruiters exclusively, right? Maybe you're writing about, you know, whatever that, that reprompt co pilot AI double prompt injection attack, right? I suggested that today on stream. Maybe you're writing about that and then all of a sudden like Phil Stafford, who's in chat, reaches out to you. He's like, oh, I'm a big AI guy. Like, I like what you're doing here. Like, do you want to collaborate? Right? So now you're collaborating and then Phil Stafford's like, dude, after, you know, three months and five projects and building a network around AI, this is very cool. Like, we actually have a, a new post coming out in Q2. Like, are you looking? Because it'd be great to have you on. Like, that's, that's why you do it, right? If you're just trying to do it transactionally, like, hi, I did this. Try hack me room recruiters, hire me. Like, that's not going to work. That this is, it's, it's more of a long play. It's much more nuanced using it. I will tell you, Felipe, if you're just thinking you're going to do one thing and post it on LinkedIn, you're not going to get the results you want. But I would say don't get overwhelmed by the sheer volume of what I just Told you to do. Post that first one, get it under your belt, move on to the second one. Okay, we got a cruise question from newcomer Alpha Nerd. He wants to know or she wants to know, do you buy premium drink package or go a la carte? If package do you get your money's worth, you're getting after it. What Not James, I love it.

James McQuiggin

No, I got it. I got it. So I've had the pleasure of writing of.

Jerry Ozier

Of.

James McQuiggin

Of cruising on Disney Norwegian Cruise Line, Holland America, doing MSC this weekend. But my go to one, my normal one is Royal Caribbean. I've had the pleasure now and fortunate enough to reach the diamond status where I get four free drinks a day. Plus I also have the prime from the adult arcade, AKA casino, where I reached the status in there where I get free drinks while that's open. So now I don't. But my advice, it depends. Are you somebody that, you know, drinks four, five, six drinks a day when you're on vacation? If you don't drink a lot normally, then getting the drink package isn't really, for me, doesn't seem worth it. When the wife and I would go on a cruise, we would, you know, we would have two or three drinks maybe a day, maybe a dinner. Another cocktail for. At the beach might have a cocktail to. With Royal crib with. I don't want to call them out, but with some cruise lines, you can get the drink package included and it's several hundred bucks and you get your money's worth. Other times, you know, it's a little more pricey and you've got to drink six to eight drinks a day because they're usually averaged about 15 bucks. For the cocktails, it's about, I think like 10 bucks for the beer and 12 bucks for the wine average. So usually you've got to look at what that value is divided by what the drink package is, see how many drinks you got to drink a day times the 7 days, 5 days, 4 days, 3 days. However long you're on the cruise, if you know you can do that, then yeah, it's worth it.

News Anchor

It.

James McQuiggin

But, you know, moderation is the key. You don't want to be, you know, crazy sloppy drunk.

Jerry Ozier

Right.

James McQuiggin

You know, but that's up to you. For me, look at what the drink package price is, figure out, you know, based on those prices, figure out how many drinks you got to drink per day. And for the wife and I, you know, I could do it, but, you know, I know that it's not something for the both of us, so we usually. Now that we have this package now, we don't need to worry about it. What we do get, though, is the regular soda package where they give you a cup and you can go up and you can get seltzer, we can get some of the fancy coffees, smoothies, and that's worth it for us. Yeah.

Jerry Ozier

So that's my take, srw. So I've never been on a cruise. I paid for a cruise, didn't go on it because my. We were two. Like, my wife was too pregnant, I guess. Like, we bought it way in advance, and then she got pregnant, and then at a certain point, you're not allowed on the cruise. Really appreciated not getting my money back on that too. That was like, a really great experience. So SRW says drink packages can also cover fancy coffee, Red Bull, etc, so it's not just getting sloppy drunk. All right, it's 9:30. Let's go ahead and do the raffle. We'll keep on cooking here, but we'll do the raffle right now. So for those who were not aware, give me a moment here. Arcanum Security. This is Jason Haddock's company. Again, Jason Haddock is to say, he's one of my favorite people. I. I'd really have to think about that because favorite is, you know, I've got a lot of people that I really, really like. So I'll just say I really, really like Jason Haddock. He's a very cool dude.

James McQuiggin

And not your favorite status yet, because you have. You can have a lot of favorite people.

Jerry Ozier

You're not saying, well, then, okay, let's. Let's throw him in the favorite status. I will tell you this. I like Jason Haddock enough that I was at a private dinner in Vegas last year. There was like 20 people at this private dinner, and Jason had to leave early to go to somewhere. And he was on the other side of the room for me, but I was, like, looking in his direction and. And the door out was on his side, and he had to go. So he got up, put his backpack on, said quick goodbye to his table, and then got up and went out the door. And I was like. Like, I really like Jason. And I hadn't gotten to say hi to him really yet, so I chased him down. We were in, like, a private dining room in the back. I chased him down in the middle of the restaurant, like, grabbed him, and I was like, hey, Jason. Just wanted to say hi. Catch you later. He's like, oh, Jerry, that's cool. Whatever. And then, like, and then I Went back and sat down. Like that's where he is. Like it was enough that I wanted to. I made it a very strong point to make sure that I just said hi to him, because I like that guy. All right. But anyways, they are celebrating two years of Arcanum Security and he has given me some gifts to give out. So let's go ahead. I'm going to give out two courses from Arcanum Security. So it's arcanumsec.com here's the link. You can take any of the courses on demand, live training, whatever you want. Some of These courses are 2, $3,000 a piece, and he's given them. So let's go ahead and draw. You'll have to connect with me really quick somehow, and then if not, we'll give it to somebody else. All right, so here we go. Winner is Joshua Josiah Culling. Josiah Culling. I only know one Josiah and he works at Black Hill. So let me know, Josiah, if you are in chat. Let me see. Did Nightbot announce the winner? Yeah, Nightbot did. So Josiah Culling is our first winner. And let's go ahead and draw a second winner for an Arcanum Security training winner is sunshine 2477. So sunshine had an emergency last night and joined the show late, but there you go. You got to show up to be part of it. So congratulations to our two winners, Josiah and Sunshine 2477. I will be continuing to. I have 10 total prizes to give out. I will give some more out next week. I will tell you, you might be like, go, Jerry. Just give them all out. Fun fact, if you've never done giveaways before, it is incredibly time consuming and complicated to hunt down because I'm gonna have to get with Josiah and Sunshine. Then I'm gonna have to connect them with Jason. Then I'm gonna have follow ups. Then there's going to be a problem and they're going to reach out to me and then. So I'm just going to do two right now and then we're going to do more. So stay with us next week on the Daily Cyber Threat Brief and we will continue to give things away from Arcanum security. Okay? So sunshine 24. 7. 7. Josiah. Colleen, get with me on Discord and I have to validate your identity. So get with me on Discord and I will get you your prize. So if you're not on there and do me a favor, by the way, go. Josiah and Sunshine go on the general chat channel on discord and at Geraldozier Ph.D. right. Like that'll be the easiest, fastest way for me to find you and validate your identity. Also, if you can take a screenshot of like, can like somehow like, so I know it's you. I guess. I don't know. I just need to validate your identity because I don't want some jerk to steal your three thousand dollar prize. Okay. Let's keep cooking, shall we? James, Congratulations to all of our. It is awesome. Yeah. All right, Lazaro, dude, no dumb questions, okay? First and foremost, so, so don't. You don't have to say that. He's got to renew his SEC plus, he took active defense course from John in 2425. If I take it again, does it. Yeah. Oh yeah, yeah, yeah, yeah, yeah. It absolutely counts. It absolutely counts. Yep. Don't even sweat that. He was asking if he has claimed credits for one thing. Does it count if he takes it again? The answer is yes. All right. From the context of pen testing, web app testing seems to be a niche. What does the future look like for web app testing for a pen tester as a whole? I mean, I. Yeah, so I mean, if you didn't know, I'm actually director of strategy at a pen testing company, co owner ish of Kairosec pen testing with Tyler Ramsby. And I could tell you like, dude, the future of web app is bright and beautiful because web apps are being deployed all over the place. People with no background in software development are using cursor to whip up web apps left, right and center. And a lot of times it doesn't really have very good security. So I would argue that it is going to increase and continue to be a good one. Plus bug bounties and bug bounty platforms like Bug Crowd, Hackerone are. You know, that's where most of it's like web app pen testing. So I think it's great. James, do you want to comment on this or no?

James McQuiggin

You're kind of more in that space than I am. I just know that there are lots of pen testers out there and it's a very busy market. So I think, you know, as we continue to have more and more systems coming online, people creating web apps, more and more startups that are happening because of AI. Yeah, your, you know, future looks bright.

Jerry Ozier

All right. I love it. Hold on. Josiah Culling, what is your discord name? It's at Geraldozer. Gerald Ozer, PhD. Okay. And mods. Can you help me get these winners, please? If we can get these two winners out there, I'll tell you what, I'll give something else away because it, because it's super clean. All right, here's a fun one. James. James and I both help lots of people try to break in and establish themselves in cybersecurity. That's a great question. Which projects do I must have in my home lab? So what are. I wouldn't even say must. If there are a must have lab, let me know. James but what are some like good labs that you should consider?

James McQuiggin

I think so, depending on what you wanted, what you're looking to do. If this is pen testing, then yeah, you certainly want the metasploitable, you want the exposed and exploitable virtual machines, web apps, those kind of things. Whether you're going to have physical machines, virtual machines, combination of both. You know, you can get the virtual firewalls that you can be using. That's good to set up so that way you can have like a little, you know, DMZ environment, then your production environment with databases and everything else in there and then clients and then you're attacking from the outside. So definitely want to. Depending on how your setup is, if you're doing stuff that is outside of pen testing, you know, maybe it's you're doing code testing or something and you're having a home lab, then having the different operating systems is certainly going to be another thing to have. Isolating it from all your other machines is usually a good idea as well. You know, if you've, you've got a, you know, whether you've got a firewall at home or a router that you can isolate and have a separate network, that's always a good thing as well. So that way it's all. Because if you're going to be playing with it, you really do not. Especially on exploitable systems, you do not want those exposed to the, to the Internet. So that would be kind of, kind of my start. Definitely have Windows, have Linux, have a Kali, have that virtual firewall and go from there.

Jerry Ozier

Awesome. And quick shout out our winners have connected with me. So we're going to give out another Arcanum prize for everybody. And then we got a bunch of questions queuing up. Also really quick CHEDDAR Bob mentioned Portswigger Academy for Web Application Security. 100% right. If you've ever heard of the textbook Web Application Hackers Handbook, which is considered the seminal work on web app pen testing, they aren't going to come out with a new book because they literally created Port Swigger Academy to have it be a more interactive, dynamic and easy to update form of the text. So definitely take that out. All right, let's go ahead and select a winner. Looks like James is grabbing his copy of said text now.

James McQuiggin

What I grabbed are the two books that I have. One is from Rick Messier, the build your own cybersecurity testing lab. And then the tried and true one that I've always been used is Tony Robinson's building virtual machine labs. So those are both great resources and a lot of good info in there.

Jerry Ozier

Awesome.

James McQuiggin

Lots of books in the library.

Jerry Ozier

Couple great. You don't have to type Arcanum to re enter. Like if you've entered, it's the same pool. Still pulling from. All right, all right. We're going to pick another winner for Arcanum Security. Free training Mag Destroyers here. Let's go. Here we go. Winner, winner, chicken dinner. Gallo. G A L L O E G A L L O E Gallo. Congratulations. Also want to say shout out. New squad member SRW788. Thank you for the squad. Love it, love it, love it. All right, so same rules apply at gal oe. If you want to, you know, whatever, accept your prize, you need to connect with me in the general chat on the Simply Cyber Discord server so I can get it. We'll give you like 10 minutes. You do have to be present to win because I want to give this away and not hunt you down. Okay, let's go. Continue on here. So Elliot Matice wants to know if anyone's been on an Azamara cruise. Small ships stay in port usually all day. James, you been on one of these?

James McQuiggin

I haven't been on one of those, but I do know a lot about. I'm aware of some of the smaller cruise ships and, you know, smaller number of people. Like a hundred people, 100 to 200 people on those cruises. And they're. They're really good. I think they're usually a higher price point as well, but they're really good and it's more dedicated and focused on the particular area that you're in right now. I'm. I'm living the dream on the, you know, the multi thousand people cruise ships. So it's on the list to do a river cruise one day.

Jerry Ozier

So I like it. Another squad member, Nicholas A. Merges 9074. Thank you very much. Keeping with the cruise topic here, James, celebrating his 27th wedding anniversary. What's your favorite cruise destinations, bro? Give us a list. Top three. Why.

James McQuiggin

Going to Nassau? Because I've been there so many times I can just stay on the boat.

Jerry Ozier

Okay.

James McQuiggin

It's a. It's a free day on the boat because everybody gets off and then you get to go do all the boat stuff, like be in the hot tub, in the pool, and there's not as many people in there. It's kind of a reverse hack. We did Europe last year and stopping in Palermo, Italy, was a lot of fun. Just the culture, the food, best. For me, it was some of the best cannolis I've ever had in my life. And then, you know, any place in the Caribbean, easy, no problem. Just because the accessibility here. Where I would like to go, a destination that's on the list is I want to do either transatlantic or Trans Pacific. Go from LA down to Australia with a stop in Hawaii. That's kind of the dream. The goal is one day I'd love to do around the world cruise. 180 days or 60 days or whatever.

Jerry Ozier

So would you. They have these. There's a one cruise ship that I think it's for, like, retired people, but, like, you basically buy an apartment on the boat and you, like, live on the boat. Would you do that?

James McQuiggin

If the Internet was fast enough and I could have my own starlink and not share it with anybody, possibly, because I know on the starter link, as long as I got a good connection, I can get fast enough Internet and I'd work there was actually, I think a Cisco employee or a tech employee that bought an apartment on one of those to go around the world, depending on how things go. Yeah, I'd certainly consider it.

Jerry Ozier

There you go. All right, so Cheddar Bob. Oh, cruisecon. Cruisecon.

James McQuiggin

Cruisecon is a thing. I will be on there November 7th to the 11th. It's my third one. It's.

Jerry Ozier

It.

James McQuiggin

And this is the third one they're doing at a Port Canaveral. And the.

Jerry Ozier

It's.

James McQuiggin

It's a fantastic. First of all, first fantastic cruise. You're. You don't have the whole boat where there's only about 100 to 150 people. So it's very niche. And it's all industry leaders, cybersecurity, CISO, CIOs, but also practitioners as well. And it's. Everybody's kind of contained, so to speak. So you, you know, when you go to like an RSA or, you know, black hat, you know, at the end of the day, everybody scatters and goes all over the place. Well, here there's only a handful of restaurants and bars on the boat, so you get a lot of great FaceTime. And case in point, CruiseCon. Last year, the one we did in February Tim Brown, who's the CISO for SolarWinds was on there sharing his story in the, you know, during the conference. Well the next day I, he gets in the elevator with me, I got my laptop, I'm going up on deck to do some work because it I was working during the cruise and he was going up on deck too. So the two of us sat at a table up on deck watching the world go by, drinking our coffee, answering emails and just having a great conversation. I got to know Tim a little better. That never would have been able to happen. And you know, another conference really, you know getting up in the morning and seeing Cassandra Mack who is another CISO. I ran into her at the coffee station or 6:30 in the morning after walking around on deck from that led to me getting a whole bunch of speaking gigs with a group that she belonged to with. So you know, meeting people on the, on the cruisecon is, it's a lot of fun and it's Ira Winkler's brainchild and it's the cost of a regular cruise it for a balcony. It's like it's a five day cruise. It's like 2200 bucks for you and a guest. The guest doesn't have to go to the conference. So bring your spouse significant other, they get to hang out on the ship and you go to a two day conference and it's done while you're at sea. So the one that's coming up, it's we leave Saturday with a network mixer. Saturday night, then Sunday it's all day cruising and conference. Monday I think we're in Cozumel and then it's a day at sea, the private island and then we're, we're back in port on Thursday morning. So Internet. I just did a week long cruise at the end of December and I worked remote that week and the Internet was fast enough. I did get about 10 megabit honestly and that's enough to do zoom well enough. I don't know if I'd be comfortable doing like this remotely.

Jerry Ozier

I would try it.

James McQuiggin

I would, I would definitely try it. Well we can try. I'll be on. Well I wouldn't be on for a Friday job jacking but I'll give it a shot one morning while we're on the ship.

Jerry Ozier

I love it but it's a lot of fun. I do want to quickly address something. So at Gallo G A L L O E winner of the Arcanum Security prize, he's currently Dr. Driving or she is currently driving and will be at their destination in 20 minutes. I absolutely support that. And just like, I don't want you to, I just. I want you to be safe. That's the priority. So, yeah, just connect with me in the general chat on Discord. You'll see Culling and Sunshine have connected with me and just do it yourself and we can get you that prize. So thank you very much. All right, next question. And we're gonna go till 10. Normally on Fridays, we go a little long having some fun here. Tony Parrish says, what's a good walkthrough to set up my GitHub projects? So you're asking for a walkthrough of setting up GitHub, is that. Is that correct? I don't know of any walkthroughs. I mean, it's. It's kind of like a glorified file repository. Yes. Create a project like get. Get a GitHub account. Right. So then it's like slash, Tony Parrish, and then have your first project, right? Like, you know, Cyber Lab, Firewall, Cyber Lab or what, you know, whatever. And then just create a new one for each one and there you go.

James McQuiggin

Honestly, my Recommendation, Tony, hit YouTube, Google it. There's a bunch. I'm. I just pulled up GitHub walkthrough, and there are all kinds of people, you know, kind of watch each one. Don't feel like you gotta watch the whole thing just. Or even look at the summary, see what kind of info you're going to get, and then watch those. But Jerry's right. It's like a glorified, you know, file repository.

Jerry Ozier

Yeah. The real power is where you start getting multiple users doing commits and pull requests and stuff. But if you're doing it for your own GitHub project, like, none of that's.

James McQuiggin

Going to matter or whatever.

Jerry Ozier

I will say, Tony Parrish, if you want. Let me. Let me show you something really quickly. It. Like, this is how you take it to the next level.

James McQuiggin

Web pages. I mean, I know people that use GitHub as their website.

Jerry Ozier

Yeah, exactly.

James McQuiggin

Their websites in GitHub.

Jerry Ozier

Yeah, that's what I'm showing right now.

James McQuiggin

Oh, there you go. Yeah.

Jerry Ozier

So dj bsec.com is dj b sec's website, but this is a GitHub page. So even though it looks like a website, it's GitHub. And you can see here, he's got his Cyber News initiative, he's got his repos with his different tools and such, his blue team tools, so you can make it look much more interesting and classy than a traditional GitHub repo, which I would strongly encourage you do. This is called GitHub Pages. If you just look for GitHub Pages tutorial, you'll see it. And if you have any questions, you can ping at DJ B sec in Discord Server and he will be, I, I know for a fact he'll be more than willing to help out with that if you want. He's a good guy. Okay.

James McQuiggin

Yes, he is.

Jerry Ozier

Next question is, when you're looking to find a job in grc, is it best to apply on a job board or do you company website? Is there a job board you'd recommend? So here's the deal. I mean, sure, job board and company website, I like both. I. This is such like a privileged problem, right? But I haven't had to apply for a job in like, I don't even know, like six or seven years. So I haven't had to apply for a job in a long time. So I don't know what boards work. Back in the day I used to dice. I don't even know if dice is still kind of relevant.

James McQuiggin

Indeed.

Jerry Ozier

Yeah, indeed's good. LinkedIn is good. But honestly, a lot of jobs, like a lot of jobs, even the jobs that I help people get now, right? That's kind of where I'm at now is like I had a guy call me, just to give you an example. I had a guy call me, good friend of mine who works for a consulting company called me like two weeks ago and he's like, hey, I've got this huge, I got this huge project. I need a very senior industrial control system person to architect the solution and then hire a bunch of people to execute it. Like this is like a multi year, multi person project, but we need that first person to be the key to all of this. And I was like, hold on one second. And I literally went into DMs and I messaged the number one person that I think could do this and I said, hey, can you hop on a call right now? They said sure. And like 30 seconds later I was on a three way call with them. Guy pitched him, he said, cool, I'm not the right guy, but I know the right guy. Let's, let's take this offline. He's on travel, he'll be back Monday. And I think last Monday they had the call and everything. So like it's, that's, that's how it works in 2026. You can apply to these jobs. That's definitely the way to go. But I'm telling You, you should be networking, you should be ne, you know, personal branding or whatever just to stand out in a sea of sameness. Okay, so that's what I would say to Berlin Dab.

James McQuiggin

Story time Jerry.

Jerry Ozier

Okay, James McQuigan at 35,000ft share with the community and it's only the community.

James McQuiggin

This isn't publicly posted yet. That won't happen until February. But community is something that I've always felt is extremely important. If you've seen some of the posts and some of the things being talked today, you kind of might have an idea or a hint. But it's been a crazy eight days because last Thursday my, my position was eliminated from knowbefore and I was let go immediately. So since that time I have been working my network reaching out to people that in that do similar jobs to what I do, reaching out to people that do jobs that I would love to do, reaching out to people that I've done part time work or contract work. And basically right now it's all, I'm all in the planning phase. It's only been a week but have had plenty of conversations networking folks. And then yesterday one of the people in my network called me up and said hey, I got two positions that you might be interested. I'm going to, if you're interested, I'll have my recruiter reach out to you. This was, this is with a large organization, director level positions. So I don't know where they're going to go. We're going to see what happens. But basically it was a shock to my, the, to me, to my entire, to the team that I worked with and but it's business and so now I have to do what's best for me. I have to be the CEO of me, the CMO of me. And so basically it's been working a plan all week, talking with lots of people. Ironically, Jerry, I think you were the third person I called because I talked to my wife first. Then I talked to somebody else that was worked with me at KNOW before and then you were the you I called you. But networking is so key, you know, practicing what we preach and now it's, I'm living it. There are, I've got opportunities, I've got options, but it can happen to anybody and you. One of the things that's coming out of this is I've been documenting everything and so one of the things that I'm looking to do out of this is a presentation, you know, maybe even a book, I don't know. But I think some of the lessons I've learned. I've applied for jobs already through their websites. I've already been to a job fair at Threat Locker this week. You know, just kind of getting out there right away and I, I was very fortunate and lucky that there was a job fair here in my. Where I live. So I went and hit that. But networking is key. You never know who you're going to meet today that is going to help you get a job down the road later in life. And it's. That happened with my KNOW before job. I got that because of networking. Your skills then play a factor but it's because the people that know you, that know your skills that help you get that, that next role, that next job. But I did like your. You stated something earlier code brew about using job boards to search for jobs. But I'll always look for the company site to apply. But yeah, that's certainly true. I applied through the website and then I found later on through another contact that that job was already filled. They already, they just posted it because they had to and everything else.

Jerry Ozier

But.

James McQuiggin

But at least I got my resume in the system and you know, we'll go from there. But yeah, I agree. Sunshine. Documentation, documentation, documentation.

Jerry Ozier

So James, you know, there's a couple hundred people here right now. Many of them know you, many of them know what you're capable of. So why don't you qualify? What, what kind of role are you looking for? What's the ideal role here for you, buddy? Because someone in chat might actually be like looking to fill that role.

James McQuiggin

Yeah, the ideal role role and I'll give you the three areas that I'm looking at. The idea role is to continue what I've been doing like I did at KNOW before. You know, an advisory CISO role, a thought leadership role, going out and taking the word, the mission of that organization and going to events, conferences, industries, industry events and presenting on the concepts. So with KNOW before it was all about social engineering, it was about human risk management, it was you know, security awareness training. But I branched out so much from that into AI. Deep fakes, dark side of AI agentic AI. Always looking to educate. I'm part time at a university so edutaining is what's in my core. That's kind of the dream thing. Advisory CISO roles or. Yeah, advisory CISO roles, maybe even fragmented or VCSO roles. I'm. I've already been talking with people about maybe developing courseware. So there's that avenue. The, the other thing is is yeah, if you ever need a speaker and you're willing to pay for a speaker, then there's a variety of topics that I've got. I've got them on my session. I think I dropped the link in there, but I can certainly share that with folks on the different topics. The other thing I'm considering is doing speaking as a professional role change From Quicken at 35,000ft is. Is the truth in the fact that I'm always on the road, was on the road, traveling. I love to go to different places, meet new people again, build up that network. And so looking at trying to maybe start up my own consulting business that does speaking workshops, you know, and then teach on the side. So, yeah, that's kind of where I'm looking right now. 20 plus years of experience. I've done ics, I've done incident response, disaster recovery. I've done almost everything in cyber GRC compliance, security awareness programs, education, training. I ran the IAC 2 Central Florida chapter for eight years. So leadership roles, and those were with volunteers. There's not as much leverage that you get in getting work out of volunteers. It's a lot easier when you're in the corporate environment and you're holding a paycheck in their job and performance plans over their head with. When you're working with volunteers, it's a matter of appealing to their desire to help and everything else. But I ran that chapter for eight years and heck, we grew that from 17 people and $63 to almost 400 and a lot more money in the bank, so. So that's kind of where I am.

Jerry Ozier

Yeah. And Shamira Gonzalez, who was recently involved in helping with the GRC video series that I just recently put on, said she's connected with you in DMS on LinkedIn, so look for that, James. Okay. For sure. Thank you. Fun question. Are you willing to relocate?

James McQuiggin

No, not right now. As I kind of go through things, I like living here in Central Florida. My family's here, My extended family's here. I've been here for 30 years. It would. It would have to be. Yeah, right now. And just with family, I'm trying not to. So, yeah, I've been working remote for six years. Some of the positions I've been looking at do require going back to an office, possibly. And it's like, all right, I can do that. But having to pick up the family and move, I'm not quite ready to commit to that yet. Ask me in a couple months. I've got a little leeway on my end, you know, being stable and everything else. So, so, you know, but if it's something, you know, with these on site roles, if it means, you know, I work remote for three weeks out of the month and then I come to the office for a week or 10 days or whatever. Well, there might, that might be a possibility too. I don't know. We'll see.

Jerry Ozier

Yeah. I mean, he has James McQuiggin at 35,000ft because he, he flies enough that, you know, if you need him physically somewhere, he can get there without y. Yeah. Without having to have like a mailing address in that town. Cool. A lot of people sending a lot of love and support for you, James, in chat. So we definitely appreciate that. Got it. I gotta tell you guys two things. Number one, just, you know, it were, it's. I, I say it all the time, but it's worth reiterating as, you know, something like this becomes very real. Do not. The fact that James had a bunch of people he could call right away, that's because he, he's, he's connecting, he's networking, he's doing all these things all the time. I, I say it all the time. When you get laid off is not when you want to start networking. You have, you are, you are way behind the curve. You need to do it now. Invest in yourself now. Be the CEO of you now and don't be overwhelmed or intimidated. Don't be like, well, I'm only 25. How could I be the CEO of anything? Like, just take action. You're. And I mean this with all the respect. Right. Like, I really like James. James is one of my good friends. Nobody is going to do more for James than James is going to do for James. No one's going to help you out more than yourself because you are the most invested and, and have the greatest value to realize from your own investments in yourself. So don't make it someone else's problem and invest in you do the things you need to do for yourself. Okay. It's, it's just vitally important. It's like a mindset.

James McQuiggin

Yeah. As you said, and you've said it before, is, you know, you gotta. And be the CEO of yourself. You know, you've got your family to take care of, you know, years ago of loyalty to organizations. You can be loyal to the organization, but you also got to accept that you could get cut and you can be dedicated and work hard and you know, that's, that's your trait and your capability. But if they find another business reason and out you go, then it's like okay. You know, that is what it is, so. Well, I, I'm, I'm glad to hear. I'm one of the, you know, what'd you say? Good friends? Best friends. That's higher than favorite, right?

Jerry Ozier

Yeah, yeah, yeah. You're very close. James Equigan has been to my house multiple times. James o' Quick, James Equigo went trick or treating with me and my kids and my wife. So that's the status James is at. All right, James, it's 10 o'. Clock. Let's wrap. Anything, anything anyone wants to. You want to promote, connect with. Talk about. I, I know we just covered up quite a bit, but I mean, if.

James McQuiggin

You want more info on CruiseCon, go to cruisecon.com C-R-U-I-S-E-C-O-N.com or Google it. I'm going to have a nice, relaxing time. I will be following, listening in next week. Jerry, as always, thank you for the opportunity. Network, network, network. If you try, if you lose your job and you start networking, just consider it. You're a base camp of Mount Everest. I look at myself as I'm halfway up the mountain. But yeah, networking is key. Go to the events, connect with people on Discord. If you're not an extrovert, I get it. But always build your network. Get those connections. It's not a competition, but, you know, this is always a great place to start. It's what I tell my students and anybody that I meet and, and Travis Lodi, who I shouted out earlier, I'm walking out of the threat, the job fair. And he goes, excuse me, I'm sorry, are you James McQuiggin? And I'm like, yes, yes, I am. And he goes, I'm like, how do you know me? Because there's a lot of different ways. Sorry. And he goes, oh, I see you on Simply Cyber. You're the guy that does the dad jokes. And I just was like, happy dance. You know, it's like, yeah, baby. So, so we chatted for about 10 minutes and we talked about jobs and Simply Cyber community and how awesome this community really, really is. So if you're coming in for the first time today, stick around. It's going to get really, it's going to be awesome. You, you will make friends for life here.

Jerry Ozier

I love it. Thank you very much, James. And just to reiterate, since we're talking about rifts, layoffs and investing in yourself, I just want you to. I love metaphors, I love analogies. I think it's a great way to ground a lesson or some type of learning into an individual. Think about retirement and your finances, right? You would never start saving for. Or if, if you could control it, you would never start saving for retirement the day you retired. Right? It would be ridiculous to be like, well, I'm 65. I guess I'll retire and start saving money. You invest now so you can realize it when you retire. It's the same thing with networking and personal branding for your career. Think of your career as your, your, your. It's, it's, it's needed really, in order to provide for your family, provide for your responsibilities. All these things give you enrichment and quality of life. And if you aren't investing in it and when you need it so, like, you get rift laid off, whatever, and all of a sudden you're like, retired, like, you start doing it, then, yes, you can do it, but it's way harder and it doesn't need to be so. And, and you also don't have to commit like 40 hours a week to, like, personal branding and stuff. Just, just be consistent. 1% better. A day is all you need. All right, I'm Jerry from Simply Cyber. He's James McQuiggin. You guys are chat. You brought the heat today. Definitely love it. Fridays are wonderful. Have a great weekend, everybody. And until next time, stay secure.