Politically High-Tech
A podcast with facts and opinions on different topics like politics, policy, technology especially AI, spirituality and development! For this podcast, development simply means tip, product and/or etc. can benefit humanity. This show aims to show political viewpoints and sometimes praises/criticizes them. He is a wildcard sometimes. For Technology episodes, this show focuses on products (mostly AI) with pros, cons and sometimes give a hint of future update. For Development episodes, the podcast focuses on tips to improve as a human spiritually, socially, emotionally and more. All political, AI lovers and haters, and all religions are welcome! This is an adult show. Minors should not be listening to this podcast! This podcast proudly discriminates bad characters and nothing else.
Politically High-Tech
293- Hack Yourself First (Before Someone Else Does) with Grant McCracken
Cybersecurity expert Grant McCracken shares his mission to make digital protection accessible and affordable for small businesses that often lack resources to defend themselves against growing threats.
• Small businesses face devastating cyber threats that rarely make headlines, unlike major data breaches affecting millions
• After 13 years in cybersecurity, Grant founded Dark Horse to democratize access to affordable protection
• 68% of breaches start at the human layer through social engineering, weak passwords, and careless information sharing
• Businesses should prioritize improving human awareness, using password managers, and implementing multi-factor authentication
• Organizations need clear visibility of their digital assets to effectively prioritize security efforts
• "Hack yourself first" through penetration testing to identify vulnerabilities before malicious actors exploit them
• The NIST Cybersecurity Framework provides free, structured guidance for organizations to assess their security needs
• AI creates both opportunities and challenges in cybersecurity, accelerating capabilities for both defenders and attackers
• As digital and physical worlds merge through payment systems and IoT devices, robust cybersecurity becomes an essential business function
Visit darkhorse.sh to learn more about affordable cybersecurity solutions for your business.
Follow Grant McCracken at
https://www.linkedin.com/in/grantmccracken/
Follow your host at
YouTube and Rumble for video content
https://www.youtube.com/channel/UCUxk1oJBVw-IAZTqChH70ag
https://rumble.com/c/c-4236474
Facebook to receive updates
https://www.facebook.com/EliasEllusion/
Twitter (yes, I refuse to call it X)
https://x.com/politicallyht
welcome everyone to politically high tech. With your host, elise, I have a new guest, yep, okay. So going back to some of the newcomers, why is that that? Because I like to spice things up and you know I can't just always bring in the reoccurring guests. I mean, they're great and all They've been proven to be well, at least some of them. But you know, we got to change things up. I like to spice things up. That's why I'm not that transparent with my guest list unless I know for a fact they are coming.
Speaker 1:Guest list, unless I know for a fact they are coming. And you know I can't guarantee that, I cannot pull a gun right through the screen and force them to come. You know, I mean, I wish I don't have that. I probably would have been a lot more authoritarian and then I would have a very bad rep and I would just say, hey, I need my guest, I need to please my audience, I, I have a purpose to be this beat. But let's just thank goodness if you're atheist or thank god I don't have that power. Okay, I would have not. Probably I would most definitely abuse it. You better be, you know. Let me just grab, for example, he's again. That's a damn it great. You better come here, bring your ass this podcast. No, but he said he's safe, because this is just sick imagination and this is, you know, and this is gonna have some profanity. I I already started. I know we don't start it, but enough of my little random ramblings.
Speaker 1:So I have a guest here who's gonna align us on cyber security and his intended audience is um small businesses. They want to help the mom and pops. You know the ones that some don't got the cash, or maybe some don't got the cash, but they're kind of hesitant, hesitant to use it for cyber security, and some, based on what I'm able to gather, cyber security is not their main priority and you know they get hacked. You're not gonna hear about that in news. We hear the news is the millions of users that get breached, because that's more sensational, that's more that generates fear, not, uh, 20 people or 100 people. That's a tough luck for them and the media.
Speaker 1:The media don't want boring stories, so you want something that they could generate attention and fear very quickly. So, of course, number like a million is gonna be oh, my goodness, I gotta check if I have been hacked instead of just 20 100 people. So let's welcome grant mccracken. And for those of you who are just like to twist my words, he is not related to a kraken. Okay, let's just be clear about that. So welcome grant. Uh, what do you want the listeners and the viewers to know about?
Speaker 2:oh boy, my name is grant. That's about all you need to know. I've been in cyber cybersecurity for a little over 13 years. I've as a practitioner and as an executive. So I, as a practitioner, I was like an ethical hacker or penetration tester, identifying security vulnerabilities and web applications, networks and stuff like that, and, you know, did that for a while, then started managing teams, managing more teams and, you know, ran a global, global team at my last organization. And now I started Dark Horse, where we're trying to democratize access to affordable cybersecurity.
Speaker 1:So you left the war. I'm a super established company because I think they were more focused on big business and price and all that. So you want to democratize. I mean increase accessibility for those who really can't afford quality security. Right, I got that Right.
Speaker 2:I mean, when I left that organization, I I didn't really have a plan, right. I was just like, okay, like what am I going to do now? And? And I I thought about, like I kind of want to go into like at some point, you know, open like a smoothie stand or like a coffee shop, or maybe go into politics, or you know who knows Right. And but I was like, ok, what am I good at Right? What am I, what am I uniquely skilled at?
Speaker 2:And in my view, it's kind of the confluence of, of, of security and business and and sort of execution and being able to build this thing. So I said, okay, what if I went out and I tried to do something a little bit philanthropic? What if I tried to, you know, instead of you know, charging an arm and a leg for cybersecurity, I tried to make it as affordable as possible, and so that's kind of what I built with Dark Horse and there's a couple other things that happened in the process, right when we also put together a platform. That's, you know, in making it as affordable as possible, what I had to do was abstract out all these different service layers while I used to run the services, teams and whatnot. So like I was able to build a platform that makes it easy and accessible for anybody to come in and self-service these sorts of solutions, and by abstracting out those costs then it makes it far more affordable, so on and so forth. So that's kind of like the genesis story of sort of how and why.
Speaker 1:Oh yeah, giving back and using his talents to help those who are kind of fortunate and, of course, not fortunate. Hey, I mean, you got an option right there. Um, I want to promote other cyber um securities, but I think one is kind of gone because that website is not available. Like and as that part I see was a very popular guest. You know, popularity does not always equal success. You could interpret it as a shade. All you want, that's up to you. Use the comment section. Am I being analytical? Am I being fair or I'm throwing shade? That's up to you. Use the comment section. Am I being analytical? Am I being fair or I'm throwing shade? That's up to you. I I don't care, I really don't some of you just don't like somebody on.
Speaker 2:That was another cyber security guest in the past and their uh, their organization is uh defunct.
Speaker 1:I don't know. I gotta double check, but the website's not there and it looks like. Yeah, it's harder for me, so it looks like it's defunct as far as I'm concerned, and oh well, maybe they got acquired, I don't know, you know yeah, maybe.
Speaker 1:Yeah, because, uh, you did mention you did loot too, but you don't mind microsoft for crying it. So, hey, well, anyways. Well, we got another one here. There you go, dark horse, all right, so we gotta forget the other one, hey, but and? And I mean, hey, it happens.
Speaker 1:I mean I'm not gonna bash people who try to create businesses. It's a tough, it's a tough thing to do and you know I'm I'm not gonna gloat on it and you know I I respect it, even if it ends up being a failure, because, look, most, I'll say 99 of people not willing to try. Yep, I mean, you know, I got to say I say this podcast is business. Now, I've barely turned profits now. For years I've just been making this as a hobby. So I get it. It's tough, especially when you're one man. I mean I don't know how I did it, but make it work somehow, you know. So that's what I'm going to say about that. I'm not gloating, I ain't bashing.
Speaker 1:You can twist it all the way, you know all you want. I know some of the comments. You take the worst clip, the worst thing I say, and just twist it. I'm used to it. At this point I just say, oh, why don't say no, this is the internet, you just got ignored. The dumb comments, a little iq comments, you know you call me stupid or your mama fat. I ignore you, that's it. Feel free to do so. Youtube might cancel you, but not me. So at your risk. It's at your risk, okay, but I mean this might be an obvious question. But, besides protection, why do small business needs, you know, proactive cyber security? I already said before the recording that some of them don't treat it as a priority. Yeah, yeah, go ahead.
Speaker 2:I mean. So, in addition to just, you know you want to not get hacked, right, I think you have a responsibility to your users, right? So it's not just about you and you not getting hacked, right, we were also talking about, you know, the T incident. We don't have to get into it, but you know you've got to. Your users have to trust you, right, like they don't have like deep access into your code base and they can't go through and review it and just make sure that, like, okay, everything I'm doing here is secure. They trust you. Right, you put this out into the world. Your users are trusting you. You have a responsibility to deliver a secure product to them.
Speaker 2:Right, playing fast and loose with their data, that's not okay, right and so. But also right, you know you didn't get into business to go out of business, hopefully, and so you know, if you get popped right, I don't know how many people are going to use again just using T as an example, but, like, I think they're probably dead right, like, who's going to be? Like, okay, let's just wait for the next. You know, vulnerability to pop up, right, it's, yeah, it's. You know you, you definitely need to make sure that you're secure Again. I mean it's. There's a little bit of selfish self-preservation in there. You, you have to, but, but also you know for your users, right, it's not just about you, but yeah.
Speaker 1:No, that's a very customer-oriented answer and they expect to be protected. There's a little thing said. What is it? Privacy policy that pops up. They're able to protect it.
Speaker 1:Up to here, they always say there are a little limitatious. If you start sharing whatever, then of course you're not. Of course that's the user's fault for being just careless with information. You can't really control that and that should not be the business's fault. And some details just to touch this. It's in the very surface. Some interesting details have been leaked. I mean very sensitive conversations have been leaked and women were trusting this as their go-to guide on which men they should avoid because either he's a creep or he's a con, or, you know, he's a horndog dog, whatever negative. Fill in the blank that you would call a man right or creep, whatever. That's the intent of using a meme. I wasn't, you know, as a man. I'm not entirely against the app. I'm not entirely against it because I just think, you know, there's some, there's some horrible guys out there. I'm not gonna. You know, I promote pro man stuff only for those who want to do better, but they want to continue to be toxic vermin.
Speaker 2:I don't care about them either we review everything else in our lives. Right, you got, you got yelp, you know, for your food, right, why would you not? Why would you you review? Read amazon reviews. It makes sense that there's reviews. It also makes sense that there's there's a little bit of um, you know, social accountability, for lack of better terms. So, yeah, I think I mean just just about the app in general. It's. It's disappointing, if anything, that you know this, this app that otherwise seems to feel like a very useful space, got got popped.
Speaker 1:Yeah well, get dark horse dang. I'll do a plug-in for you so you won't deal with this again. I'll do a shameless plug-in for you.
Speaker 1:Look, I'm pro-capitalist with implementing only certain socialist features. I mean the ones I think is going to benefit the poor, the ones who really need it, not those who could get their asses up and get a job. Yeah, I don't care if I'm Republican there, because there's those who just leech off the government and I personally know a few examples. I'm not going to mention them, but I just know a few and they could be really, really getting their butts up, getting to work. And then there's those who need it and I also want to say protect the social net for those who need it. So that makes me kind of like a centrist on that one Case by case scenario. Not all give everybody benefits nope, I'm not for that. Or being too cheap with the benefits, or just eliminate it all together.
Speaker 1:But yeah, I make it a little political. So blame me for the politics, don't blame the guests, don't blame grand, don't blame me for making a little. I won't make it political at times. So the guests? He's blameless. If you want to blame the guests, I was highlight your silliness on the thing because he's not making it political. I make it a political, all right and but but okay, let me just. Let me just get back on track here. Yeah, it's unfortunate and I'm to tease, and this is why they need to have I think this is a good for next question penetration testing. So what is that? Is that kind of like the way I think of it? Correct Correct me if I'm wrong here Is ethical hacking, so you can find out vulnerabilities and see how you could address them effectively.
Speaker 2:Yeah, you kind of nailed it there, right? So a penetration test, as the name implies, right is where you're trying to penetrate the systems, and so you usually get a scope. Now, there's a lot of different ways that penetration tests can go down, but you usually have a scope, whether that's a web application, a network, a single system, you know an iOS app, whatever it is right, and you know the tester. A qualified tester goes through and follows a comprehensive methodology in terms of okay, let's start at the login form. Okay, what comprehensive methodology in terms of okay, let's start at the login form.
Speaker 2:Okay, what's going on here? Can I do? You know and there's a bunch of different attacks that you do on a login form Is that secure, right? And then they move on from that and they test. You know the account function and you know they go through and they just methodically test the entire application, whatever it is right, or the entire scope, and so that's effectively what a penetration test is is where you're having a qualified expert look for vulnerabilities, and then you get a report at the end and then you remediate those vulnerabilities. Somebody doesn't exploit them in the wild. This is why you need to talk.
Speaker 1:Oh God, I'm probably. I'm so shameless, I'm probably. You could call me a bastard capitalist. I'm fine with that. I mean, is it really a small company? That's a, that's a question I should, that's what I should dig into. So how many?
Speaker 2:employees. How many places do they have?
Speaker 1:because this is a relatively new app, based on my understanding. Yeah, look that up smb market, right.
Speaker 2:So you mentioned earlier, right, small and medium businesses. Yo, the crazy thing about smbs is they go. They go all the way up to. You can be like $50 million in revenue and still be at SMB in terms of. So I mean, yeah, I would definitely put them in the SMB category in terms of, and there's no guarantee that they didn't do a penetration test, right. One of the things about we don't know what their security posture was, what they did, what they didn't do. It could be that the tester missed it, it could have been a recent code.
Speaker 2:Push Organizations are in today's world, right, and this is why, at Dark Horse, we've created something called fractional pen testing, where it provides easier access to increments of pen testing. In today's world, you're constantly I was writing fresh code today right. With any modern application, you're constantly making improvements, making adjustments, right. But you only test maybe once a year, twice a year, right. If you're really on top of it, you do once a quarter. That's a large gap between you know when you potentially push a vulnerability and when it gets identified by a security expert. So so the anyways, that's again, just plug in to our courses, fractional pentesting. But also, you know, we just we have no, we have no sense of what people have or haven't done. It's just a. It's just a good recent incident. You know that highlights the, the impact or the responsibility that you have to your users and the potential doubt. You know the impact that can have if you get popped. It's not just your business, you're also looking at other people.
Speaker 1:I mean that's actually the most fair I mean commentary you could provide, because you know they did a pen test. That's true. I mean, what specific pen testing do they do? I mean that's actually a very good question. Maybe they tested all the areas, but maybe they didn't test at this particular one. That had happened. I mean that's legitimately a good point.
Speaker 2:There's a lot of like less scrupulous pen tests out there too.
Speaker 2:So I mean one thing at Dark Horse, we pride ourselves on, you know, really being methodological, and then also, you know, human based Right, a lot of these issues aren't necessarily found by scanners. But what you will find with with, you know, some less scrupulous pen test organizations is is they'll they'll run a scan and they'll say, oh, we ran a pen test and they'll hand you a report and they'll say, here, we did a pen test, here's your, here's your findings, or whatever. But like all, they'll hand you a report and they'll say, here, we did a pen test, here's your, here's your findings, or whatever. But like, all they did was run a scanner against it, Right? And so if you're not armed with, like, the information to be able to ask good questions about, like okay, like, what are you actually doing? And then to to really kind of audit their work, you could potentially end up with with with somebody saying they did something and they they do a very poor job of it. So yeah, it's also just like the wild west out in the security world.
Speaker 1:I mean we can't. That's the thing. And let's just say the early 2000s. I'm going to go that far back.
Speaker 1:Look, cybersecurity is more of a luxury, I would say, or very rare, but it was developing at that time. I would say correct me if I'm wrong and in 2010, the app was definitely formed, developed. But we can't treat it like it's a luxury. It's safe to say it's a necessity, especially in today's age. People use it online more than ever. I mean, these are facts. You could pull up anything. We spend time digitally more than ever. And look, I'm using a laptop. Laptop, I'm assuming you're using a laptop, but a lot of times we're not with smartphones, and that's the mean computer that we carry with us vast majority of the time for average users. So I would say cyber security is as necessary as physical security. I mean, one could make an interesting argument that physical security, to some degree, is even less important, especially if you're probably middle of nowhere. But you know, I don't Look, that's probably a little of hot take, but you know that's good for debate. You know that's a good common section. Activity In the modern era.
Speaker 2:I think they're actually the same, very much the same thing. I'm not going to say they're actually the same, very much the same thing. I'm not going to say they're exactly the same thing. But how do you protect your house, right? You got a ring camera. You got a blank camera, you got whatever. You've got Everything's digital, right. So I mean there's obviously layers to it, right? But I think to your point, right, they are highly interconnected in this modern era. Let's just go with that answer they are highly interconnected in this modern era.
Speaker 1:Oh yeah, let's just go with that answer. Let me be a coward and just agree, because that's actually a more sensible answer. Or I could just be a little conscious, maybe cut down physical security a little bit. No, but seriously don't do that, because, especially if you're in a probably dense area, I would say physical security and cybersecurity is a combination that's a must, maybe in the rural area to some degree. Yeah, set up something basic. But all I'm going to say is this Go buy what you think is best for you. That's the best answer I can provide. Let me just be very serious.
Speaker 1:So just try to say oh yeah, oh yeah, physical security, maybe not as much, but you know because there's been just, uh, slightly, let's go slightly off think for a little bit of this those ring camps have caught amazon workers stealing packages. So that's the importance of you know, I'll say, the connection of cyber, because these cameras are digital, you know they're cyber. Plus, you know physical because you now you got documentation that you got a thief, instead of just reporting it say, oh, I think it's a, you know thief, I'm not sure what he looks like, but now you have more details. So that's better for you, because you know it's all about what it's not about. What you know in court is what's what you could prove. So they're valuable tools. Go ahead.
Speaker 2:And just to riff on that a little bit more. And we don't, again, I'm not an expert in, like, brick and mortar security or anything like that, but I mean just to kind of double down on what you said there. If somebody breaks into a physical location, right, Like if you're a mom and pop shop right now, how do you take most of your payments? It's not cash, right, it's square toast or whatever like that, right? So again, just to your point, right, everything's far more digital Back in the day. Maybe you break in and there's, you know, you rob the till or something to that effect. I'd argue there's probably not any money in the till these days, right, Like, it's all. A lot of places are just card only. Even so, again, yeah, cybersecurity is just important, Obviously depending on the type of business, right. If you have an office and stuff of that nature, obviously you want to make sure that's secured as well. Though Absolutely.
Speaker 1:Yeah, cash. Look, it's becoming a rarity. I mean, only certain places still have that. I can't even call it a traditional cash register machine. It's digitized with some physical cash and change in there. But even more places step away from.
Speaker 1:I know one place is all digital. I think it's this german. I'm gonna butcher their name, I don't care. You could. You could make fun of me here. There's a good comment section activity for you people to make fun of me here and I'm perfectly fine with it because I'm not. I think it's called Lulwench. It's a fancy ice cream place that they said no, we don't take cash, everything was digital. And we checked that cash register and there's not a single physical cash in there. So that one's all digital, all digital.
Speaker 1:So if someone wants to break in, not gonna get cash, but I would still say physical, I mean breaking. More security is important because human lives are in danger. That cook could just, you know, get frustrated, whack the person or shoot the person, depending, depending what weaponry Well, it's mostly a he, let's be real. He, she or she has Just take his first shot, you know. Or someone just retreat let's just hope it's that one. The thief just retreats because he's realized he made a foolish mistake and then of course you know you call 911 and all that good stuff and then hopefully nab him and there you go. That will be the ending you want to aim for, right. So, yeah, I would say physical security is important. The reason why we focus on cyber because, just like you said, the majority of financial transactions is digital, majority of them. And I think another one I think I'm not sure they still company Stripe is another one that does a lot of financial transactions as well. That's the one I'm gonna add in there. But yeah, it's you know. But security is important. You know security is important and I think you know one. I think one has some very wise advice.
Speaker 1:I'm gonna quote probably someone political, I think reagan. I don't say trust, but verify. Well, security is gonna verify the details for you and, and that's proof right there, man, you'd be kind of trusting. But also, you know, verify too. I don't agree with that statement entirely. I mean I will say I will verify, then trust. That's my revision of that. All right, I need to make sure if I can trust you or not. You know, I will put that probably in reverse Verify, then trust that trust. That'll be my revision of that proverb. All right, that's just my. This was my personal opinion, but security is just very important. Let me just be absolutely clear about that. To me, that should be a debate. How effective security should be. That'll be a better debate, not if you need security. If you need security, you're just playing russian roulette with your business. That's all I'm gonna say about that. I don't know. I don't recommend that at all. All right, so anything else you want to add before I get to the next question, because I finally get through this alarm.
Speaker 1:Well, now, this is something that well, you'll be an advisor here. What can small businesses or even I'm even gonna throw none for profits if some of them are cheap? Let's just be real about bashing up for profits here. Some of them are cheap. Let's just be real, probably bashing none-for-profits here. Some of them are cheap because they get money through grants and governments and all that, and it's by a certain amount, and I have worked for none-for-profits. That's why I know what can they do to improve their security.
Speaker 2:Sure, I mean, there's a couple things, right. So if I was just going to list three things, the uh. The first one is improving the human layer. So verizon, every year, does a data breach report and they reported in their most recent one that 68 of breaches start at the human layer. Right, so that means, uh, a human is responsible, whether that that's now obviously a human's responsible for, like code and other things too, but like, for instance, getting social engineered sharing information that shouldn't be shared using a really simple password, those sorts of things, right? So, given that that's such a big vector for breaches, my first piece of guidance to any organization that's looking to improve their cybersecurity is to improve their human awareness of cybersecurity. Right? So, making sure people are following good practices. They're using a password manager, you're using multi-factor authentication. You're not downloading random files. You're trusting but verifying, right? So there's a, there's a lot. There's a lot, especially in this, uh, this era of, like, deep fakes and ai, right, there's a lot that can be faked. So, so as if you can lock down the human layer you're in, you're, you've covered a very big portion of of your potential attack surface, especially for smaller organizations, where that's probably some of the biggest attack surface they've got. They don't have a ton of internet exposure or something like that. Right, you want to make sure that the people are doing things in a secure manner, and what that also has the benefit of doing is downstream. So if you put security as a first class citizen within your organization, everybody's thinking about security on a day-to-day basis. They're also going to write more secure code. They're going to do more secure things. If security is always something that everybody's thinking about, so just bringing it top of mind for the organization I think is going to be a huge boon.
Speaker 2:Then, as an organization, you want to make sure you got a handle on your assets right. What's running around on your network? What's you know? What's in your code base, who's pushing what, knowing what's out there and has your name attached to it. I think that's a lot of times, especially in this era of AI and vibe coding and whatnot, you've got people just spinning up all sorts of stuff all the time that potentially has vulnerabilities attached to it. What software is running on what machines? You want to make sure that you've got a handle on that Once you've got a good disposition of that and a characterization in terms of prioritization, because some assets are going to be more important than others. Then you want to also make sure that you're penetration testing those assets right Running assessments, scans and, again, pen testing. You want to make sure that you're taking the approach of an attacker and gaining insight into what an attacker could potentially exploit against your, again, infrastructure, network applications, whatever it is. So those are some really good places to start. And then you've also got you know there's frameworks for all this stuff. For instance, the National Institute for Standards and Technology. They have something called the NIST cybersecurity framework.
Speaker 2:I highly recommend you know, if you're just, it doesn't cost anything, it's just a. You know, it's a list of stuff that you go through and you start checking boxes. If you're trying to trying to figure it out, start there, right. A lot of it has to do with, like, creating policies right, a lot of those policies apply to, like, humans and how you, how you approach things. So that's kind of where where I would start right.
Speaker 2:And if you need help, give Dark Horse a call, right, we're here to help, we're. If you are cost constrained, we're happy to help. Still Not not like, not in the sense of like. Oh, we still not, not like, not in the sense of like. Oh, we'll take every penny you'll give us, but you know, I've got. I've got testers that that are happy to work pro bono, even because they're just passionate about making the world more secure. That's what Dark Horse is about. That's what they're about, and so if you need, if you need help, we'd love to help you identify your vulnerabilities or even just give you some insight around, like here's what you should be thinking about.
Speaker 1:Sounds like a free consultation right there. Yeah, even pro bono. I don't hear other tech businesses, you know, talking about pro bono. You know, I just say don't take advantage of them. But if you want to start a business, I say, you know, I think this would be a good start right there. Pro bono means they're just so passionate, Let the passion take over. You know their financial interests. I mean, look, that's very generous, that's pretty generous.
Speaker 2:Right there we're not trying to build a billion-dollar startup, right, we're not taking funding, we're just out here Again. The mission of Dark Horse is just to make the world a little bit more secure, right, and the corollary to it is like we're making the world more secure by making it easier to become secure. Right, if you remove all these hurdles and things like that, it makes it easier for organizations to become secure. And again, everybody wins, right, it's not just the organization that wins, I also win. If I use your software, if my wife uses your software, if my kids use your software right, we're more secure as a function of it. It's better all the way around, that's very philanthropic right there.
Speaker 1:All right, so well I got. Well, I got the ai question, because this season we are not making ai the main character of the tech segment and so far I think I'm doing a good job, except for one episode. I already told you, listeners and viewers, that ai is going to be, at best, a secondary character, because before it was the main character, it was AI in education, ai in law enforcement, ai in business, ai in this, ai in your life, ai in your job, everything AI. But let me just ask this question about AI how does and I want to make this as mixed as possible, because I don't like simplicity yes, I could be a complicated bitch to you and I am happy, but anyways, the real question is how can AI improve and hinder?
Speaker 2:cybersecurity efforts. You know, you honestly kind of answered it right there by yourself. Already A lot of people ask that question. It's like, oh, how is AI going to improve attackers and how is AI helping the defenders? The reality is it literally does both. Right and so if you, if you look at right, what what ai has done for coding, it just makes people a little bit faster. Right, it's not changing the way people it does. You know it fundamentally like, it does provide access to more people doing more things. But, like, code isn't changing right, it's not like something brand new, it's like it hasn't just morphed into something that it wasn't before. You're just able to do more of it a little bit more quickly. Some of the estimates are like 20% faster, 30% faster, double the capacity, right. So same holds true for cybersecurity, right, it just helps you do a little bit more more quickly, more efficiently, scalable, gives you insights, so, but it's used by the attackers and it's also used by the defenders, right?
Speaker 2:This, you know, security has always been this cat and mouse game. The attackers are always finding new vulnerabilities and the the the companies, are always patching those vulnerabilities. So, find a vulnerability, patch it, find a vote. Same thing's going to happen with AI or is happening with AI. So the defenders are using AI to find attacks more quickly or spot breaches or issues, and the attackers are using it to launch more and more effective attacks, and so it just continues to be this sort of it's just kind of it's the same game that's always been played. It's just playing on a new, a new dimension, as it were.
Speaker 1:I like that. It's like a new dimension cat and mouse. You want to, you want to protect. You look, the cat is the security, the mouse is the enemy. Because the mouse, you know they're nasty, they take food. You want to go make sure the cat is effective. And let's just be clear, just like quality of products, some security softwares are not effective, Like you know. Like Garfield, that lazy cat, I refuse to get off his butt and he just goes for the lasagna instead of doing his job as a cat. You know, scare the mouse or, you're better yet, eat that little vermin, you know. So I think you know quality product. You know quality product matters here.
Speaker 1:And if possible, is it possible to be proactive? I mean, I think, penetrate, they penetrate, um, testing, pen testing, just so, make it short, pen testing, you know, maybe, maybe that, maybe that's making proactive, um, I mean, you can't be proactive for everything, it's just impossible. But you can at least know where your vulnerabilities are. Do a I don't know ethical hackings to see where the vulnerabilities are. Maybe it's one, two, ten, oh, oh, ten, oh, that's a. That's a bit alarming, if that's true.
Speaker 2:Or maybe even more. You'd be surprised how much is out there. There's a lot of vulnerabilities in a lot of different places.
Speaker 1:Just put it that way. And so if someone not if I'm sure someone's very made of AI, is going to try attacking multiple vulnerable places just to get into the system, try attacking multiple vulnerable places just to, just to get into the system and I mean we're, we're building, we're building that right now too, right.
Speaker 2:So like we're, we're building sort of autonomous, uh, you know, next tier automation with uh, with ai and and um, and a lot of people are right, but yeah yeah, for those, for those who are, I say, proactive and somewhat virtuous, but of course, those who got evil intent.
Speaker 1:It's making some massive malware, ransomware or super adware. It just gives you a bunch of ad pop-up. And, of course, I think the original maker of adware he freaking not adware ad pop-ups he apologizes. Apologies is not enough.
Speaker 2:I forgot about it. That was a thing in the early. Yeah, that was a time.
Speaker 1:Yeah, I encountered that at my friend's computer. I said why does ad keys pop up? It'll be clicking out. It pops right back up. It was so freaking annoying. I'm not sure that's a thing. I haven't heard much about that, but I'm sure ransomware, malware yeah, they exist. Of course viruses extract personal information. I'm sure they're still around. You know they're pretty clever, these evildoers, you know. That's why you got to be vigilant, because the good ones they always step ahead, not the ones that are on par with security. No, that means they're defeated, but they're ahead. They will cause some damage. I think this is again. This is why cyber security is essential. It is life and death in a digital dimension. I mean, I can't, can't decide yeah, go ahead.
Speaker 2:I mean we, we have a phrase that you know uh, hack yourself first, right, before you get hacked. Just hack yourself first, right, just hack yourself first. Find those vulnerabilities and then you, you know, take them off the table you know what?
Speaker 1:that? That's good advice. You're hearing that listeners and viewers hearing, especially those who got some computer background. Do that, yeah, do that. You see the obvious vulnerabilities. I'm sure you could find something that as easy for the evildoers just to get your information or breach. Yeah, I, that's, that's good, that's good.
Speaker 1:I don't hear a lot of people say that you see, you see, you know, just because I bring multiple cyber security, you know I'm trying to bring unique aspects of each of them. So what is the most philanthropic out of all of them? Well, one I got to respect what's more out of the box, trying to create cybersecurity for a phone with a fingerprint, as opposed to having or not just fingerprint, fingerprint through the computer and the phones like that, like that, because so much security is true, it's very smartphone-oriented. If you hack the smartphone, you've got treasure chests of valuable information, which I actually have to agree with him on that one. I forget the name of the product, but it's not about that product, so I don't care, I can forget, because it's about Dark Horse. It's a Dark Horse episode, people. You know when I do the next one and then I'll probably forget about dark horse, unless it's super relevant, maybe early 2000s, definitely in the 90s, not as important, but I would say since 2010s they're treated as important as brick and mortar physical security. That that's the main. That's the main point of all of this.
Speaker 1:And look, a lot of them seem to aim for affordability, but there's even a little bit of a pro-no aspect. So don't always attack me for pushing expensive products. I've been doing a little better than that, because some of them I agree with the criticism. Yeah, some of them's kind of expensive, but this one here, this one definitely has some affordable services. Give it a shot and let's do that shameless plug-in. What is that website? Again, darkhorsesh. That's very different. It's not a com. I'm sure you probably would have found hundreds of dark horse. Dark horse, this I don't know. Dark horse is a trojan virus. Dark horse is a sex product. Dark horse is an education tool. I'm not sure dark horse should be useful, all that, but maybe. But hey, a lot of dark horses a lot of too many dark horses.
Speaker 1:So that was the only thing I was about to almost Chris, I don't know dark horse has been kind of saturated, but hey, but it's dot, sh, dot, sh dot dot com. I'm gonna put the link in the description of the episode so you just find it and click it. Um, and anything else you want to um plug in besides that yeah, I mean, yeah, we're, we're here to help, right.
Speaker 2:So our goal is to to make proactive security accessible and affordable to organizations of all sizes and budgets. So we're not really focused on personal security, right. But if you've got an organization you're trying to get a little more secure, we're we're happy to help. That's, that's kind of what we're here for.
Speaker 1:Oh, they're willing to help. Okay, they're willing to help. Okay, they're just really willing to help. They're not profit-first. Should I call you even a business? I'll say, yeah, you are.
Speaker 2:A philanthropic business. We're not a nonprofit. Though I've considered reorganizing, We'll see.
Speaker 1:As of now, I'm just going to call it a philanthropic business. Yeah, that's the framing I'm going to use until you change of course. And then I'm sure you know, I'm sure, look, cybersecurity is going to be more relevant or less and, who knows, you probably got to protect the human body at this point. I don't know, that's a little scary because you know we got.
Speaker 2:Ne no, that's a real thing. Pacemakers, hacking pacemakers, stuff like that. There's some really fun research on some of those things.
Speaker 1:You know, we are increasingly becoming cyborgs. Whether you like it or not, we're getting there. I mean, has there ever been tested I would say even last decade with having a chip inside the human hand? Yeah, inside, not a little car, not a little chip stick. No, it was inside a person. You know they. You know they use their hand just to get it.
Speaker 1:And of course, there was a lot of debate oh, this is ethical, this is an invasion of the body and privacy and all that. It was very controversial at the time. This was like what? Early two months, I think I could be wrong it was a company in manasoma that they did that. So you know.
Speaker 1:So this is why cyber security is becoming more important. That could be the norm. I mean, I look, I look, I'm not, I'm not sure it's guaranteed, but I won't be surprised. That could be a norm. I'm just saying, if we head towards that direction, I won't be surprised. I'm not a futurist, don't put me, don't give me that title, but I won't be surprised because if things are done, a small scale, especially if it's successful or being pushed it's gonna just get larger and larger and larger and larger. Okay, so look and look, we already got neural link. I think neural link's most prolific example that we're connecting chimps and even beings into neural supercomputer networks, whatever you want to call it. So if that gets hacked, you're hacked too. You're physically hacked as well. So that's why cybersecurity is more important.
Speaker 1:You can call it conspiracy theories, I really don't care. It's eventually coming. Is it going to be as evil as you think? No. Is it going to be as good as you think? I would say no. I think it's going to be as evil as you think no. Is it going to be as good as you think? I would say no. I think it's going to be in the middle. I think it's going to be some good and bad. This is like all major technological disruptions it's going to be some chaos along the way and there's going to be some benefit along the way, just like with AI AI update your skills, or AI.
Speaker 1:Your career will die a waltz, your career will die. I will say that again because it is just very, very, very important. And if you choose to be a digital dinosaur, being anti-ai, then your career will die. But if you're close to retirement, good for you. That's all I'm gonna say for those. I don't care, I'm gonna be retired. Good for you. No, and I'm not. I mean don't, just, I really don't mean any disrespect.
Speaker 1:You know, great, you don't. You don't have to do ai. Great, you don't have to deal with AI as much. But things you might have to deal with during travel, during leisure stuff, because AI has been implemented in so many different places. So you can't escape AI unless you live in an Amish off the grid, either 18th century or, if you want to go further back, caveman societies. That's the only way you can avoid AI. And is that practical? Uh, no, I don't think so, unless you know how to survive in the woods or something. That's all. That's all I'm gonna say. Bit over the top, yeah, but those are for you. Who wants to avoid ai altogether? Uh, just, let's just have someone help you with ai. Okay, especially those. You're not gonna use a professional. Anything else you want to add before I wrap this up?
Speaker 2:No man, thanks for thanks for having me. It's been, it's been fun, kind of just just jamming on on some topics, so I hopefully provided some, some value and some insight to to your audience. And yeah, see where it goes.
Speaker 1:Not probably. You definitely provide some value and, like I said, my only concern was how I was gonna differentiate. But you differentiated enough and, of course, a little bit of my wackiness and randomness and that in politics and tea. That helped. That helped a bit as well, because that's the most recent hack during this recording time's gonna be released probably a week from now, um, which is so now for my shows, shameless plug-in like comment subscribe there's for someone who you believe that could be very helpful for. You know, social cyber security related concerns, knowledge and give, give.
Speaker 1:If when you give a review, give it only on apple podcast. If you give it on spotify, I will ignore you because I don't care for spotify, it's only my personal playlist, I don't care, I will ignore it if I ignore. If you want to become a bitch about it, I already said it before good, put it on apple podcast. Those only reviews I'm paying attention to. All right. And then, if you're gonna give a review, if you're gonna critical or praise, put some thought into it. Why was it good or why the episode was not so great? I look, I don't mind. I don't want the perfect score, which I'm happy.
Speaker 1:Invisible Hater gave me one star without saying anything. Thanks a lot, invisible Hater, but at least I got some authenticity. I don't want a five star because I think everything is five star. It's fake. It's pretty fake. I know some podcasts got all five stars. I think it's fake it.
Speaker 1:Yeah, I'm just. I know some of you're gonna be triggered by it, but I that's what I um. You call me a hater, if you want. You're entitled to your opinion, but you're not entitled to the facts. Only opinion, not facts. So, and another thing, I'm on Facebook, youtube. No, I'm going to be expanding my social medias, except for I'm going to be taking down Twitter. It's called X because it's not getting much engagement. There's no point in me having my account there. So that's going to be taken down, but it's's gonna be expanded greatly with, hopefully, if tiktok's not bad, because they've been pushing the deadline to sometime in september, I'm gonna keep playing with that, but it's gonna be on instagram and blue sky for sure, testing blue sky. Maybe blue sky get more engagements or maybe the republicans are right.
Speaker 1:It's like cancel culture hating for lefties. I don't know. I'm going to give it a shot. The truth is normally in the middle. Okay, I mean, they hated JD Vance. I get the reasons why, but hey, my politics is more in the center at the end of the day. Maybe I swing a little bit in center left, center right, depending on the climate, but I always stood kind of in the center, no matter how much I switch, I always kind of that's been my thing.
Speaker 1:All right, so, and if you have extra money, you know, and only three dollars if you want, um, that's if you want. But if you really want cyber security, help, of course you know. Also, check out dark horse sh. You gocom, you're going to the wrong dark horse and and and you might be hacked. Oh there, you go, put some fear in there. But you know, and that's it. That's all I got. So whenever you complete this audio visual journey, you have a blessed day, afternoon or night, and it's hypocritical that I'm bashing you after saying that, but I mean well, for the most part I'm just rough around the edges. That's the New Yorkness in me. Enjoy your life.
