In this episode, host Kevin Szczepanski and his guest, Bill Haber of TEKRiSQ, discuss tips to prevent phishing attacks, which, they remind listeners, are “fraudulent attempts to obtain personal information through electronic messages.” Kevin and Bill highlight the prevalence and success of phishing attacks, emphasizing the need for vigilance from both individuals and organizations. Covering examples and types of phishing attacks—spear phishing, smishing, man-in-the-middle attacks—they offer takeaways including slowing down, being cautious of urgency, verifying suspicious emails, conducting tra ..read more

Kevin Szczepanski and Arun Vishwanath, chief technologist of Avant Research Group, discuss the urgent need for cyber-hygiene education for children, including about security and privacy. They highlight frequent cyberattacks targeting schools and other education systems, which often have outdated technology and may lack sophisticated IT security skills and resources. The conversation also touches on the role of the private sector in providing cyber-literacy education. Kevin and Arun embrace reforming credit monitoring for children and expanding its scope to include reputation management, and th ..read more

Kevin Szczepanski and Kyle Cavalieri, president of Avalon Cyber, discuss the increasing risks of funds transfer fraud, covering topics such as understanding this type of fraud, how it works (including fake invoicing and “vishing” attacks), red flags, and how to respond. Red flags can include unexpected calls or emails, and it’s important to be prepared for when these contacts occur. Kevin and Kyle emphasize the growing threat of such attacks, which can result in significant financial losses. They discuss the importance of immediate action, including updating credentials, notifying the bank, in ..read more

More than ever, cybersecurity risk assessments are essential for businesses of all sizes to understand and mitigate their risks. Done appropriately, assessments can provide help with remediation and a plan for moving forward and can even assist with pursuing insurance coverage. This episode, which features Bill Haber, co-founder of the cybersecurity company TEKRiSQ, emphasizes the need for actionable steps and justifying recommendations based on an organization's specific risks and compliance obligations. Even if your organization is not subject to specific regulations, conducting a risk asses ..read more

From Barclay Damon’s new podcast studio, Kevin welcomes back University at Buffalo Professor Siwei Lyu. To start this fast-moving conversation, Siwei notes that what sets generative AI apart from analytical AI is that generative AI focuses on creating content rather than just answering questions or sorting through data, and he sheds light on what seemed to be the technology’s “sudden appearance.” Siwei and Kevin also discuss the introduction of ChatGPT, current and future applications of generative AI, and concerns about generative AI’s misuse. Throughout the talk, Siwei emphasizes t ..read more

Join Kevin Szczepanski as he explains his five need-to-know cyber action items for the year. They involve 1) conducting a cyber risk assessment, essential for identifying and prioritizing risks, 2) developing an incident response plan to help respond to and mitigate cyber incidents, 3) conducting tabletop exercises, which give organizations the opportunity to do run-throughs of real incidents, 4) reviewing policies, including determining which ones you need, and 5) considering appointing a virtual chief information security officer (CISO). Kevin also provides a preview of upcoming topics for S ..read more

“Compliance” doesn’t have to be a dirty word. Check out the final episode of Season 2 of Barclay Damon Live: Cyber Sip™ when, for the first time ever, host Kevin Szczepanski welcomes two guests: his Barclay Damon colleague Bridget Steele and the founder and CEO of Opollo Technologies, Ryan Young. Using Ryan’s company as an example, you’ll hear how embracing compliance rather than avoiding it can be just the ticket to securing clients. Especially in the health care and other highly regulated sectors, when businesses successfully integrate compliance into their development, they can be more ..read more

In episode 46 of Barclay Damon Live: Cyber Sip™, Justin Daniels, an attorney with Baker Donelson and cohost of the podcast “She Said Privacy/He Said Security,” shares with host Kevin Szczepanski his thinking around the use—and risks—of AI in business. His concern comes with the explosion of tools like ChatGPT and the attitude of many business owners, investors, and software designers that if (or when) something goes wrong, especially regarding data and privacy, they’ll “fix it later.” Justin, also the coauthor of Data Reimagined: Building Trust One Byte at a Time, says that attitude ..read more

Welcome to Barclay Damon Live: Cyber Sip™. In episode 44, host Kevin Szczepanski welcomes Brian Haugli, SideChannel CEO, founder of RealCISO, creator and host of CISO Life Podcast, and more, for “Your Cybersecurity Roadmap: Targeting Gaps and Assessing Risks.” Brian and Kevin first address a misconception: If you tick off the common boxes for security controls, you’ve done all you need to do. Not true, says Brian. Using his talent for visual explanations, Brian confirms that there’s a lot more to reducing your organization’s risks and making sure you have a solid program in place. Watch or lis ..read more

Welcome to Barclay Damon Live: Cyber Sip™. In episode 42, “Social Engineering: The People Problem of Cybersecurity,” host Kevin Szczepanski is joined by Arun Vishwanath, a cybersecurity thought leader, author, and chief technology officer at Avant Research Group. Arun discusses his latest book from MIT Press, The Weakest Link: How to Diagnose, Detect, and Defend Users From Phishing, wrapping it into meaningful information about cybersecurity training and testing. Starting with a definition of “social engineering,” which refers to hackers directly targeting users with technology, Arun and ..read more