Many industries are reliant on software and if the software becomes corrupt or an update fails, it may require hands-on support. Do you have your infrastructure set for repair and recovery?

Today’s guest is Gabe Dimeglio. Gabe is a 20-year veteran of information technology and security for private and public sector organizations. He is a results-driven leader, specializing in security services and solutions for mission-critical, complex enterprise platforms. His expertise includes strategic consulting services, risk analysis/risk mitigation, and compliance.

Mr. Dimeglio serves as Vice President & Executive Advisor, Security, Office of the CTO at Rimini Street. He is responsible for oversight of the GSS organization that provides tailored consulting and advisory security services to prospects and clients, in collaboration with Rimini Street sales, client engagement, and retention functions.

• [1:18] - Gabe shares his background and what he does in his roles at Rimini Street.
• [2:38] - Anyone can be a victim of a scam. That includes Gabe.
• [4:03] - Scams are very sophisticated and techniques have come a long way in the last decade.
• [5:23] - Gabe describes what happened with the update that shut down much of the United States’ systems and infrastructure.
• [8:30] - To complicate things, the platform could not be restarted with this update in effect.
• [10:42] - Updates are sideloaded continuously and are processed by this kernel driver. The thought process is interesting because it has happened before.
• [12:37] - This was the biggest problem caused by Crowdstrike.
• [14:47] - One mistake out of 10,000 updates is a low error rate, but there is a lot of reputation damage done in this event.
• [16:50] - In the case of Crowdstrike, turning off auto-update was not an option.
• [18:43] - Any time software, programs, or data are introduced, you’re also introducing risk.
• [21:04] - Part of the solution to fixing this massive problem was hands-on support on every box.
• [26:13] - One problem is that there are some industries where technology is very outdated.
• [27:23] - People are selling their solutions and the solutions are cloud-managed. This is scary due to frequent cloud breaches.
• [31:10] - There are still businesses that have no security professionals or teams managing client data and safety.
• [32:53] - The skills gap is crushing most businesses.
• [35:03] - Security has come a long way, even if there are still areas of lack.
• [37:01] - For the last couple of years, security has been something that there is a budget for in most businesses.
• [40:49] - Don’t ever let anyone convince you to shortcut anything.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Rimini Street Website

It’s not always easy to determine the value of digital assets. The potential of overestimating or undervaluing your data can make it difficult to establish how much protection you need for a cyber intrusion.

Today’s guest is Jeremiah Grossman. Jeremiah has spent over 25 years as an InfoSec professional and hacker. He is the Managing Director of Grossman Ventures. He is an industry creator and founder of White Hat Security and Bit Discovery. He has his black belt in Brazilian Jiu-Jitsu and is an avid car collector.

• [0:53] - Jeremiah shares his background and what he does as the managing director of new venture capital, Grossman Venture.
• [1:55] - When he was 24, Jeremiah’s business was victimized by a data breach.
• [5:30] - This experience taught him that if you treat your customers with integrity and have their best interests in mind, they will keep doing business with you.
• [7:43] - These things happen to countless businesses. It is important to keep customers and clients informed.
• [10:27] - Cybercrime is one of the only crimes where the victim doesn’t always know they’re a victim.
• [13:30] - When it comes to solving these problems, we have to narrow in on the problems that are worth solving and then work for a solution.
• [14:53] - Doing an asset evaluation is a good starting point. There is no algorithm to determine the value of digital assets.
• [19:18] - What role does AI play in this and what should people be wary of?
• [20:31] - How do we raise the cost on the adversary?
• [23:12] - There are ways to bait adversaries as well which is an inexpensive solution.
• [25:17] - These days, adversaries are nowhere physically near the data. They access it all through digital means.
• [27:28] - Jeremiah is optimistic about AI and in his perspective, AI is a tool that will help us determine solutions.
• [28:07] - Currently, cyber insurance has become compulsory.
• [30:48] - Jeremiah explains how things work in venture capital and the problems that are common.
• [34:11] - There are many things that we can do better in this space.
• [35:46] - Jeremiah shares advice for small and medium-sized businesses.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Jeremiah Grossman’s Website
• Jeremiah on Twitter

Pig butchering is worse than just manipulating someone and taking their money. It leaves them with emotional anguish. Once their finances have been drained, they lose their financial security and they no longer trust people. Today’s guest is Erin West. Erin has been with the County of Santa Clara for 26 years and is a Deputy District Attorney. She specializes in cryptocurrency investigations and prosecutions.

• [0:46] - Erin shares her background and what her role is as a Deputy District Attorney in Santa Clara County.
• [3:20] - Five years ago, Erin found herself working on prosecutions regarding SIM swapping and cryptocurrency hacks.
• [4:35] - The emotional impact of “just a financial crime,” is staggering.
• [7:38] - You never know who around you is a victim of some of these crimes.
• [8:18] - Erin describes the experience of being convinced to click a link herself.
• [10:32] - Scammers will think about different things that would trigger someone into clicking a link.
• [13:40] - Pig butchering involves building trust with a victim and showing them a false plush lifestyle.
• [16:08] - A red flag is a text or social media message you may receive that seems misdirected or to a wrong number.
• [19:21] - It feels like the right thing to do when we feel the need to respond to the scammer with a “you’ve got the wrong number,” but that’s how they start a conversation.
• [22:29] - In many cases, scammers bulk text a massive amount of phone numbers. But some people are specifically targeted on social media.
• [24:23] - Covid really accelerated this type of scam due to loneliness.
• [25:40] - A misconception is that these scams target the elderly. But it is not based on age at all.
• [27:03] - Unfortunately, law enforcement is not set up to be able to handle this type of crime.
• [28:18] - Erin explains that law enforcement doesn’t tend to always lead with empathy when this type of crime is reported.
• [30:12] - It is important to report the crime to local law enforcement, but there are other places that the crime can be reported to in addition.
• [32:50] - Victims should be able to speak to a detective.
• [34:33] - Victims should be very wary of third party recovery programs.
• [37:26] - On the other side of things, a scammer could also be a victim of human trafficking and being forced to scam others.
• [39:40] - Scams are being operated on a massive scale and have a front of a corporate business.
• [41:14] - Initially, most of the cases seemed to have money moved out of the country. However, recently scammers have been found to be operating in the US.
• [44:04] - There is some hope and opportunities in recent months where money laundering has been intercepted.
• [46:41] - Progress in education and advocating for less victim shaming is moving in the right direction.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Erin West on LinkedIn