Share
))
HBO and The Ringer's Bill Simmons hosts the most downloaded sports podcast of all time, with a rotating crew of celebrities, athletes, and media staples, as well as mainstays like Cousin Sal, Joe House, and a slew of other friends and family members who always happen to be suspiciously available.
…
continue reading
Manage episode 520535078 series 3642651
Content provided by Jess Vachon. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jess Vachon or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Panic is not a security strategy. We sit down with Craig Taylor, co-founder of Cyberhoot and longtime virtual CISO, to unpack a people-first blueprint that replaces shame and fear with positive reinforcement, practical safeguards, and repeatable habits. Craig draws on his psychology background to explain why short, gamified exercises build muscle memory that holds up against urgent “CEO” emails and deepfake phone calls. The takeaway: rewarded behaviors are repeated, and that truth can transform both culture and outcomes.
We dig into the highest-ROI controls leaders can deploy today, starting with multi-factor authentication across every external account and a fast path to passkeys. Craig demystifies passkeys in plain language, showing how FIDO2-backed credentials tie identity to both device and site, neutralizing password reuse and phishing without extra hassle. For overstretched SMBs, these steps deliver outsized protection with minimal cost.
From there, we zoom out to program strategy. Craig outlines a risk assessment approach that ranks issues by impact, likelihood, and business materiality, then tackles the basics most teams skip: complete asset inventory, verified patching, least privilege, and clean entitlement hygiene. He shares why agentic AI makes phishing smarter and faster, and how a simple rubric for email analysis, practiced monthly, can blunt even adaptive lures. Throughout, we focus on win-win-win outcomes: empowered users, fewer incidents, and lower support costs for MSPs and IT teams.
Ready to build a resilient security culture without burnout or blame? Tune in for clear steps, relatable stories, and tools you can use this quarter: MFA everywhere, passkeys where possible, short training sprints, and disciplined housekeeping.
Special Podcast Offer:
20% off CyberHoot for 1 year using the podcast’s unique coupon code:
Coupon Code: "UnHacked"
Free access to CyberHoot's Cybersecurity Literacy Training platform for individuals:
https://cyberhoot.com/individuals
Send us a text
https://www.vigilantviolet.com/
www.linkedin.com/in/jessvachon1
Chapters
1. Setting The Human Tone (00:00:00)
2. Craig’s Path From Psychology To Cyber (00:00:42)
3. Replacing Punishment With Rewards (00:04:34)
4. HIIT For Cyber: Short, Frequent Training (00:07:25)
5. Role-Based Modules And Deepfake Readiness (00:08:26)
6. High-ROI Controls: MFA And Passkeys (00:11:09)
7. Passkeys Explained Simply (00:14:05)
8. Risk Assessments And Materiality (00:18:17)
9. Humans Aren’t Weakest, Housekeeping Is (00:22:23)
10. Win-Win-Win Security Culture (00:26:08)
11. Agentic AI And Next-Level Phishing (00:31:50)
12. Free Individual Training And Offers (00:37:10)
13. Closing Remarks And Listener Actions (00:41:29)
12 episodes
