Byte Sized Security

Marc David

In a world where cyberattacks are becoming more commonplace, we all need to be vigilant about protecting our digital lives, whether at home or at work. Byte Sized Security is the podcast that provides snackable advice on cybersecurity best practices tailored for professionals on the go. Hosted by information security expert, Marc David, each 15-20 minute episode provides actionable guidance to help listeners safeguard their devices, data, and organizations against online threats. With new episodes released every Monday, Byte Sized Security covers topics like social engineering, password management, multi-factor authentication, security awareness training, regulatory compliance, incident response, and more. Whether you're an IT professional, small business owner, developer, or just someone interested in learning more about cybersecurity, Byte Sized Security is the quick, easy way to pick up useful tips and insights you can immediately put into practice. The clear, jargon-free advice is perfect for listening on your commute, during a lunch break, or working out. Visit bytesizedsecurity.com to access episodes and show notes with key takeaways and links to useful resources mentioned in each episode. Don't let cybercriminals catch you off guard - get smart, fast with Byte Sized Security! Tune in to boost your cybersecurity knowledge and help secure your part of cyberspace. read less
TechnologyTechnology

Episodes

Ep29: Hack Your Career: Insider Tips for Cybersecurity Beginners
Aug 29 2024
Ep29: Hack Your Career: Insider Tips for Cybersecurity Beginners
Navigating Cybersecurity: Q&A Session with MarcIn this special episode recorded outdoors, Marc answers listener questions about breaking into the cybersecurity field. Topics include gaining practical experience without an IT background, the importance of certifications, essential soft skills, networking strategies, handling job rejections, and making a career transition into cybersecurity. Marc provides practical advice on how to stand out in interviews, tailor your resume, and continuously improve your chances of landing a cybersecurity job. Resources and contact information are available in the show notes.00:00 Introduction and Format Change00:29 Question 1: Gaining Practical Experience in Cybersecurity03:31 Question 2: Importance of Certifications06:46 Question 3: Crucial Soft Skills09:26 Question 4: Standing Out in Job Interviews12:33 Question 5: Networking in Cybersecurity15:59 Question 6: Handling Rejection and Improving Applications22:35 Conclusion and Final Thoughts---I do hope you enjoyed this episode of the podcast. Here are some helpful resources, including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeCybersecurity Conferences - Our cybersecurity conference directory is meticulously updated and checked manually to prevent spam, ensuring it remains the community’s premier resource for discovering top cybersecurity conferences, events, meetings, and seminars for 2024, 2025, and beyond.The Hire Drive Podcast Series - Apple PodcastsZero to Hired: Job Hunting in the AI Age - "Zero to Hired: Job Hunting in the AI Age" demystifies the complex world of job searching and hiring practices, providing job seekers with a comprehensive step-by-step guide to leverage artificial intelligence and modern digital tools to land their dream job. --Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity
Ep28: How to Delete Your Data from the Internet
Aug 27 2024
Ep28: How to Delete Your Data from the Internet
Safeguarding Your Identity: Essential Tools and TechniquesThis episode focuses on the increasing dangers of data breaches and the various steps individuals can take to protect their personal information. Highlighting the threats posed by data breaches and data brokers, the discussion provides detailed reviews of free resources such as OperationPrivacy.com and Google’s 'Results About You' feature. These tools help users remove their data from major brokers and search engines. Additionally, the episode covers the importance and process of freezing your credit to prevent identity theft, emphasizing the use of password managers and two-factor authentication (2FA) for enhanced security.00:00 Introduction: The Reality of Data Breaches00:22 Understanding the Risks: How Your Data is Compromised01:29 Adopting a Breach Mentality: Protecting Your Information02:27 Operation Privacy: A Free Tool for Data Removal06:41 Google Results About You: Managing Your Online Presence10:15 Freezing Your Credit: An Essential Step13:34 Conclusion: Taking Control of Your Data Security---I do hope you enjoyed this episode of the podcast. Here are some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeGoogle Take Controls of Results About YouOperation Privacy--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity
Ep26: Cybersecurity Influencers Need to Do Better
Mar 14 2024
Ep26: Cybersecurity Influencers Need to Do Better
The Responsibility of Cybersecurity Influencers: A Call for IntegrityThis podcast addresses the issue of misinformation in the cybersecurity community, especially among influencers on platforms such as TikTok. The narrator emphasizes the importance of influencers conducting thorough research and providing accurate, evidence-based information rather than spreading myths or fear-mongering. They argue that cybersecurity influencers have an obligation to their audience to be reliable sources of information, citing examples such as unfounded fears about iOS updates and privacy. The podcast critiques the current state of cybersecurity discourse, where ease of content creation has led to an abundance of unverified information, comparing it unfavorably to the medical field where expertise is rigorously vetted. The narrator calls on influencers to improve their practices by doing proper research, citing sources, and understanding the real-world impact of their advice on data protection and security. Lastly, the importance of being discerning about the motives behind the information provided by influencers, including financial incentives, is highlighted as crucial for the audience's ability to trust the content they consume.00:00 The Call for Cybersecurity Influencers to Step Up00:45 The Dangers of Misinformation in Cybersecurity02:09 The Responsibility of Influencers: Research and Truth03:52 The Importance of Credibility and Trust in Cybersecurity Advice05:57 The Role of Influencers in Educating the Public Responsibly09:59 The Obligation of Cybersecurity Influencers to Provide Accurate Information12:46 Final Thoughts: The Impact of Responsible Influence---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity
Ep23: Updated Google Cybersecurity Professional Certificate
Nov 19 2023
Ep23: Updated Google Cybersecurity Professional Certificate
Decoding Google Cybersecurity Certificate ProgramThe speaker discusses the Google Cybersecurity Certificate Program and its benefits for both experienced and new cybersecurity enthusiasts. The speaker discusses how you can get the program for free through libraries that offer Coursera, like the California state public library. No matter if you're already in the field and looking for a refresher course or entirely new to cybersecurity, the speaker finds the program commendable. They add that while it won't guarantee you a job, it does provide a structured learning path and a certificate that you can mention on your resume.Timeline:00:00 Introduction to Google Cybersecurity Certificate Program00:16 Who Should Consider the Program00:51 Benefits of the Program01:12 Comparing with Other Certifications02:32 How to Access the Program for Free03:11 Personal Experience with the Program03:26 Benefits for Existing Certification Holders05:31 Value of the Certificate for Job Seekers07:02 Final Thoughts and Recommendations---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeGoogle Cybersecurity Certificate - The Google Cybersecurity Certificate program on Coursera--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurityMentioned in this episode:YouTube Byte-Sized Security Channel
Ep21: How to Get Coursera Courses for Free
Nov 8 2023
Ep21: How to Get Coursera Courses for Free
I'll explain how to access Coursera courses for free with a public library card. This is possible for people living in specific states and cities like California, New York, Tennessee, Missouri, and Chicago. I'll share personal experience of using library resources to take an 8-module Google cybersecurity professional certificate course from Coursera for free, from which I earned CPE credits towards my CISSP renewal. I'll also mention the added bonuses of a library card, including access to Udemy, free WiFi hotspots, newspapers like New York Times, and more. I encourage listeners to explore this free route to improve their cybersecurity knowledge, saying a sign of curiosity and inquisitiveness, two qualities important to succeeding in cybersecurity.---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeCoursera partners with the California State Library to launch free statewide job training program  - Coursera Blog - Check your local library's eLearning or Digital areas. Ask them if they can join if it's not listed. Coursera is free for the California State Library partner libraries including New York, Tennessee, Missouri, and the city of Chicago. --Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity
Ep20: LinkedIn Learning Free with a Library Card... And a Whole Lot More!
Nov 6 2023
Ep20: LinkedIn Learning Free with a Library Card... And a Whole Lot More!
Unlock Free Learning Resources with your Public Library CardIn this podcast, I will tell you how to access premium online learning resources like LinkedIn Learning, Udemy, and Coursera for free, simply by utilizing your public library card. Most people don't know that library cards can open doors to various resources, varying from library to library. However, most libraries in the U.S provide free access to LinkedIn's premium content. Plus you can gain access to Libby, an app allowing users to borrow a selection of audiobooks and ebooks. I want to stress the importance of taking advantage of available resources paid through taxes rather than spending additional money on courses and online platforms.00:00 Introduction to Free Access to LinkedIn Learning00:37 The Secret: Public Library Card00:57 How to Use Your Library Card for Online Learning01:33 Accessing LinkedIn Premium Content with Library Card02:12 Why Collect Multiple Library Cards02:27 Examples of Different Libraries and Their Offers02:49 Accessing Coursera with Library Card03:53 Additional Benefits of Public Library Card00:40 Steps to Accessing Online Learning Resources05:48 The Value of Public Library Resources07:23 Conclusion and Call to Action08:08 Accessing Mobile Hotspots with Library Card---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurityMentioned in this episode:YouTube Byte-Sized Security Channel
Ep18: The Illusion of Expertise: Are YouTube's Security Gurus Really in the Trenches?
Oct 26 2023
Ep18: The Illusion of Expertise: Are YouTube's Security Gurus Really in the Trenches?
Show Notes for Byte-Sized Security Episode: "The Illusion of Expertise: Why YouTube's Security Gurus Aren't in the Trenches"In this eye-opening episode, host Marc David takes a critical look at the proliferation of self-proclaimed cybersecurity 'experts' on YouTube. We delve into the mechanics of content creation, the business model behind it, and the glaring gap of practical experience. Ready for a reality check? Tune in!📌 Timestamps00:00 - Introduction: The Fluff & Stuff of Cybersecurity YouTube Videos01:46 - Core Argument 1: The Content Mill03:25 - Core Argument 2: The Business of YouTube05:28 - Core Argument 3: Missing Practical Experience07:15 - Counter-Arguments: The Other Side of the Coin08:58 - Conclusion: A Byte-Sized Reality Check10:15 - Call to Action & Community Poll: How Do You Vet YouTube Cybersecurity Experts?🎯 Key TakeawaysExpertise ≠ Popularity: A large subscriber count doesn't necessarily make someone an authority in cybersecurity.Content Mills: The alarming rate at which some YouTubers churn out content may impact the quality and depth of their advice.Business Over Authenticity: Learn why monetization models can clash with the ethical considerations of cybersecurity.The Importance of Practical Experience: There's no substitute for hands-on, in-the-field know-how.🗳️ Community PollDon't forget to participate in our YouTube community poll: "How do you vet the credibility of a cybersecurity expert on YouTube?" Click here to vote!---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security
Ep15: How I Got a Job in Cyber Security without Experience
Oct 10 2023
Ep15: How I Got a Job in Cyber Security without Experience
Getting a job in cybersecurity without direct experience can be challenging but not impossible. Here are some strategies to help you break into the field:Education and Certifications: Obtain foundational certifications like CompTIA Security+ and consider advancing to others like CISSP, CEH, or Cisco's CCNA Cyber Ops.Network: Attend cybersecurity conferences, seminars, and meetups. Engage with professionals and peers in events like DEFCON or platforms like Meetup.com.Internships and Entry-Level Positions: Pursue internships or related entry-level positions, such as IT support roles, to gain relevant industry experience.Projects and Portfolio: Establish a home lab, explore security tools, or conduct ethical hacking on systems where you have permission. Document and showcase your endeavors.Online Platforms: Engage in platforms like Hack The Box, TryHackMe, or participate in Capture The Flag (CTF) challenges to hone practical skills.Blogs and Publications: Write about cybersecurity topics to demonstrate your knowledge and passion for the field.Additional Training: Use platforms like Cybrary, Udemy, and Coursera to take courses in cybersecurity and further develop your skills.Soft Skills: Highlight your analytical, problem-solving abilities, and other vital soft skills that are in demand in cybersecurity roles.Transferrable Skills: Emphasize skills from previous roles or experiences that can be applied to a cybersecurity position.Stay Updated: Regularly update your knowledge on the latest trends, news, and threats in the cybersecurity domain.Further Education: Depending on your aspirations, consider pursuing degrees in cybersecurity or related disciplines.Seek Mentorship: Connect with industry professionals who can provide guidance, insights, and potential introductions.Volunteer Opportunities:Contribute to local non-profits, schools, or community centers by offering cybersecurity services or training.Use the experience to develop practical skills and expand your professional network.Highlight your dedication to the industry and community on your resume.Starting Your Own Business:Demonstrate your entrepreneurial spirit, initiative, and proactive approach.Gain hands-on experience by tackling real-world cybersecurity challenges for clients.Develop and hone both technical and business skills, such as client relations and project management.Establish credibility through success stories, case studies, or client testimonials.With a combination of these strategies, you can build a robust resume and gain valuable experience, positioning yourself effectively for a career in cybersecurity, even if you're starting without direct experience in the field.---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security
Ep14: The Future of Authentication: Passkeys Explained
Oct 1 2023
Ep14: The Future of Authentication: Passkeys Explained
Episode Overview:In this episode, I had the pleasure of sitting down with Dr. Lillian Hartfield to discuss the transformative approach to authentication: Passkeys. We delved deep into what passkeys are, how they differ from traditional passwords, and the reasons behind their rising popularity.Key Discussion Points:Introduction to PasskeysDr. Hartfield provided a comprehensive overview of passkeys and their advantages over traditional passwords.The Problem with Current Password SystemsWe discussed the challenges users face with complex passwords and the security risks associated with password reuse.Enhanced Security with PasskeysDr. Hartfield shed light on how passkeys leverage public-key cryptography to offer a more secure authentication method.The Process of Creating and Using PasskeysWe walked through the user-friendly process of setting up and using passkeys for online authentication.Device and Platform Support for PasskeysDr. Hartfield highlighted the widespread adoption of passkeys across various devices and platforms.Password Managers and PasskeysWe touched upon the integration of passkeys in password managers, with a special mention of 1Password.The Future of PasskeysDr. Hartfield shared her insights on the potential of passkeys to replace traditional passwords in the near future.Episode Highlights:"Passkeys offer a more secure and user-friendly alternative to passwords." - Dr. Lillian Hartfield"Password managers like 1Password are evolving to support passkeys, ensuring users have a centralized, secure location for authentication." - Dr. Lillian Hartfield---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeWhat are passkeys? Everything you need to know about the death of passwords--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security
Ep12: The MGM Resorts Breach: Lessons Learned and Future Implications (Extended)
Sep 25 2023
Ep12: The MGM Resorts Breach: Lessons Learned and Future Implications (Extended)
Episode Overview:In this extended episode, host Marc David and cybersecurity expert Savvy Sharma delve deep into the recent cyberattack on MGM Resorts International. They discuss the tactics used by the attackers, the vulnerabilities exploited, and the cascading impact of the breach on MGM's operations.Key Discussion Points:Introduction to the MGM Resorts AttackOverview of the attack and its significance in the cybersecurity landscape.The Attackers and Their TacticsThe role of Scattered Spider and their use of social engineering.The exploitation of password reuse and the significance of multi-factor authentication.The Impact and AftermathThe deployment of BlackCat/ALPHV ransomware and its consequences.The financial and operational repercussions for MGM Resorts.Lessons Learned and Mitigation StrategiesThe importance of privileged access management (PAM) solutions.Strategies for improving multi-factor authentication (MFA) control.The significance of protecting Tier 0 assets and adopting best Identity Provider (IdP) practices.CyberArk Labs' TakeawaysThe commonality of attacking IAM platforms.The role of BlackCat/ALPHV in the attack.The importance of monitoring trust changes and staying updated on evolving cyber threats.Episode Highlights:"A series of mistakes ultimately led to one of the most visible and brand-damaging attacks in years." - Savvy Sharma"It’s crucial for organizations to continuously improve their security measures and follow best practices to protect themselves in today’s digital landscape." - Savvy Sharma---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeThe MGM Resorts Attack: Initial Analysis--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security