Avsnitt
-
You finish at 6:00pm. At 6:47 you reopen the laptop, 'just to check something.' By 9:00 the evening is gone. The boundary didn't fail tonight. It was never there.
Episode 27 of Plaintext with Rich closes the Month of Mindfulness, a five-week series on self-care for people working in security and tech. This week we're talking about work-life balance, but not as willpower or time management. As protective infrastructure. We pull the arc together, mental, spiritual, physical, and burnout, and land on the idea that balance is what keeps the first three from collapsing into the fourth. We borrow briefly from Cal Newport's concept of deep work and Jocko Willink's framing of discipline as freedom, neither as sermon, both as shorthand. The episode closes with a Plaintext Starter Kit of structural defaults, not resolutions, designed to protect a sustainable career in a job that otherwise won't let you have one.
If you've made it to the end of this series and you're asking 'okay, but how do I actually live this on a Tuesday,' this one is for you.
Ten minutes or less. One topic. No panic.
Cal Newports "Deep Work: Rules for Focused Success in a Distracted World"
Jocko Willink
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
You're reading a breach report. Third one this month. Last year a story like this would have lit something in you. Today you scroll past it. That's not you. That's the bill.
Episode 26 of Plaintext with Rich is the fourth installment of the Month of Mindfulness, a five-week series on self-care for people working in security and tech. This week we're talking about burnout, what it actually is and why the cybersecurity industry produces it reliably. We use the World Health Organization's classification of burnout as an occupational phenomenon and Christina Maslach's three dimensions (exhaustion, cynicism, reduced efficacy) to name what most of us feel but can't label. We get into the systemic causes specific to our field: always-on culture, headcount lag, and job designs that treat recovery as a perk instead of infrastructure. The episode lands with a Plaintext Starter Kit split between what the individual can do and what only leadership can fix.
If you've ever caught yourself scrolling past a breach report that used to light a fire and realized you don't feel anything, this one is for you. Whether you're the one carrying the load or the one supposed to be protecting the people who are.
Ten minutes or less. One topic. No panic.
Christina Maslach -> https://www.linkedin.com/in/christinamaslach/
World Health Organization -> https://www.linkedin.com/company/world-health-organization/
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
Saknas det avsnitt?
-
It's Friday morning. You stand up to refill your water and your back doesn’t move the way it used to. The systems are up and running smoothly. Your body hasn’t gotten the same memo.
Episode 25 of Plaintext with Rich is the third installment of the Month of Mindfulness, a five-week series on self-care for people working in security and tech. This week we’re talking about physical health, the silent receipt your body keeps for the cumulative load of this job. We get into the specific body costs of security work: long incident response shifts, screen time, the cortisol of on-call, sleep disruption from pages, and the war-room conditions that turn your spine into a slow-motion lawsuit. The episode lands with a Plaintext Starter Kit of habits you can start this week, no programs to join and no protocols to memorize.
If you’ve ever come off a long incident and felt every hour you spent at the keyboard in your shoulders, this one is for you. Whether you’re an analyst, an engineer, or the one person doing security at a 40-person company, the body keeps the bill.
For community around this conversation, find Rich’s LinkedIn group, Desk to Deadlifts. The name is catchy, but it’s not a powerlifting group. It’s a space for professionals trying to fit physical health into busy lives.
Ten minutes or less. One topic. No panic.
Desk to Deadlift (LinkedIn Group) https://www.linkedin.com/groups/13248033/
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
Spiritual health on a cybersecurity podcast sounds like a stretch. Stay with us. Because somewhere between the vendor pitches, the patch cycles, and the 3 a.m. page, a lot of us stopped working for the why and started working for the number.
Episode 24 of Plaintext with Rich is the second installment of the Month of Mindfulness, a five-week series on self-care for people working in security and tech. This week we define spiritual health as the values that make up who you are, the things you won’t trade even for a raise. We get into mission drift, the quiet trap of lifestyle creep in a high-paying field, and the 3 a.m. test for whether your values are still alive when the paycheck isn’t watching. We acknowledge that for some listeners these values come from a faith tradition and for others they don’t, and both are valid. The episode lands with a Plaintext Starter Kit, including the simple act of writing your values down, asking yourself what ‘enough’ actually looks like, and finding people (including communities like Shield that are built for grounded, sustainable careers in tech and cyber) who remind you who you are before the title does.
If you’ve ever wondered why the bigger paycheck stopped making the work feel better, this one is for you. Whether you’re a SOC analyst, an engineer, a CISO, or the one person doing security at a 40-person company, your values have to outrun your comp.
Ten minutes or less. One topic. No panic.
Shield Community, a wellness program built specifically for technology and cybersecurity professionals. https://www.shield.community/
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
It's 6:47 a.m. The incident was contained hours ago. The systems are fine. You're the one still running hot.
This episode opens the Month of Mindfulness, a five-week Plaintext with Rich series on mental health, spiritual health, physical health, burnout, and work-life balance for people working in cybersecurity and tech. May 1 happens to fall during Mental Health Awareness Month, which makes it the right time to start. We're talking about the mental load that comes with vigilance work: on-call rotations, alert fatigue, incident response, and the cost of being the person who carries worst-case scenarios in your head all day. Plus a Plaintext Starter Kit with five practical moves, including how to actually use your Employee Assistance Program (EAP) and where to find Mental Health Hackers at the next conference you attend. And three programs worth bookmarking: Pacific Mindful's CyberReset, The Zensory, and Shield Community, each built for the nervous system demands of technology and cybersecurity work.
If you've ever come off an incident and wondered why your body is still running an alert two days later, this is for you. Whether you're an analyst, an engineer, a CISO, or the one person doing security at a 40-person company, the load is real and so is the recovery.
Ten minutes or less. One topic. No panic.
Pacific Mindful's CyberReset, a precision nervous system training tool built for high-exposure roles. https://www.pacificmndfl.com/reset
The Zensory, a science-backed wellbeing platform with a dedicated Cyber Mindfulness Campaign. https://thezensory.com
Shield Community, a wellness program built specifically for technology and cybersecurity professionals. https://www.shield.community/
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
A dashboard lights up with indicators of compromise. The analyst copies the top five into a ticket, tags it "actionable," and sends it to the SOC. Nobody reads it not because they don't care, but because it didn't tell them what to do or why it mattered. That's not an intelligence failure. That's a confusion about what intelligence actually is.
This episode breaks down threat intelligence from the ground up, drawing on Rich's military experience as a case officer in special operations. It separates data, information, and intelligence into three distinct layers, explains why most CTI programs skip the step that actually matters. Connecting analysis to a specific decision and introduces the concept of Priority Intelligence Requirements as the questions that should drive everything a security team collects and analyzes. The episode covers the intelligence cycle, why feeds alone aren't intelligence, and why organizations that never close the loop are publishing, not protecting. It closes with a five-step starter kit for building a threat intelligence function that actually changes decisions.
Whether you're standing up a CTI program, evaluating one that isn't delivering, or just trying to understand what threat intelligence should look like, Plaintext with Rich cuts through the noise.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
The fighter absorbs hits up front. The rogue finds traps before the party walks into them. The cleric keeps everyone alive when things go wrong. And the bard convinces the people with resources to actually fund the quest. Nobody does everything. Everybody has a role. Now replace the dungeon with your company's network.
This episode maps cybersecurity roles to D&D character classes, SOC analysts as fighters, pen testers as rogues, incident response as clerics, security architects as wizards, CISOs as bards, and threat intelligence analysts as rangers. It translates the six core ability scores into an organization's security posture: Strength as technical controls, Dexterity as speed of response, Constitution as resilience, Intelligence as threat knowledge, Wisdom as judgment, and Charisma as communication. Then it breaks down why parties wipe, siloed teams, no incident response plan, main character syndrome, and ignoring the logs before closing with a five-step starter kit for building your party and running the campaign.
Whether you're a tabletop gamer who works in security or a leader trying to understand why your team needs every role filled, Plaintext with Rich has the quest briefing.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
A vulnerability advisory drops on a Tuesday. Two people read the same report. One sees a severity score and waits for a patch. The other understands what a heap-based buffer overflow actually means and starts reducing risk before a fix even exists.
This episode breaks down why code literacy is a cybersecurity skill, not just a developer skill. It starts with the listener's question about learning C and C++ for security, then widens the lens to cover the full stack: why C still matters because of how it handles memory, how offensive operators use that knowledge to find and exploit weaknesses, and how defenders use it to read malware, assess real risk, and build their own tools. The episode maps four languages to four layers, C and C++ for how software touches hardware, Python for automation and speed, JavaScript for web attack surfaces, and Assembly for understanding what the machine is actually doing then closes with a four-step starter kit for building code literacy at any level.
Whether you're a security professional wondering where to start with code or a leader trying to understand what your team means by "exploit development," this episode makes the case clearly. Plaintext with Rich.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
Someone sits down at a keyboard, mashes keys for six seconds, and says "I'm in." Every security professional dies a little inside but that scene is probably the reason half of us got into this field.
This episode walks through the movies, TV shows, books, graphic novels, and video games that shaped how we think about cybersecurity. Each pick lands in one of two buckets: the fantastical, the ones that made hacking look cool even when the tech was nonsense and the accurate or semi accurate, the ones that actually got the culture, the tools, and the tedium right or tried to. From Neuromancer to Mr. Robot, from Ghost in the Shell to Hacknet, and from The Cuckoo's Egg to community-built projects like Skadi: Threat Hunter and REKCAH Comics' The Future Is ******, this is a guided tour through the media that built cybersecurity's identity. The episode closes with a five-item starter kit for anyone looking to dive in.
Whether you're new to cybersecurity and looking for a way in, or a veteran who wants to hand someone the right recommendation, this one's your reading, watching, and playing list curated on Plaintext with Rich.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
People love to ask which operating system is the most secure. That's the wrong shape of question. Each one is designed for a different job, and that shapes how it gets attacked.
This episode clears up what Linux actually is, how it compares to Windows and macOS, and why the differences matter for security. It starts by explaining why Linux isn't one product but a family of systems built around a shared kernel, then covers how each OS handles permissions, software installation, and administrator access differently. The episode walks through why Windows attracts commodity malware at scale, why macOS trades flexibility for Apple's guardrails, and why Linux incidents usually start not with a dramatic virus but with quiet exposure: an open SSH service, default credentials, or a skipped patch. It busts three common myths (Linux doesn't get malware, open source means audited, macOS and Linux are the same thing) and closes with a five-step starter kit covering patching, attack surface reduction, least privilege, trusted software sources, and recovery planning.
Whether you're choosing an OS for your team, managing Linux servers for the first time, or just curious why your security team cares so much about configurations, Plaintext with Rich sorts it out.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
You tap a button and a ride shows up. You check out online and your bank approves it in seconds. It feels automatic. But nothing in software is automatic. Something received a request, decided it was valid, did some work, and sent back a response. That something is an API.
This episode breaks down what APIs actually are, why they exist, when to use them, and why they matter far more than most people realize. It starts with a restaurant analogy that makes the concept click, then walks through how modern software is built from modular pieces that coordinate through structured requests and responses. From there, it covers the four ways APIs quietly fail: weak identity, excessive permissions, blindly trusted input, and missing guardrails for automation abuse. The episode closes with a four-step starter kit for treating every API like the security-critical control point it is, covering authentication, authorization, data minimization, and abuse prevention.
Whether you're a business leader trying to understand what your engineering team means by "API security" or a professional who wants the concept explained without the jargon, Plaintext with Rich makes it clear.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
At 4:47 p.m., someone pastes a customer escalation into an AI assistant and asks it to rewrite the tone. The reply is perfect. It also includes a private note from the internal thread. No breach. No attacker. Just a new workflow that doesn't know what should stay inside.
This episode breaks down how to secure AI tools in the workplace by treating them like any other system that handles sensitive information and influences decisions. It covers the three patterns where AI quietly breaks: sensitive data going in through normal use, assistants being steered by hidden instructions inside documents they read (prompt injection), and over-connected AI with too much autonomy and too little friction. The episode references NIST's AI Risk Management Framework, OWASP's Generative AI Security Project and LLM Top 10, and practitioners like Rob T. Lee and Chris Cochran for ongoing grounded guidance. The starter kit covers four moves in order: creating an approved AI lane with company identity and strong authentication, putting guardrails around sensitive data, limiting connectors and permissions with a human in the loop, and making usage observable through logging and adversarial testing.
Whether you're rolling out AI tools to your team or trying to secure what people are already using, Plaintext with Rich provides the baseline.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
Every company says they're using AI. Some mean chatbots. Some mean automation. Some mean statistics with a new logo. If everything is AI, the word stops meaning anything.
This episode untangles what people actually mean when they say "AI" by breaking the umbrella into its real components. It covers machine learning (systems that learn patterns from data), deep learning (layered neural networks that made modern recognition possible), large language models (text prediction engines driving today's headlines), RAG or retrieval-augmented generation (connecting models to specific documents instead of relying on training alone), and agentic AI (systems that don't just respond but take action). The episode explains why these distinctions matter for risk, why a fraud detection model making probability estimates is fundamentally different from an agent allowed to move money, and how to filter the hype with a simple mental checklist: is this prediction, generation, retrieval, action, or branding?
Whether you're evaluating AI tools for your organization, sitting through vendor demos full of buzzwords, or just trying to have a smarter conversation about what AI can and can't do, Plaintext with Rich sorts the categories.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
The access made sense. The exception was justified. The shortcut saved time. Each decision worked on its own. And somehow, together, they added up to failure.
This episode tackles the uncomfortable truth that most security failures aren't caused by ignorance or carelessness. They're caused by systems quietly accumulating risk while everyone is doing their best. It walks through the patterns that create this drift: temporary decisions that never expire, blurred ownership where risk becomes nobody's problem, trust that's too broad because convenience won repeatedly, and complexity without clarity where tools exist but don't drive action. The episode explains why none of this feels like failure while it's happening and why the sentence "we didn't realize it worked that way" is the fingerprint of systemic breakdown. The starter kit covers making ownership explicit, treating access like inventory, reducing silent permissions, designing for human reality, and favoring fewer tools with clearer purpose.
Whether you're a leader trying to understand why incidents keep happening despite good intentions or a practitioner watching risk accumulate in real time, Plaintext with Rich names the patterns.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
The breach didn't come through a broken firewall. It walked in through a valid login. Nothing exploded. Nothing looked suspicious at first. Someone just signed in and kept going.
This episode clears up what Zero Trust actually is and what it isn't. It's not a product, not a box you install, and not a technology you turn on. It's a design decision: don't automatically believe a request just because it comes from inside your network. The episode explains why the old perimeter model stopped working when work moved to laptops, apps moved to the cloud, and being "inside the network" stopped meaning anything useful about risk. It walks through the four core signals Zero Trust evaluates (identity, device health, access scope, and segmentation), explains how Zero Trust Network Access differs from traditional VPNs, and addresses common misconceptions including the idea that Zero Trust means trusting no one. The starter kit covers strong authentication, separating daily accounts from admin accounts, mapping access paths, setting device requirements, and reducing broad network access.
Whether you keep hearing "Zero Trust" in vendor pitches and want to know what it actually means or you're starting to rethink how your organization handles remote access, Plaintext with Rich cuts through the marketing.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
You can lock down every system you own. Patch everything. Train everyone. And still lose control, because the failure didn't start with you. It started somewhere upstream.
This episode breaks down supply chain cybersecurity by explaining why attackers who can't reach you directly look for someone you already trust. It covers the most common patterns: tampered software updates that arrive through legitimate channels, vendor breaches that expose your data through someone else's failure, compromised third-party credentials, and dependency risk hidden inside assembled code libraries. The episode explains why these attacks scale so effectively and why they're hard to defend against, because they ride on legitimate trust. The starter kit covers identifying crown jewel data, mapping real vendor relationships, limiting vendor access aggressively, protecting vendor logins with mandatory MFA, monitoring vendor behavior, patching shared dependencies fast, asking better pre-purchase questions, putting security expectations in contracts, and maintaining backups that actually restore.
Whether you manage vendor relationships, oversee procurement decisions, or just want to understand why one compromised supplier can impact thousands of organizations, Plaintext with Rich explains the risk and the response.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
You don't need to break a system if someone will open it for you. You don't need malware if a message feels urgent enough. Most modern breaches don't start with code. They start with a conversation.
This episode breaks down phishing and social engineering by explaining why these attacks keep working: they don't fight logic, they sidestep it. It covers how modern phishing has evolved beyond email to include text messages, voice calls, MFA fatigue attacks, QR code phishing, and AI-assisted impersonation. The episode walks through the emotional triggers attackers rely on (urgency, authority, fear, curiosity, helpfulness), why "I'd never fall for that" is often the opening, and what to do if you've already clicked. The starter kit covers the ten-second pause, second-channel verification, treating "unexpected plus urgent" as suspicious, inspecting senders and destinations, never typing passwords from links, using password managers for detection, strong MFA methods, two-person approval for money movement, and reporting phishing to help stop it for others.
Whether you're responsible for protecting a team or you just want to stop second-guessing every email, Plaintext with Rich explains what actually works.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
You don't get locked out first. You get watched. Someone maps your systems quietly, copies your data quietly, and waits until they're sure you can't avoid the conversation. Only then do the screens go dark.
This episode breaks down how ransomware actually works today and why double extortion changed the stakes completely. It explains how modern ransomware operations move slowly at first, stealing credentials and exploring systems before copying data and triggering encryption. The real leverage isn't locked files, it's the threat of publishing what was already taken. The episode walks through the most common entry points (phishing, reused credentials, unpatched remote access, over-privileged vendors), why ransomware crews now operate like supply chain businesses, and what to do during an incident. The starter kit covers immutable backups, multi-factor authentication, fast patching of internet-facing systems, administrative sprawl reduction, network segmentation, endpoint detection, credential hygiene, and building a one-page incident response plan.
Whether you're a small business owner who thinks you're too small to be targeted or a leader who needs to understand why backups alone no longer solve the problem, Plaintext with Rich lays out the new reality.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
Your house didn't suddenly become unsafe. It just became chatty. Little devices, quietly talking to the internet, all day, all night. Most of them were never meant to be guarded.
This episode explains IoT security by starting with a translation: if a device needs an app to work and Wi-Fi to exist, it's a computer with software, memory, and network access, and computers inherit risk. It covers why manufacturers optimize for convenience over long-term protection, how most IoT compromises happen through automated scanning rather than targeted attacks, and why devices outlive the software inside them. The episode walks through the three things that happen when a device is compromised, becoming part of a botnet, serving as a network foothold, or leaking metadata, then closes with a seven-step starter kit covering device inventory, firmware updates, default credential changes, network separation, disabling unnecessary features, monitoring connected devices, and buying intentionally.
Whether you've got a house full of smart devices or you're just starting to wonder what your thermostat is doing on the network at 3 a.m., Plaintext with Rich sorts it out.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene -
Nothing broke. Nothing crashed. No alarms went off. Someone clicked a box, someone skipped a setting, someone assumed the default was safe. And the cloud did exactly what it was told.
This episode explains cloud security by starting with the most important shift: in the cloud, identity is the perimeter. There is no fence, no lobby, no locked server room. If someone has valid credentials, they don't break in, they sign in. The episode walks through how cloud security goes wrong through misconfigured storage, over-permissioned identities, leaked API keys, missing multi-factor authentication, shadow cloud adoption, and absent monitoring. It covers what attackers actually do once inside, from data theft to cryptomining to quiet entrenchment, then closes with a starter kit covering MFA enforcement, least privilege, secret hygiene, storage lockdown, logging, workload hardening, API protection, and guardrail automation.
Whether you're moving to the cloud, already there and not sure what to watch, or a leader trying to understand why your team keeps talking about misconfigurations, Plaintext with Rich breaks it down.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene - Visa fler
