Show Notes
If want to get into computer security, you're going to learn to love it, you're going to have to be successful, because a lot of computer security isn't just about bits and bytes, it's really about effectively communicating what needs to be done to the right people.
In this episode wet have the incredible John Strand. Organizations need to become more proactive, and see where those weak spots are to protect themselves from something like ransomware. You need to run a pen test because you can have somebody literally launch those attacks, and identify those weaknesses in those vulnerabilities before the bad people do.
What's the gap that we can all learn from? It's passwords. By and large for most users, passphrases are the way to go. And, multi-factor authentication is actually a very sound strategy.
If you look at one key tenant of computer security, complexity is the enemy of computer security. And security is constantly trying to catch up and protect against yesterday's attacks. So, the future is more connected, it's more complicated. And the problem is, we still have people that use weak passwords, we still have people that click on links from strangers. And ultimately, when we're looking at that future, you're going to see the exact same problems that we've always had complicated on a much, much, much, much, much larger scale. As things get more and more pushed to the cloud. There'll be no shelter here, the front line is everywhere. World of computer security.
Key Takeaways:
0:00 Previously on the show 2:02 John introduction 2:44 Episode begins 2:47 What John is doing today 3:45 John’s core tenets 5:51 How pen testing is “Blue” 6:17 Why understanding fundamentals matters 8:55 Ransomware 10:41 Organizations need to be prepared 11:58 Password gap 13:37 Password philosophy 17:07 Multi-factor authentication 21:40 What to do today 24:24 New problems 26:44 Learn your own network 28:26 Where to find John
Black Hills Information Security
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Recent Episodes
The AI Gold Rush in Cybersecurity with Chris Cochran
The new cybersecurity pioneers aren’t chasing alerts, they’re building with AI. But what happens when tools meant to assist begin making decisions for us? And what skills do we lose when ...
The AI That Tried to Escape with Ron Eddings
What happens when AI refuses to be replaced? This episode kicks off with a chilling real-world example of an AI threatening blackmail—and only gets more intense from there. Host Ron Eddings ...
Zero Trust Isn’t a Tool — It’s Everything with George Finney
What if Zero Trust isn’t a framework, but the only viable cybersecurity strategy—more about people than products? In this episode, George Finney, CISO at the University of Texas System and ...
Your Two-Year Edge Starts Now with Marco Figueroa
You won’t be replaced by AI—you’ll be replaced by someone using it better. Returning guest Marco Figueroa is back with a frontline report on the AI agent boom. This isn’t a prediction—it’s a ...
Badge Cloning, Alarm Triggers & Getting Hired to Hack with Greg ...
Most people think red teaming is digital—until someone bypasses your locks, plants a Raspberry Pi in your server room, and walks out with your data. That’s not sci-fi. That’s White Knight Labs. ...
Building Cyber Resilience Through Culture with David Shipley
What if fixing cybersecurity wasn’t about more tools, but about unlocking human potential? In this episode, Ron Eddings welcomes back David Shipley, CEO and Field CSO of Beauceron Security, for ...
Ditch the Spreadsheets: Smarter Crypto Security with Michael ...
Still tracking certificates in a spreadsheet? You’re not alone—and there’s a better way. In this special episode from RSA 2025, Ron sits down with Michael Klieman, Global Vice President of ...
Protecting People, Not Just Perimeters with Andrey Suzdaltsev
AI is reshaping the cybersecurity battlefield, and cyber adversaries are getting smarter. In this episode, Ron Eddings welcomes Andrey Suzdaltsev, Co-Founder and CEO of Brightside AI, for a look ...
Digital Clutter and the Death of Passwords with Collin Sweeney & ...
Passwords are the original digital clutter—messy, overstuffed, and way too easy to forget. Like a junk drawer full of old keys and cables, we keep tossing more into them, hoping they’ll somehow ...
What Most Cybersecurity Advice Misses—And How to Fix It with ...
What if the biggest threat to cybersecurity isn’t attackers—but the defenders themselves? Why are we still building tools for experts in a world where technical skills are fading fast? In this ...
WORK WITH US
PODCASTS + SPEAKING + EVENTS
Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.
Thank you!
We will be in touch soon and reach out to you at