InfoSec to Insanity

Recorded Live on YouTube: Thursday, September 11, 2025 – 9:00 PM CTThis week on InfoSec to Insanity, Evan Francen and Matt Goodacre dive headfirst into a problem that’s bigger than firewalls, frameworks, or fancy AI tools—our obsession with short-term thinking. Inspired by Evan’s latest blog post, We’re Addicted to Short-Term Thinking (And It’s Screwing Us All), we’ll break down how chasing the next quick win, quarterly number, or shiny product is wrecking cybersecurity, business, and even our personal lives.Why do we keep doing what we know doesn’t work? Why do leaders mortgage long-term resilience for short-term gains? And most importantly—how do we break the cycle before it breaks us?As always, expect the full InfoSec to Insanity treatment:🔥 WTF Happened This Week? – The biggest security stories, stripped of the nonsense.🤣 CISO Humor – Because if we don’t laugh, we’ll cry.🎤 No-BS conversation – The kind the industry doesn’t want you to hear.💥 Join us live, bring your questions, and let’s talk about building something real instead of just patching over the cracks.

Streamed live on Sep 4, 2025In this episode, Evan Francen and Matt Goodacre are back with Part 5 of the Accountability in Cybersecurity is Broken series: Selling Fear – Why the Cybersecurity Industry Loves the Chaos.Confusion sells. Simplicity doesn’t. And that’s not an accident—it’s a business model. Too many vendors, “experts,” and even practitioners are getting rich off of fear, uncertainty, and doubt (FUD), while the people they’re supposed to protect are left confused, vulnerable, and broke. Evan and Matt will tear into how snake oil gets sold, why simple fixes get ignored (remember the Senate hearing where nobody would admit a firewall could’ve helped?), and what real accountability looks like.Of course, it wouldn’t be InfoSec to Insanity without the fun:WTF Happened This Week? – The biggest security stories, with a dose of sanity.CISO Humor – Laugh so you don’t cry.And plenty of candid, no-BS conversation the industry doesn’t want you to hear.Join us live, bring your questions, and be part of the conversation.Subscribe and hit the bell so you don’t miss it.

Part 4 of the “Accountability in Cybersecurity is Broken” series - Recorded LIVE August 21, 2025 on YouTube.Every breach is a gold mine—but not for the victims. In this episode, Evan Francen (30+ year InfoSec badass) and Matt strip away the shiny headlines to expose the ugly truth: when cyber disasters strike, lawyers strike the jackpot. We’re unpacking how class-action lawsuits have turned cybersecurity disasters into bonanzas for law firms—while the real victims get scraps.From Equifax to AT&T to Meta, we’re talking grotesque settlements, insane legal fees, and a broken accountability loop that thrives on failure.Raw and unapologetic—this is the conversation no one else (or at least, not enough of us) is having.Highlights you won’t want to miss:Why class-action law firms rake in millions every time your data gets exposedHow breach settlements often benefit lawyers more than the victims themselvesThe real numbers behind Equifax, AT&T, Meta—and the legal fee loot they generatedWhy the legal system might be perpetuating failure, not fixing itReal talk on how cyber accountability dies in the courtroom, not the boardroomSubscribe so you don’t miss the chaos.

Accountability in Cybersecurity Is Broken, Part 3 – “Cybersecurity Doesn’t Win Elections: So Politicians Don’t Give a Sh*t”Cybersecurity doesn’t win votes—so politicians don’t care. That political apathy leaves CEOs, boards, and tech giants free to make terrible security decisions with no real accountability. In this episode, Evan Francen (30+ year veteran, co-founder of FRSecure & SecurityStudio, author of UNSECURITY) and co-host Matt Goodacre rip into how politics fuels the accountability crisis in cybersecurity. From Citrix zero-days and hacked U.S. courts to Russian hackers opening a dam in Norway, Evan and Matt deliver WTF headlines, CISO humor, and hard-hitting fixes that don’t need a campaign trail. Expect sharp insights, raw honesty, and a heavy dose of sarcasm aimed at the broken system we’re all stuck with.Highlights:Why politicians ignore cybersecurity until it costs votesWTF news: Citrix, U.S. courts, hacked dams, and vendor disastersCISO humor: therapy for the blame-soaked security prosFive fixes to force accountability—without waiting on lawsA preview of Part 4: Breach? Jackpot. How the Legal System Profits from FailureKey Quote: “Politicians don’t care about cybersecurity because it doesn’t win elections—just lawsuits.”

Part 2: It’s Not Real Until It Hurts Cybersecurity doesn’t change because we know better. It changes because someone bleeds. Not until the breach is splashed across headlines. Not until patients are turned away mid-surgery. Not until your CEO’s kid finds their identity on the dark web. In Part 2 of our six-part series, Accountability in Cybersecurity is Broken, Evan Francen (30+ years of cyber trench warfare) and Matt Goodacre (logic ninja, cyber smartass) rip into the ugly truth: in this industry, pain is the only language leaders understand.We’re talking WTF news—from grounded airlines to vishing attacks against Google—CISO Humor that’ll make you laugh-cry, and a no-B.S. deep dive into why our so-called “leaders” only act after the damage is done. You’ll walk away with a “fix list” for pain-proofing your security strategy, so maybe next time you don’t have to bleed to get budget.If you’ve ever warned about a risk months in advance, only to be ignored until disaster hit—this one’s for you. You’re not crazy. You’re just ahead of the blast radius.This ain’t your compliance department’s podcast. This is InfoSec to Insanity.

Get ready—this isn’t your typical cybersecurity rant:In Part 1: Is It Really Broken?, Evan lays down the truth: accountability in cybersecurity is broken badly and has been for a long time. We’ve confused responsibility (doing the work) with accountability (owning the fallout when it fails)—and that’s where the mess starts.In this episode, Evan and Matt unpack:Why responsibility ≠ accountability—and why that mattersHow CISOs, Boards, and CEOs all dodge the blame, even when security implodesThe “Dark Triad” of forces keeping security failures in motion: the overt attackers, the chaos‑profit sellers, and the abdicator decision‑makersWho actually pays the price when the system breaks—and how to start calling that outExpect raw truth, real talk, and a plan to flip the script on the bullshit status quo.Whether you’re a security nerd, a board member, or someone sick of watching breaches happen while no one gets held to account—this is the conversation you need to hear. Join us live or binge-watch afterward. Hell, challenge us in the chat. Let’s start fixing the broken industry—one episode at a time.

📅 Recorded Live on YouTube: July 17, 2025 • 8 PM CTBased on: “Leading With Vulnerability” — Entry #10 of the Mental Health Without the Bullsht series (https://evanfrancen.com/2025/05/27/le...)We’ve been sold a lie: that leaders must be bulletproof—always confident, always composed, never showing cracks. In this episode, Evan tears that mask off. He shares raw, real experiences about faking invincibility to keep going—and how that act nearly broke him.We’ll unpack:Why hiding mistakes and doubts builds fear, not trustHow admitting “I don’t know” or “I need help” is the real leadership flexPractical vulnerability: owning mistakes, naming limits, and sharing struggling—on your termsHow this creates psychological safety and sparks courageous teamsWhat You’ll Get from This:Unfiltered storytelling—Evan and Matt get real about the cracks and wear the tough-guy leadership causedLeadership checklists—actionable ways to drop the performance and lead through authenticityDrop the ego. Own the cracks. Let’s do leadership differently.#InfoSecToInsanity #MentalHealthWithoutTheBS #FixTheBrokenIndustry #PodcastLive #LeadingWithVulnerability #AuthenticLeadership #VulnerableLeadership #RealLeadership #PsychologicalSafety #MentalHealthMatters #BreakTheStigma #VulnerabilityIsStrength #RealTalk #StrongerTogether #LeadWithHeart #DropTheMask #TrustThroughTruth #LeadershipWithoutTheBS #WorkCultureReform

Recorded LIVE on July 10, 2025 (https://www.youtube.com/@evanfrancenproject)Based on: “Masculinity and Mental Health” — Entry #9 in the Mental Health Without the Bullsht seriesIn this episode, Evan and Matt cut through the crap and tear down toxic masculinity. We’re talking about the conditioning that says real men don’t cry, don’t ask for help, and must suffer in silence. Evan gets raw and real — sharing his own journey through anger, addiction, anxiety, and isolation, and how that “tough guy” mask almost destroyed him.We unpack why men die by suicide at higher rates, why so few seek help, and how emotional suppression leads to aggression, burnout, and breakdowns. But don’t worry—it’s not all doom and gloom. We’ll also explore what true strength looks like:Admitting “I need help.”Going to therapy—even when it feels weak.Crying—with zero apologies.Breaking cycles of emotional suppression.Redefining toughness as being tough enough to be human.f you’re ready to challenge the outdated scripts, redefine what masculinity means, and support each other in being stronger because we’re vulnerable, then this episode is for you.Why Tune In:Zero bullshit talk about why expecting men to “man up” can kill us.Brutally honest stories from Evan that you don’t hear in corporate mental health panels.Practical takeaways for real men, real friends, and real leaders who want to do better.

📅 Recorded Live on June 26, 2026 @ 9 PM CT on YouTube In this next-level continuation of our Mental Health Without the Bullsh*t series, we’re diving deeper into what real support looks like—not just therapy or self-care lip service, but the kind of help that actually sticks. Drawing from Evan’s raw and vulnerable blog post (https://evanfrancen.com/2025/05/23/real-help-looks-like/), and the 8th entry this 11-part series, this episode peels back the layers of stigma, complexity, and what happens when we stop pretending we’re “fine.”Expect:Candid conversation about why most “help” falls flat—and how to fix thatReal-world examples from folks in infosec and beyond, who’ve felt crushed—but found a way outTactical insights you and your people can use—before the burnout or breakdown hitsThis isn’t a feel-good pep talk—it’s a raw, no-BS discussion for anyone tired of the usual mental health fluff in cybersecurity.Join Evan and co-host Matt Goodacre for an honest, unfiltered conversation—grab your drink, silence your phone, and dive in.

📅 Recorded LIVE on YouTube – Thursday, June 19th @ 9PM CT🔗 https://evanfrancen.com/2025/05/20/healing-isnt-linear/In this brutally honest episode of InfoSec to Insanity, Evan Francen and Matt Goodacre dive into a truth we don’t talk about enough—healing isn’t a straight line. Whether it’s healing from burnout, trauma, failure, addiction, or the everyday wear and tear of life in information security, recovery is messy. It’s frustrating. It’s real.This week, Evan and Matt open up about their personal journeys, the setbacks that knocked them down, and the crooked, imperfect road back. We’ll unpack the lies we tell ourselves (and each other), the pressure to “bounce back,” and why pretending to be okay might be the most damaging thing we do in this industry.Expect raw insight, no-BS storytelling, and maybe a few laughs at our own insanity.👉 Grab your favorite drink. Drop the filter. Join the conversation.This one’s for anyone who’s ever felt stuck in the suck. #LivePodcast #MentalHealthAwareness #LifeInCyber #InfoSecToInsanity #UnfilteredTruth #CybersecurityLife #RealTalkInSecurity #CandidConversations #HealingJourney

SPECIAL GUEST: John Harmon, CEO FRSecureThey’re the ones who always show up. Always have the answers.Always say, “I’m good.”And they might be the ones hurting the most.In this deeply personal episode, Evan Francen and Matt Goodacre shine a light on something we all overlook: the silent suffering of the strong ones — the leaders, the fixers, the ones who never ask for help.Based on Evan’s blog post, “Check on Your Strong Friends”, this conversation gets real about:Why high performers and helpers often hide their own painThe myth of strength as self-denialWhy “I’m fine” is sometimes the biggest red flagHow to show up for the people who hold everyone else togetherAnd why it’s time to stop assuming the strong ones are okay⸻ 🔔 It’s not just a reminder — it’s a challenge. Check on your strong friends. And let them check on you. #InfoSecToInSanity #MentalHealth #StrongFriends #CybersecurityCommunity #Vulnerability #NoMoreMasks

Burnout isn’t always a breakdown. Sometimes it looks like working late, smiling in meetings, answering emails at 2am — and slowly falling apart behind the scenes.In this episode, Evan Francen and Matt Goodacre dig into the real face of burnout — the version that’s high-functioning, hidden, and happening to more of us than we’d like to admit.Based on Evan’s blog post, “Burnout Looks Different Than You Think”, this honest and eye-opening conversation explores:Why burnout isn’t always obvious — even to the person going through itHow cybersecurity culture often celebrates dysfunctionThe difference between being tired and being spiritually depletedHow to recognize the warning signs in yourself and othersAnd why we need to stop waiting until people crash before we care⸻🔔 This episode pulls no punches. It’s not about fixing burnout — it’s about finally calling it what it is.#InfoSecToInSanity #Burnout #MentalHealthInCyber #HighFunctioningBurnout #CybersecurityWellness #HonestConversations

Streamed live on May 29, 2025 #Addiction #Burnout #MentalHealthWhen we hear the word addiction, we think of needles, bottles, and rehab. But what if the most dangerous addictions are the ones we don’t even recognize?In this raw and revealing episode, Evan Francen and Matt Goodacre take on the addictions we normalize — workaholism, chaos, constant stimulation, toxic relationships, tech dependency, and more.Inspired by Evan’s blog post, “Addiction Isn’t Just Drugs and Booze”, this conversation will dive into:Why addiction is about what we can’t walk away fromHow the infosec industry rewards addictive behavior while ignoring the damageThe hidden cost of being “high-functioning” but not healthyPersonal stories of struggle, survival, and learning to say enoughIf you’ve ever numbed yourself with work, busyness, or burnout — you’re not alone. This episode is for you.Tune in for truth, vulnerability, and a better conversation about what addiction really looks like.Read the blog: https://evanfrancen.com/2025/05/11/addiction-isnt-just-drugs-and-booze/ #InfoSecToInSanity #Addiction #MentalHealth #CybersecurityCulture #Recovery #Burnout

In this brutally honest and deeply personal episode, Evan Francen and co-host Matt Goodacre dive headfirst into the chaos, creativity, and constant mental noise of living with ADHD — especially in a nonstop, hyper-connected world like ours.Based on Evan’s blog post, “The ADHD Mind in a 24/7 World”, this conversation explores:What it really feels like to have an ADHD brain in cybersecurityHow the industry’s always-on culture clashes with neurodivergent mindsThe strengths, struggles, and misunderstood brilliance of ADHD professionalsWhy silence can be deafening, and why focus is often a moving targetThey’ll share war stories, trade coping strategies, and (probably) get distracted along the way — all while keeping it 100% authentic.📣 Let’s talk about ADHD, mental health, and surviving the infosec grind — with empathy and zero bullsh*t.🔗 Read the blog first: https://evanfrancen.com/2025/05/09/the-adhd-mind-in-a-24-7-world/#InfoSecToInSanity #ADHD #MentalHealth #Cybersecurity #Neurodiversity #LivePodcast

We all know someone who seems to have it together. They’re high-performing, always reliable, maybe even admired. But beneath the surface, they’re barely holding it together.In this episode of InfoSec to Insanity, Evan Francen and co-host Matt Goodacre dive into the brutal reality of high-functioning depression and anxiety, especially in high-stress careers like cybersecurity. Based on Evan’s deeply personal blog post (https://evanfrancen.com/2025/05/06/strong-on-the-outside/), this conversation exposes what most people never see—the silent battles behind the smiles, the crushing weight behind the competence. We’ll talk about:Why “functioning” doesn’t mean healthyThe danger of internalizing pain to keep up appearancesHow to recognize the signs (in yourself or others)Why the strongest people often hide the deepest painWhat we can do to break the cycle and actually healIf you’ve ever felt like you’re surviving instead of living—this one’s for you.📅 Recorded live on YouTube – May 15, 2025 @ 9pm CT

In this deeply personal episode, Evan Francen and co-host Matt Goodacre confront the often-ignored mental health crisis within the cybersecurity industry. Drawing from Evan’s recent blog post (https://evanfrancen.com/2025/05/02/we..., they discuss the hidden struggles faced by professionals in a field where admitting vulnerability is often seen as a weakness. What’s Inside:The pervasive culture of silence and its impact on mental well-beingEvan’s personal journey through ADHD, addiction, and anxietyThe alarming rates of burnout and suicide among InfoSec professionalsPractical steps to foster a more supportive and open industry environmentRecorded live on YouTube on May 8, 2025, this episode aims to break the stigma and encourage honest conversations about mental health in cybersecurity.Join the Conversation: Tune in to this important discussion and be part of the movement towards a healthier InfoSec community.

In this episode of InfoSec to Insanity, Evan Francen and Matt Goodacre dive into the winding, messy, and sometimes hilarious journey of figuring out what the hell you’re actually built for in life. Spoiler: it’s probably not what your high school guidance counselor told you. Live from a cruise ship (yep, really), Evan shares a powerful conversation with an older couple that sparked this episode’s core question: Why do we pressure people to choose a career path before they’ve even lived a little?Expect raw honesty, a few personal war stories, and some serious reflection on how trying things, failing, and pivoting might be the only real way to figure out your calling—whether it’s infosec, garbage collection, or bartending.In this episode:Why we’ve got career discovery all backwardsThe long, weird resume that led Evan to infosecHow societal pressure can screw up great potentialWhat it actually feels like when you find what you’re built forAdvice for the young, the stuck, and the still-searchingThis one’s for anyone who’s still figuring it out—or has a few career skeletons in their closet. (Spoiler: so do we.)

In this episode of InfoSec to Insanity, we dive headfirst into the explosive story shaking the cybersecurity and legal worlds—the FBI investigation into Mark Lanterman, a high-profile cyber forensic expert who’s worked on over 2,000 cases.How did someone with that much influence—and trust—end up under federal scrutiny? What does this say about our industry’s obsession with credentials over character? And how many other “experts” are we blindly trusting without question?Join Evan Francen and Matt Goodacre as they break it all down—candidly, critically, and without pulling any punches. We’ll talk about:The facts behind the caseThe dangerous consequences of assumed credibilityHow this affects our legal system and security industryWhat we all need to do better moving forwardBring your favorite beverage, buckle up, and be ready for some uncomfortable truths. 

Two decades deep into the “War on Terror” and guess what? We’re still footing the bill—and it’s not just in dollars. It’s in surveillance, silence, and the slow death of civil liberties. In this episode of InfoSec to Insanity, we’re digging into what we’ve really lost since 9/11. From the Patriot Act’s shady legacy to the mass surveillance that makes Orwell look like an optimist, we’re pulling zero punches.Join us as we unpack:The quiet expansion of government spying in 2024Why your grandma might be on a watchlist (seriously)The illusion of security vs. the cost of freedomHow privacy became a punchline—and what we can still do about itThis one’s for the folks who aren’t okay with being watched while they microwave a Hot Pocket. Bring your questions, your conspiracy theories, and maybe a tin foil hat—because this is gonna get real.Subscribe, show up, speak up.It’s time to reclaim the narrative.

Why do massive security failures happen—and nobody gets held accountable?In this raw and unfiltered episode of InfoSec to Insanity, we’re diving headfirst into the Accountability Vacuum that plagues the cybersecurity industry. Breaches keep happening. Sensitive data keeps leaking. Companies issue statements, pay fines (sometimes), and move on… but the people responsible? They skate.Join us as we dig into:🔥 High-profile breaches and the aftermath🔥 Why CISOs and execs rarely face real consequences🔥 The role of compliance theatre and corporate cya culture🔥 Legal loopholes, PR spin, and boardroom silence🔥 How we actually fix this broken systemIt’s time for some hard truth and zero sugar-coating. If you’ve ever wondered why security failures keep happening with no real fallout, this is the conversation you’ve been waiting for.🎙 Hosted by veteran InfoSec pros with a mission to fix the broken industry—one brutally honest episode at a time.

The security industry is flooded with paper tigers—people who look the part, talk the talk, but can’t actually do the damn job.We’ve all seen them. The security “leaders” who push policies they don’t understand. The certification collectors who crumble when real shit hits the fan. The compliance jockeys who think checking a box is the same as being secure.In this episode, we’re diving deep into my latest blog post, “Paper Tigers” (https://evanfrancen.com/2025/03/14/pa..., and tackling the uncomfortable truths about why security is broken, why incompetent people keep failing upward, and what we need to do to fix it.💥 What We’ll Cover:✅ What a paper tiger is and why they’re so dangerous in security✅ How bad hiring, useless certs, and corporate politics reward incompetence✅ Why real security pros are getting drowned out by career climbers✅ How we can stop the cycle and demand real security leadershipIf you’re tired of the same security bullshit and want to hear real talk about what’s wrong with this industry (and how we fix it), grab a drink, tune in, and join the conversation.

Cybersecurity is full of half-truths, marketing BS, and outright LIES that have misled businesses, security pros, and the general public for decades. In this episode of InfoSec to Insanity, we’re calling out the biggest offenders, exposing why they persist, and serving up a reality check that the industry desperately needs.🔥 Some of the biggest lies we’ll be tearing apart:✅ "Compliance = Security" (Spoiler: It doesn’t.)✅ "People Are the Weakest Link" (Maybe… but let’s talk about shitty system design.)✅ "AI Will Stop All Cyber Threats" (Sure it will, buddy.)✅ "Zero Trust Fixes Everything" (Great in theory, a nightmare in practice.)✅ "We Have 24/7 SOC Monitoring, So We’re Safe!" (Ever heard of alert fatigue?)✅ "There's a Talent Shortage!" (Or is it just bad hiring practices?)✅ …and a whole lot more!💀 If you’re tired of the same old security nonsense, this is the episode for you.📢 Join us LIVE on Thursday nights (https://www.youtube.com/@evanfrancenproject/streams), grab your favorite drink, and jump into the insanity! We’ll be ranting, debating, and taking live questions from the chat.

Leadership in InfoSec is broken—hell, leadership in general is broken. Too many so-called "leaders" are just in the way, making things harder instead of actually leading. In this episode, we break down what REAL leadership looks like and why sometimes the best thing a leader can do… is GTFO of the way.Joining us for this no-BS conversation is Oscar Minks, President of FRSecure—one of the best leaders in the game and a guy who knows how to build and empower great teams. Hosted by Evan Francen (30+ year InfoSec veteran & industry disruptor) and co-host Matt Goodacre, this episode is going to be raw, honest, and loaded with insight for anyone who gives a damn about leadership.🔗 Inspired by Evan’s latest post: https://evanfrancen.com/2025/02/23/re... 🎙 Don’t miss it. Bring your questions, your thoughts, and maybe a drink. It's gonna be a ride.#InfoSecToInsanity #Leadership #FRSecure #Cybersecurity #RealTalk

Join Evan Francen and Matt Goodacre for a brutally honest, no-BS recording of InfoSec to Insanity! This episode tackles the original sin of cybersecurity—the fact that security was never built into technology from the start.From the early days of computing to the modern mess we deal with today, we'll break down why security was always an afterthought, how that led to the broken industry we have now, and what the hell we can do about it. Expect war stories, rants, laughs, and maybe even a few conspiracy theories as we call out the real problems and real solutions in the fight for better security. 

In Episode #22, we dive into the chaotic and dysfunctional state of the current cybersecurity job market. Inspired by Evan Francen's no-holds-barred blog post on the topic, we explore the absurdity of job postings, unrealistic hiring expectations, and the relentless grind faced by both job seekers and employers. From gatekeeping madness to the never-ending "5 years of experience in a 2-year-old technology" demands, it’s all on the table.Evan Francen, an InfoSec industry titan with 30+ years of experience, hosts the conversation, sharing his (always) candid insights, while his co-host Matt Goodacre shares his insightful day-to-day information security leadership perspective. The mission to fix the broken industry has never been more relevant.🔥 What to Expect:The unfiltered truth about cybersecurity job woes.Practical advice for breaking into the industry (or surviving it).Strategies to fix the mess we’ve made.A healthy dose of humor, because sometimes you have to laugh to keep from crying.Whether you’re an industry veteran, a newcomer, or just here for the insanity, this episode will have you nodding in agreement and shaking your head in disbelief.📌 Don’t miss this conversation—it’s time to confront the madness head-on! 💥🔗 Read Evan's post here: https://evanfrancen.com/2025/01/27/jo...

Is it just us, or is everyone drowning in a sea of messages? From never-ending email chains to Slack pings, alerts, and every other form of digital chaos, we’ve got one question: WTF is going on?!Join Evan (30+ year InfoSec veteran, founder of FRSecure & SecurityStudio) and his sidekick Matt as they dive into the madness of modern communication overload. How did we get here? What does it mean for InfoSec pros trying to stay sane—and secure?We’ll share stories, crack some jokes, and maybe even figure out how to fix this mess. (Spoiler: it’s not turning off your phone, but it might be close.) Whether you’re an overwhelmed CISO or just someone trying to find the “reply all” button, this episode is for you.Don’t miss this live recording of the InfoSec to Insanity podcast on YouTube (https://www.youtube.com/@evanfrancenproject)—come hang out, ask questions, and vent with us about message overload. Let’s fix the broken industry together.🎙️ Subscribe now to catch the madness live and stay updated on all things InfoSec to Insanity.

The cybersecurity world is fast-paced, high-pressure, and relentless. But what happens when the stress, burnout, and anxiety take a toll on the very people working to keep us safe? In this powerful episode of InfoSec to Insanity, we’re pulling back the curtain—or, in this case, the hoodie—to talk about a critical issue that’s too often overlooked: mental health in the InfoSec industry.Special Guest: Steve Shelton, CEO of Green Shoe ConsultingJoin Evan Francen, a 30+ year veteran of cybersecurity, and Matt Goodacre, a Marine Corps veteran and information security leader, as they dive into the struggles, triumphs, and untold stories from the frontlines of InfoSec. From recognizing burnout to finding support in a high-stakes field, we’ll discuss how mental health impacts every aspect of cybersecurity—and what we can do to take better care of ourselves and our peers.💻 Whether you’re an industry pro, a curious newcomer, or just someone looking to better understand the human side of cyber, this is an episode you can’t miss.🔒 Let’s start the conversation and patch the mental health gaps together.🚨 Don’t forget to like, comment, and subscribe for more candid takes on cybersecurity and life! 

In this episode of InfoSec to Insanity, we’re diving headfirst into the thrilling (and sometimes chaotic) world of virtual Chief Information Security Officers (vCISOs). What do these digital sheriffs do? How are they tackling today’s relentless cybersecurity threats? And why might your business need one, even if you don’t know it yet?Join us as we unpack the unique challenges vCISOs face, their critical role in navigating today’s complex threat landscape, and the story behind the Certified virtual Chief Information Security Officer (CvCISO™) program that’s training a new generation of InfoSec rockstars.We’ll share real-world stories, practical tips, and a healthy dose of humor as we explore how these unsung heroes keep businesses safe from disaster—and keep their sanity (most of the time).🔥 Expect no-BS insights, some laughs, and answers to questions you didn’t even know to ask. Whether you’re a business owner, security pro, or just a curious listener, this episode is a must-listen!#Cybersecurity #vCISO #InfoSecToInsanity #FixTheBrokenIndustry

In this episode, we’re calling it like we see it: stupidity seems to be everywhere these days, but why? From the rise of social media echo chambers to algorithms that reward bad behavior, and even the Dunning-Kruger effect in action, we break down what’s going on.We’ll explore how tech conveniences have hijacked our critical thinking and how it’s impacting cybersecurity, personal accountability, and society at large. Expect some hilariously frustrating real-world examples, a bit of ranting, and as always, candid insights on fixing the broken industry.Don’t miss this raw and real conversation that just might make you say, “Ah, that explains it!”🔥 Read the blog that started it all: https://evanfrancen.com/2025/01/04/wh...📅 Live Recording Date: January 16, 2024 @ 8PM CT📍 Subscribe & Join the Conversation!#InfoSecToInsanity #Cybersecurity #CommonSense

What’s in store for cybersecurity in 2025? In Episode 17 of InfoSec to Insanity, we’re dusting off the crystal ball to deliver bold, no-BS predictions about what’s coming next. Will AI finally live up to the hype? What new threats will keep us up at night? And how will we navigate the chaos of a rapidly evolving industry?From game-changing technologies to the challenges nobody’s talking about (yet), we’re diving deep into what’s ahead for cybersecurity pros, organizations, and everyday users.This isn’t just another cookie-cutter forecast—get ready for unfiltered insights, practical advice, and maybe a little insanity. Don’t miss it!#Cybersecurity #2025Predictions #InfoSecToInsanity #I2I

It’s been a wild ride in cybersecurity this year, and we’re breaking it all down in Episode 16 of InfoSec to Insanity! From headline-grabbing breaches to groundbreaking advancements, shifting regulations, and industry shakeups, 2024 gave us plenty to talk about.Join us as we take a no-BS look back at the year that was. What worked? What didn’t? And what lessons can we take into 2025 to finally start fixing this broken industry?Whether you’re an insider or just curious about the state of cybersecurity, this episode has something for you. Expect insights, a few rants, and the raw, unfiltered truth you’ve come to love.#Cybersecurity #2024InReview #InfoSecToInsanity #I2I

The holidays are over, the gifts are unwrapped, and the shiny new gadgets are in our hands—but are they secure? From smart home devices to the latest tech toys, the season of giving can quickly turn into the season of hacking if we’re not careful.Host Evan Francen is joined by special guest Jordon Darling, a cybersecurity expert and tech enthusiast, to unpack the risks that come with post-holiday tech. Together, they’ll share practical tips and candid insights to help you secure your new devices and avoid becoming an easy target for cybercriminals.Topics covered:The top holiday tech gifts that could pose security risks.Simple steps to secure your shiny new gadgets.Why hackers love the post-holiday season—and how to outsmart them.Don’t let the gift of tech turn into a New Year’s nightmare. Tune in for a laid-back yet informative chat with Evan and Jordon and get your security game on point for 2024!

The cybersecurity industry loves to sell fear: fear of breaches, fear of hackers, fear of being the next headline. But is the "Fear Factory" doing more harm than good?In this unapologetic episode, host Evan Francen is joined by Matt Goodacre, a seasoned cybersecurity leader who isn’t afraid to call BS on fear-based marketing. Together, they take a sledgehammer to the industry’s obsession with fear and explore how this narrative is holding us back from real progress.What to expect:Why fear sells—and why it shouldn’t.The real impact of fear-mongering on businesses, professionals, and the industry at large.How we can replace fear with empowerment, education, and actionable solutions.This isn’t your typical cybersecurity talk. It’s raw, real, and refreshingly honest—just like the industry needs.

In this heartfelt episode of InfoSec to Insanity, host Evan Francen and special guest Brad Nigh open up about their journeys to sobriety—Evan with 23 years of hard-earned sobriety and Brad celebrating 90 days. Together, they explore the parallels between breaking personal chains and tackling challenges in the cybersecurity industry.With candid stories, honest reflections, and a touch of humor, they shine a light on the strength it takes to secure both your life and your career. This is a raw and inspiring conversation you won’t want to miss.

In this episode of InfoSec to Insanity, we dive deep into one of cybersecurity's most critical and complex frontiers: the convergence of IT and OT (Operational Technology). Our guest, the brilliant and experienced Paul Veeneman, joins us to unpack the unique challenges of securing critical infrastructure—where downtime isn't just a cost; it’s a potential disaster. Paul brings his decades of expertise to the mic, sharing candid insights about:The messy marriage of IT and OT systems and why they often clash.Real-world stories of attacks on critical infrastructure and the lessons learned.How to approach risk management and incident response in environments that can't afford failure.The cultural and technical divide between IT and OT teams—and how to build bridges that actually work.With Paul's down-to-earth style and your no-BS approach, this episode is a must-listen for anyone tackling cybersecurity in high-stakes environments—or just curious about the chaos behind keeping the lights on and the pipelines flowing.

Thanksgiving is here, and so is Episode 11 of InfoSec to Insanity! Join Evan and Ryan Cloutier for a holiday special packed with gratitude, critical insights, and actionable tips to keep you and your loved ones safe this season.We’re dishing out:What we’re thankful for in InfoSec: Progress, people, and lessons learned.Elderly scams uncovered: The latest threats targeting seniors and how to protect the greatest generation.Holiday safety tips: From online shopping to digital hygiene, learn how to keep cyber Grinches at bay. It’s a laid-back yet impactful conversation designed to leave you feeling informed, prepared, and maybe even a little festive. So grab a plate, sit back, and let’s dive into a feast of InfoSec insights.Wishing you a safe, secure, and happy Thanksgiving!

In Episode #10, we've brought the band back together for a "One Night Only: The Security Shit Show Reunion." It’s been a couple of years since Evan, Chris Roberts, and Ryan Cloutier last shook up the infosec world with their unfiltered takes and straight-shooting style. For one night only, we’re reuniting to dig back into the wild world of security, reflect on what’s changed (or hasn’t), and share what the industry still isn’t getting right. Grab your drink, brace yourself for some laughs, and don’t miss this reunion of raw honesty and relentless passion for fixing the broken industry!

In this episode, I’m diving into a question that’s haunted me since I started in InfoSec back in ’92: Are we actually more secure now, or have we just been spinning our wheels? With three decades of so-called "advancements," it's time to get brutally honest about what’s worked, what hasn’t, and whether all the tools, policies, and frameworks have moved the needle on security—or just made it look that way. Tune in as I unpack the highs, lows, and straight-up insanity of our progress (or lack thereof).

In this candid episode, I’m joined by my wife as we tackle a topic that's on everyone’s mind: Are we relying on technology too much? My wife shares her unfiltered thoughts on how tech is creeping into every corner of our lives, sometimes causing more problems than it solves. From smart homes to smartphones, we discuss the good, the bad, and the downright frustrating ways tech is taking over.You know how risky this is, right?!

In this eye-opening episode of InfoSec to Insanity, we're joined by cybersecurity expert Lyle Melnychuk to tackle one of the biggest traps in the industry—over-relying on products to solve security problems. Lyle brings his no-nonsense perspective on why simply chasing the latest tools and tech won’t keep you safe from the real threats lurking out there. We dive into the true art of building a strong security foundation, share some wild stories of breaches that could have been prevented, and explore how to avoid the common pitfalls that many companies fall into when building their defenses.Expect a raw, unfiltered discussion that’s sure to make you rethink your approach to security.

In this episode of Insanity to InfoSec, we're joined by the incredible Rachel Arnold for a raw and real conversation about breaking down stigmas in the cybersecurity industry. Rachel, a leader known for championing authenticity and mental well-being in tech, shares her journey and the importance of showing up as your true self. We'll dive into the pressures of the infosec world, the mental health challenges many face, and why it’s time to say "f*ck the stigma" and embrace authenticity. Get ready for an unfiltered discussion about the power of being unapologetically yourself, both in and out of the workplace.The dialogue emphasizes the value of perspectives, the role of ego, and the need for open communication to foster a supportive community. Through personal anecdotes and insights, they highlight the importance of self-awareness and the continuous journey of self-improvement.

In this episode of Insanity to InfoSec, Evan dives into the complex world of public sector cybersecurity with a special guest, Shawn Riley (former CIO, State of ND). With his extensive experience as a public sector IT leader and strategist, Shawn brings valuable insights into the unique challenges faced by government organizations in defending against cyber threats. We'll explore topics like navigating tight budgets, managing legacy systems, and how public sector entities can stay ahead in the ever-evolving cybersecurity landscape.TakeawaysTransparency in cybersecurity leads to better outcomes.Many state IT leaders lack a technology background.The human element in technology is often overlooked.The safety and security of citizens' information transcends politics.Personalizing and humanizing cybersecurity issues is crucial for communication.Legislators prioritize re-election over cybersecurity initiatives.The political landscape can hinder effective cybersecurity measures.Many leaders develop a 'God complex' due to constant praise.Cybersecurity vulnerabilities are often downplayed or ignored.Cyber Sports is an innovative approach to teach cybersecurity skills.Complexity in technology significantly hinders security efforts.Accountability in cybersecurity is essential for improvement.Grassroots efforts can empower communities to defend against cyber threats.Cybersecurity should be approached like disaster preparedness.Collaboration and community engagement are necessary for progress.Get ready for an honest and lively conversation on how we can fix the broken industry, starting with the public sector!

In this episode, Chip Harris and Evan discuss the complexities of cybersecurity, personal experiences in military and tech backgrounds, the evolution of hacking, the impact of the OPM breach, and the challenges of maintaining anonymity in their line of work. They delve into the life of a private military contractor, the long game in cyber operations, and the dark side of data monetization, while also navigating the corporate landscape and discussing the future of cybersecurity.Chip and Evan also discuss the challenges of the job market, particularly in the tech and cybersecurity fields. They share personal experiences with job applications, interviews, and the often frustrating role of human resources.The discussion shifts to the complexities of working in government contracts and the slow pace of change in cybersecurity practices, especially regarding legacy systems. They emphasize the importance of authenticity in the industry and the need for practical solutions to improve cybersecurity in critical infrastructure.Finally, the conversation concludes with a focus on Project Broken Mirror, an initiative aimed at mapping the attack surface of the entire country to enhance security awareness.

In this engaging conversation, Evan and Oscar explore the intersections of personal experiences, professional challenges, and the ever-evolving landscape of cybersecurity. They discuss the importance of trust, credibility, and situational awareness in both life and work, while sharing personal anecdotes that highlight the human side of the industry.     The dialogue also touches on cultural insights, community support during crises, and the value of perspective in understanding different experiences. Ultimately, they advocate for a balanced approach to technology adoption and incident response, highlighting the need for responsible decision-making and emotional intelligence.

In this episode of the InfoSec to Insanity podcast, Evan and Michael Kennedy discuss various themes surrounding cybersecurity, including the importance of transparency, the role of Managed Service Providers (MSPs), and the launch of Ostra, a security as a service company. They share personal anecdotes, reflect on their journeys in technology, and emphasize the need for accountability and honesty in the industry.The conversation also delves into defining events, incidents, and breaches, and highlights the challenges faced by professionals in the cybersecurity space. In this conversation, Michael Kennedy and Evan also focus on the importance of accountability, the challenges faced by CISOs, and the emotional and psychological impacts of working in the field. They explore the operational challenges of security tools, the stigma surrounding victims of cybercrime, and the need for self-awareness and compassion in the industry.It's a jam packed episode!

In the inaugural episode of the InfoSec to Insanity Podcast, Evan welcomes his longtime friend Ryan Cloutier to discuss challenges and their experiences in information security. Both of them are together in Mexico, and things don't go off without a hitch. 20 minutes before the live show was set to begin, the power goes out! The show picks up immediately after Evan gets back from racing to get his generator up and running.Once things settle down, they dig in, emphasizing the importance of mental health, authenticity, and personal growth. They share their journeys into the tech world, the impact of AI on cybersecurity, and the cultural challenges faced within the industry. The conversation is filled with humor, insights, and reflections on life, making it a relatable and engaging listen for everyone.Takeaways:Be prepared (to get gas, power up the generator, and move all the podcast equipment immediately before a show starts).The podcast aims to address mental health in the cybersecurity field.Authenticity and vulnerability are crucial in tech discussions.AI is reshaping the landscape of cybersecurity.Cultural challenges in the industry can hinder progress.Personal growth is a continuous journey in tech.Building relationships is key in information security.The importance of sharing experiences and wisdom.Technical challenges are common in podcasting and tech.Humor can be a powerful tool in stressful environments.Appreciating the little things in life enhances overall well-being.