Plaintext with Rich

Spiritual health on a cybersecurity podcast sounds like a stretch. Stay with us. Because somewhere between the vendor pitches, the patch cycles, and the 3 a.m. page, a lot of us stopped working for the why and started working for the number.Episode 24 of Plaintext with Rich is the second installment of the Month of Mindfulness, a five-week series on self-care for people working in security and tech. This week we define spiritual health as the values that make up who you are, the things you won’t trade even for a raise. We get into mission drift, the quiet trap of lifestyle creep in a high-paying field, and the 3 a.m. test for whether your values are still alive when the paycheck isn’t watching. We acknowledge that for some listeners these values come from a faith tradition and for others they don’t, and both are valid. The episode lands with a Plaintext Starter Kit, including the simple act of writing your values down, asking yourself what ‘enough’ actually looks like, and finding people (including communities like Shield that are built for grounded, sustainable careers in tech and cyber) who remind you who you are before the title does.If you’ve ever wondered why the bigger paycheck stopped making the work feel better, this one is for you. Whether you’re a SOC analyst, an engineer, a CISO, or the one person doing security at a 40-person company, your values have to outrun your comp.Ten minutes or less. One topic. No panic.Shield Community, a wellness program built specifically for technology and cybersecurity professionals. https://www.shield.community/Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

It's 6:47 a.m. The incident was contained hours ago. The systems are fine. You're the one still running hot.This episode opens the Month of Mindfulness, a five-week Plaintext with Rich series on mental health, spiritual health, physical health, burnout, and work-life balance for people working in cybersecurity and tech. May 1 happens to fall during Mental Health Awareness Month, which makes it the right time to start. We're talking about the mental load that comes with vigilance work: on-call rotations, alert fatigue, incident response, and the cost of being the person who carries worst-case scenarios in your head all day. Plus a Plaintext Starter Kit with five practical moves, including how to actually use your Employee Assistance Program (EAP) and where to find Mental Health Hackers at the next conference you attend. And three programs worth bookmarking: Pacific Mindful's CyberReset, The Zensory, and Shield Community, each built for the nervous system demands of technology and cybersecurity work.If you've ever come off an incident and wondered why your body is still running an alert two days later, this is for you. Whether you're an analyst, an engineer, a CISO, or the one person doing security at a 40-person company, the load is real and so is the recovery.Ten minutes or less. One topic. No panic. Pacific Mindful's CyberReset, a precision nervous system training tool built for high-exposure roles. https://www.pacificmndfl.com/resetThe Zensory, a science-backed wellbeing platform with a dedicated Cyber Mindfulness Campaign. https://thezensory.comShield Community, a wellness program built specifically for technology and cybersecurity professionals. https://www.shield.community/Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

A dashboard lights up with indicators of compromise. The analyst copies the top five into a ticket, tags it "actionable," and sends it to the SOC. Nobody reads it not because they don't care, but because it didn't tell them what to do or why it mattered. That's not an intelligence failure. That's a confusion about what intelligence actually is.This episode breaks down threat intelligence from the ground up, drawing on Rich's military experience as a case officer in special operations. It separates data, information, and intelligence into three distinct layers, explains why most CTI programs skip the step that actually matters. Connecting analysis to a specific decision and introduces the concept of Priority Intelligence Requirements as the questions that should drive everything a security team collects and analyzes. The episode covers the intelligence cycle, why feeds alone aren't intelligence, and why organizations that never close the loop are publishing, not protecting. It closes with a five-step starter kit for building a threat intelligence function that actually changes decisions.Whether you're standing up a CTI program, evaluating one that isn't delivering, or just trying to understand what threat intelligence should look like, Plaintext with Rich cuts through the noise.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

The fighter absorbs hits up front. The rogue finds traps before the party walks into them. The cleric keeps everyone alive when things go wrong. And the bard convinces the people with resources to actually fund the quest. Nobody does everything. Everybody has a role. Now replace the dungeon with your company's network.This episode maps cybersecurity roles to D&D character classes, SOC analysts as fighters, pen testers as rogues, incident response as clerics, security architects as wizards, CISOs as bards, and threat intelligence analysts as rangers. It translates the six core ability scores into an organization's security posture: Strength as technical controls, Dexterity as speed of response, Constitution as resilience, Intelligence as threat knowledge, Wisdom as judgment, and Charisma as communication. Then it breaks down why parties wipe, siloed teams, no incident response plan, main character syndrome, and ignoring the logs before closing with a five-step starter kit for building your party and running the campaign.Whether you're a tabletop gamer who works in security or a leader trying to understand why your team needs every role filled, Plaintext with Rich has the quest briefing.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

A vulnerability advisory drops on a Tuesday. Two people read the same report. One sees a severity score and waits for a patch. The other understands what a heap-based buffer overflow actually means and starts reducing risk before a fix even exists.This episode breaks down why code literacy is a cybersecurity skill, not just a developer skill. It starts with the listener's question about learning C and C++ for security, then widens the lens to cover the full stack: why C still matters because of how it handles memory, how offensive operators use that knowledge to find and exploit weaknesses, and how defenders use it to read malware, assess real risk, and build their own tools. The episode maps four languages to four layers, C and C++ for how software touches hardware, Python for automation and speed, JavaScript for web attack surfaces, and Assembly for understanding what the machine is actually doing then closes with a four-step starter kit for building code literacy at any level.Whether you're a security professional wondering where to start with code or a leader trying to understand what your team means by "exploit development," this episode makes the case clearly. Plaintext with Rich.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Someone sits down at a keyboard, mashes keys for six seconds, and says "I'm in." Every security professional dies a little inside but that scene is probably the reason half of us got into this field.This episode walks through the movies, TV shows, books, graphic novels, and video games that shaped how we think about cybersecurity. Each pick lands in one of two buckets: the fantastical, the ones that made hacking look cool even when the tech was nonsense and the accurate or semi accurate, the ones that actually got the culture, the tools, and the tedium right or tried to. From Neuromancer to Mr. Robot, from Ghost in the Shell to Hacknet, and from The Cuckoo's Egg to community-built projects like Skadi: Threat Hunter and REKCAH Comics' The Future Is ******, this is a guided tour through the media that built cybersecurity's identity. The episode closes with a five-item starter kit for anyone looking to dive in.Whether you're new to cybersecurity and looking for a way in, or a veteran who wants to hand someone the right recommendation, this one's your reading, watching, and playing list curated on Plaintext with Rich.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

People love to ask which operating system is the most secure. That's the wrong shape of question. Each one is designed for a different job, and that shapes how it gets attacked.This episode clears up what Linux actually is, how it compares to Windows and macOS, and why the differences matter for security. It starts by explaining why Linux isn't one product but a family of systems built around a shared kernel, then covers how each OS handles permissions, software installation, and administrator access differently. The episode walks through why Windows attracts commodity malware at scale, why macOS trades flexibility for Apple's guardrails, and why Linux incidents usually start not with a dramatic virus but with quiet exposure: an open SSH service, default credentials, or a skipped patch. It busts three common myths (Linux doesn't get malware, open source means audited, macOS and Linux are the same thing) and closes with a five-step starter kit covering patching, attack surface reduction, least privilege, trusted software sources, and recovery planning.Whether you're choosing an OS for your team, managing Linux servers for the first time, or just curious why your security team cares so much about configurations, Plaintext with Rich sorts it out.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

You tap a button and a ride shows up. You check out online and your bank approves it in seconds. It feels automatic. But nothing in software is automatic. Something received a request, decided it was valid, did some work, and sent back a response. That something is an API.This episode breaks down what APIs actually are, why they exist, when to use them, and why they matter far more than most people realize. It starts with a restaurant analogy that makes the concept click, then walks through how modern software is built from modular pieces that coordinate through structured requests and responses. From there, it covers the four ways APIs quietly fail: weak identity, excessive permissions, blindly trusted input, and missing guardrails for automation abuse. The episode closes with a four-step starter kit for treating every API like the security-critical control point it is, covering authentication, authorization, data minimization, and abuse prevention.Whether you're a business leader trying to understand what your engineering team means by "API security" or a professional who wants the concept explained without the jargon, Plaintext with Rich makes it clear.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

At 4:47 p.m., someone pastes a customer escalation into an AI assistant and asks it to rewrite the tone. The reply is perfect. It also includes a private note from the internal thread. No breach. No attacker. Just a new workflow that doesn't know what should stay inside.This episode breaks down how to secure AI tools in the workplace by treating them like any other system that handles sensitive information and influences decisions. It covers the three patterns where AI quietly breaks: sensitive data going in through normal use, assistants being steered by hidden instructions inside documents they read (prompt injection), and over-connected AI with too much autonomy and too little friction. The episode references NIST's AI Risk Management Framework, OWASP's Generative AI Security Project and LLM Top 10, and practitioners like Rob T. Lee and Chris Cochran for ongoing grounded guidance. The starter kit covers four moves in order: creating an approved AI lane with company identity and strong authentication, putting guardrails around sensitive data, limiting connectors and permissions with a human in the loop, and making usage observable through logging and adversarial testing.Whether you're rolling out AI tools to your team or trying to secure what people are already using, Plaintext with Rich provides the baseline.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Every company says they're using AI. Some mean chatbots. Some mean automation. Some mean statistics with a new logo. If everything is AI, the word stops meaning anything.This episode untangles what people actually mean when they say "AI" by breaking the umbrella into its real components. It covers machine learning (systems that learn patterns from data), deep learning (layered neural networks that made modern recognition possible), large language models (text prediction engines driving today's headlines), RAG or retrieval-augmented generation (connecting models to specific documents instead of relying on training alone), and agentic AI (systems that don't just respond but take action). The episode explains why these distinctions matter for risk, why a fraud detection model making probability estimates is fundamentally different from an agent allowed to move money, and how to filter the hype with a simple mental checklist: is this prediction, generation, retrieval, action, or branding?Whether you're evaluating AI tools for your organization, sitting through vendor demos full of buzzwords, or just trying to have a smarter conversation about what AI can and can't do, Plaintext with Rich sorts the categories.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

The access made sense. The exception was justified. The shortcut saved time. Each decision worked on its own. And somehow, together, they added up to failure.This episode tackles the uncomfortable truth that most security failures aren't caused by ignorance or carelessness. They're caused by systems quietly accumulating risk while everyone is doing their best. It walks through the patterns that create this drift: temporary decisions that never expire, blurred ownership where risk becomes nobody's problem, trust that's too broad because convenience won repeatedly, and complexity without clarity where tools exist but don't drive action. The episode explains why none of this feels like failure while it's happening and why the sentence "we didn't realize it worked that way" is the fingerprint of systemic breakdown. The starter kit covers making ownership explicit, treating access like inventory, reducing silent permissions, designing for human reality, and favoring fewer tools with clearer purpose.Whether you're a leader trying to understand why incidents keep happening despite good intentions or a practitioner watching risk accumulate in real time, Plaintext with Rich names the patterns.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

The breach didn't come through a broken firewall. It walked in through a valid login. Nothing exploded. Nothing looked suspicious at first. Someone just signed in and kept going.This episode clears up what Zero Trust actually is and what it isn't. It's not a product, not a box you install, and not a technology you turn on. It's a design decision: don't automatically believe a request just because it comes from inside your network. The episode explains why the old perimeter model stopped working when work moved to laptops, apps moved to the cloud, and being "inside the network" stopped meaning anything useful about risk. It walks through the four core signals Zero Trust evaluates (identity, device health, access scope, and segmentation), explains how Zero Trust Network Access differs from traditional VPNs, and addresses common misconceptions including the idea that Zero Trust means trusting no one. The starter kit covers strong authentication, separating daily accounts from admin accounts, mapping access paths, setting device requirements, and reducing broad network access.Whether you keep hearing "Zero Trust" in vendor pitches and want to know what it actually means or you're starting to rethink how your organization handles remote access, Plaintext with Rich cuts through the marketing.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

You can lock down every system you own. Patch everything. Train everyone. And still lose control, because the failure didn't start with you. It started somewhere upstream.This episode breaks down supply chain cybersecurity by explaining why attackers who can't reach you directly look for someone you already trust. It covers the most common patterns: tampered software updates that arrive through legitimate channels, vendor breaches that expose your data through someone else's failure, compromised third-party credentials, and dependency risk hidden inside assembled code libraries. The episode explains why these attacks scale so effectively and why they're hard to defend against, because they ride on legitimate trust. The starter kit covers identifying crown jewel data, mapping real vendor relationships, limiting vendor access aggressively, protecting vendor logins with mandatory MFA, monitoring vendor behavior, patching shared dependencies fast, asking better pre-purchase questions, putting security expectations in contracts, and maintaining backups that actually restore.Whether you manage vendor relationships, oversee procurement decisions, or just want to understand why one compromised supplier can impact thousands of organizations, Plaintext with Rich explains the risk and the response.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

You don't need to break a system if someone will open it for you. You don't need malware if a message feels urgent enough. Most modern breaches don't start with code. They start with a conversation.This episode breaks down phishing and social engineering by explaining why these attacks keep working: they don't fight logic, they sidestep it. It covers how modern phishing has evolved beyond email to include text messages, voice calls, MFA fatigue attacks, QR code phishing, and AI-assisted impersonation. The episode walks through the emotional triggers attackers rely on (urgency, authority, fear, curiosity, helpfulness), why "I'd never fall for that" is often the opening, and what to do if you've already clicked. The starter kit covers the ten-second pause, second-channel verification, treating "unexpected plus urgent" as suspicious, inspecting senders and destinations, never typing passwords from links, using password managers for detection, strong MFA methods, two-person approval for money movement, and reporting phishing to help stop it for others.Whether you're responsible for protecting a team or you just want to stop second-guessing every email, Plaintext with Rich explains what actually works.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

You don't get locked out first. You get watched. Someone maps your systems quietly, copies your data quietly, and waits until they're sure you can't avoid the conversation. Only then do the screens go dark.This episode breaks down how ransomware actually works today and why double extortion changed the stakes completely. It explains how modern ransomware operations move slowly at first, stealing credentials and exploring systems before copying data and triggering encryption. The real leverage isn't locked files, it's the threat of publishing what was already taken. The episode walks through the most common entry points (phishing, reused credentials, unpatched remote access, over-privileged vendors), why ransomware crews now operate like supply chain businesses, and what to do during an incident. The starter kit covers immutable backups, multi-factor authentication, fast patching of internet-facing systems, administrative sprawl reduction, network segmentation, endpoint detection, credential hygiene, and building a one-page incident response plan.Whether you're a small business owner who thinks you're too small to be targeted or a leader who needs to understand why backups alone no longer solve the problem, Plaintext with Rich lays out the new reality.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Your house didn't suddenly become unsafe. It just became chatty. Little devices, quietly talking to the internet, all day, all night. Most of them were never meant to be guarded.This episode explains IoT security by starting with a translation: if a device needs an app to work and Wi-Fi to exist, it's a computer with software, memory, and network access, and computers inherit risk. It covers why manufacturers optimize for convenience over long-term protection, how most IoT compromises happen through automated scanning rather than targeted attacks, and why devices outlive the software inside them. The episode walks through the three things that happen when a device is compromised, becoming part of a botnet, serving as a network foothold, or leaking metadata, then closes with a seven-step starter kit covering device inventory, firmware updates, default credential changes, network separation, disabling unnecessary features, monitoring connected devices, and buying intentionally.Whether you've got a house full of smart devices or you're just starting to wonder what your thermostat is doing on the network at 3 a.m., Plaintext with Rich sorts it out.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Nothing broke. Nothing crashed. No alarms went off. Someone clicked a box, someone skipped a setting, someone assumed the default was safe. And the cloud did exactly what it was told.This episode explains cloud security by starting with the most important shift: in the cloud, identity is the perimeter. There is no fence, no lobby, no locked server room. If someone has valid credentials, they don't break in, they sign in. The episode walks through how cloud security goes wrong through misconfigured storage, over-permissioned identities, leaked API keys, missing multi-factor authentication, shadow cloud adoption, and absent monitoring. It covers what attackers actually do once inside, from data theft to cryptomining to quiet entrenchment, then closes with a starter kit covering MFA enforcement, least privilege, secret hygiene, storage lockdown, logging, workload hardening, API protection, and guardrail automation.Whether you're moving to the cloud, already there and not sure what to watch, or a leader trying to understand why your team keeps talking about misconfigurations, Plaintext with Rich breaks it down.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

You don't lose access to an account because someone knows your name. You lose access because they reused something you were told to keep secret. For years, the internet has worked on copying secrets and then acting surprised when copies escape.This episode breaks down passwordless authentication and passkeys, explaining why the shift away from typed passwords isn't innovation hype but an industry admission that shared secrets have become a liability. It covers what passkeys actually are (cryptographic keys that never leave your device), why they're considered phishing-resistant (your device checks where it's talking, not just what you typed), and the real tradeoffs including device dependency and the critical importance of account recovery paths. The episode walks through the security benefits of removing reuse, phishing, and credential stuffing from the equation, then closes with a six-step starter kit covering core account protection, passkey adoption, strong MFA for non-passkey sites, recovery lockdown, password manager use, and device loss planning.Whether you've seen "create a passkey" on a login screen and weren't sure what to do or you're evaluating passwordless options for your organization, Plaintext with Rich explains the shift.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Some secrets are meant to stay secret for decades. Medical histories. Legal records. Trade agreements. Now imagine someone copying all of it today. Not to read it. Just to wait. Because someday, the lock changes.This episode explains what quantum computing actually threatens about encryption and why the risk isn't as far away as it sounds. It starts by grounding two types of encryption in plain language, shared-secret and public-key, then explains why quantum computers can potentially shorten the math that keeps public-key systems safe. The core concept is "harvest now, decrypt later": attackers collecting encrypted data today with the intention of decrypting it once quantum capability arrives. The episode covers why post-quantum cryptography exists, what standards bodies and vendors are already doing, and closes with a starter kit covering long-life data identification, crypto inventory, crypto agility, vendor pressure, and practical steps for non-security professionals.Whether you manage sensitive data with a long shelf life or you want to understand why your security team is talking about post-quantum planning, Plaintext with Rich makes the timeline and the tradeoffs clear.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

When your data is taken, it doesn't fall into a void. It moves. It gets packaged. It gets priced. And while you're changing a password, someone else is deciding how many times they can reuse your name.This episode strips away the mythology around the dark web and explains what it actually is: a part of the internet designed for anonymity that doubles as a wholesale market for stolen data. It covers how credentials are bundled and priced, why medical records cost more than credit cards, and how cybercrime today works like an assembly line with separate groups specializing in breaking in, selling, and committing fraud. The episode explains why breach headlines are a poor indicator of personal risk, why stolen data gets reused months or years later, and closes with a starter kit focused on assuming reuse, changing passwords after breaches, monitoring the right accounts consistently, and reducing how much stored data exists in the first place.Whether you've seen your email in a breach notification and wondered what happens next or you want to understand the economics behind cybercrime, Plaintext with Rich walks you through it.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Nobody needs to take anything from your pocket to steal your identity. They don't need your wallet or your phone. They just need information that already exists, and most of it didn't come from you.This episode breaks down how identity theft actually works and why it's happening more now than ever. It explains how personal data accumulates across breaches over time, why fragments from different incidents combine into usable profiles, and why most victims didn't make a reckless mistake but inherited risk from someone else's failure. The episode walks through why identity theft often feels delayed, how the consequences stack up from fraudulent accounts to relentless administrative cleanup, and closes with a starter kit covering email protection, credit freezes, account activity alerts, and the mindset shift of assuming exposure and planning accordingly.Whether you've been affected by a breach and aren't sure what to do next or you just want to reduce your exposure before something happens, Plaintext with Rich lays out the practical steps.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Someone calls you, sounds exactly like your boss, uses the phrases they always use, and says they need help right now. You don't hesitate. But what if the voice is real and the person isn't?This episode breaks down AI deepfakes: audio, video, and images created by AI to convincingly impersonate real people. It explains why this threat exists now (the tools got easier, not the attackers smarter), why deepfakes don't need perfection to work (they just need sixty seconds of urgency), and how the real vulnerability isn't technology but our natural wiring to trust familiar voices and faces. The episode covers the most common attack patterns, from fake CEO calls to fabricated video meetings, and closes with a practical starter kit built around slowing down urgent requests, verifying through a second channel, creating no-exception approval rules, and accepting that audio and video can now be faked.Whether you're a professional handling sensitive decisions or someone who wants to protect their family from voice-cloning scams, Plaintext with Rich explains how deepfakes actually work and what to do about them.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

You lock your doors at night. Not because you expect a break-in. Because the world is messy and you'd rather sleep. Cybersecurity is the digital version of that decision.This episode strips cybersecurity all the way down to what it actually means: protecting digital things that matter from being misused, stolen, broken, or taken over. It covers why cybersecurity isn't owned by one type of person, why the real work starts with human decisions rather than technical tools, and how we ended up in a world where convenience kept winning while safety rules lagged behind. The episode walks through why most security failures are boring, ordinary mistakes like reused passwords, overly broad access, and systems nobody updated, then closes with a four-step starter kit covering email protection, password managers, multi-factor authentication, and keeping systems current.Whether you've always assumed cybersecurity was someone else's problem or you just want a clear starting point that doesn't require a technical background, Plaintext with Rich makes it accessible.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene

Most tech talk feels like it was written for someone else. Too many acronyms, too much fear, and not enough clarity. That changes here.This is the first episode of Plaintext with Rich, and it lays out a simple promise: short, story-driven breakdowns of cybersecurity and technology that swap jargon for language you can actually use. Each episode covers one topic in ten minutes or less, built for the 99% of people who use technology every day and want to feel confident about it, not overwhelmed. The show explains how systems actually behave, not just what the headlines scream. It unpacks why security fails less from a lack of intelligence and more from confusing systems, clashing incentives, and bad explanations. Expect practical guidance, concrete examples, and zero condescension. The goal isn't to make you a specialist. It's to make you clear enough on the basics to explain a concept to someone else, spot nonsense when you hear it, and make better decisions without panic.Whether you're a business leader, a curious learner, or someone who just wants to understand what your IT team is actually saying, this show is your starting point.Is there a topic/term you want me to discuss next? Text me!!YouTube more your speed? → https://links.sith2.com/YouTube  Apple Podcasts your usual stop? → https://links.sith2.com/Apple  Neither of those? Spotify’s over here → https://links.sith2.com/Spotify  Prefer reading quietly at your own pace? → https://links.sith2.com/Blog  Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord  Follow the human behind the microphone → https://links.sith2.com/linkedin  Need another way to reach me? That’s here → https://linktr.ee/rich.greene