What do the people least in the know about cyber, want to know? What are they asking?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our special guest, Caitlin Sarian, AKA cybersecuritygirl on TikTok.
Got feedback? Join the conversation on LinkedIn.
Huge thanks to our sponsor, DataBee, from Comcast Technology Solutions
Built by security professionals for security professionals, DataBee enables users to examine the past, react to the present, and protect the future of the business.
Full Transcript
[David Spark] What do the people least in the know about cyber want to know? What are they asking?
[Voiceover] You’re listening to Defense in Depth.
[David Spark] Welcome to Defense in Depth. My name is David Spark. I’m the producer of the CISO Series and joining me for this very episode, it’s Geoff Belknap. He’s also the CISO of LinkedIn. Geoff, say hello to the audience.
[Geoff Belknap] Hello, audience, and welcome.
[David Spark] He is talking to you. Consider that a personal welcome.
[Geoff Belknap] That’s right – you specifically.
[David Spark] Yes. You! The person who’s saying, “Me?” with a big question mark. Yes, that’s who he’s referring to.
[Geoff Belknap] Yeah, and we can see and hear you also. You’re looking good.
[David Spark] Yes. And we can watch you, especially when you’re sleeping.
[Geoff Belknap] [Laughter] That might be a stretch!
[David Spark] And that’s where the show got creepy. Hey, our sponsor for today’s episode – it’s Comcast! They’re doing some cool stuff in cybersecurity and we’re going to learn more about that later in the show. Thank you, Comcast. Thank you for sponsoring this episode of the show. Hey! Geoff, what do those not in the know about cyber want to know about cyber?
And when I say “those not in the know,” it’s essentially everyone who is not listening to this show, pretty much, or would not want to listen to this show in general because it’s really only cybersecurity professionals listening to this show. But these are people like our parents, the people who are just sort of out of the loop, but they use technology, they need to be secure, and they may not work for a major organization that has a big security department like yours right there.
According to our guest, who I’m going to introduce in a moment, who has a very popular TikTok channel where she fields these types of “every person” questions, the top four questions she gets are how do I stay safe online, how do I not get hacked, how do I get my pictures/data off of the internet, and how do I find out what people have on me?
So, Geoff, you have a vision of security but how important is it to understand the concerns of the average person? Are these reasonable concerns or do you think they’re directed actually by media pressure?
[Geoff Belknap] I think for the most part, these are fantastic questions. To be clear, I don’t think these are overhyped or anything like that by media or anyone else. But they give us some grounding in the fact that often on this show and other places, practitioners like myself and others, we’re focused on B2B security or enterprise-level security, and we’re getting very technical.
And we often forget, whether it be our end users or our customers or our family members, that they have very fundamental security questions that are no less complicated than how do I stop an attack by a foreign intelligence service that are like, “How do I just protect myself online doing shopping or reading the news?” It’s something that we really need to pay more attention to and I think we have a perfect guest to help us have the conversation.
[David Spark] Yes. Because her ear is to the ground of hearing all these questions. And actually the stuff we’re going to field today are because we asked the community what are the other kinds of questions people are asking and what should they be asking, but I’m thrilled to have our guest on. If you follow her on TikTok, she’s known as cybersecuritygirl, but for this show we’re going to call her Caitlin, her name is Caitlin Sarian.
Caitlin, thank you so much for joining us.
[Caitlin Sarian] Thanks so much, David and Geoff. I’m so happy to be here.
What’s everyone obsessed about?
3:24.845
[David Spark] What I’m going to read here is a sampling of some of the questions that we got from actually your post on LinkedIn, Geoff, about this very question, like what are the common questions people are asking. Now, there were a ton more than this but this is just to give us an idea to sort of get the conversation going, so here we go.
Michelle L. of Risu Consulting said, “How do I keep my children safe online?” and “If they know everything about me, why should I bother staying private?” Nika Kokhreidze of Mambu said, “What is phishing and how can I avoid it?” Scott Norton of Trellix said, “Can my smartphone be hacked too? Why shouldn’t I use public Wi-Fi without protection?” Lee O’Brien-Riley of HackerOne said, “I’ve just received a letter saying my information may have been involved in a data breach.
What does this mean and what should I do?” And Yaron Levi who’s the CISO over at Dolby said, “What happens to the remnants of my digital me that I leave behind?”
So, once again, these are all great questions. Let me ask, if you’re talking to a family member about these kinds of questions because I can hear these from a family member, is it different than how you talk to your staff?
[Geoff Belknap] Oh, yeah, absolutely. Because I think generally cybersecurity professionals, people that would be working on a team…
[David Spark] And even not the cyber professionals. I’m just talking like the regular businesspeople too.
[Geoff Belknap] Well, I think cybersecurity professionals inherently have strong opinions about an answer to each one of these questions, but where we often don’t spend enough time is thinking about we know how to talk to other cybersecurity professionals about this question. The one specifically is the Wi-Fi question which I feel like is a deeply religious question in some circles about what you should do.
But where we often don’t spend enough time is talking like, “Hey, how do I talk to somebody in Sales or Marketing or a consumer? How do I communicate, maybe I’m putting a blog post on my platform, how do I communicate to people that are not technical at all about the importance of one of these issues and what they should do about it or why they should even care?” And if you’re good at that, you both help the people that have those questions but you’re also better at communicating about why people should care about security in general, and I think that becomes really important if you want to succeed.
[David Spark] So, Caitlin, this is what you do on your TikTok channel is you communicate to these people. Let me ask – when you started this channel and now, which you’ve got quite a significant following, what have you learned about communicating to this audience?
[Caitlin Sarian] It’s crazy because I actually didn’t start this channel for this broader audience, I started this channel to inspire more people to get into cybersecurity. And this broader audience happened because my mom, God bless her, kept asking me a bunch of questions and I was like, “You know what?
Maybe other people are asking the same stuff,” and it’s bringing that knowledge…
[David Spark] Bless your mom.
[Caitlin Sarian] Yeah, I know.
[David Spark] She’s the reason you’re successful.
[Caitlin Sarian] Yeah. I mean, it’s always your parents, right? You got to give them credit. Don’t tell her I said that.
[David Spark] Oh, she won’t listen to us, don’t worry.
[Caitlin Sarian] She actually listens to all the podcasts I’m on.
[David Spark] Really?
[Caitlin Sarian] She’s a supportive mother, yeah.
[Geoff Belknap] Hey, Mom. She’s doing a great job.
[David Spark] She is.
[Caitlin Sarian] Yeah, so I started doing that and that’s what really made the channel explode. But just going back to your point, Geoff, of making sure people are understanding how important it is to keep their data safe is the foundation of cybersecurity in every single company because you’re only as strong as your weakest link.
And so even if you guys are communicating within your cybersecurity team, understanding that you guys have the best practices, doesn’t matter what you do if a salesperson decides to click on a phishing email or doesn’t really take cybersecurity seriously or important. It’s kind of game over.
So, I think it’s being able to communicate clearly and effectively. And it’s not even just clearly, it’s making it more fun and showing people that their actions impact other things and just bringing it back to them. At the end of the day, the story is how is this going to impact you and then that will ultimately also impact your company.
It’s really showing it from their perspective. Most of my videos that do well are the ones that it’s like, “You’re doing this wrong.” It’s pointing things out that they need to understand and it’s not a broader picture or a higher level, it’s specifically calling people out for how they need to kind of conduct themselves when they want to be safe online.
[Geoff Belknap] It seems like the real key here is as with anything, technical or nontechnical, you got to make it relatable, right? People have to be able to identify themselves in the problem and identify something that they can empathize with in the answer that resonates with them. Otherwise they’re never going to care.
[David Spark] Caitlin, I want to touch upon something that you said about the ones that say, “You’re doing this wrong.” That’s obviously one example to the question I’m going to ask here is what did you learn about communicating to your audience? What did you used to do that you don’t do anymore or what are you doing new that you find lands better with them?
[Caitlin Sarian] Yeah. I mean, Geoff kind of hit the nail on the head there. It’s making it relatable. So, it’s bringing everyday things that you use, like how you can keep your baby monitor safe or how you can make sure that no one’s logged into your iCloud and reading your iMessages or how do you know if someone’s hacked into your phone, which is kind of a similar question that we talked about, or are you using your Wi-Fi correctly.
It’s relating to them on a daily basis, like, “Oh, yeah. I do use Wi-Fi, I do connect to public Wi-Fi, I do connect my baby monitor to whatever.” It’s bringing their attention and making it more relatable to something that they’re using every day pretty much.
[David Spark] And being more specific is what I’m hearing as well rather than generic of like why I can’t be on this Wi-Fi kind of in general.
[Caitlin Sarian] Yeah. It’s not like a mother saying yes or no, like, “You can’t do this,” as a broad sweeping statement. You’re specifically telling them like, “Hey, this thing. This is how you can fix it.”
What are they doing wrong?
9:29.717
[David Spark] Here I’m going to address the things that users should be saying. Nika Kokhreidze of Mambu said, “Users often don’t ask about the importance of regular software updates, the role of multi-factor authentication in enhancing security, and how to identify and report suspicious activities.” Troy Fine of Drata said, “What are the risks associated with using personal devices for work purposes?” That’s what they should be asking, he said.
And Humberto Gauna of DOT Security said, “The information shared through the news only focuses on the big events. The average user doesn’t see how that applies to them, so they don’t know what to ask.” Good point there. So, Caitlin, let me start with you. Do you think there are questions that your audience is not asking that you just sort of say, “Hey, you need to be concerned about this and you’re not even showing that you’re concerned.” Because you do get a lot of feedback from your audience, right?
[Caitlin Sarian] Yes, a ton of feedback, and I think they don’t know what they don’t know. And actually going back to some of these questions, why users don’t ask this stuff, I kind of want to beg the question – why would they ask? If they’re not in cybersecurity, they don’t know what half this stuff is.
Why is this relevant to them? First of all, they don’t know what this is, and second of all, even if they kind of had an idea, why would they ask? How is this important to them? How does this impact their life? So, it kind of goes back to the first part of the segment, right? And how are we making it more relatable.
But yeah, a lot of people don’t ask because they don’t know. You only know so much and this isn’t their profession.
[David Spark] Right. And Humberto Gauna makes a good point. The stories you hear aren’t about individual usage. I mean, I think what you’re doing, Caitlin, is providing a great service because you’re doing what most are not offering at all. What do you realize people don’t ask, Geoff?
[Geoff Belknap] I think kind of in the meta, people don’t ask why any of this matters, right? And I think regularly we assume that companies like mine should be spending millions and millions of dollars on security and sometimes we get really down in the weeds about what does this endpoint detection software do, how does it work, does it fight in-memory things, and we rarely zoom out and go, “Why does any of that matter?”
And the reality is it matters because people like Caitlin and you and myself have regular human lives, and we do things online because most of our economy is online in many ways today. And if we don’t have precautions or if we don’t design systems that are robust and resilient, we’re impacting humans.
There’s real human harm that can happen there, not just numbers in a spreadsheet that get changed or maybe some famous people that get affected. But when it comes down to real human harm, we want to take caution and we want to make sure that there are ways for people to protect themselves, and we want people to ask these questions about how should they protect themselves, what should they care about.
And then I think most importantly, we want people to identify the things they should care about versus the things they shouldn’t.
I love this about the Wi-Fi thing that was in the last segment. You know what? It doesn’t matter. If you’re someplace where there’s public Wi-Fi and you need to use it to book your plane or see what’s going on, just do it. Don’t worry about it. It’s probably pretty safe. Now, for everybody that’s going to come for me in the comments, there’s a nuance to that, but let’s talk about it in the comments next time.
But the reality is just do what you need to do and then leave it to people like Caitlin and I to make sure it’s safe enough for you to do what you need to do.
[David Spark] Let me ask this question of both of you and we’ll close out on this. When you hear this line from somebody that goes, “Well, why do I have to protect my privacy? I mean, they already have everything about me. I’ve got nothing to hide.” Caitlin, how do you answer that one?
[Caitlin Sarian] I think it’s a personal preference. I mean, everyone says that to me about why I created certain social media channels and my life is out there to the world and I pick my poison, but I think it just depends. I mean, there’s a lot of threats out there, and I don’t want to make this a somber moment but just know there’s a lot of threats out there, so the more data that people have on you, it’s probably easier to be targeted for those threats.
But there’s also a lot of good that happens when you’re targeted specifically for marketing. So, it’s really like choosing what you want and it’s having that knowledge of the ability to choose. The consumer has the right to choose where and who has their data and what they do what they do with it and I think a lot of people don’t realize that.
So, if you don’t care, then you don’t care. I don’t know if, Geoff, you have a different perspective but that’s kind of mine.
[David Spark] Well, I have a different perspective. Okay, I know you’ve heard that line before. How do you respond to it, Geoff?
[Geoff Belknap] I think for me there’s two things. One, there’s a big difference between everyone having your information and seven or eight companies presumably from your perspective having all your information.
[David Spark] Right. But people talk like that. They have this sort of like, “I give up. Everything’s out there already.”
[Geoff Belknap] That’s too easy. But I think the other thing that’s really important that Caitlin hit on that I just want to really highlight, it’s about choice. If you’re a creator and you put your whole life online, you’re still choosing which aspects do not go online. That is very different. Even though it might seem like you’re letting everyone into every part of your life, you have the ability to make choices about what is not online and you should retain that choice.
And then later if you decide, “I don’t want any of that stuff to be online even though it was,” you should have the ability to pull it off. That is why you should care and that is why you should care about companies giving you the control to make those choices.
Sponsor – Comcast DataBee
15:03.262
[David Spark] Before we go on any further, I do want to tell you about our sponsor, Comcast DataBee. Yes. So, in the battle of the mp3 players, there was a clear winner – the iPod. I don’t know if you remember any of the players before that, but they didn’t quite pull it off. Because Apple knew to hook you into the iPod by pairing it with iTunes, a platform that would make it easy to buy, download, and experience the world of entertainment digitally.
Flash forward 20 years and you’ll find an analogy to the mp3 player in the security data lake. Like any mp3 player, a security data lake is an amazing repository but for data rather than media. But if you actually take care to work a little magic on the data upstream, such as performing an extract, transform and load, or ETL, process on it, then that security data lake becomes, metaphorically of course, an iPod.
Transforming data into actionable insights or usability, really.
So, DataBee from Comcast Technology Solutions does just that. DataBee is a security, risk, and compliance data fabric platform that works early and throughout the data pipeline to connect and enrich disparate security and IT sources. Integrated with your security data lake, DataBee creates a single source of data truth that can live long term and cost-effectively in a data lake and be easily accessed by anyone.
So, DataBee and your security data lake work seamlessly together to offer a rich data ecosystem that will forever transform your security, risk, and compliance programs for the better.
So learn more about DataBee and how it can help you optimize your security data lake investment. Visit – now, get ready for this, it’s kind of a funky web address – but you know Comcast, you know how to spell Comcast, right? But it’s comca.st, so you put a period between the A and the S in Comcast, so comca.st/databee.
Why are they behaving this way?
17:24.770
[David Spark] Yael Citro of OX Security said, “I don’t think they think about it at all. When an attack hits the papers, they look to the left and they look to the right and if no one is panicking, it’ll probably work out okay.” And Yannis Pierroutsakos of Detectify said, “I recently had to support a few friends that fell for a phishing attack initiated by another friend’s Instagram account that was taken over.
No one really knew how to deal with this situation, which lead to stressful decisions.” I want to start with that last comment right there of when you don’t know and it happens to you, many people panic. So, have you talked people down from the ledge who have been in similar situations, Caitlin?
[Caitlin Sarian] Yes. They panic and they go to me, so I’m the lucky one, and a lot of times I just refer them back to some of the videos I’ve made. A lot of people just don’t know what to do. I mean, I don’t know if we want to walk through the steps of some active things that we can do but…
[David Spark] No. Our audience is in the know, but more I’m interested in like these people when they don’t ask questions and they don’t get educated, when it does happen there’s panic.
[Caitlin Sarian] Yes.
[David Spark] Because like, “What do I do next?”
[Caitlin Sarian] Yeah. And then a lot of times also, a lot of companies don’t have a place to report or ask an actual person, it’s just a bot. So, for example, like Meta. A lot of people get hacked on Instagram and Facebook. There’s no one that someone can talk to and you’re obviously kicked out of your account, and so they’re in sheer panic and they don’t know what to do.
Usually they reach out to me but yeah, there’s no, I mean… If you think about it, we’re all given technology now from babies, right? We’ve never been actually taught how to use it, how to protect ourselves, what to do. And so yeah, it’s always sheer panic that usually comes back to me.
[David Spark] And I’ll tell you a quick funny story, this actually happened during the recording of one of our episodes of the CISO Series Podcast. I was in person recording with the CISO of Atlassian and I had Mike Johnson who now is the CISO of Rivian with me. And just literally a moment before I was going to hit the Record button, all of a sudden my sister calls and she got caught in a phishing scam and I said, “Guess what?
You called at the right time.” And I put her on speakerphone and both CISOs essentially told her, “Just call your Help Desk and tell them this has happened right away.” Because she was embarrassed. She was embarrassed this happened and most people are. I mean, you’ve probably seen this too, Caitlin, yes?
[Caitlin Sarian] Yeah. Definitely.
[David Spark] Embarrassment. Yeah. And now I’ve told everybody, by the way, on the podcast that this happened to my sister so she should be more embarrassed. Geoff?
[Caitlin Sarian] If anything, if it happens again, hopefully it doesn’t, she won’t be embarrassed anymore because everyone already knew she did it one time. So what’s one more, right?
[Geoff Belknap] We all get one ride in the barrel.
[Caitlin Sarian] Yeah.
[David Spark] So, Geoff, first of all, obviously you’ve dealt with these incidents at work, but outside of work – friends, family who’ve had these incidents. I’ve had also similar something happened to my mom.
[Geoff Belknap] This is the thing where it’s a great opportunity to remind ourselves that humans use our product and if we don’t provide an obvious way for people to deal with harassment or report a problem or recover an account that gets compromised, we are setting ourselves up. We’re creating a lot of panic and confusion and fear in our users but we’re also setting up ourselves for a really expensive support cost and we’re forgetting that we build these things, a lot of them, for people to use to improve their lives.
In some places, people are making money off these accounts, whether they be like Etsy or TikTok or YouTube where you’re monetizing your content. Like, this is your job.
It is all too easy in some cases for a large business to just go, “I don’t know what’s going on with the account so just shut it down and nuke it and it’s dead to us.” And the reality is like we are not doing enough in the industry to make sure that people have an easy path to recovery when something like this happens to them, and therefore people still have these really panicked questions when one of these things happens to them.
Why does this still happen?
21:51.546
[David Spark] Heather Noggle over at Codistac said, and she referenced something we reported on not too long ago, “We saw today about the school that reset everyone’s passwords to Ch@ngeme. How do regular, everyday people know what is safe and best practices without a clear path or studying cybersecurity in depth?” And we all brought this up earlier.
Caitlin, you as well. This is not the case. And then Rebecca Harness, CISO of Quickbase put a funny comment, she said, “The second I tell people I work in cybersecurity they change the subject.”
[Laughter]
[Caitlin Sarian] I wish they did that to me. They just ask me if I’m going to hack into their phone and I’m like, “Yeah, sure.”
[David Spark] Oh, I know. That’s irritating, isn’t it?
[Caitlin Sarian] Yeah.
[Geoff Belknap] Absolutely we are. That’s what you do all day.
[Caitlin Sarian] Already did it.
[David Spark] My dad was a doctor and what drove him crazy is when people would chronically pester him for medical advice. He always threatened he would do it but he never did where he would say, “Sure. Strip and I’ll examine you right now,” which never happened.
[Geoff Belknap] [Laughter] Ah. I’m learning a lot about you and how you came to be, David, based on who raised you.
[David Spark] There you go.
[Caitlin Sarian] Things are making sense now.
[Geoff Belknap] Yeah, it’s all coming together.
[David Spark] So, I want to get to the, you know, we sometimes make fun of, and security people do this, I don’t condone it but they do it, where they make fun of the ones who don’t know, “Oh, they’re so clueless.” Like the Wall of Sheep at Black Hat too, “Let’s make fun of the people that we’re hacking into.” But as we realize, without a cybersecurity education, like the case that we heard of the person who changed everyone’s password to the same thing and then essentially allowing everybody to look at everybody’s account, it didn’t dawn on them to not do that and they didn’t necessarily have the right cybersecurity education to not do something like that.
Now, I know it also seems somewhat logical as well. But how much can we blame people for not knowing if they don’t have traditional educations. Geoff?
[Geoff Belknap] How much can we blame them? 100%. How much should we blame them? 0%. And let’s just take this example. When you fly in a plane, how much aeronautical engineering and piloting knowledge do you create in yourself beforehand? Zero. And your flight on that aircraft requires you to have zero knowledge, right?
We build all these systems into the planes, we put people on the planes that are there to ensure your safety and ensure that you have a safe ride, we put people that have tens of thousands of hours of experience in the piloting seat, they have tons of support structures around them because we realize this mode of travel is for common people that don’t need to have this knowledge and they’re going to use this as part of their daily lives and rely on it.
Unfortunately, that thinking of the person who’s a passenger or just utilizing this utility for day-to-day use shouldn’t know all this information, that’s thinking that doesn’t carry forward to things like apps that we use on our phone or our day-to-day use of computers, and it really should.
[David Spark] So, Geoff makes a good point. I mean, we have systems out there, like flying, where usage requires no knowledge of the product. But we realize in cybersecurity that’s not the case. We essentially demand users understand knowledge of the project.
[Caitlin Sarian] Do we demand it or do we just assume that they have it or hopefully assume that they have it? If anything, I feel like we’re happy that they don’t have this knowledge because it might be more flooding of questions and comments and concerns. I feel like it’s kind of swept underneath the rug.
I’m obviously on the users’ side because I interact with them on a daily basis, and I think it’s companies’ responsibility to start educating their users on how best to use the platform or whatever it is – app, website, I don’t care what it is. I know some banks send out reminder emails about passwords and stuff, but I do think it’s the responsibility of the company to inform users what their rights are and what they can do.
Obviously, there’s a privacy policy that some people in your comments will probably argue that companies have, no one reads that. So how are we educating users in a digestible way that’s relatable to them and so they know the importance of everything that’s going on? Because there’s no education, like we talked about numerous times, anywhere.
Closing
26:32.850
[David Spark] Well, we are going to bring this to an end right there on the “there’s no education” closer. But I mean, it’s quite the opposite, Caitlin. This is exactly what you’re doing. This is the service that you’re providing. So, by the way, to our listeners, if you’re on TikTok, which a bazillion people are, although many cybersecurity professionals stay away from it – by the way, what’s your take on that from the cybersecurity professionals who stay away from TikTok, Caitlin?
[Caitlin Sarian] I understand that the media has portrayed TikTok as basically the devil, but from my work with them I don’t agree at all, and I think it’s the platform that’s actually you’re able to communicate to the next generation of people. It’s such a powerful platform and it’s not, in my opinion, it’s not controlled by the US at all, so probably why the US doesn’t like it.
It’s very much based on what you like and the algorithms cater to you. So I think it’s such a powerful platform and I think people should give it a chance, in my personal opinion.
[David Spark] Well, I am a fan of it. I use it and I follow you as well. Caitlin’s account is cybersecuritygirl, all one word, on TikTok. Please follow Caitlin. Also we’ll link to it as well on this page. Now, normally we say what’s your favorite quote and why, but since this was such a kind of a mishmash of a show because the quotes weren’t exactly always advice, we’re going to skip that part of the show and we’re just going to close out.
First I’m going to say thank you to our sponsor Comcast. We greatly appreciate you sponsoring and being a brand-new sponsor of the CISO Series. We’ve actually been in long conversations with Comcast, so thank you for sponsoring us. I want to thank you, Caitlin, as well for coming. Any last words? I’ve given a plug to your channel, anything else you would like to plug?
[Caitlin Sarian] No, I’m just really excited to be here. I have other channels too on Instagram, so if you decide that you don’t want to start a TikTok or you don’t have one, I’m also on Instagram for cybersecuritygirl as well and YouTube.
[David Spark] And you put the same content there or something different?
[Caitlin Sarian] It’s similar content, yeah. I kind of switch things around a bit, but yeah, I’m just happy to be here. If you guys are listening to this, make sure you go back to your loved ones and educate them on the importance of cybersecurity.
[Geoff Belknap] Caitlin, have I mentioned there’s this other platform that you may have heard of? LinkedIn, yeah, you should give it a shot. Take a look at that.
[Caitlin Sarian] I feel like when I post my Reels on LinkedIn, it’s a little bit different. It’s not as professional as I feel like LinkedIn should be. I still go on LinkedIn all the time though. I love LinkedIn.
[Geoff Belknap] I think you have to bring the change that you want to see in the world, and if you think LinkedIn needs to be weirder, I think you got to lean into it.
[David Spark] Lean into it, Caitlin.
[Caitlin Sarian] I mean, I’m already extremely weird so I can make it weirder if we need to be. Yeah, we’ll work together on bringing it a little bit weirder. How about that?
[Geoff Belknap] We welcome all of that.
[David Spark] To our audience, just to let you know, it’s our first guest who brought a matching pink microphone and pink jacket, and we appreciate that, Caitlin.
[Geoff Belknap] It’s extremely on brand.
[Caitlin Sarian] Like I said, I’m Barbie-inspired.
[David Spark] Barbie-inspired recording. Thank you very much, Caitlin. Thank you very much, Geoff. Thank you to our audience as well. We greatly appreciate your contributions and for listening to Defense in Depth.
[Voiceover] We’ve reached the end of Defense in Depth. Make sure to subscribe so you don’t miss yet another hot topic in cybersecurity. This show thrives on your contributions. Please write a review, leave a comment on LinkedIn or on our site CISOseries.com where you’ll also see plenty of ways to participate, including recording a question or a comment for the show.
If you’re interested in sponsoring the podcast, contact David Spark directly at David@CISOseries.com. Thank you for listening to Defense in Depth.