AI is pushing security into a new failure mode: tools that don’t just talk… they act.If you don’t treat AI agents like identities—with guardrails + telemetry—you’re building silent insiders.In this episode of Legitimate Cybersecurity, Frank and Dustin sit down with Ben Wilcox (CTO + CISO at ProArch) to get practical about what’s quietly breaking as companies rush into AI.What you’ll learn:The real conflict (and advantage) of being both CTO and CISOWhy DevSecOps “shift left” has stalled—and what actually worksHow to pitch security to executives: business impact analysis, downtime, and real risk framingWhy AI governance is mostly identity + visibility (and what’s missing today)“Paved paths” vs 5,000 snowflakes: the pattern that scales securityCloud-native vs Active Directory reality, passkeys, and legacy debtThe weird personal-data leak nobody notices (Gemini thinking Ben is a doctor)Media/interview: admin@legitimatecybersecurity.comAudio: https://legitimatecybersecurity.podbean.com/Chapters00:00 – The core question: what’s breaking as companies rush into AI?01:35 – CTO + CISO in one body: conflict or superpower?03:15 – Why security becomes “the blocker” (and how shadow IT/AI happens)04:45 – DevSecOps reality check: why “shift security into developers” stalls07:00 – Boards waking up: due diligence, questionnaires, and exec priorities09:30 – The only language budgets understand: business impact + downtime12:20 – AI coding + layoffs: are we shipping secure-looking “slop”?14:05 – “Paved paths”: fix one road, not 5,000 snowflakes18:25 – Agents are identities: treat them like users (RBAC, controls, monitoring)20:45 – Agent behavior drift: what “normal” looks like when it keeps learning23:05 – Gemini thought I was a doctor: how tiny data errors become big risk30:00 – What’s changed since the early internet (and what hasn’t)31:10 – The Active Directory problem + why cloud-native is safer (when done right)34:40 – Cloud tradeoffs: data residency, trust, and where control actually lives35:55 – Is cloud cheaper? The real savings (people + speed)37:05 – Space-based server farms: cool idea or expensive sci-fi?38:35 – Quantum: roadmap promises vs reality41:35 – Wrap + the official send-off: “Keep on cyberin’”#Cybersecurity #AI #CISO #CTO #IdentitySecurity #DevSecOps #AIGovernance #CloudSecurity #SecurityLeadership #riskmanagement

The "I have nothing to hide" argument is dead. It’s not about secrecy anymore—it’s about your wallet.Most people assume data collection is just for "better ads." They’re wrong. In this episode, Frank and Dustin break down how data brokers, insurance companies, and retailers are building a "digital twin" of you to manipulate dynamic pricing and assess your risk profile. From your car reporting your driving habits to insurance providers, to "The Retail Equation" banning you from stores for returning items, the surveillance economy is actively costing you money.In this episode, you’ll learn:The "Price Rigging" Reality: How Instacart and Kayak use your data to charge you higher prices than your neighbor.The Spy in Your Garage: How GM and other automakers are selling your driving data to spike your premiums.Home Surveillance: Why Amazon wants your Roomba’s floor maps.Defense Strategy: The exact browser, VPN, and "data pollution" tactics you need to use today to confuse the algorithms.Join the ongoing investigation: Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/Chapters:00:00 Intro: Why "Nothing to Hide" is a dangerous lie01:36 The Shorts controversy: Work computers & personal data03:28 It’s not privacy, it’s mind mapping06:28 The Target Story: Predicting pregnancy before the family knows07:24 Day-in-the-Life of your Data: From toothpaste to traffic08:14 Crucial: Your car is reporting you to insurance companies09:46 Dynamic Pricing: Why Mac users pay more for flights12:46 The Instacart Experiment: Same groceries, different prices15:17 Roomba, LiDAR, and the map of your home19:08 The "Return Police" (The Retail Equation)22:30 Flock Safety: The license plate reader network tracking you26:29 The MIB: How insurance companies track your "inconsistencies"30:10 Defense Phase: Denial and Data Pollution31:22 The Browser & VPN Strategy (Brave/Firefox/Nord)34:54 Windows & Mobile Settings you must turn off37:31 Advanced Tactic: Pi-hole and Private DNS40:58 The Mesh-tastic Option (Going off-grid)43:26 The "Doomsday Computer" & Etsy Scams#DataPrivacy #CyberSecurity #DynamicPricing #DataBrokers #OSINT #PrivacyTips #StopDataCollection #LegitimateCybersecurity

Everyone thinks the TikTok problem is solved because "US Data stays in the US." That is a dangerous misunderstanding of how the technology works.In this episode, Frank and Dustin break down the 80-page filing of the new TikTok joint venture. We analyze the ownership structure (Oracle, Silver Lake, and ByteDance) and explain why the "divestiture" is actually a loophole. The reality? Your data might live on Oracle servers, but the algorithm—the weaponized model that influences behavior—is still controlled by ByteDance.What we cover:The breakdown of the 19.9% ByteDance / 15% Oracle ownership split.Why "Data Sovereignty" doesn't matter if the Model is foreign-owned.The difference between data theft and behavioral modification (The "Cambridge Analytica" factor).Why ByteDance took a massive financial hit to keep a foothold in the US.Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/Chapters0:00 - The "Deal" that changed nothing 2:03 - Dissecting the ownership: Oracle, ByteDance, & Abu Dhabi 5:22 - The difference between Global Economy and National Security 8:45 - The Privacy Law trap: Backdoor access explained 10:04 - The Real Threat: It's not the data, it's the Model 14:25 - Can you train bias out of an algorithm? 18:29 - What-about-ism: Facebook vs. TikTok incentives 25:23 - The Dopamine Economy: Why Short-form won 30:18 - The "Sho Chu" Factor: Why is the CEO still there? 38:37 - Follow the Money: The $14B vs $100B valuation anomaly 42:39 - Next week: The failure of MFA#TikTok #Cybersecurity #DataPrivacy #Algorithm #TechNews #Oracle #ByteDance #SocialMedia #InformationWarfare

Your work laptop isn’t yours — and one legal issue inside your company can put your logins, browsing, and messages under review.We break down the real tools cyber pros use to “see” what’s happening on networks — and what that visibility means for your privacy.In this episode, we unpack:Why Wireshark is the “truth serum” of the internetHow SOC tools (like Snort) catch real behavior on real networksWhy using personal accounts on a work device can backfireWhat VPNs and DNS leaks mean for your browsing privacyThe tool mindset that separates guessing from knowingMedia/interview: admin@legitimatecybersecurity.comAudio: https://legitimatecybersecurity.podbean.com/Chapters00:00 Your work laptop is not private (cold open)00:26 Welcome + what this episode is really about02:00 The big idea: security is visibility03:00 Wireshark and learning how the internet actually works10:00 Kali + Metasploit and the reality of “hacking”19:30 Snort and how SOCs actually catch things23:10 Why work devices are a privacy trap27:45 VPNs, DNS leakage, and trust-but-verify42:20 Tools we loved then vs now (cantennas, Security Onion)48:35 The one tool that explains our security philosophy55:00 Wrap-up + keep on cyberin#cybersecurity #privacy #infosec #Wireshark #VPN #workfromhome #dataprivacy #networksecurity #securityawareness #tech

AI can sound empathetic, supportive, even “therapeutic”—but it can’t be accountable.That gap matters most when someone is isolated, vulnerable, or in crisis.In this episode, Frank Downs and Dustin Brewer sit down with Dr. Onna Brewer (licensed psychologist) to unpack why people are forming real attachments to AI—friendship, intimacy, and “therapy”—and where the danger line is when general-purpose chatbots become a substitute for human care.What you’ll learn:Why AI relationships meet real needs (and why that doesn’t automatically make them healthy)The difference between cognitive empathy vs affective empathyWhere AI can help mental health care (access, training, documentation) vs where it failsWhy crisis support is the hard boundary (and why “coin-flip” reliability isn’t acceptable)What guardrails could look like: product design, disclosures, and regulationIf you’re in immediate danger or thinking about self-harm, contact local emergency services right now. (This episode is education, not medical care.)References / further reading (full URLs):http://www.brewerbristow.comhttps://www.apa.org/topics/artificial-intelligence-machine-learning/health-advisory-chatbots-wellness-apps?utm_source=chatgpt.comhttps://www.nature.com/articles/s41598-025-17242-4#Fig4https://www.sciencedirect.com/science/article/pii/S2451958825001307?utm_source=chatgpt.comhttps://hbr.org/2025/08/you-need-to-be-bored-heres-whyMedia/interview: admin@legitimatecybersecurity.comAudio: https://legitimatecybersecurity.podbean.com/Chapters:00:00 AI can’t be accountable (the core problem)00:17 Introducing Dr. Onna Brewer02:06 Why AI relationships are growing (needs being met)05:01 Isolation + loneliness as the real backdrop06:42 Intimacy / passion / commitment: how AI fits08:32 One-way street (why it still feels two-way)13:22 AI as “therapy”: what’s real vs risky14:10 Pros: access, stigma reduction, clinician support18:38 Cognitive vs affective empathy (why therapy depends on humans)22:23 “Therapist” isn’t what most people think it means23:01 Normalization: asking AI for everything29:24 Boredom, attention, creativity, and cognitive offloading33:19 AI romance stats + shame/stigma dynamics37:35 AI in marriage: fidelity is defined by the couple46:00 The safety line: humans can intervene; bots can’t46:48 Responsibility vs trust: regulation and guardrails49:35 Wrap + resources + what to watch next#Cybersecurity #AI #Privacy #MentalHealth #DigitalWellbeing #OnlineSafety #AIsafety #TechEthics #AITherapy #AICompanions

Your body dies — but your accounts don’t. And now AI can be trained on the dead.So who “owns” your digital afterlife… and who gets to use it?In this episode of Legitimate Cybersecurity, Frank and Dr. Dustin Brewer unpack the real risk behind “legacy accounts,” AI memorial bots, and digital grief tools: consent, identity control, and what happens when someone can simulate you without you.We cover the ethics of training on deceased users, the slippery slope from grief-support to manufactured relationships, and why regulation vs. private control matters more than people realize.Media & interview requests: admin@legitimatecybersecurity.comAudio subscription: https://legitimatecybersecurity.podbean.com/C) Chapter Breaks (YouTube Chapters)0:00 — Your body dies… does your data?1:05 — Legacy accounts & “consent” after death3:20 — The DIY “Talk to my dead loved one” GPT5:45 — Why Facebook stopped being “social”7:10 — DNA data + the real nightmare scenario10:50 — Should your AI ghost include your flaws?13:05 — “Do we erase the racism?” (history vs. sanitizing)17:45 — Sci-fi already warned us (AI Lincoln moment)20:20 — Grief tools: healthy coping or dependency?26:00 — The slippery slope: AI partners & manufactured bonds27:40 — Who should control this: government or private sector?34:00 — Guardrails + “whole-ham” threat actor reality36:10 — Wrap: what we should demand before “digital afterlife” goes mainstream#Cybersecurity #AI #Privacy #DataOwnership #DigitalIdentity #Deepfakes #TechEthics #OnlineSafety #DigitalLegacy #Governance #LegitimateCybersecurity #AI #DigitalAfterlife #Privacy #Cybersecurity #ArtificialIntelligence #TechEthics #DataOwnership

Your gift card can be empty before you even buy it—and that’s just one of the holiday scams exploding right now.In December, attackers don’t need skill. They need distracted people.In this episode of Legitimate Cybersecurity, Frank Downs and Dr. Dustin Brewer break down the five highest-volume holiday scams hitting normal, smart people—gift cards, shipping texts, QR codes, travel Wi-Fi, and even AI voice cloning.You’ll learn:How gift cards are drained before activationWhy “package can’t be delivered” texts work so wellHow QR codes are being weaponized in parking lots and charitiesWhat actually keeps you safe while travelingHow to stop family-emergency scams instantlyMedia & interview requests: admin@legitimatecybersecurity.com🎧 Audio version: https://legitimatecybersecurity.podbean.com/Chapters:00:00 — Christmas morning: the gift card is already empty01:40 — Why December supercharges scams (stress + urgency)07:45 — Gift card heists (how they steal it before purchase)15:55 — “Pay in gift cards” = funding a crime17:00 — Shipping smishing texts (the #1 holiday scam)23:15 — MFA: annoying, but it works24:40 — QR scams & fake charities (quishing explained)28:10 — Travel season: Wi-Fi, hotel TVs, charging traps34:15 — Proximity attacks: NFC & crowded spaces36:45 — AI voice cloning & family emergency scams41:45 — The boring-target checklist (do this, relax)44:10 — Final takeaway + share with the link-clicker#cybersecurity #holidayscams #onlinesafety #phishing #giftcards #scams #identitytheft #LegitimateCybersecurity #Cybersecurity #HolidayScams #GiftCardHeist #AIVoiceCloning #Privacy #Infosec #TechSafety

Your smartphone, your streaming library, even your tractor—none of them actually belong to you. Companies can lock you out, delete your data, revoke your access, or simply shut down the servers your devices rely on. And now with AI moderation quietly deleting accounts behind the scenes… who’s really in control?In this episode of Legitimate Cybersecurity, Frank and Dr. Dustin Brewer explore:How Apple, Google, Tesla, and John Deere can remotely brick your devicesWhy your “purchased” movies on Vudu/Fandango can disappearThe subscription takeover: cars, games, self-driving, even pill bottlesHow AI bots on Reddit, Facebook, and Google can silently erase your accountWhy Gen Z and Gen Alpha face a job market that’s never been harderThe hidden danger of companies shutting down and taking your devices with themWhether you can really own anything digital anymoreFrom tractors to Tesla pricing chaos, FMV Sega nostalgia, disappearing media libraries, HOA jokes, and mushroom farming jokes… this episode covers the entire collapsing spectrum of digital ownership in 2025.🎯 QUESTION FOR YOU:What’s something you thought you owned… that you later realized wasn’t really yours?Post it in the comments — we’ll feature the best ones.🎧 Prefer audio?Subscribe to the Legitimate Cybersecurity podcast on any platform:👉 https://legitimatecybersecurity.podbean.com/📩 Media / interview requests:admin@legitimatecybersecurity.comChapter Breaks:00:00 – Cold Open: “Your phone can be remotely disabled—so do you actually own it?”00:33 – Streaming, OS licensing, and why your iPhone is rented, not owned01:20 – Companies can delete your data at will — Google, Tesla, Apple01:45 – The John Deere DRM nightmare02:58 – Gaming industry: the original warning sign04:09 – Cloud gaming, Stadia, GeForce Now, and the upside of subscriptions05:59 – But tractors doubling in price? Ownership gone wrong06:30 – “They can brick you at any moment” — the Dustin phone hypothetical07:23 – Dustin’s reaction: “I’d never use Google again”08:08 – OFAC, false positives, and the real risk of automated bans08:43 – Dustin’s farming family and the tractor brand civil war09:24 – The horse-as-subscription joke + automated farming tech10:35 – Tesla’s bizarre pricing, self-driving subscriptions, and BlueCruise12:08 – Frank’s Sega CD tragedy and the death of ownership nostalgia13:42 – Porn, HD DVD vs Blu-ray, and where video compression really came from15:55 – Streaming illusions of ownership: Vudu → Fandango disaster17:27 – EULA manipulations and the illusion of choice18:56 – Forced ads even with “ad-free” subscriptions19:27 – Millennials vs the streaming trap — we’re back to cable pricing20:27 – Pillsy shutdown: When smart devices die because companies die21:49 – The normalization of owning nothing23:33 – Subscription cars, self-driving distrust, and ambulances costing thousands24:40 – Can we stop the subscription takeover? Voting with wallet & laws25:34 – Food costs, Whole Foods jokes, inflation, and generational struggle26:10 – Mitsubishi Mirage, Slate truck, and forced compromise27:30 – Gen Z’s brutal job market and AI crushing coder roles29:33 – The CyberSeek fallout: disappearing salary data32:20 – AI moderation deleting posts and accounts without warning33:33 – Should AI ever be allowed to delete people? Objectivity vs bias35:19 – Moderating subreddits and HOAs = punishment jobs36:16 – What digital things do you really own? NAS vs cloud37:26 – Photos, privacy, and pulling memories off the cloud38:25 – Average people don’t have the tools to self-host anything39:13 – Benjamin Franklin quote + “It’s too late to go back”40:32 – Knock-knock joke + Dustin’s hope speech42:24 – The 98% vs the 2% — who really has control43:54 – Outro + Raspberry Pi phone joke#legitimatecybersecurity #cybersecurity #digitalownership #righttorepair #streamingwars #AIModeration #SubscriptionEconomy #johndeere #tesla #cloudcomputing #techpodcasts #dataprivacy #digitalrights #genz #cyberjobs