Shows
UNSECURITY: Information Security PodcastUnsecurity Live: Special 250th Edition with Oscar Minks & Evan FrancenCelebrating 250 episodes of Unsecurity, Megan and Brad go live at Hacks & Hops with former hosts and leaders of FRSecure, Evan Francen and Oscar Minks.Stories of navigating the growing team and the evolution of Unsecurity weaves personal testimonies of leadership, trust in self, and growth. This is a milestone episode you won’t want to miss!Thank you to our listeners for the support! Reach out at unsecurity@frsecure.com and follow us for more!LinkedIn: https://www.linkedin.com/company/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ Facebook: https://www.facebook.co...
2025-11-1032 min
InfoSec to InsanityEpisode #47 - We’re Addicted to Short-Term Thinking (And It’s Screwing Us All)Recorded Live on YouTube: Thursday, September 11, 2025 – 9:00 PM CTThis week on InfoSec to Insanity, Evan Francen and Matt Goodacre dive headfirst into a problem that’s bigger than firewalls, frameworks, or fancy AI tools—our obsession with short-term thinking. Inspired by Evan’s latest blog post, We’re Addicted to Short-Term Thinking (And It’s Screwing Us All), we’ll break down how chasing the next quick win, quarterly number, or shiny product is wrecking cybersecurity, business, and even our personal lives.Why do we keep doing what we know doesn’t work? Why do leaders mortgage long-te...
2025-09-161h 35InfoSec to InsanityEpisode #46 - Selling Fear – Why the Cybersecurity Industry Loves the ChaosStreamed live on Sep 4, 2025In this episode, Evan Francen and Matt Goodacre are back with Part 5 of the Accountability in Cybersecurity is Broken series: Selling Fear – Why the Cybersecurity Industry Loves the Chaos.Confusion sells. Simplicity doesn’t. And that’s not an accident—it’s a business model. Too many vendors, “experts,” and even practitioners are getting rich off of fear, uncertainty, and doubt (FUD), while the people they’re supposed to protect are left confused, vulnerable, and broke. Evan and Matt will tear into how snake oil gets sold, why simple fixes get ignored (remember the Sen...
2025-09-091h 32InfoSec to InsanityEpisode #45 - Breach? Jackpot. How the Legal System Profits from FailurePart 4 of the “Accountability in Cybersecurity is Broken” series - Recorded LIVE August 21, 2025 on YouTube.Every breach is a gold mine—but not for the victims. In this episode, Evan Francen (30+ year InfoSec badass) and Matt strip away the shiny headlines to expose the ugly truth: when cyber disasters strike, lawyers strike the jackpot. We’re unpacking how class-action lawsuits have turned cybersecurity disasters into bonanzas for law firms—while the real victims get scraps.From Equifax to AT&T to Meta, we’re talking grotesque settlements, insane legal fees, and a broken accountability loop that thrives on f...
2025-08-261h 24InfoSec to InsanityEpisode #44 - Cybersecurity Doesn’t Win Elections: So Politicians Don’t Give a Sh*tAccountability in Cybersecurity Is Broken, Part 3 – “Cybersecurity Doesn’t Win Elections: So Politicians Don’t Give a Sh*t”Cybersecurity doesn’t win votes—so politicians don’t care. That political apathy leaves CEOs, boards, and tech giants free to make terrible security decisions with no real accountability. In this episode, Evan Francen (30+ year veteran, co-founder of FRSecure & SecurityStudio, author of UNSECURITY) and co-host Matt Goodacre rip into how politics fuels the accountability crisis in cybersecurity. From Citrix zero-days and hacked U.S. courts to Russian hackers opening a dam in Norway, Evan and Matt del...
2025-08-201h 17
CvCISO PodcastCvCISO Podcast Episode : 59 CvCISO Red FlagsSummaryIn this episode of the CvcISO So Podcast, hosts Evan Francen, Dave, and Jordon explore the humorous side of cybersecurity by identifying various red flags in VC engagements. The conversation is filled with laughter as they share funny anecdotes and insights about what to look out for in cybersecurity practices, emphasizing the importance of awareness and vigilance in the field. The hosts also touch on legal and ethical concerns, making the discussion both entertaining and informative. In this engaging conversation, the speakers explore the intersection of humor and seriousness in cybersecurity, discussing various red flags that can indicate...
2025-08-2049 minInfoSec to InsanityEpisode #43 – It’s Not Real Until It Hurts: Why No One Demands ChangePart 2: It’s Not Real Until It Hurts Cybersecurity doesn’t change because we know better. It changes because someone bleeds. Not until the breach is splashed across headlines. Not until patients are turned away mid-surgery. Not until your CEO’s kid finds their identity on the dark web. In Part 2 of our six-part series, Accountability in Cybersecurity is Broken, Evan Francen (30+ years of cyber trench warfare) and Matt Goodacre (logic ninja, cyber smartass) rip into the ugly truth: in this industry, pain is the only language leaders understand.We’re talking W...
2025-08-111h 20InfoSec to InsanityEpisode #42 - Series Launch: “Accountability in Cybersecurity Is Broken”Get ready—this isn’t your typical cybersecurity rant:In Part 1: Is It Really Broken?, Evan lays down the truth: accountability in cybersecurity is broken badly and has been for a long time. We’ve confused responsibility (doing the work) with accountability (owning the fallout when it fails)—and that’s where the mess starts.In this episode, Evan and Matt unpack:Why responsibility ≠ accountability—and why that mattersHow CISOs, Boards, and CEOs all dodge the blame, even when security implodesThe “Dark Triad” of forces keeping security failures in motion: the overt attackers, the chaos‑profit sellers, and...
2025-08-041h 34InfoSec to InsanityEpisode #40 - Leading With Vulnerability📅 Recorded Live on YouTube: July 17, 2025 • 8 PM CTBased on: “Leading With Vulnerability” — Entry #10 of the Mental Health Without the Bullsht series (https://evanfrancen.com/2025/05/27/le...)We’ve been sold a lie: that leaders must be bulletproof—always confident, always composed, never showing cracks. In this episode, Evan tears that mask off. He shares raw, real experiences about faking invincibility to keep going—and how that act nearly broke him.We’ll unpack:Why hiding mistakes and doubts builds fear, not trustHow admitting “I don’t know” or “I need help” is the real leadership flexPractical vulnerability: owning mis...
2025-07-221h 16InfoSec to InsanityEpisode #39 - Masculinity and Mental HealthRecorded LIVE on July 10, 2025 (https://www.youtube.com/@evanfrancenproject)Based on: “Masculinity and Mental Health” — Entry #9 in the Mental Health Without the Bullsht seriesIn this episode, Evan and Matt cut through the crap and tear down toxic masculinity. We’re talking about the conditioning that says real men don’t cry, don’t ask for help, and must suffer in silence. Evan gets raw and real — sharing his own journey through anger, addiction, anxiety, and isolation, and how that “tough guy” mask almost destroyed him.We unpack why men die by suicide at higher rates, why so few...
2025-07-171h 28InfoSec to InsanityEpisode #38 - Real Help Looks Like...📅 Recorded Live on June 26, 2026 @ 9 PM CT on YouTube In this next-level continuation of our Mental Health Without the Bullsh*t series, we’re diving deeper into what real support looks like—not just therapy or self-care lip service, but the kind of help that actually sticks. Drawing from Evan’s raw and vulnerable blog post (https://evanfrancen.com/2025/05/23/real-help-looks-like/), and the 8th entry this 11-part series, this episode peels back the layers of stigma, complexity, and what happens when we stop pretending we’re “fine.”Expect:Candid conversation about why most “help” falls flat—and how to fix thatReal-wor...
2025-07-071h 12InfoSec to InsanityEpisode #37 - Healing Isn’t Linear📅 Recorded LIVE on YouTube – Thursday, June 19th @ 9PM CT🔗 https://evanfrancen.com/2025/05/20/healing-isnt-linear/In this brutally honest episode of InfoSec to Insanity, Evan Francen and Matt Goodacre dive into a truth we don’t talk about enough—healing isn’t a straight line. Whether it’s healing from burnout, trauma, failure, addiction, or the everyday wear and tear of life in information security, recovery is messy. It’s frustrating. It’s real.This week, Evan and Matt open up about their personal journeys, the setbacks that knocked them down, and the crooked, imperfect road back. We’ll unpack t...
2025-06-241h 25InfoSec to InsanityEpisode #36 – Check on Your Strong FriendsSPECIAL GUEST: John Harmon, CEO FRSecureThey’re the ones who always show up. Always have the answers.Always say, “I’m good.”And they might be the ones hurting the most.In this deeply personal episode, Evan Francen and Matt Goodacre shine a light on something we all overlook: the silent suffering of the strong ones — the leaders, the fixers, the ones who never ask for help.Based on Evan’s blog post, “Check on Your Strong Friends”, this conversation gets real about:Why high performers and helpers often hide their...
2025-06-181h 37InfoSec to InsanityEpisode #35 – Burnout Looks Different Than You ThinkBurnout isn’t always a breakdown. Sometimes it looks like working late, smiling in meetings, answering emails at 2am — and slowly falling apart behind the scenes.In this episode, Evan Francen and Matt Goodacre dig into the real face of burnout — the version that’s high-functioning, hidden, and happening to more of us than we’d like to admit.Based on Evan’s blog post, “Burnout Looks Different Than You Think”, this honest and eye-opening conversation explores:Why burnout isn’t always obvious — even to the person going through itHow cybersecurity culture often celebrates dysfunctionThe difference between b...
2025-06-101h 13InfoSec to InsanityEpisode #34 – Addiction Isn’t Just Drugs and BoozeStreamed live on May 29, 2025 #Addiction #Burnout #MentalHealthWhen we hear the word addiction, we think of needles, bottles, and rehab. But what if the most dangerous addictions are the ones we don’t even recognize?In this raw and revealing episode, Evan Francen and Matt Goodacre take on the addictions we normalize — workaholism, chaos, constant stimulation, toxic relationships, tech dependency, and more.Inspired by Evan’s blog post, “Addiction Isn’t Just Drugs and Booze”, this conversation will dive into:Why addiction is about what we can’t walk away fromHow the infosec in...
2025-06-031h 37InfoSec to InsanityEpisode #33 – The ADHD Mind in a 24/7 WorldIn this brutally honest and deeply personal episode, Evan Francen and co-host Matt Goodacre dive headfirst into the chaos, creativity, and constant mental noise of living with ADHD — especially in a nonstop, hyper-connected world like ours.Based on Evan’s blog post, “The ADHD Mind in a 24/7 World”, this conversation explores:What it really feels like to have an ADHD brain in cybersecurityHow the industry’s always-on culture clashes with neurodivergent mindsThe strengths, struggles, and misunderstood brilliance of ADHD professionalsWhy silence can be deafening, and why focus is often a moving targetThey’ll share war stories, trade coping strat...
2025-05-281h 25InfoSec to InsanityEpisode #32 – Strong on the Outside, Dying on the Inside: High-Functioning Depression in InfosecWe all know someone who seems to have it together. They’re high-performing, always reliable, maybe even admired. But beneath the surface, they’re barely holding it together.In this episode of InfoSec to Insanity, Evan Francen and co-host Matt Goodacre dive into the brutal reality of high-functioning depression and anxiety, especially in high-stress careers like cybersecurity. Based on Evan’s deeply personal blog post (https://evanfrancen.com/2025/05/06/strong-on-the-outside/), this conversation exposes what most people never see—the silent battles behind the smiles, the crushing weight behind the competence. We’ll talk about:Why “functi...
2025-05-191h 24InfoSec to InsanityEpisode #31 – We’re Not OK: Mental Health in InfoSecIn this deeply personal episode, Evan Francen and co-host Matt Goodacre confront the often-ignored mental health crisis within the cybersecurity industry. Drawing from Evan’s recent blog post (https://evanfrancen.com/2025/05/02/we..., they discuss the hidden struggles faced by professionals in a field where admitting vulnerability is often seen as a weakness. What’s Inside:The pervasive culture of silence and its impact on mental well-beingEvan’s personal journey through ADHD, addiction, and anxietyThe alarming rates of burnout and suicide among InfoSec professionalsPractical steps to foster a more supportive and open industry environmentRecorded live on YouTube...
2025-05-191h 26InfoSec to InsanityEpisode #30 - Are You Built For? Finding Your Path the Honest WayIn this episode of InfoSec to Insanity, Evan Francen and Matt Goodacre dive into the winding, messy, and sometimes hilarious journey of figuring out what the hell you’re actually built for in life. Spoiler: it’s probably not what your high school guidance counselor told you. Live from a cruise ship (yep, really), Evan shares a powerful conversation with an older couple that sparked this episode’s core question: Why do we pressure people to choose a career path before they’ve even lived a little?Expect raw honesty, a few personal war stories, and some serious r...
2025-05-061h 11InfoSec to InsanityEpisode #29 – Lessons from Lanterman: The Danger of Blind TrustIn this episode of InfoSec to Insanity, we dive headfirst into the explosive story shaking the cybersecurity and legal worlds—the FBI investigation into Mark Lanterman, a high-profile cyber forensic expert who’s worked on over 2,000 cases.How did someone with that much influence—and trust—end up under federal scrutiny? What does this say about our industry’s obsession with credentials over character? And how many other “experts” are we blindly trusting without question?Join Evan Francen and Matt Goodacre as they break it all down—candidly, critically, and without pulling any punches. We’ll talk about:T...
2025-04-221h 35InfoSec to InsanityEpisode #28 – Freedom Ain’t Free (But the NSA’s Watching Anyway)Two decades deep into the “War on Terror” and guess what? We’re still footing the bill—and it’s not just in dollars. It’s in surveillance, silence, and the slow death of civil liberties. In this episode of InfoSec to Insanity, we’re digging into what we’ve really lost since 9/11. From the Patriot Act’s shady legacy to the mass surveillance that makes Orwell look like an optimist, we’re pulling zero punches.Join us as we unpack:The quiet expansion of government spying in 2024Why your grandma might be on a watchlist (seriously)The illusion of secu...
2025-04-101h 25InfoSec to InsanityEpisode #27 - The Accountability Vacuum: Why No One Pays the Price for Security FailuresWhy do massive security failures happen—and nobody gets held accountable?In this raw and unfiltered episode of InfoSec to Insanity, we’re diving headfirst into the Accountability Vacuum that plagues the cybersecurity industry. Breaches keep happening. Sensitive data keeps leaking. Companies issue statements, pay fines (sometimes), and move on… but the people responsible? They skate.Join us as we dig into:🔥 High-profile breaches and the aftermath🔥 Why CISOs and execs rarely face real consequences🔥 The role of compliance theatre and corporate cya culture🔥 Legal loopholes, PR spin, and boardroom silence🔥 How we actually fix t...
2025-04-012h 07InfoSec to InsanityEpisode #26 - The Great Divide: Knowing vs. Doing in Information SecurityThe security industry is flooded with paper tigers—people who look the part, talk the talk, but can’t actually do the damn job.We’ve all seen them. The security “leaders” who push policies they don’t understand. The certification collectors who crumble when real shit hits the fan. The compliance jockeys who think checking a box is the same as being secure.In this episode, we’re diving deep into my latest blog post, “Paper Tigers” (https://evanfrancen.com/2025/03/14/pa..., and tackling the uncomfortable truths about why security is broken, why incompetent people keep failing upward, an...
2025-03-241h 27CvCISO PodcastCvCISO Podcast Episode 46: Meet DaveSummary In this episode of the CvCISO Podcast, host Evan Francen and co-hosts Jordan and Meg welcome Dave Tuckman, the new Executive Director at the Academy. They discuss Dave's background in IT and cybersecurity, his transition to FRSecure, and the importance of awareness training in the industry. The conversation also touches on work-life balance, the therapeutic role of music, and the vision for the Academy to uplift others through education and community building in cybersecurity. In this engaging conversation, the speakers delve into the importance of mentorship and building relationships for personal and professional success. They explore aspirations f...
2025-03-2151 minInfoSec to InsanityEpisode #25 - The Biggest Lies in CybersecurityCybersecurity is full of half-truths, marketing BS, and outright LIES that have misled businesses, security pros, and the general public for decades. In this episode of InfoSec to Insanity, we’re calling out the biggest offenders, exposing why they persist, and serving up a reality check that the industry desperately needs.🔥 Some of the biggest lies we’ll be tearing apart:✅ "Compliance = Security" (Spoiler: It doesn’t.)✅ "People Are the Weakest Link" (Maybe… but let’s talk about shitty system design.)✅ "AI Will Stop All Cyber Threats" (Sure it will, buddy.)✅ "Zero Trust Fixes Everything" (Great in...
2025-03-121h 10CvCISO PodcastCvCISO Podcast Episode 44: Essential Tips for vCISOsSummary In this episode, the hosts discuss essential tips for Virtual Chief Security Officers (VCSOs), emphasizing the importance of understanding the business context before addressing security concerns. They highlight the need for preparation, relationship building, and simplifying complex security concepts to effectively communicate with business leaders. The conversation also covers the significance of asset inventory, prioritizing impactful security initiatives, and using analogies to convey security risks in a relatable manner. In this conversation, Evan Francen discusses the importance of building impactful relationships within a business to achieve significant wins. He emphasizes leveraging credibility when making recommendations, the power of...
2025-03-061h 03InfoSec to InsanityEpisode #24 - Real Leadership: Get the F*ck Out of the Way!Leadership in InfoSec is broken—hell, leadership in general is broken. Too many so-called "leaders" are just in the way, making things harder instead of actually leading. In this episode, we break down what REAL leadership looks like and why sometimes the best thing a leader can do… is GTFO of the way.Joining us for this no-BS conversation is Oscar Minks, President of FRSecure—one of the best leaders in the game and a guy who knows how to build and empower great teams. Hosted by Evan Francen (30+ year InfoSec veteran & industry disruptor) and co-host Matt Goodacre, this e...
2025-03-051h 58CvCISO PodcastCvCISO Podcast Episode 43: DOGE and Information SecuritySummary In this episode, Evan and Jordon dive into the controversial topic of Doge, discussing its implications on government efficiency and information security. They explore the emotional responses surrounding political decisions, the role of trust in government, and the privacy concerns that arise from data access. The conversation emphasizes the importance of questioning narratives and understanding the complexities of the system, particularly in relation to social security and data security. In this conversation, Evan Francen and Jordon discuss the inefficiencies and challenges within government systems, particularly focusing on identity recovery and cybersecurity. They explore the emotional manipulation prevalent i...
2025-02-2751 minInfoSec to InsanityEpisode #23 - The Original Sin: Security Was Never Built InJoin Evan Francen and Matt Goodacre for a brutally honest, no-BS recording of InfoSec to Insanity! This episode tackles the original sin of cybersecurity—the fact that security was never built into technology from the start.From the early days of computing to the modern mess we deal with today, we'll break down why security was always an afterthought, how that led to the broken industry we have now, and what the hell we can do about it. Expect war stories, rants, laughs, and maybe even a few conspiracy theories as we call out the real problems and re...
2025-02-241h 28InfoSec to InsanityEpisode #22 - The Cybersecurity Job Market Sh*t ShowIn Episode #22, we dive into the chaotic and dysfunctional state of the current cybersecurity job market. Inspired by Evan Francen's no-holds-barred blog post on the topic, we explore the absurdity of job postings, unrealistic hiring expectations, and the relentless grind faced by both job seekers and employers. From gatekeeping madness to the never-ending "5 years of experience in a 2-year-old technology" demands, it’s all on the table.Evan Francen, an InfoSec industry titan with 30+ years of experience, hosts the conversation, sharing his (always) candid insights, while his co-host Matt Goodacre shares his insightful day-to-day information security leadership perspective. Th...
2025-02-181h 29InfoSec to InsanityEpisode #21 - Message Overload: WTF Is Going On?Is it just us, or is everyone drowning in a sea of messages? From never-ending email chains to Slack pings, alerts, and every other form of digital chaos, we’ve got one question: WTF is going on?!Join Evan (30+ year InfoSec veteran, founder of FRSecure & SecurityStudio) and his sidekick Matt as they dive into the madness of modern communication overload. How did we get here? What does it mean for InfoSec pros trying to stay sane—and secure?We’ll share stories, crack some jokes, and maybe even figure out how to fix this mess. (Spoiler: it’s n...
2025-02-101h 40CvCISO PodcastCvCISO Podcast Episode 41: MentorshipSummary In this episode, the hosts discuss the significance of mentorship in personal and professional development. They explore the nuances of what mentorship means, the difference between wisdom and education, and how informal mentorship can occur within communities. The conversation emphasizes the importance of experience, the role of mentors in shaping careers, and the reciprocal nature of mentorship relationships. The hosts also touch on the idea that everyone has the potential to be a mentor, regardless of their formal title or position. In this conversation, Evan Francen and Meg discuss the multifaceted nature of mentorship, emphasizing t...
2025-02-0750 minCvCISO PodcastCvCISO Podcast Episode 40: AI in the WorkplaceSummaryIn this episode, the hosts discuss the significance of mentorship in personal and professional development. They explore the nuances of what mentorship means, the difference between wisdom and education, and how informal mentorship can occur within communities. The conversation emphasizes the importance of experience, the role of mentors in shaping careers, and the reciprocal nature of mentorship relationships. The hosts also touch on the idea that everyone has the potential to be a mentor, regardless of their formal title or position. In this conversation, Evan Francen and Meg discuss the multifaceted nature of mentorship, emphasizing...
2025-02-0456 minInfoSec to InsanityEpisode #20 - Under the Hoodie: Mental Health in InfoSecThe cybersecurity world is fast-paced, high-pressure, and relentless. But what happens when the stress, burnout, and anxiety take a toll on the very people working to keep us safe? In this powerful episode of InfoSec to Insanity, we’re pulling back the curtain—or, in this case, the hoodie—to talk about a critical issue that’s too often overlooked: mental health in the InfoSec industry.Special Guest: Steve Shelton, CEO of Green Shoe ConsultingJoin Evan Francen, a 30+ year veteran of cybersecurity, and Matt Goodacre, a Marine Corps veteran and information security leader, as they...
2025-02-032h 15InfoSec to InsanityEpisode #19 - Certified Chaos: The Role of vCISOs in Today’s Threat LandscapeIn this episode of InfoSec to Insanity, we’re diving headfirst into the thrilling (and sometimes chaotic) world of virtual Chief Information Security Officers (vCISOs). What do these digital sheriffs do? How are they tackling today’s relentless cybersecurity threats? And why might your business need one, even if you don’t know it yet?Join us as we unpack the unique challenges vCISOs face, their critical role in navigating today’s complex threat landscape, and the story behind the Certified virtual Chief Information Security Officer (CvCISO™) program that’s training a new generation of InfoSec rockstars.We’ll s...
2025-01-271h 40InfoSec to InsanityEpisode #18 - Why Do People Seem So Damn Stupid?In this episode, we’re calling it like we see it: stupidity seems to be everywhere these days, but why? From the rise of social media echo chambers to algorithms that reward bad behavior, and even the Dunning-Kruger effect in action, we break down what’s going on.We’ll explore how tech conveniences have hijacked our critical thinking and how it’s impacting cybersecurity, personal accountability, and society at large. Expect some hilariously frustrating real-world examples, a bit of ranting, and as always, candid insights on fixing the broken industry.Don’t miss this raw and real c...
2025-01-201h 47InfoSec to InsanityEpisode #17 - Crystal Balling Cybersecurity: 2025 Predictions You Can't IgnoreWhat’s in store for cybersecurity in 2025? In Episode 17 of InfoSec to Insanity, we’re dusting off the crystal ball to deliver bold, no-BS predictions about what’s coming next. Will AI finally live up to the hype? What new threats will keep us up at night? And how will we navigate the chaos of a rapidly evolving industry?From game-changing technologies to the challenges nobody’s talking about (yet), we’re diving deep into what’s ahead for cybersecurity pros, organizations, and everyday users.This isn’t just another cookie-cutter forecast—get ready for unfiltered insights, practi...
2025-01-141h 45InfoSec to InsanityEpisode #16 - 2024 Cybersecurity Industry Year in ReviewIt’s been a wild ride in cybersecurity this year, and we’re breaking it all down in Episode 16 of InfoSec to Insanity! From headline-grabbing breaches to groundbreaking advancements, shifting regulations, and industry shakeups, 2024 gave us plenty to talk about.Join us as we take a no-BS look back at the year that was. What worked? What didn’t? And what lessons can we take into 2025 to finally start fixing this broken industry?Whether you’re an insider or just curious about the state of cybersecurity, this episode has something for you. Expect insights, a few rants, a...
2025-01-061h 24UNSECURITY: Information Security PodcastUnsecurity Episode 231: Security Predictions for 2025 with Evan Francen & Oscar MinksBrad returns with Megan to talk 2025 predictions with former Unsecurity host Evan Francen and President of FRSecure, Oscar Minks. They discuss potential effects of new administration and AI.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.
2024-12-3037 minInfoSec to InsanityEpisode #15 - After the Gifts, Here Come the Risks: Post-Holiday Security TipsThe holidays are over, the gifts are unwrapped, and the shiny new gadgets are in our hands—but are they secure? From smart home devices to the latest tech toys, the season of giving can quickly turn into the season of hacking if we’re not careful.Host Evan Francen is joined by special guest Jordon Darling, a cybersecurity expert and tech enthusiast, to unpack the risks that come with post-holiday tech. Together, they’ll share practical tips and candid insights to help you secure your new devices and avoid becoming an easy target for cybercriminals.Topi...
2024-12-301h 47InfoSec to InsanityEpisode #14 - F*ck the Fear FactoryThe cybersecurity industry loves to sell fear: fear of breaches, fear of hackers, fear of being the next headline. But is the "Fear Factory" doing more harm than good?In this unapologetic episode, host Evan Francen is joined by Matt Goodacre, a seasoned cybersecurity leader who isn’t afraid to call BS on fear-based marketing. Together, they take a sledgehammer to the industry’s obsession with fear and explore how this narrative is holding us back from real progress.What to expect:Why fear sells—and why it shouldn’t.The real impact of fear-mongering on busin...
2024-12-231h 45CvCISO PodcastCvCISO Podcast Episode 35: vCISO Habits and RoutinesSummary In this episode of the CvCISO Podcast, hosts Evan, Meg, and Jordon discuss the essential routines and habits for vCISOs, emphasizing the importance of building strong relationships, understanding pricing, and the value of intangibles in cybersecurity. They explore the pathways to entering the cybersecurity field, including education and gaining practical experience, while also addressing the confusion surrounding the industry and the need for clear communication. In this conversation, Evan Francen discusses the importance of effective communication and relationship-building in the role of a Virtual Chief Security Officer (vCISO). He emphasizes the need for thorough preparation, the value o...
2024-12-2050 minInfoSec to InsanityEpisode #13 - Breaking Chains and Firewalls: Sobriety and Security in CyberIn this heartfelt episode of InfoSec to Insanity, host Evan Francen and special guest Brad Nigh open up about their journeys to sobriety—Evan with 23 years of hard-earned sobriety and Brad celebrating 90 days. Together, they explore the parallels between breaking personal chains and tackling challenges in the cybersecurity industry.With candid stories, honest reflections, and a touch of humor, they shine a light on the strength it takes to secure both your life and your career. This is a raw and inspiring conversation you won’t want to miss.
2024-12-171h 33InfoSec to InsanityEpisode #12 - Bridging the IT-OT Divide: Cybersecurity Challenges in Critical InfrastructureIn this episode of InfoSec to Insanity, we dive deep into one of cybersecurity's most critical and complex frontiers: the convergence of IT and OT (Operational Technology). Our guest, the brilliant and experienced Paul Veeneman, joins us to unpack the unique challenges of securing critical infrastructure—where downtime isn't just a cost; it’s a potential disaster. Paul brings his decades of expertise to the mic, sharing candid insights about:The messy marriage of IT and OT systems and why they often clash.Real-world stories of attacks on critical infrastructure and the lessons learned.How to approach risk management and inci...
2024-12-101h 57InfoSec to InsanityEpisode #11 - Turkey, Tactics, and Trade-offs: A Feast of InfoSec InsightsThanksgiving is here, and so is Episode 11 of InfoSec to Insanity! Join Evan and Ryan Cloutier for a holiday special packed with gratitude, critical insights, and actionable tips to keep you and your loved ones safe this season.We’re dishing out:What we’re thankful for in InfoSec: Progress, people, and lessons learned.Elderly scams uncovered: The latest threats targeting seniors and how to protect the greatest generation.Holiday safety tips: From online shopping to digital hygiene, learn how to keep cyber Grinches at bay. It’s a laid-back yet impactful conversation designed to leave you fee...
2024-12-041h 19InfoSec to InsanityEpisode #10 - One Night Only: Security Shit Show ReunionIn Episode #10, we've brought the band back together for a "One Night Only: The Security Shit Show Reunion." It’s been a couple of years since Evan, Chris Roberts, and Ryan Cloutier last shook up the infosec world with their unfiltered takes and straight-shooting style. For one night only, we’re reuniting to dig back into the wild world of security, reflect on what’s changed (or hasn’t), and share what the industry still isn’t getting right. Grab your drink, brace yourself for some laughs, and don’t miss this reunion of raw honesty and relentless passion for fixing the b...
2024-11-251h 44InfoSec to InsanityEpisode #9 - 30+ Years, Have We Made Any Real Progress?In this episode, I’m diving into a question that’s haunted me since I started in InfoSec back in ’92: Are we actually more secure now, or have we just been spinning our wheels? With three decades of so-called "advancements," it's time to get brutally honest about what’s worked, what hasn’t, and whether all the tools, policies, and frameworks have moved the needle on security—or just made it look that way. Tune in as I unpack the highs, lows, and straight-up insanity of our progress (or lack thereof).
2024-11-191h 31InfoSec to InsanityEpisode #8 - Has Technology Gone Too Far? My Wife Thinks So. with My WifeIn this candid episode, I’m joined by my wife as we tackle a topic that's on everyone’s mind: Are we relying on technology too much? My wife shares her unfiltered thoughts on how tech is creeping into every corner of our lives, sometimes causing more problems than it solves. From smart homes to smartphones, we discuss the good, the bad, and the downright frustrating ways tech is taking over.You know how risky this is, right?!
2024-11-111h 41InfoSec to InsanityEpisode #7 - Hacks and Horrors: Why Chasing Products Won’t Save You with Lyle MelnychukIn this eye-opening episode of InfoSec to Insanity, we're joined by cybersecurity expert Lyle Melnychuk to tackle one of the biggest traps in the industry—over-relying on products to solve security problems. Lyle brings his no-nonsense perspective on why simply chasing the latest tools and tech won’t keep you safe from the real threats lurking out there. We dive into the true art of building a strong security foundation, share some wild stories of breaches that could have been prevented, and explore how to avoid the common pitfalls that many companies fall into when building their defenses.Expe...
2024-11-051h 46InfoSec to InsanityEpisode #6 - F*ck the Stigma, Be Authentic with Rachel ArnoldIn this episode of Insanity to InfoSec, we're joined by the incredible Rachel Arnold for a raw and real conversation about breaking down stigmas in the cybersecurity industry. Rachel, a leader known for championing authenticity and mental well-being in tech, shares her journey and the importance of showing up as your true self. We'll dive into the pressures of the infosec world, the mental health challenges many face, and why it’s time to say "f*ck the stigma" and embrace authenticity. Get ready for an unfiltered discussion about the power of being unapologetically yourself, both in and out of th...
2024-10-282h 20InfoSec to InsanityEpisode #5 - Public Sector Cyber Challenges with Shawn RileyIn this episode of Insanity to InfoSec, Evan dives into the complex world of public sector cybersecurity with a special guest, Shawn Riley (former CIO, State of ND). With his extensive experience as a public sector IT leader and strategist, Shawn brings valuable insights into the unique challenges faced by government organizations in defending against cyber threats. We'll explore topics like navigating tight budgets, managing legacy systems, and how public sector entities can stay ahead in the ever-evolving cybersecurity landscape.TakeawaysTransparency in cybersecurity leads to better outcomes.Many state IT leaders lack a technology...
2024-10-221h 51InfoSec to InsanityEpisode #4 - Unf*cking Security: No More Excuses, Fixing the Basics with Chip HarrisIn this episode, Chip Harris and Evan discuss the complexities of cybersecurity, personal experiences in military and tech backgrounds, the evolution of hacking, the impact of the OPM breach, and the challenges of maintaining anonymity in their line of work. They delve into the life of a private military contractor, the long game in cyber operations, and the dark side of data monetization, while also navigating the corporate landscape and discussing the future of cybersecurity.Chip and Evan also discuss the challenges of the job market, particularly in the tech and cybersecurity fields. They share personal experiences with...
2024-10-142h 05UNSECURITY: Information Security PodcastUnsecurity Episode 225: Hacks & Hops Panel DiscussionHosts of "Unsecurity" podcast, Megan Larkins and Brad Nigh, join Evan Francen and Michael Kennedy of "Sunsets and Snowdrifts" for a crossover panel.Find the event slides here: https://info.frsecure.com/hubfs/FRSecure_Hacks%20and%20Hops_Master%20Deck-1.pdfWe look forward to seeing you next year! To stay updated about Hacks & Hops 2025, check our site. hacksandhops.comPlease send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, M...
2024-10-0936 minInfoSec to InsanityEpisode #3 - When the Sh*t Hits the Fan with Oscar MinksIn this engaging conversation, Evan and Oscar explore the intersections of personal experiences, professional challenges, and the ever-evolving landscape of cybersecurity. They discuss the importance of trust, credibility, and situational awareness in both life and work, while sharing personal anecdotes that highlight the human side of the industry. The dialogue also touches on cultural insights, community support during crises, and the value of perspective in understanding different experiences. Ultimately, they advocate for a balanced approach to technology adoption and incident response, highlighting the need for responsible decision-making and emotional intelligence.
2024-10-042h 07InfoSec to InsanityEpisode #2 - WTF Are You Doing with Michael KennedyIn this episode of the InfoSec to Insanity podcast, Evan and Michael Kennedy discuss various themes surrounding cybersecurity, including the importance of transparency, the role of Managed Service Providers (MSPs), and the launch of Ostra, a security as a service company. They share personal anecdotes, reflect on their journeys in technology, and emphasize the need for accountability and honesty in the industry.The conversation also delves into defining events, incidents, and breaches, and highlights the challenges faced by professionals in the cybersecurity space. In this conversation, Michael Kennedy and Evan also focus on the importance of accountability, the...
2024-09-301h 44InfoSec to InsanityEpisode #1 - The Inaugural Episode w/Ryan CloutierIn the inaugural episode of the InfoSec to Insanity Podcast, Evan welcomes his longtime friend Ryan Cloutier to discuss challenges and their experiences in information security. Both of them are together in Mexico, and things don't go off without a hitch. 20 minutes before the live show was set to begin, the power goes out! The show picks up immediately after Evan gets back from racing to get his generator up and running.Once things settle down, they dig in, emphasizing the importance of mental health, authenticity, and personal growth. They share their journeys into the tech...
2024-09-211h 04CvCISO PodcastEpisode 15: The Challenges and Rewards of Being a Virtual CISOIn this episode, Evan Francen and Meg Perron sit down with Greg Schaffer, a seasoned virtual Chief Information Security Officer (vCISO) and the host of the Virtual CISO Podcast. Together, they delve into the critical pillars of trust, credibility, and likability in the cybersecurity industry. Greg shares his inspiring journey from a network engineer to a CISO, eventually leading to the creation of his own virtual CISO services. He opens up about the unique challenges and rewards of being a virtual CISO, highlighting the importance of integrity and a servant mindset in this ever-evolving field.Throughout the conversation...
2024-07-261h 03CvCISO PodcastEpisode 11: Leading Through Organizational ChangeIn this episode, Evan Francen, Meg Perron, Jordon Darling, and special guest Jim Perron work through the nuances of leading through organizational change. They explore the importance of aligning leadership with the business’s mission and language, forging strong relationships with influential leaders, and the role of personal growth in enhancing leadership impact. The discussion underscores the necessity of speaking the business language, understanding stakeholder motivations, and embodying core values that emphasize selfless service. Listeners will gain valuable insights into the timing and momentum in leadership, situational awareness, and the need for genuine industry care and a mission larger than on...
2024-06-1457 minCvCISO PodcastEpisode 10: All About MentorshipIn this episode, Jordon Darling and Evan Francen explore the power of mentorship and the role it plays in personal and professional development. They discuss the qualities of a good mentor, the spectrum of mentorship, and the importance of setting an example for others. The hosts share personal experiences and insights, emphasizing the value of humility, authenticity, and care in mentorship.For more information on the CvCISO program visit: https://cvciso.com
2024-06-0736 min
Sunsets & SnowdriftsEpisode 2: A Pulse on Mental Health in the Cyber IndustryIn this episode, our hosts dive into a crucial yet often overlooked aspect of the cyber industry: mental health. Evan Francen and Michael Kennedy have a candid conversation about the significance of prioritizing mental well-being and share their insights on the importance of leaning on others and fostering a culture of openness within the industry. They emphasize the critical role of leaders in creating a supportive environment where team members feel comfortable sharing their struggles and seeking help when needed. They also explore the concept of truth-telling and transparency in the cyber industry, highlighting how these values not only enhance...
2024-05-031h 02Sunsets & SnowdriftsEpisode 1: The Origin Story"Sunsets and Snowdrifts: Life on the Cyber Horizon" kicks off its first episode with a warm introduction from host Frank Gurnee in California, joined by cybersecurity experts Evan Francen and Michael Kennedy, bringing their insights from the contrasting climates of Puerto Vallarta, Mexico, and Minnesota, respectively. The podcast aims to unravel the complexities of cybersecurity for a diverse audience, including MSPs, vCISOs, and enthusiasts. After a light-hearted start and Evan and Kennedy's background stories, the discussion shifts to serious recent cybersecurity events, including major data breaches and legal challenges faced by MSPs, sparking a conversation on responsibility and preventive strategies...
2024-04-041h 02
The Virtual CISO MomentS6E20 - A Conversation with Evan FrancenEvan Francen is the CEO of FRSecure and SecurityStudio. His mantra of focusing on the mission is inspiring, and his mission is to, simply put, fix problems. He is the founder of the CISSP Mentor Program and the Certified vCISO (CvCISO) training. Additionally, he authored The Information Security Industry is Broken (June 2018). The industry may be broken, but we can fix it; that's just one of the topics we discuss.
2024-04-0432 min
Audience 1st[BEST OF] What Cybersecurity Pros Hate MOST About the IndustryIn every episode I record with my guests, I ask them one crucial question:
"What do you hate most about the cybersecurity industry?"
In this episode, I curated the top answers for you. What's more, you'll get an understanding of what security practitioners, go-to-market teams, and cybersecurity vendors can do to alleviate some of these problems in the industry.
Who will you hear from?
[00:45] Joshua Marpet
[01:39] Limor Kessem
[03:43] Nick Ryan
[04:43] Tal Arad
[05:42] Leo Cruz
[06:39] Gary Hayslip
[08:05] Dmitriy Sokolovskiy
2022-09-3028 min
Breaking Into Cybersecurity#CISOThursday - Breaking Into Cybersecurity w/ Evan Francen 7.14.22#CISOThursday - Breaking Into Cybersecurity w/ Evan Francen 7.14.22
https://www.linkedin.com/in/evanfrancen/
It’s really a conversation about what they did before, why did they pivot into cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way.
About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gur...
2022-07-1532 min
The Security Shit ShowEpisode #93 All this quantum talk has me entangledEvery day we inch closer to a new computing reality, the arrival of commercially stable quantum computing, we hear about this new disruptive technology, that when unleashed will break the worlds strongest encryption in nanoseconds, that is a very scary proposition for any info-sec professional.There is work being done today to make quantum resistant encryption or so we hope. It is already difficult enough to secure and keep up with the systems that make up our modern world. Systems that are overly complex and running trillions and trillions of lines of code just using 1’s and 0’s, syst...
2022-06-291h 55
Audience 1stWhen You Focus on the Mission, You Will Make the Money | Evan FrancenEven if you don't win right now on customer acquisition - you will absolutely win on the churn rate.
People will not leave you.
They will stay with you forever because they trust you.
When I listened to Evan Francen, CEO of FRSecure and SecurityStudio, chat with Ryan Cloutier on their podcast, he said one thing that stood out to me:
“I don’t want any friends.”
I called bullshit.
And so, here we are, having a down-to-earth, candid conversation, full of “F'“ bombs and the “S” word 😱, about what motivates hi...
2022-04-0749 min
The Security Shit ShowEpisode Sixty-One - Say Something Nice...I remember my Mother teaching me “if you don’t have anything nice to say, then don’t say anything at all” and there’s a LOT of merit in that statement for various situations.... However, when it comes to our industry, and some of the companies, folks, and players INSIDE of it I must admit I’ve broken that rule on several occasions. Which brings me to the rather splendid Osthoff Resort, sandwiched between Milwaukee and Green Bay, Wisconsin. I’m here... Surrounded by a posse of FBI agents, InfraGard folks, and businesses...
2021-12-142h 00
The Security Shit ShowEpisode Fifty-Three - Let's Play 20 Questions (for vendors)Vendor Questions! On tonight’s YouTube #shitshow we’re going to discuss what to ask the vendors as the line up to take your annual budget.... Think of this as OUR version of 20 questions. Join Ryan Cloutier, CISSP, Evan Francen, Rachel Arnold, and I, as we work through things to contemplate, cogitate, consider, AND use as you sort for that elusive needle IN the thicket we call the “right” InfoSec vendor in the ever increasingly convoluted and complex landscape. Somewhere in among the twenty questions we WILL likely have the following: - W...
2021-09-092h 13
HR Data LabsEvan Francen - Secure Your S#!t: Cybersecurity in HR AnalyticsSend us a textA passionate advocate for cybersecurity, Evan Francen has been helping people learn about the importance of cybersecurity through his writing, his podcast, his YouTube channel, his public speaking engagements, and more! Cybersecurity has become a massively important aspect of running a business and yet, it’s still an afterthought of many CEOs in the world today.In this episode, Evan talks about what you can do to strengthen your own cybersecurity at home, and why your smart devices might not be the smartest choices after all.Chapters:[0:00 - 4:24] In...
2021-08-1939 minHR Data LabsEvan Francen - Secure Your S#!t: Cybersecurity in HR AnalyticsSend us a textA passionate advocate for cybersecurity, Evan Francen has been helping people learn about the importance of cybersecurity through his writing, his podcast, his YouTube channel, his public speaking engagements, and more! Cybersecurity has become a massively important aspect of running a business and yet, it’s still an afterthought of many CEOs in the world today.In this episode, Evan talks about what you can do to strengthen your own cybersecurity at home, and why your smart devices might not be the smartest choices after all.Chapters:[0:00 - 4:24] In...
2021-08-1939 min
The Security Shit ShowEpisode Forty-Five - Dolla Dolla Bill Y'allMoney!! it makes the world go round, we need it, we want it, and when it comes to money for our security program we fight for it, but are we spending it wisely? - Will it have the impact on our security program we hopped it would? - Did we spend too much or not enough? - How much money is enough? - What the hell should I be spending it on that will make the biggest impact?Is it wiser to invest in your people and the fundamentals or to invest in...
2021-05-122h 10
The Security Shit ShowEpisode Forty-Three - Killed My Grandma (updated)...NOTE: #ShitShow topic NOT my Grandma in Real Life before anyone gets worried!Annually, there are anywhere from 22,000 to 250,000 cases of death in the medical field that really should NOT have happened.Firstly, I’m glad the medical field has as many problems as we do in counting how many people they harmed. InfoSec has no REAL idea as to the implications of our actions beyond “Hey, Look! More data’s out there…” At least in the medical field there’s bodies to count.The question then is how do you categorize death? IF they were sick...
2021-04-162h 25
The Security Shit ShowEpisode Forty - Simplify, then add lightness…The late Colin Chapman, founder of Lotus eschewed the pursuit of horsepower in favor of lightness combined with better handling across his road and race vehicles.That courage to buck the trend resulted in numerous accolades on both sides of the Atlantic.It is that ethos our industry should once again embrace.Simplify:The interfaces, the barriers to entry, the integration, deployment and overall management of the plethora of technology we eagerly buy, deploy, and then complain about.Lightness:Adding power is great if you are going in a straight...
2021-03-232h 10
The Security Shit ShowEpisode Thirty-One - IFWritten at the turn of penultimate century, and published around 1910, Kipling’s “If” is a force that speaks as wisely today as at the time of writing.Breaking it down to a few simple guides, we can learn the following:- Keep a clear head while others around are losing theirs.- Be mindful of our thoughts AND actions.- Never ever give up.- Reach FOR the stars, but keep your feet firmly planted.Now, given the last few weeks of fun and games in our industry have put the icing...
2020-12-212h 18
The Security Shit ShowEpisode Nineteen - How Did We Get Here?Sometimes in order to keep moving forward, not only must you take one step at a time, but you must be willing to look back occasionally and evaluate your past, no matter how painful it is. Looking back lets you know whether or not you are headed in the right direction.” (G.K Adams)Having just worked with the Semperis crew on delivering a lecture the other day on the historical tie-ins between how we ALL approach technology today and the influences ON those decisions from almost 12,000 years of documented history affect us it’s something I want to e...
2020-09-242h 18
The Security Shit ShowEpisode Sixteen- Fried Brains Anyone?This evening on the Security Shit Show we’re going to open the Pandora’s box labeled 5G and see what’s what with the technology, implementations, countries involved AND all the conspiracy theories surrounding it.With the ever-guiding lights provided by Evan Francen, Ryan Cloutier, CISSP and Rachel Arnold we’ll see what we can come up with to dispel the rumors of brain frying, Covid-19 inducing, plant and bird killing technology.We’ll address some of the actual challenges WITH 5G, thanks to some great conversations the other week with Paul Ferrillo and Dr. Rob Spaldi...
2020-08-312h 02
The Security Shit ShowEpisode Ten - We Want You...On tonight’s Security Shit Show, Ryan Cloutier, CISSP Evan Francen and I are going to tackle the wonderful world of job descriptions, recruiting and the disaster that appears to be getting people INTO the industry!As a guide, the below should help frame the conversations!Job descriptions (AND their meanings)1) To be part of the team (you’re the first!)2) To lead from the front (you’re the bullet shield)3) To be THE voice (and get blamed)4) To bridge DevSecOps (You’re buying coffee and donuts)5) Drug free workplace (no coffee...
2020-07-231h 46UNSECURITY: Information Security PodcastUNSECURITY Episode 3: Thanksgiving, Connected Devices (IoT), Healthcare, and IncidentsFRSecure's Evan Francen and Brad Nigh wrap up Thanksgiving week with episode 3 of UNSECURITY. In this episode, Evan and Brad break down connected devices and IOT, the healthcare industry, and incident/breach response.
2018-11-261h 02