Empowering the Vulnerable

In cybersecurity, we need to understand the mindset of hacking, which is not ethics. We also need to realize that even if we have cybersecurity experts get hacked, there is no reason to feel embarrassed or ashamed when it happens to us. In today's show we're going deep into the world of cybersecurity with one of the industry's most seasoned experts, Sam Curry. With over 30 years of experience in information security, Sam has been defending against cyber threats, shaping security strategies and mentoring the next generation of cyber professionals.

Currently the Global VP and CISO-in-Residence at Zscaler, Sam has also held leadership roles at companies like RSA, McAfee and Arbor Networks where he helped pioneer innovations in VPN technology and personal firewalls. But cybersecurity isn't just about firewalls and encryption—it's about mindset. Sam joins us to talk about the hacker mentality, zero-trust security and why even the best security professionals get hacked.

From his early days in cryptography to mitigating major cyber breaches Sam shares his insights on how businesses and individuals can defend themselves in a digital world. If you've ever wondered how cybercriminals think, how AI is changing the security landscape or what you can do to stay one step ahead then this episode is for you.

Show Notes:

• [00:55] Sam is Global VP and CISO-in-Residence at Zscaler. For the last 32 years, he's been involved in every part of security at some point.
• [01:23] He teaches cyber and used to run RSA Labs at MIT. He currently teaches at Wentworth Institute of Technology, and he also sits on a few boards.
• [02:41] We learn how Sam ended up working in cyber security. He has patents in VPN technology, and was one of the co-inventors of the personal fire law which was sold to McAfee.
• [04:14] There were security principles before 1996.
• [07:38] Sam feels a need and a mission to protect people. It's very personal to him.
• [08:40] He was there for the breach that RSA had. He's also been spearfished.
• [12:47] The shepherd tone is an audio illusion that makes sound that can make people sick because it sounds like it's always increasing.
• [16:31] Scams are way under reported because people are too embarrassed to report them.
• [19:31] Challenges of keeping security up. In peacetime we have to remember to build resilience and be antifragile.
• [22:10] Zero trust is a strategy and architecture for minimizing functionality.
• [28:14] There are immediate benefits from a security perspective to start creating zero trust.
• [30:17] Problems need to be defined correctly.
• [33:03] Even people who've done incredible research on hacking techniques have gotten hacked. There's no shame in it.
• [34:02] We need the hacker mindset. It's an important part of the human community.
• [36:44] The importance of making things easier to understand.
• [38:18] Advice for people wanting to get into cybersecurity is being just this side of ready and tackling things that are a little too big and a little too scary. Also find allies and a network.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Sam Curry on Zscaler
• On The Hook: An InfoSec Podcast
• Sam Curry on LinkedIn
• Sam Curry on Twitter