Byte Sized Security

Hosted by Marc David

Technology Business News

Website RSS feed

Episodes

Latest episode

Jun 2026

Language

About the show

In a world where cyberattacks are becoming more commonplace, we all need to be vigilant about protecting our digital lives, whether at home or at work. Byte Sized Security is the podcast that provides snackable advice on cybersecurity best practices tailored for professionals on the go. Hosted by information security expert, Marc David, each 15-20 minute episode provides actionable guidance to help listeners safeguard their devices, data, and organizations against online threats. With new episodes released every Monday, Byte Sized Security covers topics like social engineering, password management, multi-factor authentication, security awareness training, regulatory compliance, incident response, and more. Whether you're an IT professional, small business owner, developer, or just someone interested in learning more about cybersecurity, Byte Sized Security is the quick, easy way to pick up useful tips and insights you can immediately put into practice. The clear, jargon-free advice is perfect for listening on your commute, during a lunch break, or working out. Visit bytesizedsecurity.com to access episodes and show notes with key takeaways and links to useful resources mentioned in each episode. Don't let cybercriminals catch you off guard - get smart, fast with Byte Sized Security! Tune in to boost your cybersecurity knowledge and help secure your part of cyberspace.

Listen to episodes

43 recent

June 1, 202611 min

Ep43: The Best Personality Traits for Working in Cybersecurity

Episode Summary:A Reddit thread on r/cybersecurity asked a simple question: what's the best personality trait for working in cyber? The answers — with hundreds of upvotes — weren't about hacking or certifications. They were about curiosity, patience, humility, staying calm under pressure, and empathy. Marc walks through each trait with personal stories from 8+ years of building teams, hiring, and working incidents at 2 AM.Key Topics Covered:Curiosity — the #1 answer by a wide margin; the trait that makes you dig into a log line everyone else shrugs offPatience — explaining technical risk to non-technical people without making them feel stupid, because if you do, they stop reporting incidentsHumility — saying "I don't know, but I'll figure it out" beats bluffing every time; ego is the worst trait in the fieldCalm under pressure — incident response at 2 AM, zero-days on Friday afternoons, breaches that keep growing; staying focused when everything is on fire matters more than any certEmpathy and kindness — cybersecurity is a people problem wrapped in a technology problem; being technically right doesn't matter if nobody wants to work with youThe uncomfortable truth — ADHD, burnout, trauma-induced hypervigilance; the always-on mindset is a strength until it isn'tMain Takeaways:Technical skills are trainable — tools, frameworks, scripting languages, detection logic are all learnable, especially with AISoft traits like curiosity, patience, and empathy are harder to develop and are what separate people everyone wants on their team from people nobody wants to work withIf you're thinking about getting into cybersecurity, don't ask "am I technical enough?" — ask "am I curious enough to keep learning?"The best cybersecurity professionals aren't the ones who sprint the hardest — they're the ones still there in five yearsTimestamps:[0:00] Introduction — the Reddit thread that started it all[0:58] Curiosity — the #1 answer and why it matters[2:41] Patience — the art of explaining things without condescension[3:58] Humility — why "I don't know" is a superpower[5:15] Calm under pressure — the difference between a skill and a warning sign[6:28] Empathy and kindness — the most surprising and important trait[7:49] The uncomfortable part — burnout, ADHD, and mental health in cyber[9:11] Final thoughts — what really separates the best from the restTools & Resources Mentioned:Reddit Thread: Best Personality Type/Traits for Working in Cyber---I do hope you enjoyed this episode of the podcast. Here are some helpful resources including any sites that were mentioned in this episode.--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

July 5, 20256 min

Ep42: Three Privacy Actions You Need Today

# Byte Sized Security Show Notes## Episode Title: 3 Immediate Actions to Protect Your Privacy Today## Episode Summary:In this episode of Byte Sized Security, host Marc David outlines three practical, actionable steps to enhance your privacy protection immediately. With data breaches nearly doubling in 2024 and companies like AT&T and Ticketmaster experiencing massive exposures, these privacy protection measures aren't just theoretical—they're essential defenses against real threats.## Key Discussion Points:* The alarming state of data breaches in 2024: 10,626 confirmed breaches, nearly double from previous year* Major breaches highlighted: AT&T (73M records), Ticketmaster (560M users), National Public Data (2.9B records)* The average breach costs $4.88 million, or $165 per stolen record* **Step 1**: Enable two-factor authentication everywhere * 2FA stops 99.9% of automated attacks * Use authentication apps instead of SMS * Save backup codes in a safe place* **Step 2**: Audit your privacy settings * Detailed walkthrough for Facebook, Instagram, Twitter/X, and LinkedIn * Phone settings review for both iOS and Android * Revoking unnecessary app permissions* **Step 3**: Protect your connection and digital footprint * Using a VPN to encrypt connections and mask browsing * Reviewing and cleaning your digital footprint * Opting out of data broker sites * Deleting old, unused accounts* The importance of ongoing privacy maintenance## Tools and Resources Mentioned:* **Authentication Apps:** * [Google Authenticator](https://googleauthenticator.net/) * [Authy](https://authy.com/)* **Recommended VPN Services:** * [NordVPN](https://nordvpn.com/) * [ExpressVPN](https://www.expressvpn.com/) * [Surfshark](https://surfshark.com/)* **Data Broker Removal Services:** * [DeleteMe](https://joindeleteme.com/) * [Privacy Bee](https://privacybee.com/) * [Optery](https://optery.com/)* **Data Broker Sites to Opt Out From:** * [Whitepages](https://www.whitepages.com/) * [PeopleFinder](https://www.peoplefinder.com/) * [Spokeo](https://www.spokeo.com/)

July 3, 20253 min

Ep:41 Beware: Your Top VPN App May Be a Chinese Government Spy

Episode Summary:In this episode, we explore the alarming discovery that many of the top-rated VPN apps on the App Store and Google Play are secretly owned by Chinese companies. These VPNs pose a serious risk to user privacy and security, as Chinese law requires them to hand over all user data to the government without justification.Key Topics Covered:- Chinese-owned VPN apps masquerading as legitimate services- Lack of transparency and disclosure around company ownership- Risks of user data being accessed by the Chinese government- Failure of app stores to properly vet and regulate these VPN apps- Importance of researching VPN providers before using themMain Takeaways:- Many popular VPN apps are secretly owned by Chinese companies, creating a significant risk to user privacy and security.- App stores like the App Store and Google Play are not properly vetting and regulating these potentially compromised VPN apps.- Users must do their own research to ensure the VPN they are using is trustworthy and not owned by a company with ties to the Chinese government.Timestamps for Major Topics:- 0:00 - Introduction to the issue of Chinese-owned VPN apps- 1:30 - Examples of top-ranked VPN apps with hidden Chinese ownership- 3:00 - Explanation of the legal requirements for Chinese companies to hand over user data- 4:30 - Lack of action by app stores to remove or label these problematic VPN apps- 6:00 - Importance of user research and caution when selecting a VPN provider---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

May 30, 20254 min

Ep40: The AI Layoff Apocalypse Has Already Started — And You’re Next

The Imminent AI Job Crisis: Are You Prepared?This episode highlights the alarming prediction by Dario Amodei, CEO of Anthropic, that AI could eliminate half of all entry-level white-collar jobs within the next one to five years, potentially raising U.S. unemployment to 20%. While major companies are quietly adopting advanced AI systems, the public and lawmakers remain largely unaware or in disbelief. The episode discusses the impacts of AI on various industries and jobs, stressing the need for urgent action such as an AI 'token tax,' real-time job replacement tracking, legislative briefings, and worker reskilling programs. The message is clear: the AI job crash is imminent, and proactive measures are essential to mitigate its effects.00:00 The Impending Disappearance of White-Collar Jobs00:37 Real-World Examples of AI-Induced Job Cuts01:03 The Rise of AI Agents in the Workplace01:30 The Alarming Capabilities of Advanced AI01:48 Public Response and the Threat to Democracy02:32 Proposed Solutions to the AI Job Crisis02:57 The Urgency of Immediate Action03:06 Conclusion: Preparing for the AI Job Crash---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeBehind the Curtain: A white-collar bloodbath--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

May 27, 20252 min

Ep39: AI in the Workplace: Adapt or Be Replaced

Adapt or Replace: How AI is Changing Entry-Level Job MarketsAI has already impacted the job market significantly, particularly affecting entry-level positions. The script highlights that entry-level hiring has decreased due to the integration of AI, which automates routine tasks. Companies are reconsidering traditional roles and opting for more efficient AI solutions. Job seekers are faced with two choices: compete against AI or learn to leverage it to improve productivity. The script emphasizes the importance of mastering AI tools to stay relevant in the workforce and outlines steps to integrate AI proficiency into daily routines and resumes.00:00 AI Isn't Coming for Your Job00:02 The Impact of AI on Entry-Level Jobs00:18 Automation and Workflow Changes00:39 Adapting to the AI Revolution00:46 The Future of Work: Competing with AI01:07 Embracing AI Tools for Success01:15 The Consequences of Ignoring AI01:31 Final Thoughts: Adapt or Be Replaced---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

May 19, 20253 min

Ep37: Deepfakes and Digital Deception: The 2025 Threat

**Episode Summary:**Marc David dives into the rapidly evolving world of deepfakes and digital deception, projecting forward to 2025. The episode explores the alarming growth in deepfake use, driven by accessible AI technology and user-friendly tools. Mark discusses the severe consequences for businesses (e.g., fraudulent CEO announcements, financial scams like the Polish bank incident), politics (e.g., election manipulation), and personal lives. The discussion also covers emerging solutions, including AI-powered detection tools like those from MIT's DeepTrace Lab, the role of regulations like GDPR, and practical steps listeners can take, such as using verification software like Truepic. The core message is the importance of vigilance and questioning the authenticity of digital content.**Key Discussion Points:*** **The Explosion of Deepfake Use (00:21):** * A 900% increase in deepfake videos was found by Sensity researchers in 2021. * The problem is projected to have quadrupled by 2025.* **Drivers of the Deepfake Surge (00:35):** * Accessible and user-friendly AI technology. * Cheaper software accelerating spread.* **Impact on Businesses (00:48):** * Potential for CEO deepfakes to announce fraudulent mergers or layoffs. * Real-world example: A Polish bank lost millions in 2023 due to a deepfake scam involving an urgent fake call to redirect funds.* **Impact on Politics (01:10):** * Deepfakes manipulating elections (e.g., doctored videos of candidates). * Erosion of voter trust.* **Current Preparedness & Solutions (01:21):** * We are not yet fully equipped, but solutions are evolving. * **Detection Tools (01:25):** AI systems learning to recognize deepfakes by detecting minute digital artifacts. * MIT's DeepTrace Lab: Provides tools analyzing AI generation flaws. * **Policy and Regulations (01:42):** * Europe's GDPR now covers AI-generated media. * The US is considering similar steps.* **What You Can Do (01:52):** * Stay informed. * Report suspicious content. * Support legislative actions against deepfakes. * Use available verification tools.* **Today's Takeaway (02:04):** * Be vigilant. * Question authenticity until trust is verifiable.**Tools & Sites Mentioned:*** **Sensity:** (Research mentioned from 2021 regarding the 900% increase in deepfake videos). Sensity was an AI threat intelligence company, later acquired. The research highlighted the scale of the problem.* **MIT DeepTrace Lab:** A research initiative at MIT focusing on detecting deepfakes and manipulated media. * Website: [https://deeptrace.csail.mit.edu/](https://deeptrace.csail.mit.edu/)* **GDPR (General Data Protection Regulation):** Europe's privacy and data protection law, now addressing AI-generated media. * Official Information: [https://gdpr-info.eu/](https://gdpr-info.eu/)* **Truepic:** A company offering photo and video verification technology. * Website: [https://truepic.com/](https://truepic.com/)------I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

February 3, 202521 min

Ep36: DeepSeek AI – The Real Issue Isn't China, It’s AI Security

AI Security and Competition: Unpacking the Debate Around DeepSeekThis episode delves into the controversy surrounding DeepSeek, a Chinese AI considered by some as a national security threat. It questions whether this stance is legitimate or merely a tactic by big tech to stifle competition. The episode highlights multiple security breaches across the AI industry, including OpenAI and Google, arguing that the core issue lies in how AI handles security rather than its origin. The discussion also explores the suspicious uniformity in the anti-DeepSeek narrative, the potential motivations of big AI corporations to maintain monopolies, and the necessity of reading AI privacy policies. Additionally, the episode critiques the U.S. response to AI competition, drawing parallels to historical moments like the Sputnik era, and advocates for stronger AI security regulations and more open-source innovation. Listeners are encouraged to reflect on whether the fear of DeepSeek is justified or manipulated by big tech interests.00:00 Introduction: The DeepSeek Controversy00:08 Data Leaks: A Global Issue00:39 The Suspicious Narrative Against DeepSeek01:24 Big AI's Fear of Open Source01:35 Smart AI Usage Tips02:29 The Real Issue: AI Governance03:15 The AI Moat Playbook04:08 Big Tech's Control Over AI05:49 The Global AI Competition09:45 Security and Privacy Concerns17:22 Conclusion: The Future of AI---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeDeepSeek Privacy Policy - The DeekSeek Privacy Policy--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

January 14, 20253 min

Ep35: So TikTok might manipulate Americans?

The Double Standards of Social Media Manipulation: Facebook vs. TikTokThis episode delves into the contrasting treatment of Facebook and TikTok concerning data manipulation and national security. It highlights the documented case of Facebook's data misuse with Cambridge Analytica, affecting 87 million Americans, and questions why similar scrutiny isn't applied to domestic companies. The script challenges the narrative around TikTok's possible threats, urging viewers to consider the double standards in regulatory actions against social media manipulation.00:00 Introduction: The Manipulation Debate00:02 The Facebook-Cambridge Analytica Scandal00:43 The Double Standards in Social Media Manipulation01:02 Questioning the Real Threat01:30 Conclusion: Addressing Double Standards---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

January 13, 20252 min

Ep34: They say TikTok is dangerous... but look who's talking

The Real Threat of TikTok: Manipulation by Any OwnerThe video discusses the controversy surrounding TikTok and the calls to ban it due to national security concerns. It questions the hypocrisy of other social media giants like Facebook and Twitter (now X) which have also manipulated users for profit. The script emphasizes that the issue isn't the country that owns TikTok, but rather the potential for manipulation by any corporation. The discussion highlights that banning social media isn't the solution and points out that corporate greed remains the true threat, affecting trust in these platforms.00:00 Introduction: The TikTok Controversy00:16 The Hypocrisy of Social Media Giants00:44 The Real Question: Who Controls TikTok?01:01 Conclusion: The True Threat of Manipulation---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.--Sites Mentioned in this EpisodeCambridge Analytica - Wikipedia--Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

November 6, 20244 min

Ep33: Do you really need to know Python or coding to be a great cybersecurity engineer?

Do You Need Coding Skills to Succeed as a Security Engineer?In this episode, we debunk the myth that coding expertise, particularly in Python, is essential for success in cybersecurity engineering. While many claim that coding skills are a gatekeeper in this field, the reality showcases a wide array of roles such as governance, risk and compliance (GRC), security awareness, and SOC analysis, which do not require deep coding knowledge. The ability to write simple, logical instructions can be helpful, especially in application security or cloud engineering roles. However, mastering core cybersecurity skills like threat modeling, vulnerability assessment, and incident response often has a greater impact. Additionally, AI tools are making coding tasks more accessible. We encourage you to focus on the skills that matter most for your desired cybersecurity role and not be deterred by the myth of mandatory coding expertise.00:00 Introduction: Do You Need to Know Python for Cybersecurity?00:06 Debunking the Coding Myth in Cybersecurity00:26 The Role of Coding in Specific Security Roles00:59 Core Skills Beyond Coding01:07 Non-Coding Roles in Cybersecurity01:34 The Impact of AI on Coding in Cybersecurity02:12 Essential Skills for Cybersecurity Professionals02:38 Encouragement for Aspiring Security Engineers---I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.----Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:Listen to Byte Sized Security --Support this Podcast with a Tip:Support Byte Sized Security --If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

Is this your show?

Claim this listing to keep it up to date, reach guests who want to pitch you, and manage bookings with Guestify.

Claim this listing

More Technology podcasts

SowGrow Marketing Council

sgmc

BusinessMarketing

Toldjya Finance Podcast

Zac Huish, Cameron Cooke, and Paul Lamb

BusinessInvesting