Podcast Archives - Page 2 of 6 - Cyber Protection Magazine

The problem with proxies

Lou Covey October 31, 2025

Proxies are absolutely crucial to the operation of the internet, but they also represent a clear and present danger to users. Finding that balance is pretty much a full-time job for cybersecurity. The recent Amazon Web Services (AWS) and Microsoft Azure outages are good examples of that.

Amazon explained the outage was caused by “failing intermediaries” monitoring system health, preventing proper traffic routing. Another word for intermediaries is “proxies”. When the monitoring subsystem malfunctioned, health check updates were not propagated properly, causing backend servers to appear offline even when they were active, which invalidated DNS lookups. This created a cascading failure.
Likewise, the Azure outage was caused by a misconfiguration of the proxy Front Door, a global entry point for content delivery network functionality, load balancing, and application acceleration.

How Proxies Function

When a user wants to access a website, the request goes to the proxy server instead of going directly to the internet. The proxy server receives the request, then forwards it to the target website. It modifies the request header to hide the user's original IP address.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

Bolaji Ojo and renewed importance of the press

Lou Covey October 23, 2025

Technology journalism, like the rest of journalism,has struggled for most of the 21st century. The advent of AI generated content his restoring the value of professional journalists. It is crucial not just to democracies but to business success.

One of the most prolific and successful technology journalists is Bolaji Ojo. He has headed editorial efforts for the EETimes, AspenCore Media, the recently closed Ojo-Yoshida Report and the now-defunct EBN. Some of those titles may be foreign to people in the cybersecurity world, but not to executives in the electronics world that cybersecurity rests upon. Cyber Protection Magazine's chief editor talked with him this week.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here

Statue of blind justice holding unbalanced scales

Deepfakes in legal fraud unaddressed

Lou Covey August 28, 2025

Stopping fraud is a major focus of cybersecurity is criminal fraud. Largely, the industry is winning that war. Nowhere is that protection more successful than in combatting deepfake crime, even though industry marketing is geared to promote fear over success. Where deepfakes are causing the real problem is in legal fraud.

Digital fraud represents 0.02 percent of all fraud claims according the National Crime Insurance Bureau (NCIB). While there is evidence that criminal use of AI is increasing the number of attacks, the number of successful attacks is too low to warrant recording.

Deepfake crime a trifle

The FBI’s Internet Crime Complaint Center (IC3) lumps all forms of online fraud into a single category. Even so, the IC3 fielded 859,532 complaints of suspected internet crime in 2024. Of those complaints, 256,256 incidents resulted in actual monetary losses, representing an average loss of $19,372 per complaint. Overall, the reported losses exceeded $16.6 billion, a 33% increase from 2023. However, the top three cybercrimes in 2024 reported to IC3 were phishing/spoofing, extortion, and personal data breaches. None of those required the use of deepfake technology, and rarely did.

Extrapolating the data from NCIB with IC3’s indicates successful deepfake fraud cases were less than 50 in total in 2024 with 94% of those occurring during a spike of activity between November and December 2024.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

NASA rendering of newly discovered black hole, analogous to the black hole in AI agents

AI chaos creates MCP hole

Lou Covey August 14, 2025

The AI industry is an absolute mess. The technologies necessary for its operation are siloed and opaque to customers without the technical skills to understand them. The chaos of model context protocol (MCP) adoption is a case in point.

Anthropic’s created MCP and released last November). The companies chatbot, Claude, said the protocol “bridges the gap between AI models and the external world.” More simply, it is an AI application integrator. MCP servers are supposed to do this securely without giving access to sensitive areas of a user's computer or network. Multiple reports from security researchers say it fails miserably in that effort. That makes current agentic AI technology development dangerous. Undaunted, corporate momentum and boardroom ignorance is driving it forward.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

Cybersecurity companies underinsured?

Lou Covey July 22, 2025

Data breaches are a major concern to businesses and governments around the world. So one would think that carrying cyber insurance would be a given. It is not, especially for one particular classification of industry: Cybersecurity.

According to Munich Re, a risk analysis firm, 87% of companies lack coverage. Ransomware payouts doubled to $1.1B in 2023, according to Chainalysis. That’s probably why the cyber insurance industry is booming. The market hit $14B in 2023 and is set to double to $29B by 2027.

Large firms are more likely to carry insurance than small to medium companies (SMCs), even though they are more likely to be targeted by cybercriminals. However, small companies are more likely to carry much larger limits than larger companies.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here

An evolution of bots from ELIZA, to worms and viruses, to the king of Bots Elon Musk

A brief history of bots

Lou Covey June 5, 2025

Bots have been around for more than half a century to automate repetitive tasks and provide services on early internet platforms. The first was ELIZA, developed as a research project in 1966 at the Massachusetts Institute of Technology (MIT) the goal was to simulate conversations with a human being. ELIZA conversed with users, although it did not understand what the user was saying. Artificial intelligence chatbots are much more sophisticated versions of ELIZA, but still lack human comprehension.

Bots not replacements

The purpose of ELIZA was to determine if computers could replace psychoanalysts. Consequentially, it was the first time the prediction that computer could replace humans had some hard evidence. Today, there are mental-health AI applications with not much better results than ELIZA but projected to have a $8 billion market by 2032.

In 1988, the earliest broad use of bots was Internet Relay Chat (IRC) automating user list management, searches, and providing services like weather updates or game scores. But these were not known as bots at the time. They were called automations and still required a human interface to operate,

Premium Membership Required

You must be a Premium member to access this content.

Join Now

Already a member? Log in here

Chicken Little story as metaphor for fals statistics

‘Chicken Little’ marketing with bad statistics

Lou Covey May 30, 2025

Like most companies, the cybersecurity industry uses bad or misleading statistics to frighten customers into buying their products and services….……more...

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here

Zero Trust: easy concept, hard to implement

Lou Covey May 23, 2025

Last week, Dr. Zero Trust, AKA Dr. Chase Cunningham, posted in Linkedin that he was fed up with people who say they don’t understand Zero Trust. To a certain extent, I feel his frustration.
Journalists understand the concept. We have a decades-old saying, “If your mother says she loves you, check it out.” It doesn’t get more zero trust than that.
The problem is that while it’s easy to understand as a concept, it isn’t easy to build a zero trust infrastructure, especially with the misleading gobbledygook most cybersecurity companies put out. Cunningham says there are hundred of books and articles on the subject. He’s right, of course. The question is, which one do you choose?
At the RSAC Conference, We sat down and briefly talked with Dale Hoak, CISO for RegScale, about how easy it is to understand Zero Trust

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here

Schneier predicts “public” LLMs

Lou Covey May 9, 2025

ibuted and democratic, according to renowned security technologist, Bruce Schneier, not controlled by corporations. Developments in the past few weeks indicate he may be right.

Speaking at the RSAC Conference in San Francisco last week, Schneier talked of trust and how we give it to people, strangers, organizations, and technology. His description of that process predicted the development of artificial intelligence controlled almost exclusively by the user, rather than the dystopian corporate AI replacing humanity.

Donald Trump setting fire to US Constitution at leaders summit

Commentary: Is the US the new ‘Axis of Evil’?

Lou Covey April 16, 2025

Ordering investigations and revoking security clearances for former CISA director Chris Krebs, along with several other employees of federal contractormore