Leadership today demands more than vision and execution. It requires the ability to protect people, data, and trust in an increasingly hostile digital environment.
In this episode, Craig Andrews sits down with Robert Siciliano, a leading authority on identity theft, cybersecurity, and personal risk management. Robert breaks down why security is no longer an IT issue—it’s a leadership responsibility. He explains how leaders who ignore cyber and identity risks expose their teams, customers, and brands to avoidable damage.
Robert shares how strong leaders think proactively about risk, build security-aware cultures, and make prevention part of everyday operations. He also outlines common mistakes executives make when they assume security can be delegated or delayed. The conversation focuses on decision-making under uncertainty, accountability, and the leadership mindset required to stay ahead of evolving threats.
This episode challenges leaders to rethink how they define responsibility, resilience, and preparedness. If you lead a team, a company, or a growing organization, this conversation will change how you approach risk—and how seriously you take your role in protecting what matters most.
Want to learn more about Robert Siciliano's work? Check out their website at https://protectnowllc.com/.
Connect with Robert Siciliano on LinkedIn at https://www.linkedin.com/in/robertsiciliano.
Key Points & Time Stamps
- 00:00–03:10 – Why security has become a leadership issue, not a technical one
- 03:11–07:45 – The leadership risks of underestimating cyber and identity threats
- 07:46–12:30 – How strong leaders think proactively instead of reactively
- 12:31–17:20 – Building a security-aware culture inside organizations
- 17:21–22:10 – Common leadership mistakes around risk and delegation
- 22:11–26:40 – Accountability, trust, and decision-making under uncertainty
- 26:41–30:00 – Practical leadership takeaways for protecting people and brands
Transcript
00;00;05;20 - 00;00;30;20
Craig Andrews
I was in a coma for six weeks while the doctors told my wife I was going to die. When I woke up, she told me the most fantastic story. My team kept running the business without me. Freelancers reached out to my team and said, we will do whatever it takes. As long as Craig's in the hospital. I consider that the greatest accomplishment in my career.
00;00;30;23 - 00;00;51;18
Craig Andrews
My name is Craig Andrews and this is the Leaders and Legacies podcast where we talk to leaders creating an impact beyond themselves. At the end of today's interview, I'll tell you how you can be the next leader featured on this show.
00;00;51;20 - 00;01;20;04
Craig Andrews
Today I want to welcome Robert Siciliano . Know he is the co-founder of ProtectNow. they're a prominent security firm. He's a prominent security expert. And he champions security appreciation ever mere security awareness as the key to building the strategic strategic human firewall. That sounds interesting. If you're in business, you are a threat. It doesn't. You're you have a threat.
00;01;20;11 - 00;01;24;08
Craig Andrews
It doesn't matter the size that you are. If you look at the statistics,
00;01;24;11 - 00;01;35;25
Craig Andrews
small businesses are the subject of cyber attacks way more than the large businesses. And so if you have a business, this is something to pay attention to. Robert, welcome.
00;01;35;27 - 00;01;38;16
Robert Siciliano
Hey, thanks so much. I happy to be here.
00;01;38;18 - 00;01;55;15
Craig Andrews
Yeah. And let's start there. I mean, I think there's a misunderstanding of who's who's under attack and who's, you know, who needs to be on guard. And I think a lot of small businesses think nobody cares about me. Nobody's going to hack into me.
00;01;55;18 - 00;01;57;23
Craig Andrews
What's been your experience?
00;01;57;26 - 00;02;19;02
Robert Siciliano
Everybody small, large, medium, whatever. Every human wants to believe that they're not going to be targeted under attack. We we as humans, fundamentally do not actually believe in security, like security goes against our core beliefs. And so you if you are running a small business, you would just much rather think that these things can't or won't happen to me.
00;02;19;02 - 00;02;40;11
Robert Siciliano
Like denial is something that we function in on a pretty regular basis that allows us to deal with all of the anxiety and stress and threats that we encounter pretty much all day, every day. Denial is there to kind of insulate us from having to think about, you know, bad actors targeting and choosing us.
00;02;40;13 - 00;02;58;11
Craig Andrews
Well, I think, you know, I think there's a bit of a mentality and it's kind of like the Barrett scenario, you know, you don't have to run faster than the bear, just faster than the guy next to you who's also running from the bear. And I think a lot of business owners just think I'm too small. The matter.
00;02;58;13 - 00;03;07;14
Craig Andrews
You know, the hackers are out there, they're going for the Walmarts, the targets, you know, the, the big companies. And I'm not even on their radar.
00;03;07;16 - 00;03;08;20
Robert Siciliano
Yeah, I think so.
00;03;08;22 - 00;03;10;00
Craig Andrews
And what's that?
00;03;10;02 - 00;03;12;14
Robert Siciliano
That's so wrong.
00;03;12;17 - 00;03;13;09
Craig Andrews
Okay.
00;03;13;12 - 00;03;17;00
Robert Siciliano
Yeah. I mean, their perspective is wrong is my point.
00;03;17;03 - 00;03;21;01
Robert Siciliano
And sorry for interrupting. So, like, I just got done speaking to,
00;03;21;01 - 00;03;27;05
Robert Siciliano
a number of small businesses over the fall. You know, it's my busy season. One after the other.
00;03;27;09 - 00;03;34;25
Robert Siciliano
People coming up to me, you know, companies that are, you know, doing, you know, between, you know, a half million in ten, 15 million a year.
00;03;34;26 - 00;04;03;07
Robert Siciliano
Okay. So small businesses, right? And over and over and over again, I kept hearing like, yeah. So one of our vendors, they must have got hacked because every month, like clockwork, we were getting their invoices from their actual email to pay the bills. And every month we pay our vendors, we paid the bills. And after like 3 or 4 months, we get, you know, phone calls and emails and letters from the vendors saying, hey, how come you haven't paid us in 3 or 4 months?
00;04;03;10 - 00;04;31;16
Robert Siciliano
And they're like, what are you talking about? Like, we've been paying you month after month and like, no, we haven't received anything because the vendors email was compromised and the bad guys were inside the actual communications inside the email and sending invoices with banking information that benefited the criminal organization. And I just see that over and over and over again because we're all using the same passcodes across multiple accounts.
00;04;31;19 - 00;04;37;03
Robert Siciliano
We're not using two factor authentication, like we're not doing all the basic things that,
00;04;37;06 - 00;04;57;25
Robert Siciliano
are required, you know, digital literacy in regards to cyber hygiene that are necessary and fundamental to make sure that you're not paying the bad guy for invoices that you know are benefiting the bad guy. Like nobody is clued into that the way that they should.
00;04;57;28 - 00;05;08;14
Robert Siciliano
They think that security is somebody else's responsibility, that they're not going to be targeted. Well, you got a pulse, you got a bank account, you're targeted.
00;05;08;16 - 00;05;11;10
Craig Andrews
And.
00;05;11;12 - 00;05;17;06
Craig Andrews
It's very fascinating. And I mean everything I've seen I mean I've actually sat in the room with
00;05;17;06 - 00;05;20;24
Craig Andrews
with a major insurance carrier and talking,
00;05;20;26 - 00;05;21;21
Craig Andrews
with one of their,
00;05;21;21 - 00;05;22;11
Craig Andrews
one of their,
00;05;22;13 - 00;05;32;25
Craig Andrews
brokers and listened to some of the stories and they it just blew my mind away. I mean, I've heard things as small as a simple food truck being a victim of,
00;05;32;25 - 00;05;36;00
Craig Andrews
you know, a cybersecurity attack.
00;05;36;03 - 00;06;19;22
Robert Siciliano
Yeah. So there have been 175 billion records compromised in the past 15, 20 years, meaning, like names, addresses, phone numbers, personal identifying information, social security numbers, usernames, passcodes of the 175 billion records compromised in the past 15 to 20 years, about 15 billion of those records are in fact, passwords, right? So what does that mean? It means that, like statistically, about 94% of the passwords that are out there that are that are on the dark web, that are exposed from all the data breaches, you can see when you kind of sort through them that they're all like the same passcodes, like we're all using, like, you know, the name of our kids with a few
00;06;19;22 - 00;06;49;09
Robert Siciliano
extra characters. We're using one, two, three, four, five, six. We're using the word quality, which is keystrokes across the keyboard. We're using, you know, password and password one, or we're just using the same passcode that we developed across ten different accounts. And any one of those accounts gets compromised while the bad guys aren't hacking like everybody thinks, or at least not as often as they used to, what they're doing today is you're just logging in and once they log into your accounts, they own you.
00;06;49;13 - 00;06;56;05
Robert Siciliano
Especially if they log into your email, they log into your email. They can reset the passcode on all your critical accounts.
00;06;56;07 - 00;07;12;06
Craig Andrews
Yeah, yeah. And I you know, years ago, of course, the big scandal was Hillary Clinton having her emails hacked. And the story I remember hearing about it wasn't that he was using some, some advanced algorithm.
00;07;12;09 - 00;07;20;08
Craig Andrews
He guessed it. And it was based off something that you were talking about. It was some name or date or something that was personal to her.
00;07;20;11 - 00;07;24;25
Craig Andrews
And that's how that's how a hacked or hacked into the Secretary of state's web,
00;07;24;28 - 00;07;25;22
Craig Andrews
email.
00;07;25;25 - 00;07;41;05
Robert Siciliano
Yeah. And, you know, there's there's all kinds of ways in which they can get in, but that doesn't mean that we throw our hands up in the air and go, oh, you know, they're going to get it. And if they want to get in, they can get in. There's nothing I can do. That's not that. We call that a fatalistic attitude towards security.
00;07;41;08 - 00;08;09;11
Robert Siciliano
And that's not effective. Fatalism is not effective anywhere in the course of life. You know, just giving up, in life and in business. But there's a number of things, layers of protection that you can put in place to, to become a tougher target, to become hardened. So, for example, you know, I asked my audiences when I get in front of a live group, like I asked them a lot of qualifying questions also to get the conversation going, because my programs and presentations are a dialog versus like a monologue, I'm not talking at them.
00;08;09;16 - 00;08;23;08
Robert Siciliano
We're having a conversation. And in that conversation, I kind of raise my hand because I know what my answer is going to be. And I asked them, like, how many of you were using a different passcode across each account? And if I get 15% of the room to raise their hand and say, yeah, I'm using a different passcode, that's a lot.
00;08;23;12 - 00;08;43;16
Robert Siciliano
Which means that, you know, 80 plus percent are using the same passcode and the same breath. How many are you are using two factor authentication. If I get 15 to 20% of the room again, that's a lot. So 80% of the general public is not using two factor and they're using the same passcode. And then you know how many are you are using a password manager.
00;08;43;16 - 00;08;48;28
Robert Siciliano
If I get 10% of the room that's a lot. So these basic, you know, 101,
00;08;49;01 - 00;09;04;24
Robert Siciliano
risk reduction strategies, you know, two factor change app passcodes, password manager are not being considered because human beings first and foremost, we don't want to think that security bad things can happen to us. And that all boils down to our biology. Right?
00;09;04;24 - 00;09;28;04
Robert Siciliano
So biology actually plays a huge role in security, right? My philosophy is and has always been that all security is personal. And what that basically means is that it all starts with you, with your physical being preventing violence and then protecting your identity, you know, which is doesn't get more personal than that. But we resist security because we are what is called as humans in interdependent species.
00;09;28;04 - 00;10;02;16
Robert Siciliano
And what that means is we depend on each other for our survival, for our procreation. Right. And as an interdependent species, the basis of that means that we need to trust each other. Trust is our foundation. Without trust, like we would be afraid and never get with anybody, so to speak. You know what I mean? So as social creatures, we require that we trust each other, and that means that we don't necessarily think about a want to think about or believe that there are bad actors or bad people out there that mean to do me harm.
00;10;02;18 - 00;10;10;02
Robert Siciliano
So instead of like recognizing that that's a possibility, we basically like just kind of function in a level of denial, like, you know, we've discussed,
00;10;10;05 - 00;10;28;09
Robert Siciliano
and that is problematic because that resistance to security prevents us from just doing these basic, basic things. That I see as the biggest problem with not just small businesses, big the employees at these businesses and in our own personal security at home.
00;10;28;17 - 00;10;55;10
Robert Siciliano
So when I ask those questions, it's not just at work, it's at home too. And if security was presented at work as, okay, how this affects you as an individual. Personally, I think employees would do a more effective job at protecting their data at work when they understand how to protect their data at home, their own identities, their credit, you know, their bank accounts, their information.
00;10;55;12 - 00;11;01;29
Craig Andrews
Yeah, I I'm curious, how did you I mean, obviously, you're very passionate about this. How did you get into this?
00;11;02;01 - 00;11;26;12
Robert Siciliano
Yeah. My path is unlike most. So all the time, you know, how did you get into talking about cybersecurity? You form a law enforcement, FBI, Secret service, military, like what's what's your background, man? I'm like, I, I'm a kid from the streets of Boston, okay? And I just saw stuff and I understood it just made sense to me early on what?
00;11;26;14 - 00;11;38;28
Robert Siciliano
Look at. I was in downtown Boston at the age of 12. My dad let my brother and I go into town to do some shopping for Michael's birthday. And like, 12 years old, we could do that back then, you know, which is a long time ago.
00;11;39;01 - 00;11;44;27
Robert Siciliano
As soon as you get off the train, five kids jumped us in, mugged me and took my money.
00;11;45;00 - 00;12;05;02
Robert Siciliano
I was unprepared for that. Okay? And I learned when I went home and said, dad, like, what? You know, he he's like, oh, all right, let's sit you down. Let's discuss. And I learned that like those boys were the lion or the lions or the wolves, and I was the rabbit or the gazelle. Right. And I was like, all right, all right.
00;12;05;02 - 00;12;23;22
Robert Siciliano
And and from that point on, I began to see the world a little bit differently. But then when I was 13, I met a girl like a summer camp, and she liked me, and I liked her like my first crush. And one day we were we get off the bus after camp, you know, and we're sitting on our front stairs and we're having a conversation, and I see her start to get upset.
00;12;23;24 - 00;12;44;17
Robert Siciliano
And I was like, what's wrong? And she said, I think you should know that my mother's boyfriend raped me. Now, this is 45, 46 years ago. You know, I was just 13 years old and we didn't know about sex back then. I just wasn't a thing. And so I go home and I say, dad, like, what is rape?
00;12;44;19 - 00;12;49;05
Robert Siciliano
And I learned about the birds and the bees and forcible rape and the exact same conversation.
00;12;49;10 - 00;12;50;22
Craig Andrews
Oh, wow.
00;12;50;24 - 00;13;12;15
Robert Siciliano
And so that had a profound effect in the way I view the world, those two situations. And so from that point on, like that was just like that was my focus. In 1995, I had a small business teaching personal protection to real estate agents who are murdered because they're, you know, soccer moms and NASCAR dads that have no formal security training in open houses and basements.
00;13;12;17 - 00;13;15;28
Robert Siciliano
And so I've been teaching realtor safety for, you know, 30 years.
00;13;16;01 - 00;13;26;18
Robert Siciliano
Personal security has always been my thing. And I had a small mail order business at the time selling product, like, you know, videos on self-defense and everything, pepper sprays. And I had a,
00;13;26;18 - 00;13;36;07
Robert Siciliano
my first computer was an IBM WPS one consultant, which is the make and model with windows 3.0 and 150 megabyte hard drive.
00;13;36;10 - 00;13;40;16
Robert Siciliano
And I had a dial up connection to AOL. And,
00;13;40;16 - 00;13;59;18
Robert Siciliano
I had the ability to accept credit cards which which meant like I use my computer as the point of sale terminal. And I got hacked in 1995. And what that meant was I lost thousands and thousands of dollars through credit card fraud. And I did not know, like, what that was about.
00;13;59;18 - 00;14;26;14
Robert Siciliano
Like that was all brand new. Like, I had never heard of anything like that before for me, security, personal security was physical security. It was protecting yourself from physical violence, from muggers and thieves, burglars. But then to be stolen over the internet was a brand new thing. And I was upset, but I was, I was I was intrigued, like, how did they do that?
00;14;26;14 - 00;14;45;12
Robert Siciliano
Okay, I wanted to understand because if they could do that to me, they could do that to anybody. Like they made thousands of dollars off my back virtually in virtually the word virtually wasn't even a thing. It was the internet. It was dial up was AOL, the internet was AOL. And so from that point on, that became my focus.
00;14;45;12 - 00;15;18;08
Robert Siciliano
I mean, personal security was my focus and still is, but personal security then and still today means all security is personal, starts with a physical being. But then, of course, it's your identity, it's your data, it's your dollars, it's your passwords. And I've been presenting information like that then and today, because that's really where we should be coming from when it comes to protecting everything ourselves, our families, our businesses starts with you personal responsibility, personal security and all of that.
00;15;18;08 - 00;15;36;21
Robert Siciliano
So that that's where I come from. And I saw as it grew in the late 90s, identity theft became a thing. And then by the early 2000s, I started to see those data breaches left and right all over the place. And now, you know, 175 billion records. And here we are. And people say all the time, and I just give me one second.
00;15;36;27 - 00;15;58;21
Robert Siciliano
People say all the time, you know, like Robert, these hackers, they're so they're so sophisticated. If they could just take what they know and they could cure cancer. And I'm like, yeah, no. Because what I've learned in 30 plus years is that 97% of the people that you will ever meet, 97%, are worthy of your trust. They're good people.
00;15;58;23 - 00;16;21;25
Robert Siciliano
They may lie occasionally. They may deceive, but they're good people with good intentions. But there's about 2 to 3% of the world's population. And you can look all this up and figure it out, or I can guide you. But 2 to 3% are sociopaths and psychopaths. Hardcore narcissists? No empathy, no sympathy, no guilt, no remorse. They are the lions.
00;16;21;25 - 00;16;35;26
Robert Siciliano
We are the gazelle and they're not going to cure cancer because they don't care about curing cancer. They care about capitalizing on us, preying upon us. And that has not changed. It's only gotten worse.
00;16;35;28 - 00;16;38;29
Craig Andrews
You know, it's interesting you mentioned dial up a couple months ago.
00;16;39;02 - 00;16;52;08
Craig Andrews
I don't know if you know who Jason Calacanis is. He's one of the members of the Omen podcast. Yeah, it's one of the largest podcasts. He grew up in New York City, and he said that back in is either 1987 or 88. He,
00;16;52;08 - 00;16;56;05
Craig Andrews
he called the New York Public Library and said, hey, I'm from
00;16;56;07 - 00;16;58;18
Craig Andrews
I'm from it.
00;16;58;20 - 00;17;12;14
Craig Andrews
Can you give me the dial up number? And they gave him a dial up number that had virtually no security. And so he hacked into the New York City library system all the way back in 88, 87 with,
00;17;12;14 - 00;17;16;16
Craig Andrews
with a dial up modem. Yeah.
00;17;16;18 - 00;17;25;13
Robert Siciliano
The telephone still today is being used to look at. We are all good people and we respect authority. And somebody on the other end of the line poses as it,
00;17;25;13 - 00;17;35;19
Robert Siciliano
like most people's first reaction is I want to in need to give the benefit of the doubt. I trust by default and the phone calls I receive, the emails I get and the the text message I receive.
00;17;35;19 - 00;17;59;14
Robert Siciliano
I pretty much want to in need to trust that. Therefore, if you say you're it okay, you're right. Like that hasn't changed then or now. Back in 2023 two Uber got hacked. Uber massive technology company. An employee gets a text message from someone saying that they were it and needed his password. He gave up the password. Is he stupid?
00;17;59;14 - 00;18;16;02
Robert Siciliano
Is he gullible? Is he naive? No. He's human. He's normal. It's what people do. We're good people. We just want to help. We just want to do our job. And that's most people. That's 97% of us preyed upon by 3%.
00;18;16;04 - 00;18;17;20
Craig Andrews
Let's talk about a little bit about the,
00;18;17;20 - 00;18;21;10
Craig Andrews
the password loggers. So, I mean, I use one,
00;18;21;13 - 00;18;41;22
Craig Andrews
and I think they're built into the iPhone, but I'm shocked that today in 2026, it's that so few people are using those. And I'm shocked that companies don't have that is mandatory that you will use a you know, here's here's the company password logger, use it.
00;18;41;24 - 00;18;43;27
Robert Siciliano
Yeah. Password management is still a nightmare.
00;18;44;01 - 00;19;04;17
Robert Siciliano
Two factor authentication really is the best solution that we currently have to solve. The problem of password using the same passcode more than once. Two factor authentication makes that ubiquitous passcode useless to the thief. Because, you know, the bad guy needs to have your mobile phone in their possession, which they don't.
00;19;04;19 - 00;19;15;14
Robert Siciliano
Other than that, pass keys are the direction everything is going, but pass keys, which recognize you know, your device that recognize your IP address might recognize, like your devices. You know,
00;19;15;14 - 00;19;19;13
Robert Siciliano
IMEI or your device reputation and so on.
00;19;19;18 - 00;19;28;22
Robert Siciliano
And obviously, along with your passwords and a number of other factors, right. It looks for behavior. I mean, the pass keys really are the direction that everything is going.
00;19;28;24 - 00;19;33;17
Robert Siciliano
But, you know, we're still a ways away from that being fully ubiquitous and fully adopted.
00;19;33;20 - 00;19;37;03
Robert Siciliano
In the meantime, you know, we're stuck with, like, recognizing the basics.
00;19;37;06 - 00;19;38;21
Robert Siciliano
We don't do that. Well,
00;19;38;24 - 00;19;48;18
Robert Siciliano
and it's almost as if down the road it's going to have to be done for us as like, like kind of Google has pretty much implemented two factor authentication, whether you want to or not.
00;19;48;20 - 00;19;55;10
Robert Siciliano
Apple pretty much has implemented two factor authentication almost in a way where they kind of trick you into enabling it.
00;19;55;13 - 00;19;58;21
Robert Siciliano
Not unethically, but like because they just know what's good for you.
00;19;58;24 - 00;20;03;02
Robert Siciliano
You know, that's kind of the direction that things kind of have to go. Like, we kind of have to force feed,
00;20;03;05 - 00;20;05;00
Robert Siciliano
the public, security.
00;20;05;02 - 00;20;17;20
Robert Siciliano
Not unlike, you know, the seatbelt look at most of us would not be wearing a seatbelt today if the car didn't start dinging at us, because that's just the way we are.
00;20;17;23 - 00;20;25;09
Robert Siciliano
I know that, like, half the country has a law in place that says if you're seen driving without a seatbelt, you get a ticket, you get pulled over.
00;20;25;11 - 00;20;33;14
Robert Siciliano
Other half of the country has laws saying if you get pulled over and don't have a seatbelt on, you're going to get a ticket. Only New Hampshire.
00;20;33;17 - 00;20;35;18
Craig Andrews
Go ahead. Yes. Let me ask this. Why is it,
00;20;35;20 - 00;20;39;01
Craig Andrews
why is it companies are not forcing,
00;20;39;06 - 00;20;44;05
Craig Andrews
keep it whether it's pass key or, you know what, whatever the system is,
00;20;44;05 - 00;20;52;04
Craig Andrews
I forgot some of the major ones, but basically the password loggers. Why aren't companies just making that standard practice?
00;20;52;07 - 00;21;17;19
Robert Siciliano
So the unfortunate problem here is that most people lack a significant level of digital literacy. Okay, we know how to use our hardware and our software to the point that we need to or want to so that we can watch a video on TikTok or post an update on Facebook. Look, we don't really take the time and effort to figure out our hardware and how our software works.
00;21;17;21 - 00;21;50;10
Robert Siciliano
And so a lot of security is based on, you know, it's risk management from the organization first, but it's also does it pass the grandmother test, meaning like if your grandmother can't do it, then what's going to happen as a result of this is their customer service inquiries are going to skyrocket. You know, they're going to go up really quick because now, like we're force feeding security, it ultimately means that we have to hold people's hands to get to where they need to go in order to access their systems or our product or service.
00;21;50;12 - 00;22;14;29
Robert Siciliano
So we've got to make it relatively easy for them to access our technology, our service, so we can keep getting paid every month with whatever it is our service is, in order for them to, you know, log in so it can't be too difficult. My concern there is that security is not fully enforced right now because it's not so understood.
00;22;15;01 - 00;22;42;03
Robert Siciliano
But down the road with AI and deepfakes and voice clones, I think it's going to get to a point where, like, there's going to be so many breaches, there's going to be so many vulnerabilities because humans are getting hacked left and right versus networks are getting hacked. Humans are getting hacked. The companies and organizations and government agencies are going to have to tighten things up so much that we're not going to be able to function the way we want to online, and it's going to stifle things a lot.
00;22;42;06 - 00;22;44;24
Craig Andrews
You know. Well,
00;22;44;24 - 00;22;46;25
Craig Andrews
so as we wrap up, what,
00;22;46;25 - 00;22;54;16
Craig Andrews
real quick, what what are three things the main business owners should start doing today for cyber security?
00;22;54;19 - 00;23;10;05
Robert Siciliano
Number one, recognize that this is an actual real profession. I applied for a loan through a bank not too long ago and they'd ask, like, what's your profession? Cyber security wasn't even a consideration. You know, librarian,
00;23;10;08 - 00;23;19;09
Robert Siciliano
truck driver. Cybersecurity was nowhere. Technology, computer programmer. None of that stuff was there. It's even recognized as a profession. And it should be.
00;23;19;12 - 00;23;36;04
Robert Siciliano
And there are professionals out there that you hire, much like an Hvac guy or a plumber, or you know, an electrician that like these white collar guys and gals, they will make sure that your network is tight. They will do, you know,
00;23;36;07 - 00;23;48;05
Robert Siciliano
penetration testing. They'll do a vulnerability test to find out if your hardware or software needs updates or upgrades, additional hardware, additional software, additional monitoring to make sure that you're properly protected.
00;23;48;11 - 00;23;54;14
Robert Siciliano
So we might call them a virtual chief information security officer or a fractional CISO or, you know,
00;23;54;16 - 00;24;13;13
Robert Siciliano
or a managed service provider, an mssp like, you hire these companies to come in to make sure your network is protected. Right. And it's an investment like any other aspect of your business. It's an investment. Cybersecurity insurance should be a result of that vulnerability testing because, you know,
00;24;13;16 - 00;24;20;03
Robert Siciliano
things happen and once you tighten up your network the way it should be, look, you can do it yourself all day long.
00;24;20;03 - 00;24;22;03
Robert Siciliano
But, I mean, what do you really know?
00;24;22;06 - 00;24;50;27
Robert Siciliano
Have a professional come in, and once they tighten things up, then you incorporate cyber security insurance. And then from there, depending on the size and scope of your organization, there should be ongoing security awareness training, even if it's once every six months, not just once a year, not just to keep compliant, but there should be a level of security awareness training that you understand as the company officer, as a leader, as leadership, what security is and isn't.
00;24;50;27 - 00;25;13;28
Robert Siciliano
It's not about paranoia. It's about recognizing risk and taking charge and taking control and understanding password management. Two factor authentication like it means something and it matters to you. And if it means something, it matters to you and your personal life, then it will in your business life, and then it will ultimately, because of your own understanding and philosophy of it and its importance to you, to your employees.
00;25;14;06 - 00;25;38;09
Robert Siciliano
And once you engage in that security awareness training effectively, regularly, things change your employees like they set up a little taller, they recognize things a little bit more. They become that much more aware of everything. It's not just security, it elevates you. Security is an important thing in our lives. At the base of the triangle of of Abraham Maslow's hierarchy of human needs, right.
00;25;38;16 - 00;25;58;16
Robert Siciliano
It's it's in your physiological need. So it's eating and sleeping and drinking. And right above that is safety, security, stability, structure and protection and everything after that, everything after that, love and belongingness, you know, everything all comes that much more easier once you get the foundation in order.
00;25;58;18 - 00;26;00;16
Craig Andrews
All right. Well, excellent. Well, hey,
00;26;00;16 - 00;26;03;29
Craig Andrews
thanks for sharing that. How can people reach you?
00;26;04;01 - 00;26;06;08
Robert Siciliano
I am Google able. Robert Siciliano ,
00;26;06;08 - 00;26;16;00
Robert Siciliano
if you can spell it Siciliano . Oh, and of course, my website is protect now Elle.com protect now. Elle.com.
00;26;16;02 - 00;26;17;28
Craig Andrews
Thanks for coming on Layers and Legacies.
00;26;18;00 - 00;26;25;10
Robert Siciliano
Thank you so much.
00;26;25;12 - 00;26;47;02
Craig Andrews
This is Craig Andrews. I want to thank you for listening to the Leaders and Legacies podcast. We're looking for leaders to share how they're making the impact beyond themselves. If that's you, please go to Ally's for me.com/guest and sign up there. If you got something out of this interview, we would love you to share this
00;26;47;02 - 00;26;48;27
Craig Andrews
episode on social media.
00;26;48;29 - 00;27;12;11
Craig Andrews
Just do a quick screenshot with your phone and text it to a friend, or posted on the socials. If you know someone who would be a great guest. Tag them on social media and let them know about the show, including the hashtag leaders and legacies. I love seeing your posts and suggestions. We are regularly putting out new episodes and content to make sure you don't miss anything.
00;27;12;13 - 00;27;20;18
Craig Andrews
Please go ahead and subscribe. Your thumbs up. Ratings and reviews go a long way to help promote the show. It means a lot to me.
00;27;20;18 - 00;27;30;27
Craig Andrews
It means a lot to my team. If you want to know more, please go to Ally's for me.com. Or follow me on LinkedIn. Thanks for listening. We'll see you next time.
