Episode #43 – It’s Not Real Until It Hurts: Why No One Demands Change

Episode #47 - We’re Addicted to Short-Term Thinking (And It’s Screwing Us All)

Recorded Live on YouTube: Thursday, September 11, 2025 – 9:00 PM CT This week on InfoSec to Insanity, Evan Francen and Matt Goodacre dive headfirst into a problem that’s bigger than firewalls, frameworks, or fancy AI tools—our obsession with short-term thinking. Inspired by Evan’s latest blog post, We’re Addicted to Short-Term Thinking (And It’s Screwing Us All), we’ll break down how chasing the next quick win, quarterly number, or shiny product is wrecking cybersecurity, business, and even our personal lives. Why do we keep doing what we know doesn’t work? Why do leaders mortgage long-term resilience for short-term gains? And most importantly—how do we break the cycle before it breaks us? As always, expect the full InfoSec to Insanity treatment: * 🔥 WTF Happened This Week? – The biggest security stories, stripped of the nonsense. * 🤣 CISO Humor – Because if we don’t laugh, we’ll cry. * 🎤 No-BS conversation – The kind the industry doesn’t want you to hear. 💥 Join us live, bring your questions, and let’s talk about building something real instead of just patching over the cracks.

Episode #46 - Selling Fear – Why the Cybersecurity Industry Loves the Chaos

Streamed live on Sep 4, 2025 In this episode, Evan Francen and Matt Goodacre are back with Part 5 of the Accountability in Cybersecurity is Broken series: Selling Fear – Why the Cybersecurity Industry Loves the Chaos. Confusion sells. Simplicity doesn’t. And that’s not an accident—it’s a business model. Too many vendors, “experts,” and even practitioners are getting rich off of fear, uncertainty, and doubt (FUD), while the people they’re supposed to protect are left confused, vulnerable, and broke. Evan and Matt will tear into how snake oil gets sold, why simple fixes get ignored (remember the Senate hearing where nobody would admit a firewall could’ve helped?), and what real accountability looks like. Of course, it wouldn’t be InfoSec to Insanity without the fun: * WTF Happened This Week? – The biggest security stories, with a dose of sanity. * CISO Humor – Laugh so you don’t cry. * And plenty of candid, no-BS conversation the industry doesn’t want you to hear. Join us live, [https://www.youtube.com/@evanfrancenproject]bring your questions, and be part of the conversation. Subscribe and hit the bell so you don’t miss it.

Episode #45 - Breach? Jackpot. How the Legal System Profits from Failure

Part 4 of the “Accountability in Cybersecurity is Broken” series - Recorded LIVE August 21, 2025 on YouTube [https://www.youtube.com/@evanfrancenproject]. Every breach is a gold mine—but not for the victims. In this episode, Evan Francen (30+ year InfoSec badass) and Matt strip away the shiny headlines to expose the ugly truth: when cyber disasters strike, lawyers strike the jackpot. We’re unpacking how class-action lawsuits have turned cybersecurity disasters into bonanzas for law firms—while the real victims get scraps. From Equifax to AT&T to Meta, we’re talking grotesque settlements, insane legal fees, and a broken accountability loop that thrives on failure. Raw and unapologetic—this is the conversation no one else (or at least, not enough of us) is having. Highlights you won’t want to miss: * Why class-action law firms rake in millions every time your data gets exposed * How breach settlements often benefit lawyers more than the victims themselves * The real numbers behind Equifax, AT&T, Meta—and the legal fee loot they generated * Why the legal system might be perpetuating failure, not fixing it * Real talk on how cyber accountability dies in the courtroom, not the boardroom Subscribe so you don’t miss the chaos.

Episode #44 - Cybersecurity Doesn’t Win Elections: So Politicians Don’t Give a Sh*t

Accountability in Cybersecurity Is Broken, Part 3 – “Cybersecurity Doesn’t Win Elections: So Politicians Don’t Give a Sh*t” Cybersecurity doesn’t win votes—so politicians don’t care. That political apathy leaves CEOs, boards, and tech giants free to make terrible security decisions with no real accountability. In this episode, Evan Francen (30+ year veteran, co-founder of FRSecure & SecurityStudio, author of UNSECURITY) and co-host Matt Goodacre rip into how politics fuels the accountability crisis in cybersecurity.   From Citrix zero-days and hacked U.S. courts to Russian hackers opening a dam in Norway, Evan and Matt deliver WTF headlines, CISO humor, and hard-hitting fixes that don’t need a campaign trail. Expect sharp insights, raw honesty, and a heavy dose of sarcasm aimed at the broken system we’re all stuck with. Highlights: * Why politicians ignore cybersecurity until it costs votes * WTF news: Citrix, U.S. courts, hacked dams, and vendor disasters * CISO humor: therapy for the blame-soaked security pros * Five fixes to force accountability—without waiting on laws * A preview of Part 4: Breach? Jackpot. How the Legal System Profits from Failure Key Quote: “Politicians don’t care about cybersecurity because it doesn’t win elections—just lawsuits.”

Episode #43 – It’s Not Real Until It Hurts: Why No One Demands Change

Part 2: It’s Not Real Until It Hurts Cybersecurity doesn’t change because we know better. It changes because someone bleeds. Not until the breach is splashed across headlines. Not until patients are turned away mid-surgery. Not until your CEO’s kid finds their identity on the dark web.   In Part 2 of our six-part series, Accountability in Cybersecurity is Broken, Evan Francen (30+ years of cyber trench warfare) and Matt Goodacre (logic ninja, cyber smartass) rip into the ugly truth: in this industry, pain is the only language leaders understand. We’re talking WTF news—from grounded airlines to vishing attacks against Google—CISO Humor that’ll make you laugh-cry, and a no-B.S. deep dive into why our so-called “leaders” only act after the damage is done. You’ll walk away with a “fix list” for pain-proofing your security strategy, so maybe next time you don’t have to bleed to get budget. If you’ve ever warned about a risk months in advance, only to be ignored until disaster hit—this one’s for you. You’re not crazy. You’re just ahead of the blast radius. This ain’t your compliance department’s podcast. This is InfoSec to Insanity.