loader from loading.io

Next-Gen Account Security with Christiaan Brand

Easy Prey

Release Date: 01/22/2025

Human Side of Fraud: Empathy, Education, & Evolution show art Human Side of Fraud: Empathy, Education, & Evolution

Easy Prey

People used to think fraud was something that happened in the shadows, rare, distant, and mostly affecting big companies. But after talking to PJ Rohall, it’s clear that fraud is evolving fast, and it’s showing up in places most of us don’t even think to look. In this episode, I sit down with PJ Rohall, Head of Fraud Strategy and Education at SEON and co-founder of About Fraud. PJ’s work is all about staying ahead of scammers and helping businesses and individuals understand how fraud actually works. From synthetic identities and AI-powered scams to account takeovers and refund fraud,...

info_outline
Identity Is The New Security Perimeter show art Identity Is The New Security Perimeter

Easy Prey

Sometimes it feels like every new technology we adopt comes with a new risk we didn’t see coming. From AI and data breaches to phishing scams and ransomware, it's clear we live in a time when cybersecurity isn’t just a tech issue, it’s a human issue. In this episode, I talk with Jeff Reich, Executive Director of the Identity Defined Security Alliance. Jeff has been in the cybersecurity world since the early days, with decades of experience helping organizations protect what matters most. His passion for identity security and risk management runs deep, and he brings a thoughtful...

info_outline
Your Car Is Spying On You What It’s Collecting and Who It’s Telling show art Your Car Is Spying On You What It’s Collecting and Who It’s Telling

Easy Prey

I used to think of my car as just a tool to get from point A to point B. But after this conversation, I can’t help but see it as something else entirely, a powerful data collection device that knows far more about me than I realized. From where I go and who I text to how I drive and even what’s on my phone, today’s vehicles are gathering a staggering amount of personal information. In this episode, I talk with Andrea Amico, the founder of . Andrea is one of the leading voices in automotive data privacy and someone who’s spent years uncovering the hidden ways cars collect, store,...

info_outline
Why Everyone’s A Target show art Why Everyone’s A Target

Easy Prey

Some scams are so convincing, they’re almost impossible to spot. With phishing emails that look like they’re from your bank, deep fake videos that mimic real people, and AI-generated messages that feel personal, it’s getting harder to know what’s real and what’s a trap. In this episode, I sit down with Gabrielle Hempel, a security operations specialist at Exabeam and a current law student at Purdue University. Gabrielle brings a sharp perspective shaped by years in cybersecurity, a master’s in cybersecurity and global affairs from NYU, and hands-on experience navigating everything...

info_outline
Child Exploitation Cyber Investigations show art Child Exploitation Cyber Investigations

Easy Prey

Technology is a double-edged sword. It can empower us, connect us, and solve problems, but it can also be used to exploit, manipulate, and harm. When it comes to protecting children online, that line gets especially thin. Digital forensics, AI-powered image classification, and global law enforcement collaboration are now essential tools for keeping families safe in a world that moves faster than most of us can keep up. Debbie Garner knows this world intimately. She’s a retired Special Agent in charge with the Georgia Bureau of Investigation and former commander of the state’s Internet...

info_outline
Reclaiming the Internet show art Reclaiming the Internet

Easy Prey

We may not always understand the evolution of the internet and how tech monopolies exist, but having digital freedom fighters is vital to making conscious change. Today's guest is Cory Doctorow. Cory is a science fiction author, activist, and journalist. He is the author of many books and most recently, Picks and Shovels, The Bezel, and The Lost Cause, a solar punk science fiction novel of hope amidst the climate change emergency.  His most recent nonfiction book is the internet con How to Seize the Means of Corruption, a big tech disassembly manual. Other recent books include Red Team...

info_outline
Security Gaps Hackers Exploit show art Security Gaps Hackers Exploit

Easy Prey

Scammers aren’t just phishing your inbox anymore—they’re impersonating your voice, your face, and even your coworkers. Deep fakes and social engineering have moved beyond clever tricks and become powerful tools that bad actors are using to infiltrate businesses, breach accounts, and dismantle trust at scale. What used to take a hacker hours and expensive tools can now be done in minutes by anyone with a Wi-Fi connection and a little malicious intent. Our guest today is Aaron Painter, CEO of Nametag, a company leading the charge in next-generation identity verification. Aaron’s...

info_outline
Cyber Warfare show art Cyber Warfare

Easy Prey

Cyber warfare is no longer something that happens behind closed doors or in some far-off digital corner. It's happening now—and reshaping the rules of conflict in real time. Drone strikes controlled by apps, ransomware attacks on hospitals—today's battleground is just as likely to be online as on the ground. That science fiction scenario is now a critical, constant threat-the kind that affects us all globally. I'm really excited to introduce you to Dr. Chase Cunningham. He's a retired Navy chief cryptologist with a wealth of experience in cyber operations for the NSA, CIA, FBI—and more....

info_outline
DDoS Attacks show art DDoS Attacks

Easy Prey

Scammers are getting smarter, understanding the psychology behind social engineering and the challenges companies face every day can help keep networks secure. This episode will show how to anticipate these threats and secure networks against ever-changing vulnerabilities. We’ll focus on practical, real-world solutions to protect data and trust. Dr. Jared Smith joins us to share his insights from his role leading research and development at SecurityScorecard. He also co-founded UnCat, a B2B accounting technology company serving thousands of customers and teaches as an adjunct professor at...

info_outline
Safe AI Implementation show art Safe AI Implementation

Easy Prey

Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures. It is vital to educate users about how to explore the challenges and keep AI systems secure. Today’s guest is Dr. Aditya Sood. Dr. Sood is the VP of Security Engineering and AI Strategy at Aryaka and is a security practitioner, researcher, and consultant with more than 16 years of experience. He obtained his PhD in computer science from Michigan State University and has authored several papers for various magazines and journals. In this conversation, he will shed...

info_outline
 
More Episodes

With phishing and password breaches on the rise, passkeys could offer a more secure, user-friendly solution that could reshape how we protect our online identities. Today's guest is Christiaan Brand. Christiaan is the co-founder of Entersekt, a financial services security firm and a key player at Google in their security and identity teams. 

A respected voice in cybersecurity, Christian co-chairs the FIDO2 technical working group focusing on standardizing robust online security protocols in advancing the use of passkeys. He has been at the forefront of the shift toward more secure, password-free systems. We’ll hear his insights on the challenges and opportunities of implementing passkeys to create safer online environments for users and organizations.

Show Notes:

  • [00:52] - Christiaan is part of the security team for Google accounts. He's been with Google for 9 years. Prior to that he had a startup.
  • [01:30] - He joined the FIDO Alliance around the same time Google joined in 2013. When he joined Google, he was able to continue with the same type of work.
  • [02:35] - Each of the big tech companies represents a portion of the market when it comes to how we interact with the web and apps.
  • [04:06] - He became interested in security when he started thinking about what could go wrong with new technology solutions. He wanted users to be able to access their financial information in a safe and secure way.
  • [05:06] - 2FA began gaining traction with Google in 2011. It coincided with the launch of Google Authenticator. 2FA was also used by a gaming company.
  • [07:54] - Usability is important, that's why having an app that displays the codes was one of the first forays into making the technology more accessible.
  • [08:34] - Passkeys allow us to move beyond passwords, leaving the extra hassle of traditional multi-factor authentication behind.
  • [11:05] - Key fobs were one of the earlier ways to try and bring usability to security. Now the technology is being moved to smartphones.
  • [12:33] - Passkeys are a replacement for a password manager.
  • [13:35] - Passkeys are extremely long and asymmetric in nature. You and the site you're going to both have the passkey.
  • [14:27] - The service will have the public part of the passkey, and you'll have the private part. Even if the public part leaks out, your passkey will still be secure. Passkeys can never be revealed to phishing sites.
  • [15:47] - FIDO brings the second authentication step in. The service also has to identify themselves.
  • [20:04] - Password managers try to balance security and convenience. Logging in or accessing a passkey is a unique challenge for providers.
  • [22:20] - Phone numbers are a way to get users back into their accounts.
  • [25:19] - Single device users have extra challenges.
  • [26:08] - There are pros and cons to external sources of identity.
  • [29:44] - The FIDO website has many certified solutions.
  • [33:21] - To get passkeys into daily users' lives, we need to start using them on daily applications where we log in frequently.
  • [35:49] - Hopefully this passkey solution will stand the test of time.
  • [37:34] - Attacks are beginning to shift to session hijacking.
  • [38:24] - DBSC or device-based session credentials is a new standard parallel to FIDO.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. 

Links and Resources: