Episode Summary:

A Reddit thread on r/cybersecurity asked a simple question: what's the best personality trait for working in cyber? The answers — with hundreds of upvotes — weren't about hacking or certifications. They were about curiosity, patience, humility, staying calm under pressure, and empathy. Marc walks through each trait with personal stories from 8+ years of building teams, hiring, and working incidents at 2 AM.

Key Topics Covered:

• Curiosity — the #1 answer by a wide margin; the trait that makes you dig into a log line everyone else shrugs off
• Patience — explaining technical risk to non-technical people without making them feel stupid, because if you do, they stop reporting incidents
• Humility — saying "I don't know, but I'll figure it out" beats bluffing every time; ego is the worst trait in the field
• Calm under pressure — incident response at 2 AM, zero-days on Friday afternoons, breaches that keep growing; staying focused when everything is on fire matters more than any cert
• Empathy and kindness — cybersecurity is a people problem wrapped in a technology problem; being technically right doesn't matter if nobody wants to work with you
• The uncomfortable truth — ADHD, burnout, trauma-induced hypervigilance; the always-on mindset is a strength until it isn't

Main Takeaways:

• Technical skills are trainable — tools, frameworks, scripting languages, detection logic are all learnable, especially with AI
• Soft traits like curiosity, patience, and empathy are harder to develop and are what separate people everyone wants on their team from people nobody wants to work with
• If you're thinking about getting into cybersecurity, don't ask "am I technical enough?" — ask "am I curious enough to keep learning?"
• The best cybersecurity professionals aren't the ones who sprint the hardest — they're the ones still there in five years

Timestamps:

• [0:00] Introduction — the Reddit thread that started it all
• [0:58] Curiosity — the #1 answer and why it matters
• [2:41] Patience — the art of explaining things without condescension
• [3:58] Humility — why "I don't know" is a superpower
• [5:15] Calm under pressure — the difference between a skill and a warning sign
• [6:28] Empathy and kindness — the most surprising and important trait
• [7:49] The uncomfortable part — burnout, ADHD, and mental health in cyber
• [9:11] Final thoughts — what really separates the best from the rest

Tools & Resources Mentioned:

• Reddit Thread: Best Personality Type/Traits for Working in Cyber

---

I do hope you enjoyed this episode of the podcast. Here are some helpful resources including any sites that were mentioned in this episode.

--

Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:

Listen to Byte Sized Security

--

Support this Podcast with a Tip:

Support Byte Sized Security

--

If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.

Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity

# Byte Sized Security Show Notes

## Episode Title:

3 Immediate Actions to Protect Your Privacy Today

## Episode Summary:

In this episode of Byte Sized Security, host Marc David outlines three practical, actionable steps to enhance your privacy protection immediately. With data breaches nearly doubling in 2024 and companies like AT&T and Ticketmaster experiencing massive exposures, these privacy protection measures aren't just theoretical—they're essential defenses against real threats.

## Key Discussion Points:

* The alarming state of data breaches in 2024: 10,626 confirmed breaches, nearly double from previous year

* Major breaches highlighted: AT&T (73M records), Ticketmaster (560M users), National Public Data (2.9B records)

* The average breach costs $4.88 million, or $165 per stolen record

* **Step 1**: Enable two-factor authentication everywhere

* 2FA stops 99.9% of automated attacks

* Use authentication apps instead of SMS

* Save backup codes in a safe place

* **Step 2**: Audit your privacy settings

* Detailed walkthrough for Facebook, Instagram, Twitter/X, and LinkedIn

* Phone settings review for both iOS and Android

* Revoking unnecessary app permissions

* **Step 3**: Protect your connection and digital footprint

* Using a VPN to encrypt connections and mask browsing

* Reviewing and cleaning your digital footprint

* Opting out of data broker sites

* Deleting old, unused accounts

* The importance of ongoing privacy maintenance

## Tools and Resources Mentioned:

* **Authentication Apps:**

* [Google Authenticator](https://googleauthenticator.net/)

* [Authy](https://authy.com/)

* **Recommended VPN Services:**

* [NordVPN](https://nordvpn.com/)

* [ExpressVPN](https://www.expressvpn.com/)

* [Surfshark](https://surfshark.com/)

* **Data Broker Removal Services:**

* [DeleteMe](https://joindeleteme.com/)

* [Privacy Bee](https://privacybee.com/)

* [Optery](https://optery.com/)

* **Data Broker Sites to Opt Out From:**

* [Whitepages](https://www.whitepages.com/)

* [PeopleFinder](https://www.peoplefinder.com/)

* [Spokeo](https://www.spokeo.com/)

Episode Summary:

In this episode, we explore the alarming discovery that many of the top-rated VPN apps on the App Store and Google Play are secretly owned by Chinese companies. These VPNs pose a serious risk to user privacy and security, as Chinese law requires them to hand over all user data to the government without justification.

Key Topics Covered:

- Chinese-owned VPN apps masquerading as legitimate services

- Lack of transparency and disclosure around company ownership

- Risks of user data being accessed by the Chinese government

- Failure of app stores to properly vet and regulate these VPN apps

- Importance of researching VPN providers before using them

Main Takeaways:

- Many popular VPN apps are secretly owned by Chinese companies, creating a significant risk to user privacy and security.

- App stores like the App Store and Google Play are not properly vetting and regulating these potentially compromised VPN apps.

- Users must do their own research to ensure the VPN they are using is trustworthy and not owned by a company with ties to the Chinese government.

Timestamps for Major Topics:

- 0:00 - Introduction to the issue of Chinese-owned VPN apps

- 1:30 - Examples of top-ranked VPN apps with hidden Chinese ownership

- 3:00 - Explanation of the legal requirements for Chinese companies to hand over user data

- 4:30 - Lack of action by app stores to remove or label these problematic VPN apps

- 6:00 - Importance of user research and caution when selecting a VPN provider

---

I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.

--

--

Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:

Listen to Byte Sized Security

--

Support this Podcast with a Tip:

Support Byte Sized Security

--

If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.

Connect with me on TikTok: https://www.tiktok.com/@bytesizedsecurity