Plaintext with Rich
Cybersecurity is an everyone problem. So why does it always sound like it’s only for IT people?
Each week, Rich takes one topic, from phishing to ransomware to how your phone actually tracks you, and explains it in plain language in under ten minutes or less. No buzzwords. No condescension. Just the stuff you need to know to stay safer online, explained like you’re a smart person who never had anyone break it down properly. Because you are!
Episodes
32 episodes
FortiBleed: When Your Firewall Becomes the Front Door
Your firewall is supposed to be the thing that keeps attackers out. FortiBleed is the story of what happens when it becomes the way in.In June 2026, roughly 86,644 sets of working Fortinet credentials turned up circulating amo...
Post-Quantum Cryptography: Start the Inventory Before Q-Day
You don't inventory your house the morning of the move. You start months before. So why are most organizations still treating post-quantum cryptography as a 2035 problem? Episode 31 of Plaintext with Rich treats the post-quan...
Cybersecurity Careers and AI: The Squeeze and the Opening
Someone pulled Rich aside at a conference recently. Six years in IT, ready to break into security, and asking the question more people ask every week. Should I even bother right now? Here's what the data actually shows.Episode 30 of Plai...
Supply Chain Attacks: How One Update Hit OpenAI
A routine software update. No phishing. No sketchy download. Then a security team finds the unthinkable: trusted code has been hijacked, and the breach rode in through the exact channels engineers rely on every day. I walk through the supply ch...
Microsoft Exchange Zero-Day Under Attack: One Email Hijacks OWA
It's Monday morning. You open the third email of the day. Nothing visible happens, but in the background, an attacker just borrowed the proof you were logged in.Episode 28 of Plaintext with Rich is a hot take on CVE-2026-42897, the Micro...
Work-Life Balance in Cybersecurity: The Structural Fix
You finish at 6:00pm. At 6:47 you reopen the laptop, 'just to check something.' By 9:00 the evening is gone. The boundary didn't fail tonight. It was never there.Episode 27 of Plaintext with Rich closes the Month of Mindfulness, a five-w...
Cybersecurity Burnout: Not a Character Flaw, a System Problem
You're reading a breach report. Third one this month. Last year a story like this would have lit something in you. Today you scroll past it. That's not you. That's the bill.Episode 26 of Plaintext with Rich is the fourth installment of t...
Physical Health in Cybersecurity: The Body Keeps the Receipts
It's Friday morning. You stand up to refill your water and your back doesn’t move the way it used to. The systems are up and running smoothly. Your body hasn’t gotten the same memo.Episode 25 of Plaintext with Rich is the third installme...
Spiritual Health in Cybersecurity: The Why Behind the Work
Spiritual health on a cybersecurity podcast sounds like a stretch. Stay with us. Because somewhere between the vendor pitches, the patch cycles, and the 3 a.m. page, a lot of us stopped working for the why and started working for the number.
Mental Health in Cybersecurity: The Weight of Vigilance
It's 6:47 a.m. The incident was contained hours ago. The systems are fine. You're the one still running hot.This episode opens the Month of Mindfulness, a five-week Plaintext with Rich series on mental health, spiritual health, physical ...
Threat Intelligence: Why Most Organizations Get It Backwards
A dashboard lights up with indicators of compromise. The analyst copies the top five into a ticket, tags it "actionable," and sends it to the SOC. Nobody reads it not because they don't care, but because it didn't tell them what to do or why it...
Roll for Security: What D&D Teaches About Cyber Defense
The fighter absorbs hits up front. The rogue finds traps before the party walks into them. The cleric keeps everyone alive when things go wrong. And the bard convinces the people with resources to actually fund the quest. Nobody does everything...
Why Reading Code Makes You Dangerous (In a Good Way)
A vulnerability advisory drops on a Tuesday. Two people read the same report. One sees a severity score and waits for a patch. The other understands what a heap-based buffer overflow actually means and starts reducing risk before a fix even exi...
Hacking on Screens and Pages: Pop Culture That Shaped Cybersecurity
Someone sits down at a keyboard, mashes keys for six seconds, and says "I'm in." Every security professional dies a little inside but that scene is probably the reason half of us got into this field.This episode walks through the movies,...
Linux vs. Windows vs. macOS: Where Security Actually Differs
People love to ask which operating system is the most secure. That's the wrong shape of question. Each one is designed for a different job, and that shapes how it gets attacked.This episode clears up what Linux actually is, how it compar...
APIs: The Control Points Hiding Inside Every App
You tap a button and a ride shows up. You check out online and your bank approves it in seconds. It feels automatic. But nothing in software is automatic. Something received a request, decided it was valid, did some work, and sent back a respon...
Securing AI at Work: What the Chat Box Actually Touches
At 4:47 p.m., someone pastes a customer escalation into an AI assistant and asks it to rewrite the tone. The reply is perfect. It also includes a private note from the internal thread. No breach. No attacker. Just a new workflow that doesn't kn...
AI Is an Umbrella Word (And That's the Problem)
Every company says they're using AI. Some mean chatbots. Some mean automation. Some mean statistics with a new logo. If everything is AI, the word stops meaning anything.This episode untangles what people actually mean when they say "AI"...
Why Security Fails When Everyone Is Right
The access made sense. The exception was justified. The shortcut saved time. Each decision worked on its own. And somehow, together, they added up to failure.This episode tackles the uncomfortable truth that most security failures aren't...
Zero Trust: What It Actually Means Beyond the Buzzword
The breach didn't come through a broken firewall. It walked in through a valid login. Nothing exploded. Nothing looked suspicious at first. Someone just signed in and kept going.This episode clears up what Zero Trust actually is and what...
Supply Chain Cybersecurity: When the Breach Starts Upstream
You can lock down every system you own. Patch everything. Train everyone. And still lose control, because the failure didn't start with you. It started somewhere upstream.This episode breaks down supply chain cybersecurity by explaining ...
Phishing and Social Engineering: Why the Strongest Defense Is Being Slower
You don't need to break a system if someone will open it for you. You don't need malware if a message feels urgent enough. Most modern breaches don't start with code. They start with a conversation.This episode breaks down phishing and s...
Ransomware and Double Extortion: Why Backups Alone Don't Save You Anymore
You don't get locked out first. You get watched. Someone maps your systems quietly, copies your data quietly, and waits until they're sure you can't avoid the conversation. Only then do the screens go dark.This episode breaks down how ra...
IoT Security: Why Every Smart Device Is a Computer That Inherits Risk
Your house didn't suddenly become unsafe. It just became chatty. Little devices, quietly talking to the internet, all day, all night. Most of them were never meant to be guarded.This episode explains IoT security by starting with a trans...
Cloud Security: Why Identity and Configuration Are the Real Perimeter
Nothing broke. Nothing crashed. No alarms went off. Someone clicked a box, someone skipped a setting, someone assumed the default was safe. And the cloud did exactly what it was told.This episode explains cloud security by starting with ...