The Lockdown · S02E01

How To Think Like A CISO

· Support the show on Patreon

Season 2 of The Lockdown is here, with a renewed focus on the overlap between privacy, security, and open-source intelligence. In this episode, Ray explains why reconnaissance should be treated as the first line of defense, not as the attacker’s free move. This episode lays out a practical way to think like a CISO in both your personal life and inside an organization. The core idea is simple: Minimize What Can Be Known, understand what you are protecting, and close the gap between having security controls and actually being protected by them.

In this week’s episode:

  1. Why privacy and security should be treated as two sides of the same coin
  2. Reconnaissance, OSINT, and how attackers build a picture from public information
  3. Thinking like a CISO: threat modeling, risk, residual risk, and compensating controls
  4. Practical privacy choices, including GrapheneOS, browsers, VPNs, prepaid SIMs, and data brokers
  5. The control confidence gap, including SIM swaps, help desk attacks, security questions, and deepfakes
  6. Real-world examples of reconnaissance-driven attacks, including MGM, Caesars, Marks & Spencer, and ransomware extortion
  7. The updated OSINT Defense and Security Framework, plus practical homework for individuals and organizations

Matrix Community Rooms:

Individual Room Links:

Support the show on Patreon ★ https://www.patreon.com/TheLockdown