Episode #30 - Are You Built For? Finding Your Path the Honest Way
In this episode of InfoSec to Insanity, Evan Francen and Matt Goodacre dive into the winding, messy, and sometimes hilarious journey of figuring out what the hell you’re actually built for in life. Spoiler: it’s probably not what your high school guidance counselor told you. Live from a cruise ship (yep, really), Evan shares a powerful conversation with an older couple that sparked this episode’s core question: Why do we pressure people to choose a career path before they’ve even lived a little?Expect raw honesty, a few personal war stories, and some serious reflection on how trying things, failing, and pivoting might be the only real way to figure out your calling—whether it’s infosec, garbage collection, or bartending.In this episode:Why we’ve got career discovery all backwardsThe long, weird resume that led Evan to infosecHow societal pressure can screw up great potentialWhat it actually feels like when you find what you’re built forAdvice for the young, the stuck, and the still-searchingThis one’s for anyone who’s still figuring it out—or has a few career skeletons in their closet. (Spoiler: so do we.)
--------
1:11:37
Episode #29 – Lessons from Lanterman: The Danger of Blind Trust
In this episode of InfoSec to Insanity, we dive headfirst into the explosive story shaking the cybersecurity and legal worlds—the FBI investigation into Mark Lanterman, a high-profile cyber forensic expert who’s worked on over 2,000 cases.How did someone with that much influence—and trust—end up under federal scrutiny? What does this say about our industry’s obsession with credentials over character? And how many other “experts” are we blindly trusting without question?Join Evan Francen and Matt Goodacre as they break it all down—candidly, critically, and without pulling any punches. We’ll talk about:The facts behind the caseThe dangerous consequences of assumed credibilityHow this affects our legal system and security industryWhat we all need to do better moving forwardBring your favorite beverage, buckle up, and be ready for some uncomfortable truths.
Two decades deep into the “War on Terror” and guess what? We’re still footing the bill—and it’s not just in dollars. It’s in surveillance, silence, and the slow death of civil liberties. In this episode of InfoSec to Insanity, we’re digging into what we’ve really lost since 9/11. From the Patriot Act’s shady legacy to the mass surveillance that makes Orwell look like an optimist, we’re pulling zero punches.Join us as we unpack:The quiet expansion of government spying in 2024Why your grandma might be on a watchlist (seriously)The illusion of security vs. the cost of freedomHow privacy became a punchline—and what we can still do about itThis one’s for the folks who aren’t okay with being watched while they microwave a Hot Pocket. Bring your questions, your conspiracy theories, and maybe a tin foil hat—because this is gonna get real.Subscribe, show up, speak up.It’s time to reclaim the narrative.
--------
1:25:09
Episode #27 - The Accountability Vacuum: Why No One Pays the Price for Security Failures
Why do massive security failures happen—and nobody gets held accountable?In this raw and unfiltered episode of InfoSec to Insanity, we’re diving headfirst into the Accountability Vacuum that plagues the cybersecurity industry. Breaches keep happening. Sensitive data keeps leaking. Companies issue statements, pay fines (sometimes), and move on… but the people responsible? They skate.Join us as we dig into:🔥 High-profile breaches and the aftermath🔥 Why CISOs and execs rarely face real consequences🔥 The role of compliance theatre and corporate cya culture🔥 Legal loopholes, PR spin, and boardroom silence🔥 How we actually fix this broken systemIt’s time for some hard truth and zero sugar-coating. If you’ve ever wondered why security failures keep happening with no real fallout, this is the conversation you’ve been waiting for.🎙 Hosted by veteran InfoSec pros with a mission to fix the broken industry—one brutally honest episode at a time.
--------
2:07:11
Episode #26 - The Great Divide: Knowing vs. Doing in Information Security
The security industry is flooded with paper tigers—people who look the part, talk the talk, but can’t actually do the damn job.We’ve all seen them. The security “leaders” who push policies they don’t understand. The certification collectors who crumble when real shit hits the fan. The compliance jockeys who think checking a box is the same as being secure.In this episode, we’re diving deep into my latest blog post, “Paper Tigers” (https://evanfrancen.com/2025/03/14/pa..., and tackling the uncomfortable truths about why security is broken, why incompetent people keep failing upward, and what we need to do to fix it.💥 What We’ll Cover:✅ What a paper tiger is and why they’re so dangerous in security✅ How bad hiring, useless certs, and corporate politics reward incompetence✅ Why real security pros are getting drowned out by career climbers✅ How we can stop the cycle and demand real security leadershipIf you’re tired of the same security bullshit and want to hear real talk about what’s wrong with this industry (and how we fix it), grab a drink, tune in, and join the conversation.
Welcome to the InfoSec to Insanity Podcast, a wild, unfiltered ride through the crazy world of information security. Hosted by the legendary Evan Francen—the man on a mission to fix the broken InfoSec industry—you’ll get straight talk, insane stories, and no-nonsense advice on how we can make real change in cybersecurity.Evan is no stranger to breaking down tough topics, with over 30 years of practical InfoSec experience, founding FRSecure and SecurityStudio, and helping the world make sense of security risks. He’s also written UNSECURITY, where he tells it like it is—our industry is failing, but it’s fixable. If you’ve ever felt like InfoSec was more chaos than clarity, then this podcast is exactly what you need.Why Tune In?Candid Conversations: No fluff, no corporate BS. Just real talk about the state of security.Battle Stories: Evan’s got tales—from advising on the infamous Target breach to helping protect companies like Wells Fargo and Blue Cross/Blue Shield.Fixing the Industry: Join us as we tackle the tough questions: Why do breaches keep happening? What’s wrong with InfoSec? And how can we fix it?Fun and Relatable: Evan brings his humor, hacker mindset, and love for diving into problems head-on—sometimes literally when he’s out scuba diving or tearing down a motorcycle!This podcast isn’t your standard cybersecurity chat. It’s a mix of tech talk, leadership insight, and just the right amount of insanity. Whether you’re a seasoned InfoSec pro or just trying to keep your company safe, there’s something for everyone here.