June 13, 2025 • 29 mins
Helpful episodes to listen to firstQuestions we answer in this episode
What are the 4 phases in a Security Stack?
How do they help us?
Which one is the most important?
Episode summaryThe 4 phases of a Security Stack are: Learn, Prevent, Detect, and Repair. This parallels how an attack affects us over time.
We want to Learn about an attack before it hits us, and ideally Prevent it from succeeding. But just in case it does get past our defenses, we want to be sure we can Detect the attack and Repair the damage done.
Call to actionPlease build this awesome system together with me by sharing your thoughts. Are the 4 phases - learn, prevent, detect, repair - sufficiently simple and clear to you? Let me know on the forum.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Welcome to Super Simple Security Principles. I'm Nick Jackson and I want to love computers.
(00:07):
They don't love me back. I'm learning how to stay safe online from my good buddy and master
guardian Makani Mason. He wrote his first computer program at the age of six, sealing his fate as a
(00:28):
computer geek. That's it. He knows his stuff, folks. Now he spends his time teaching people
like me and you how to stay ahead of the digital threats we face and those bad guys.
He keeps it simple and we love it. Learn along with me each week. I'll ask the questions
(00:52):
and make sure he keeps it super relevant and super simple for us. If I can do it, you can do it too.
This is episode 67, Security Stack Four Phases. Okay, so it's me Squish again. Remember the
security stacks, well, they have phases apparently. So Makani's going to explain those phases.
(01:19):
He will explain how they help us and bonus, guess what? We get to find out
which is the most important. So I'm pretty pumped about this.
That said, this is why I trust Makani real quick when it comes to the four phases.
He always is thinking way ahead. I love chess, but I refuse to play with him because the one
(01:43):
time I did, he crushed me. He was so far ahead. I was like, he knew what I was going to do. So guys,
trust me when it comes to phases and formulating, he's your guy.
So with no further ado, here's the questions we'll be answering in today's episode.
(02:07):
What are the four phases in a security stack? How do they help us? Which one is the most important?
Let's go. So where do we start, man? Well, we're going to start with a little bit of a visual
(02:28):
image. All right. So we've been talking about building a security stack, layer by layer.
Now though, I want to tweak your vision of that a little bit. We're not changing the name,
but just think about this stack as a brick wall. Now naturally we start from the bottom up
(02:52):
as we've discussed. The foundation, the most important layers at the bottom.
Yeah. But with this new vision of a brick wall, each of these rows that we're building in the
stack is not composed of a single brick. Just as there are multiple rows, there are also multiple
phases or columns. Oh, okay. Okay. I like the columns. So there's multiple columns within each.
(03:20):
Okay. Yeah. So we're building up from the bottom, but we're also building left to right
through the four phases. Okay. Okay. It's kind of like building the walls, right?
Yeah. Right. Well, and if you were laying bricks, you'd go left to right on the bottom most layer,
(03:44):
and then you'd go left to right on the next most layer. So you're working your way up,
but you're also working your way left to right. Perfect. I love it.
Yeah. It makes total sense. Yeah. Okay. So the four phases are
learn, detect, no, excuse me, learn, prevent, detect, and repair. Okay.
(04:11):
And those phases are a way to think about how we protect ourselves basically at every point
in time from the most basic awareness where we're just learning about the existence of an attack.
Right. That's our leftmost point all the way through to the very most right point where,
(04:31):
okay, we failed and we got bitten by the attack and now we've got to recover from it.
Right. So a full security stack is going to include all four of those phases.
Okay. Okay. With me so far? You look like you're thinking at least. Don't look confused.
I'm thinking. I'm formulating. I'm seeing how this is molding. I'm seeing how this is taking shape,
(04:58):
right? Okay. We're totally there. Okay. Good. So what we're going to do is we're going to take
that series that we did on home networks recently. Okay. Yeah. Yeah. And that's how as we're
explaining each of the phases, we're going to give a little bit of concreteness, specificity
to this, some detail so we can make sense of the face a little bit more. Does that sound good?
(05:22):
That sounds great. So we're basically going to take with these phases and we're going to use
what we learned in maybe episodes 50 through 60. Yeah. And how to pair them together. Is that right?
Yeah. Well, how do I create a link? So we're going to use those as kind of our source material
for how we're explaining the phases. Oh, perfect. Even easier. Okay. Great. I love it. And then
(05:49):
what we'll do after we're done with this kind of introduction is then we're going to build
security stacks. We'll build four security stacks in total through, obviously this is going to take
a lot of episodes, but we will, we'll be walking through this formula, whatever we end up naming it.
Yeah. Yep. Two weeks of phases. Exactly. The phases, the questions and the layers.
(06:12):
Yeah. And so, I mean, you'll get, we'll get a lot of practice with, with this because yeah,
this is our system that people need to learn and we'll help them build it as well. But anyway,
perfect. Getting, I think about the big picture a lot. So we're going to bring it back to just
this little part for now. So perfect. So we're going to, now we're going to hone in, right?
(06:36):
Yeah. Okay. So part of the ordering. So just like with the stacks, we talked about the ordering from
bottom and top represents kind of how fundamental and important it is and how, like how commonly
it's going to be applied, for example, would be another way of, you know, everybody needs the
(06:56):
very foundational layer, but maybe only 10% of people need the top optional layer. And so you
have a generic stack and then you only take certain pieces out of it. So anyway, the up to down stuff
represents. Okay. I'm kind of like thinking the hierarchy of like army or military, you know,
you've got your, you know, certain star generals, you've got your captains, whatever, you know,
(07:20):
and, and you go to certain leaders first, you know, and yeah, you kind of work your way up,
right? Not everybody needs to visit with a four-star general, but maybe the president of
the United States might need to. Yeah, no, I like you bringing it back to the army thing. I would
actually kind of say it this way. It's like, it depends on the war, you know, maybe in a particular
(07:44):
war, you need this kind of soldier, but in a different kind of war, you don't. Oh, gotcha.
Okay, perfect. Perfect. I like that. Your general, your general war stack has all this set of anyway,
well, that was probably a little bit of a funny digression. So I was, the main point is I was
(08:06):
trying, no, no, no, dude, not yours, just me, like my digression really, because what I'm trying to
get across is, so there's this bottom to top notion, right? Yes. Yep. And that, that kind of
represents fundamental, important, how common, whatever, but then this, this left to right is,
(08:31):
is also, you know, somewhat about importance, but it's more related to how an attack progresses.
Okay. So, yeah, I don't know. Let's just, we'll just go to the next phase and kind of, yeah. So
phase one is learn. And the slightly larger description of that is we want to understand
(08:56):
the threat before it hits you. So learning is our absolute first line of defense for any,
any stack. Right. Right. Perfect. So that includes, it, it means you want to know about the common
threats that you're going to face. And so for, for home networks, for example, the biggest one
(09:19):
was the constant attacks on our router from the internet. Right. Right. Okay. Those incoming calls,
right? Yeah. Well, and, and so that I consider that knowledge that about those common attacks,
you know, a layer of security, that knowledge, that element of knowledge.
(09:41):
Yeah, absolutely. Does that make sense? You have to know how and where you're about to get punched
to be able to formulate an attack and a defense. Exactly. And it's just, it gets overlooked a lot,
I think, and underemphasized because obviously knowing about it doesn't directly provide you
any specific protection against the attack, right? Like it's just kind of this general thing,
(10:07):
even though to me, you know, having the human involved in the equation, knowing about it is
the most fundamental. And so that's why it's here. It's just sometimes it's not as talked about.
And that's why I feel like it's so critical to have that in this, in this formula. Does that make
sense? Yeah. Oh, it makes total sense. I totally get that. Perfect. Yeah. With the other aspect of
(10:34):
learning is understanding like how the systems you're using work. So for, with the home networks
again, you know, we talked a little bit about how computer networks function. Yeah. Yeah. You know,
the role of a router, how the devices talk to each other using phone calls, not turning you into a
(10:57):
network technician, but just a little bit of stuff about how the system works enough that you can
be capable of protecting your home network. Absolutely. Yeah. Yeah. Yeah. So now sometimes
this awareness is enough to just keep us safe because like, for example, with phone scams,
(11:17):
if you know about a phone scam and you get a call, you may just hang up and that's,
that's all it takes. Right. Right. Right. But for home networks and most cases,
the knowledge alone, even though it's critical and fundamental and, you know, a good first phase,
it's in a lot of ways preparation for, you know, phase two, which is prevent.
(11:43):
So prevent is where we want to actually build a strong multi-layer defense. And in the home
network case, one of those layers was our inbound firewall that's as part of our router. Right.
Right. So that was our most fundamental, most universal, most important
(12:08):
layer of protection for your home network. Okay. Yeah. Yeah. Right. Yep. And one of the,
you know, a little more optional ones is a guest network that we talked about. Yeah. Yeah. Because
maybe you don't have many guests, maybe you don't have many internet of things devices. So the guest
(12:29):
network, well, you know, it's, it could be good, but depending on who you are, it may matter more
or less. Yeah. Right. So it's in the possible home network security stack, but maybe your,
your home network security stack doesn't include it. Correct. Right. Right. That makes sense.
(12:49):
Absolutely. Like I'm thinking about like my grandparents, like, you know, or, or my wife's
grandparents, like they, they would have no need for, like they have maybe devices.
Yeah. Right. Isn't going to buy them a lot. Isn't going to buy them a lot. Exactly. Exactly. Like
they're still loving their DVD player that doesn't connect to the internet. Amen to that. Yeah.
(13:16):
So, and then another one we talked about in there was the outbound firewall.
Yeah. Yeah. I mentioned that, that one specifically because, so this will, and the outbound
firewall actually functions as a layer of protection in two phases, because in the next
phase, and this is one that is often neglected as well, is detect, because there we want to know
(13:44):
when something gets past your defenses. And that's one of the main things that the outbound
firewall is really uniquely strong at. Yeah. Okay. Like we, we hope that threats get stopped
at the prevent phase. Right. Right. Right. But we don't, you know, the whole point of a layered
(14:06):
defense is we, we don't just, you know, hope and pray that they stop there. We want to not only,
you know, learn about them and we want to do our best to prevent them. But if we can, we want to
have some methods for detecting them, even if those defenses fail. Right. Right. You know,
(14:27):
this is all clicking. This is all clicking. Digging it. Good. Because, you know, like with the home
networks, one of the things with detects is like, it's very hard to get a perfect guarantee that
you're going to be able to prevent it. Right. But the outbound firewall, you can get, it's not
perfect, but it's, you can get really, really solid detection method that, you know, it's just
(14:53):
not possible to get that same level of guarantee and confidence as you can as prevention. So it's
like, well, I'd rather stop it at prevent, but I'd also rather at least detect it if nothing else.
Yeah. You know? Yeah. So, yeah. Okay. So I love this because, because like, I'm just looking at
(15:17):
this and I'm just going to take this, like, so we got, let me see if I got it, man. Tell me if
I got it. I actually am jumping in because I think I got it. So let's start with our home network
security deck. Right. Or how we're going to start to build it. Right. So the first thing we have to
(15:38):
have is that knowledge, right? We have to understand where and how we could potentially be attacked,
what the threats are, understanding the threats, you know, what's, so we got that knowledge.
And then from there, you know, for some people, it's a guest network, you know, for other people,
it's different things. And that stack can maybe be different, tailored a little bit,
(16:00):
but in the end, there's going to be pretty much some very similarities in these decks.
But realistically it's completely tailored and that's how we start to build it out. Is that right?
Yeah. All you're calling, you changed the calling them decks, not stacks.
Oh, stacks. My bad. My bad. Yeah. I was thinking of the gaming world. My bad.
(16:23):
Well, and you know, I just mentioned it because it was just interesting to see your brain make
that translation. Right. Because, right. Like, I mean, I play Magic the Gathering and, you know,
other card games where you do, you build decks of things. So, I mean, you know, it's not a,
it's not a crazy metaphor. Do people just learn that I'm a gamer a little bit?
(16:43):
Right. You do a little bit of gaming too. So, yeah. Well, and so part of the thing is too,
like when I was originally envisioning it, you know, I was just envisioning this straight
security stack and in order, and ultimately you could kind of envision it that way. The reason
why I added this phase aspect is not so much in terms of ordering of like what, what layer you're
(17:09):
going to worry about first as so much as you want to make sure that you account for all four of these
phases of an attack in the stack that you build it. If that makes sense. Right. This is just a
way of analyzing that topic, you know, phishing or home networks or email or shopping online,
(17:29):
whatever it is you're focusing on for the security stack. This is one of the dimensions that you want
to make sure you address. You want to make sure, you know, you think about what are the things that
I need to learn? You know, what are the ways that I can prevent the attacks? What are the ways I can
detect if an attack occurs? And then if, if, if that does happen, I detect an attack and you know,
(17:51):
one hit me, then what, what can I do to repair it? You know, what can I do to recover, to restore,
you know, improve my plan for next time? Those kinds of things. Yeah. You know, now the ordering
of what, you know, like which one do I implement first? Which one do I focus on first? That's kind
of a different question. This is just to help us make sure we remember and account for everything
(18:16):
instead of neglecting some of those, because right. You know, the best security stacks
are going to include, you know, some stuff in all four of them. Right.
Now, one thing though, you know, as, as I was thinking about this, I realized that,
you know, from left to right, the quantity of layers available to us, you know, shrinks
(18:40):
dramatically. Okay. Because there's always a ton of useful stuff to learn.
And there's usually a lot of preventative measures available. Right. But then you get to detection
and there's, you know, a lot fewer options, repair, a lot fewer options. Usually like,
(19:00):
there's just not that much in the detect and repair. So hopefully, yeah, go ahead. Sorry.
Go ahead. No, you're going to restate what you're understanding I'm trying to say. So as these
phases progress, the scope of, let's say, opportunities tends to narrow. Is that right?
(19:29):
Yeah. Well, I probably explained it poorly. What all I mean is, so like, let's take home networks,
right? There aren't a whole lot of ways that you can detect if a home, if an attack succeeded
against your home network, like there's the outbound firewall, you know, maybe if your
computer's slow, you might realize and do, you know, scan for malware or even, you know, an
(19:52):
automatic malware scanner might detect it. You know, you might watch your network traffic. Like
there's a handful of options, but that's it. There's not like that many different choices.
Okay. Right now, and repair, we didn't even talk about in home networks. Like what happens,
(20:13):
what do you do if an attack succeeds against your home network? That's one we didn't even
cover in that 10 episodes. An example would be though, is like there's software you can
install that helps you remove malware from your system. Okay. Okay. Okay. Right. So you might have
some malware removal software that's already on there and it helps you clean up and get back to a
(20:38):
safe, you know, where your computer is safe again. Right? Yeah. But it's not like there's, you know,
a list of 10 different kinds of things that you can do and tools that you can install that you
should have available and layers of protection to do the repair. So it's the tools, the layers
of protections that start to narrow down. Yeah. Okay. Because at the beginning we have so many
(21:04):
tools and resources to use to protect, but then to indicate we might not have as many tools to
let us know there's a threat. And then we might even have fewer tools to repair what was damaged.
Yeah. And this isn't necessarily a critical concept to really remember anything. It's just,
(21:28):
it was just an observation I was thinking about because I think sometimes it leads us to because
there's so few, I mean, I don't know, maybe it means sometimes we get more attention on those
because there's so few options, but I was just thinking of ways of, you know, which of the phases
might get neglected. And I'm not sure for different people, but, you know, it kind of goes back to
(21:50):
answering the opening question, number three. Yeah. You know, which one's most important. And
that was, I throw in one of these every once in a while as a trick question. Yeah. Because,
you know, the choices are fewer, right? So in a way you could say, detect and repair
is less important, but I wouldn't say that it's just means there are fewer choices you have
(22:11):
available. Yeah. Like, you know, the most secure and bulletproof security stacks are going to have
at least one defense in all of the phases. Go ahead. I could see you had a thought there.
Yeah, I did. I was going to try and guess what the most important, you know, the four phases and
(22:33):
which one is the most important. And I was going to say, wouldn't it be phase one? Because if we
have all these available options to build us great security, as we build our knowledge,
as we start to understand our threats, as we start to analyze each individual area,
(22:55):
like, that's why we layer up, right? We've got all these options to layer up. Like,
we could get this as thick as we wanted if we wanted to. Like, we could really completely
isolate ourselves in essence if we wanted to, you know? And so, like, that's what my guess
(23:18):
would have been based off of those thoughts. Now, go ahead and correct me. No, well, and like I said,
it was a trick question because they're all kind of important, but in a lot of ways, I agree with
you, you know? I mean, if I was going to pick one layer, if I was actually going to pick a favorite
or, you know, a most important one, I would absolutely pick learn because the thing is
(23:39):
also as you go to the, well, and we'll talk about this more in the layer types, the six layer types,
but, you know, the tools you have and all these other things, they change a lot more. But
the more knowledge and stuff that you have yourself, the more powerful it is. I mean,
think about it like with exercising, for example, you know, or even, you know, for our army one,
(24:04):
the thing you're going to care about most is the human element. And how, you know, how much do
you know about computers and these threats and stuff? Like, that's where I want the focus is.
I want to improve my skills, my habits, my knowledge, because that's going to naturally
and automatically not only persist as tools change, as technology changes, but it will,
(24:28):
you know, empower every, you know, all the tools and things I use. Yeah. You know, if you know how to
exercise, you know how your body works, for example, then, you know, you could use dumbbells, you could
use, you know, straps, you could use, you know, whatever a lot more effectively than if you have
no idea of how your muscles work, for example, you know. Right. So, yeah, I definitely would pick
(24:53):
knowledge, but yeah. Okay. Yeah. And that's all for today. We'll, yeah, unless you got any other
questions. I don't know, did it make sense by the end? Oh, yeah. Totally, totally clicking.
(25:13):
Well, I helped derail, and we both derailed and digressed a couple of times, but what happened is
by the end, it really, it made sense to me. It really kind of clicked, right? I get what we're
trying to build here. I really do think that our listeners at the end of the day are going to
understand why it is so important to have these tools, these resources, these strategies,
(25:40):
understanding the four phases, and to build your security stacks. Like,
this is a perfect illustration of why we need that education and all of it. I love it, man. That was
a killer episode. Do we get a call to action though? That was my one question. Yeah. And this,
you know, as with all the episodes in this one is, you know, a call for help. Yeah. You know,
(26:06):
help me build a system that's going to work for you. And, you know, are the four phases,
this is my question, are the four phases, learn, prevent, detect, and repair, are they sufficiently
simple and clear to you? Yeah. Yeah. Because, you know, again, I want to emphasize, you know,
(26:26):
I mean, this is the first time, literally, that I'm teaching anybody this, because, I mean, I just came
up with all this stuff, you know. Right. Trying to formalize all the knowledge in my head into a
system that we can use to empower people and help. And so, you know, it's not like I've ever taught
anybody any of these things, because, and so, you know, there's, I mean, I'm absolutely confident
(26:48):
that, you know, there's going to be some refinements, improvements, if, in how we explain
it, if nothing else, you know. Right. Right. Metaphors, and because I really like your army
one, I think we could totally tie that in as one possible way we explain to people, because I think
there were a lot of really cool aspects there. So, anyway, just, yeah, very interested in
(27:13):
hearing any thoughts about how this is coming across to people right now, where we are.
So, yeah, we're really going to lean on our listeners, our viewers, let us know, you know.
Well, we've got links to everything you can possibly reach us on, where we're not trying to,
(27:34):
you know, keep our contact, or how to reach us to get a hold of us. Get us up on the forum,
anything you want, like, let us know. Yeah, no, thank you. Forum, I gotta always remind people
of that, because there are a lot of, like, there's different ways for different podcasts, right?
Ours is the forum. That is our method of contacting us. So, yeah, love to hear from you.
(27:57):
So, yep. Okay, you want to remind them what we're about next episode? Next episode.
This is what I love, man. You've given me an infinite way to tease them, because next week
we're going to be discussing the second part of the To Be Determined stack formula with the
(28:21):
five questions. So, as we discussed, remember, going back a couple episodes, we had 3D,
and we had the four phases, and now we're going to be talking about the five questions, okay?
So, tune in. We'll keep it super simple, and again, thank you for listening. That was an
(28:49):
awesome show. Yeah. Yeah. Are you ready to take action and wondering where to start?
Get my Bulletproof MyIdentity Starter Kit for free. The seven most vital layers of protection
everyone needs. I'll send you one step at a time and help you if you get stuck.
(29:10):
Just go to bulletproofmyid.com and enter your name and email,
and I will send you the first step. Again, that's bulletproofmyid.com.
Welcome to Super Simple Security Principles. I'm Nick Jackson and I want to love computers.
(00:07):
They don't love me back. I'm learning how to stay safe online from my good buddy and master
guardian Makani Mason. He wrote his first computer program at the age of six, sealing his fate as a
(00:28):
computer geek. That's it. He knows his stuff, folks. Now he spends his time teaching people
like me and you how to stay ahead of the digital threats we face and those bad guys.
He keeps it simple and we love it. Learn along with me each week. I'll ask the questions
(00:52):
and make sure he keeps it super relevant and super simple for us. If I can do it, you can do it too.
This is episode 67, Security Stack Four Phases. Okay, so it's me Squish again. Remember the
security stacks, well, they have phases apparently. So Makani's going to explain those phases.
(01:19):
He will explain how they help us and bonus, guess what? We get to find out
which is the most important. So I'm pretty pumped about this.
That said, this is why I trust Makani real quick when it comes to the four phases.
He always is thinking way ahead. I love chess, but I refuse to play with him because the one
(01:43):
time I did, he crushed me. He was so far ahead. I was like, he knew what I was going to do. So guys,
trust me when it comes to phases and formulating, he's your guy.
So with no further ado, here's the questions we'll be answering in today's episode.
(02:07):
What are the four phases in a security stack? How do they help us? Which one is the most important?
Let's go. So where do we start, man? Well, we're going to start with a little bit of a visual
(02:28):
image. All right. So we've been talking about building a security stack, layer by layer.
Now though, I want to tweak your vision of that a little bit. We're not changing the name,
but just think about this stack as a brick wall. Now naturally we start from the bottom up
(02:52):
as we've discussed. The foundation, the most important layers at the bottom.
Yeah. But with this new vision of a brick wall, each of these rows that we're building in the
stack is not composed of a single brick. Just as there are multiple rows, there are also multiple
phases or columns. Oh, okay. Okay. I like the columns. So there's multiple columns within each.
(03:20):
Okay. Yeah. So we're building up from the bottom, but we're also building left to right
through the four phases. Okay. Okay. It's kind of like building the walls, right?
Yeah. Right. Well, and if you were laying bricks, you'd go left to right on the bottom most layer,
(03:44):
and then you'd go left to right on the next most layer. So you're working your way up,
but you're also working your way left to right. Perfect. I love it.
Yeah. It makes total sense. Yeah. Okay. So the four phases are
learn, detect, no, excuse me, learn, prevent, detect, and repair. Okay.
(04:11):
And those phases are a way to think about how we protect ourselves basically at every point
in time from the most basic awareness where we're just learning about the existence of an attack.
Right. That's our leftmost point all the way through to the very most right point where,
(04:31):
okay, we failed and we got bitten by the attack and now we've got to recover from it.
Right. So a full security stack is going to include all four of those phases.
Okay. Okay. With me so far? You look like you're thinking at least. Don't look confused.
I'm thinking. I'm formulating. I'm seeing how this is molding. I'm seeing how this is taking shape,
(04:58):
right? Okay. We're totally there. Okay. Good. So what we're going to do is we're going to take
that series that we did on home networks recently. Okay. Yeah. Yeah. And that's how as we're
explaining each of the phases, we're going to give a little bit of concreteness, specificity
to this, some detail so we can make sense of the face a little bit more. Does that sound good?
(05:22):
That sounds great. So we're basically going to take with these phases and we're going to use
what we learned in maybe episodes 50 through 60. Yeah. And how to pair them together. Is that right?
Yeah. Well, how do I create a link? So we're going to use those as kind of our source material
for how we're explaining the phases. Oh, perfect. Even easier. Okay. Great. I love it. And then
(05:49):
what we'll do after we're done with this kind of introduction is then we're going to build
security stacks. We'll build four security stacks in total through, obviously this is going to take
a lot of episodes, but we will, we'll be walking through this formula, whatever we end up naming it.
Yeah. Yep. Two weeks of phases. Exactly. The phases, the questions and the layers.
(06:12):
Yeah. And so, I mean, you'll get, we'll get a lot of practice with, with this because yeah,
this is our system that people need to learn and we'll help them build it as well. But anyway,
perfect. Getting, I think about the big picture a lot. So we're going to bring it back to just
this little part for now. So perfect. So we're going to, now we're going to hone in, right?
(06:36):
Yeah. Okay. So part of the ordering. So just like with the stacks, we talked about the ordering from
bottom and top represents kind of how fundamental and important it is and how, like how commonly
it's going to be applied, for example, would be another way of, you know, everybody needs the
(06:56):
very foundational layer, but maybe only 10% of people need the top optional layer. And so you
have a generic stack and then you only take certain pieces out of it. So anyway, the up to down stuff
represents. Okay. I'm kind of like thinking the hierarchy of like army or military, you know,
you've got your, you know, certain star generals, you've got your captains, whatever, you know,
(07:20):
and, and you go to certain leaders first, you know, and yeah, you kind of work your way up,
right? Not everybody needs to visit with a four-star general, but maybe the president of
the United States might need to. Yeah, no, I like you bringing it back to the army thing. I would
actually kind of say it this way. It's like, it depends on the war, you know, maybe in a particular
(07:44):
war, you need this kind of soldier, but in a different kind of war, you don't. Oh, gotcha.
Okay, perfect. Perfect. I like that. Your general, your general war stack has all this set of anyway,
well, that was probably a little bit of a funny digression. So I was, the main point is I was
(08:06):
trying, no, no, no, dude, not yours, just me, like my digression really, because what I'm trying to
get across is, so there's this bottom to top notion, right? Yes. Yep. And that, that kind of
represents fundamental, important, how common, whatever, but then this, this left to right is,
(08:31):
is also, you know, somewhat about importance, but it's more related to how an attack progresses.
Okay. So, yeah, I don't know. Let's just, we'll just go to the next phase and kind of, yeah. So
phase one is learn. And the slightly larger description of that is we want to understand
(08:56):
the threat before it hits you. So learning is our absolute first line of defense for any,
any stack. Right. Right. Perfect. So that includes, it, it means you want to know about the common
threats that you're going to face. And so for, for home networks, for example, the biggest one
(09:19):
was the constant attacks on our router from the internet. Right. Right. Okay. Those incoming calls,
right? Yeah. Well, and, and so that I consider that knowledge that about those common attacks,
you know, a layer of security, that knowledge, that element of knowledge.
(09:41):
Yeah, absolutely. Does that make sense? You have to know how and where you're about to get punched
to be able to formulate an attack and a defense. Exactly. And it's just, it gets overlooked a lot,
I think, and underemphasized because obviously knowing about it doesn't directly provide you
any specific protection against the attack, right? Like it's just kind of this general thing,
(10:07):
even though to me, you know, having the human involved in the equation, knowing about it is
the most fundamental. And so that's why it's here. It's just sometimes it's not as talked about.
And that's why I feel like it's so critical to have that in this, in this formula. Does that make
sense? Yeah. Oh, it makes total sense. I totally get that. Perfect. Yeah. With the other aspect of
(10:34):
learning is understanding like how the systems you're using work. So for, with the home networks
again, you know, we talked a little bit about how computer networks function. Yeah. Yeah. You know,
the role of a router, how the devices talk to each other using phone calls, not turning you into a
(10:57):
network technician, but just a little bit of stuff about how the system works enough that you can
be capable of protecting your home network. Absolutely. Yeah. Yeah. Yeah. So now sometimes
this awareness is enough to just keep us safe because like, for example, with phone scams,
(11:17):
if you know about a phone scam and you get a call, you may just hang up and that's,
that's all it takes. Right. Right. Right. But for home networks and most cases,
the knowledge alone, even though it's critical and fundamental and, you know, a good first phase,
it's in a lot of ways preparation for, you know, phase two, which is prevent.
(11:43):
So prevent is where we want to actually build a strong multi-layer defense. And in the home
network case, one of those layers was our inbound firewall that's as part of our router. Right.
Right. So that was our most fundamental, most universal, most important
(12:08):
layer of protection for your home network. Okay. Yeah. Yeah. Right. Yep. And one of the,
you know, a little more optional ones is a guest network that we talked about. Yeah. Yeah. Because
maybe you don't have many guests, maybe you don't have many internet of things devices. So the guest
(12:29):
network, well, you know, it's, it could be good, but depending on who you are, it may matter more
or less. Yeah. Right. So it's in the possible home network security stack, but maybe your,
your home network security stack doesn't include it. Correct. Right. Right. That makes sense.
(12:49):
Absolutely. Like I'm thinking about like my grandparents, like, you know, or, or my wife's
grandparents, like they, they would have no need for, like they have maybe devices.
Yeah. Right. Isn't going to buy them a lot. Isn't going to buy them a lot. Exactly. Exactly. Like
they're still loving their DVD player that doesn't connect to the internet. Amen to that. Yeah.
(13:16):
So, and then another one we talked about in there was the outbound firewall.
Yeah. Yeah. I mentioned that, that one specifically because, so this will, and the outbound
firewall actually functions as a layer of protection in two phases, because in the next
phase, and this is one that is often neglected as well, is detect, because there we want to know
(13:44):
when something gets past your defenses. And that's one of the main things that the outbound
firewall is really uniquely strong at. Yeah. Okay. Like we, we hope that threats get stopped
at the prevent phase. Right. Right. Right. But we don't, you know, the whole point of a layered
(14:06):
defense is we, we don't just, you know, hope and pray that they stop there. We want to not only,
you know, learn about them and we want to do our best to prevent them. But if we can, we want to
have some methods for detecting them, even if those defenses fail. Right. Right. You know,
(14:27):
this is all clicking. This is all clicking. Digging it. Good. Because, you know, like with the home
networks, one of the things with detects is like, it's very hard to get a perfect guarantee that
you're going to be able to prevent it. Right. But the outbound firewall, you can get, it's not
perfect, but it's, you can get really, really solid detection method that, you know, it's just
(14:53):
not possible to get that same level of guarantee and confidence as you can as prevention. So it's
like, well, I'd rather stop it at prevent, but I'd also rather at least detect it if nothing else.
Yeah. You know? Yeah. So, yeah. Okay. So I love this because, because like, I'm just looking at
(15:17):
this and I'm just going to take this, like, so we got, let me see if I got it, man. Tell me if
I got it. I actually am jumping in because I think I got it. So let's start with our home network
security deck. Right. Or how we're going to start to build it. Right. So the first thing we have to
(15:38):
have is that knowledge, right? We have to understand where and how we could potentially be attacked,
what the threats are, understanding the threats, you know, what's, so we got that knowledge.
And then from there, you know, for some people, it's a guest network, you know, for other people,
it's different things. And that stack can maybe be different, tailored a little bit,
(16:00):
but in the end, there's going to be pretty much some very similarities in these decks.
But realistically it's completely tailored and that's how we start to build it out. Is that right?
Yeah. All you're calling, you changed the calling them decks, not stacks.
Oh, stacks. My bad. My bad. Yeah. I was thinking of the gaming world. My bad.
(16:23):
Well, and you know, I just mentioned it because it was just interesting to see your brain make
that translation. Right. Because, right. Like, I mean, I play Magic the Gathering and, you know,
other card games where you do, you build decks of things. So, I mean, you know, it's not a,
it's not a crazy metaphor. Do people just learn that I'm a gamer a little bit?
(16:43):
Right. You do a little bit of gaming too. So, yeah. Well, and so part of the thing is too,
like when I was originally envisioning it, you know, I was just envisioning this straight
security stack and in order, and ultimately you could kind of envision it that way. The reason
why I added this phase aspect is not so much in terms of ordering of like what, what layer you're
(17:09):
going to worry about first as so much as you want to make sure that you account for all four of these
phases of an attack in the stack that you build it. If that makes sense. Right. This is just a
way of analyzing that topic, you know, phishing or home networks or email or shopping online,
(17:29):
whatever it is you're focusing on for the security stack. This is one of the dimensions that you want
to make sure you address. You want to make sure, you know, you think about what are the things that
I need to learn? You know, what are the ways that I can prevent the attacks? What are the ways I can
detect if an attack occurs? And then if, if, if that does happen, I detect an attack and you know,
(17:51):
one hit me, then what, what can I do to repair it? You know, what can I do to recover, to restore,
you know, improve my plan for next time? Those kinds of things. Yeah. You know, now the ordering
of what, you know, like which one do I implement first? Which one do I focus on first? That's kind
of a different question. This is just to help us make sure we remember and account for everything
(18:16):
instead of neglecting some of those, because right. You know, the best security stacks
are going to include, you know, some stuff in all four of them. Right.
Now, one thing though, you know, as, as I was thinking about this, I realized that,
you know, from left to right, the quantity of layers available to us, you know, shrinks
(18:40):
dramatically. Okay. Because there's always a ton of useful stuff to learn.
And there's usually a lot of preventative measures available. Right. But then you get to detection
and there's, you know, a lot fewer options, repair, a lot fewer options. Usually like,
(19:00):
there's just not that much in the detect and repair. So hopefully, yeah, go ahead. Sorry.
Go ahead. No, you're going to restate what you're understanding I'm trying to say. So as these
phases progress, the scope of, let's say, opportunities tends to narrow. Is that right?
(19:29):
Yeah. Well, I probably explained it poorly. What all I mean is, so like, let's take home networks,
right? There aren't a whole lot of ways that you can detect if a home, if an attack succeeded
against your home network, like there's the outbound firewall, you know, maybe if your
computer's slow, you might realize and do, you know, scan for malware or even, you know, an
(19:52):
automatic malware scanner might detect it. You know, you might watch your network traffic. Like
there's a handful of options, but that's it. There's not like that many different choices.
Okay. Right now, and repair, we didn't even talk about in home networks. Like what happens,
(20:13):
what do you do if an attack succeeds against your home network? That's one we didn't even
cover in that 10 episodes. An example would be though, is like there's software you can
install that helps you remove malware from your system. Okay. Okay. Okay. Right. So you might have
some malware removal software that's already on there and it helps you clean up and get back to a
(20:38):
safe, you know, where your computer is safe again. Right? Yeah. But it's not like there's, you know,
a list of 10 different kinds of things that you can do and tools that you can install that you
should have available and layers of protection to do the repair. So it's the tools, the layers
of protections that start to narrow down. Yeah. Okay. Because at the beginning we have so many
(21:04):
tools and resources to use to protect, but then to indicate we might not have as many tools to
let us know there's a threat. And then we might even have fewer tools to repair what was damaged.
Yeah. And this isn't necessarily a critical concept to really remember anything. It's just,
(21:28):
it was just an observation I was thinking about because I think sometimes it leads us to because
there's so few, I mean, I don't know, maybe it means sometimes we get more attention on those
because there's so few options, but I was just thinking of ways of, you know, which of the phases
might get neglected. And I'm not sure for different people, but, you know, it kind of goes back to
(21:50):
answering the opening question, number three. Yeah. You know, which one's most important. And
that was, I throw in one of these every once in a while as a trick question. Yeah. Because,
you know, the choices are fewer, right? So in a way you could say, detect and repair
is less important, but I wouldn't say that it's just means there are fewer choices you have
(22:11):
available. Yeah. Like, you know, the most secure and bulletproof security stacks are going to have
at least one defense in all of the phases. Go ahead. I could see you had a thought there.
Yeah, I did. I was going to try and guess what the most important, you know, the four phases and
(22:33):
which one is the most important. And I was going to say, wouldn't it be phase one? Because if we
have all these available options to build us great security, as we build our knowledge,
as we start to understand our threats, as we start to analyze each individual area,
(22:55):
like, that's why we layer up, right? We've got all these options to layer up. Like,
we could get this as thick as we wanted if we wanted to. Like, we could really completely
isolate ourselves in essence if we wanted to, you know? And so, like, that's what my guess
(23:18):
would have been based off of those thoughts. Now, go ahead and correct me. No, well, and like I said,
it was a trick question because they're all kind of important, but in a lot of ways, I agree with
you, you know? I mean, if I was going to pick one layer, if I was actually going to pick a favorite
or, you know, a most important one, I would absolutely pick learn because the thing is
(23:39):
also as you go to the, well, and we'll talk about this more in the layer types, the six layer types,
but, you know, the tools you have and all these other things, they change a lot more. But
the more knowledge and stuff that you have yourself, the more powerful it is. I mean,
think about it like with exercising, for example, you know, or even, you know, for our army one,
(24:04):
the thing you're going to care about most is the human element. And how, you know, how much do
you know about computers and these threats and stuff? Like, that's where I want the focus is.
I want to improve my skills, my habits, my knowledge, because that's going to naturally
and automatically not only persist as tools change, as technology changes, but it will,
(24:28):
you know, empower every, you know, all the tools and things I use. Yeah. You know, if you know how to
exercise, you know how your body works, for example, then, you know, you could use dumbbells, you could
use, you know, straps, you could use, you know, whatever a lot more effectively than if you have
no idea of how your muscles work, for example, you know. Right. So, yeah, I definitely would pick
(24:53):
knowledge, but yeah. Okay. Yeah. And that's all for today. We'll, yeah, unless you got any other
questions. I don't know, did it make sense by the end? Oh, yeah. Totally, totally clicking.
(25:13):
Well, I helped derail, and we both derailed and digressed a couple of times, but what happened is
by the end, it really, it made sense to me. It really kind of clicked, right? I get what we're
trying to build here. I really do think that our listeners at the end of the day are going to
understand why it is so important to have these tools, these resources, these strategies,
(25:40):
understanding the four phases, and to build your security stacks. Like,
this is a perfect illustration of why we need that education and all of it. I love it, man. That was
a killer episode. Do we get a call to action though? That was my one question. Yeah. And this,
you know, as with all the episodes in this one is, you know, a call for help. Yeah. You know,
(26:06):
help me build a system that's going to work for you. And, you know, are the four phases,
this is my question, are the four phases, learn, prevent, detect, and repair, are they sufficiently
simple and clear to you? Yeah. Yeah. Because, you know, again, I want to emphasize, you know,
(26:26):
I mean, this is the first time, literally, that I'm teaching anybody this, because, I mean, I just came
up with all this stuff, you know. Right. Trying to formalize all the knowledge in my head into a
system that we can use to empower people and help. And so, you know, it's not like I've ever taught
anybody any of these things, because, and so, you know, there's, I mean, I'm absolutely confident
(26:48):
that, you know, there's going to be some refinements, improvements, if, in how we explain
it, if nothing else, you know. Right. Right. Metaphors, and because I really like your army
one, I think we could totally tie that in as one possible way we explain to people, because I think
there were a lot of really cool aspects there. So, anyway, just, yeah, very interested in
(27:13):
hearing any thoughts about how this is coming across to people right now, where we are.
So, yeah, we're really going to lean on our listeners, our viewers, let us know, you know.
Well, we've got links to everything you can possibly reach us on, where we're not trying to,
(27:34):
you know, keep our contact, or how to reach us to get a hold of us. Get us up on the forum,
anything you want, like, let us know. Yeah, no, thank you. Forum, I gotta always remind people
of that, because there are a lot of, like, there's different ways for different podcasts, right?
Ours is the forum. That is our method of contacting us. So, yeah, love to hear from you.
(27:57):
So, yep. Okay, you want to remind them what we're about next episode? Next episode.
This is what I love, man. You've given me an infinite way to tease them, because next week
we're going to be discussing the second part of the To Be Determined stack formula with the
(28:21):
five questions. So, as we discussed, remember, going back a couple episodes, we had 3D,
and we had the four phases, and now we're going to be talking about the five questions, okay?
So, tune in. We'll keep it super simple, and again, thank you for listening. That was an
(28:49):
awesome show. Yeah. Yeah. Are you ready to take action and wondering where to start?
Get my Bulletproof MyIdentity Starter Kit for free. The seven most vital layers of protection
everyone needs. I'll send you one step at a time and help you if you get stuck.
(29:10):
Just go to bulletproofmyid.com and enter your name and email,
and I will send you the first step. Again, that's bulletproofmyid.com.
Popular Podcasts
United States of Kennedy
United States of Kennedy is a podcast about our cultural fascination with the Kennedy dynasty. Every week, hosts Lyra Smith and George Civeris go into one aspect of the Kennedy story.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com