This week's episode hits close to home—literally. We dive into a ransomware attack on the Eastern Cape Department of Human Settlements by the international NightSpire gang, who claim to have stolen 20GB of sensitive data, including personal information of housing applicants. Despite official statements calling it a "minor breach," the incident exposes critical vulnerabilities in South African public sector cybersecurity.
In a twist of supreme irony, we explore how Entrust—a global leader in digital security—fell victim to the Clop ransomware gang. When the security experts get breached, it serves as a sobering reminder: no one is immune to sophisticated cyberattacks.
We also examine Microsoft Teams' controversial "Chat with Anyone" feature, rolling out by January 2026. While convenient, this default-enabled functionality opens massive attack surfaces for phishing and credential theft—a classic case of convenience versus security.
On the AI front, groundbreaking research reveals that large language models can be compromised with as few as 250 malicious documents. We discuss the implications for AI security and why Africa's diversity must be represented in AI training data to prevent perpetuating harmful biases.
Finally, John takes us on a poignant journey through Armistice Day, exploring how World War I birthed modern information security—from cryptography and traffic analysis to authentication protocols. The lessons from those trenches still echo in our digital battlefields today.
Key Takeaways:
✅ Monitor your accounts if you've dealt with affected institutions
✅ Disable risky default features in collaboration tools
✅ Remember: even security companies get hacked
✅ AI security and representation matter
🎧 Listen now on Apple, Spotify, YouTube, or iHeartRadio!
#Cybersecurity #InfoSec #Ransomware #AIEthics #DataPrivacy #SouthAfrica #PrivisoLive
--------
30:09
--------
30:09
Priviso Live Episode 60: Amertech Interview
In our latest episode, we unpack four stories that reveal the complex intersection of technology, accountability, and governance in today's digital landscape.
**🔍 The Mamdani "Hack" That Fooled Millions**
How did a simple news broadcast get misinterpreted as a cyberattack? We dive into the viral incident from NYC Mayor-elect Zohran Mamdani's victory celebration that spread across Instagram, X, and TikTok for two days before fact-checkers could debunk it. The lesson? Our collective media literacy may be more compromised than any computer system.
**📱 TikTok's Kenya Crackdown**
Nearly 600,000 videos removed in just three months. We explore what happens when governments hold Big Tech accountable, examining TikTok's aggressive moderation response to regulatory pressure—and asking the hard questions about AI-driven content removal.
**📊 South Africa's King V Corporate Governance Code**
The newly released framework is reshaping how organizations approach leadership, sustainability, and AI oversight. We break down what changed from King IV and why it matters for businesses navigating 2025's complex landscape.
**🔐 PLUS: An Exclusive Interview**
We speak with Paul Armer, CIO at ArmerTech, about a radical approach to cloud storage where even the service provider cannot access your encrypted data. In an era of constant breaches, is this the future of digital privacy?
**The common thread? Accountability—and the tension between speed and responsibility.**
🎧 Listen now on Apple, Spotify, YouTube, or wherever you get your podcasts.
#PrivisoLive #CyberSecurity #DigitalGovernance #MediaLiteracy #TechAccountability
--------
36:36
--------
36:36
Priviso Live Episode 59: Supply chain chaos
The numbers are staggering: five weeks of production halted. Three major UK plants shut down. 5,000 businesses impacted across the supply chain. A projected loss of £1.9 billion.
This isn't a hypothetical scenario—it's the reality Jaguar Land Rover faced following a Category 3 cyber-attack, with full recovery not expected until January 2026.
In this week's episode of Priviso Live, Lyn, Stephen, and John unpack what this incident means for organizations everywhere—especially in South Africa, where cyber threats are rising but reporting remains dangerously incomplete.
*Key insights we explore:*
The IT-to-OT cascade: How an IT system attack triggered a complete manufacturing shutdown, demonstrating the critical convergence between information technology and operational technology.
Supply chain vulnerability: When a single major player falls, thousands of dependent businesses face potential collapse—regardless of their own cybersecurity posture.
The South African context: With only a fraction of security incidents being reported under POPIA, many organizations are underestimating their exposure and regulatory obligations.
Historical lessons from Operation Aurora: Why the patterns we're seeing today were foreshadowed in 2009, but the scale and systemic nature of risk have fundamentally changed.
*The bottom line?* Cyber risk is no longer just an IT problem—it's an enterprise-level crisis that demands board attention, supply chain mapping, and realistic worst-case planning.
Are you prepared for a multi-week shutdown? Do you know your critical dependencies? Is your breach notification process ready?
Listen now to understand what the Jaguar Land Rover incident means for your organization's cyber resilience strategy.
🎧 Subscribe on Apple, Spotify, YouTube, or your preferred platform.
#CyberSecurity #SupplyChain #POPIA #RiskManagement #SouthAfrica
--------
12:01
--------
12:01
Priviso Live Episode 58: Giovanni Soro
In this week's episode, we unpack:
✅ The F5 Breach Reality Check – Source code stolen, vulnerability intel compromised, and US regulators issuing emergency directives. If you run F5 gear (or your suppliers do), this is your wake-up call. We break down the immediate actions: inventory, logging, patching, and the vendor contract clauses you should've had in place yesterday.
✅ AI's Shadow IT Problem – Fresh data reveals 43% of employees are pasting sensitive work data—client info, internal docs—into AI tools without approval. It's not just awareness; it's a control gap. We discuss DLP guardrails, AI use registers, prompt-injection testing, and how POPIA compliance intersects with chatbot usage.
✅ When AI Safety Fails – The heartbreaking lawsuit against OpenAI following 16-year-old Adam Raine's suicide raises urgent questions about guardrail design, safety interventions, and legal liability. If you deploy customer-facing AI, age-gating and escalation protocols aren't optional anymore.
✅ History Matters: Giovanni Soro – Before Turing, before Enigma, there was Venice's master cryptanalyst in 1506. Soro built the world's first formal code-breaking bureau—complete with entrance exams, frequency analysis, and diplomatic cipher systems. His legacy? A blueprint for organised information security that endures today.
--------
10:03
--------
10:03
Priviso Live Episode 57: The 5 Stages of Breach Grief
What happens when 40% of the world's computers are about to lose security support? Join Stephen and John on Priviso Live as they tackle the Windows 10 end-of-support crisis that's unfolding right now in October 2025. With hundreds of millions of devices still running an operating system that's about to stop receiving patches, are we witnessing the birth of the next Windows XP nightmare?
But that's just the beginning. The hosts dive into a startling report from the Centre for Democracy and Technology revealing that teenagers are forming emotional—and even romantic—relationships with AI chatbots. With 19% of high school students reporting romantic relationships with AI and 42% using them for companionship, we're exploring uncharted territory. Is this harmless support or a concerning trend?
The episode also examines Microsoft's innovative approach to cybersecurity leadership with their distributed Deputy CISO model, and unpacks the creepy new "Pixnapping" attack that's stealing data from Android devices without needing any special permissions.
And for the grand finale? A brutally honest (and hilarious) breakdown of the Five Stages of Corporate Breach Grief—PR Edition. From denial and blame-shifting to the inevitable "stock price has left the chat" moment, Stephen and John expose the predictable playbook companies follow when responding to security incidents. It's comedy gold with a painful truth: the gap between what security teams know and what PR departments admit "could power a small city."
Whether you're managing IT infrastructure, concerned about teen technology use, or just love hearing security professionals call out corporate doublespeak, this episode delivers insights, advice, and laughs in equal measure.
South Africa