by Linda Martin - Cybersecurity Simplified
Government security standards minus the boring parts. Each week, I take NIST 800-53 controls and translate them for real people and small businesses. Think: what to do when your email gets hacked at 3 AM, not 'enterprise-grade solutions' that cost a fortune. Real scenarios, practical steps. <br/><br/><a href="https://cyberberri.substack.com?utm_medium=podcast">cyberberri.substack.com</a>
Language
🇺🇲
Publishing Since
9/26/2025
Pitch yourself as a guest, propose sponsorships, or reach out directly to the host.
December 10, 2025
<p>This is the last post for 2025. Happy Holidays! </p><p>You forgot which version of your password you used. </p><p>Third attempt fails. Fifth attempt fails. Now you’re locked out for 30 minutes.</p><p>Annoying? Sure. </p><p>But here’s what else just happened: the system just prevented anyone who doesn’t know your password from guessing it. Including the person in another country whose computer has been trying passwords on your Gmail account since 3 AM.</p><p><strong>Here’s what’s happening (AC-7)</strong></p><p>Someone got your email address from a data breach—maybe LinkedIn 2021, maybe Dropbox 2012. Now their computer is trying to log into your Gmail, your bank, your Netflix, your Instagram. The program tries: Password123, YourName2024, your birthday + 123, password variations from other breaches where they know you had an account.</p><p>This is happening to thousands of email addresses at once. A computer can run through password lists extremely fast when nothing slows it down.</p><p>AC-7—unsuccessful logon attempts—stops this. </p><p>After 5 wrong attempts, your Gmail account locks for 30 minutes. What would take 10 minutes for the hacker now takes days. </p><p>Most attackers move on to accounts without lockouts.</p><p><strong>Why the lockout works</strong></p><p>A computer can try thousands of passwords per minute when there’s no limit. </p><p>But add a 30-minute lockout after 5 attempts, and suddenly trying 1,000 passwords takes 100 hours. </p><p>The attacker has unlimited time but limited patience. Your Gmail account stops being worth the effort when there are millions of other accounts to try.</p><p><strong>Next time you see this</strong></p><p>You get an email: “Your account has been locked due to multiple failed login attempts.” You weren’t trying to log in. </p><p>Change your password right now. Someone is actively trying to access your account.</p><p>You get a notification: “Failed login attempt from unknown device.” </p><p>Don’t dismiss it. Change your password.</p><p>You lock yourself out because you can’t remember your password variation. </p><p>Frustrating, yes. </p><p>But it’s stopping anyone who doesn’t know the exact password.</p><p><strong>The bottom line</strong></p><p>AC-7 works automatically. You don’t configure it. </p><p>But those emails and notifications aren’t spam—they’re warnings. When they show up, act on them.</p><p>The system is protecting you. Pay attention when it tells you someone’s trying to get in.</p><p>For more information: <a target="_blank" href="https://cyberberri.substack.com"><strong>cyberberri.substack.com</strong></a></p><p>This podcast is also available on <a target="_blank" href="https://podcasts.apple.com/us/podcast/cyberberri-cybersecurity-youll-actually-use/id1845878797">Apple</a><a target="_blank" href="https://open.spotify.com/show/00Kqqn7lOmq7gwRNzg6fZ8?si=72f8b36bbb6740a8">Spotify</a><a target="_blank" href="https://www.youtube.com/@theCyberberri">YouTube</a></p><p>For Cyberberri, check out: <a target="_blank" href="https://www.youtube.com/@theCyberberri">YouTube</a></p><p>Coming soon: <a target="_blank" href="http://instagram.com/thecyberberri">Instagram</a></p><p>Audio generated from this text using NotebookLM.</p> <br/><br/>This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit <a href="https://cyberberri.substack.com?utm_medium=podcast&utm_campaign=CTA_1">cyberberri.substack.com</a>
December 3, 2025
<p>We’ve wrapped up the Incident Response controls, and now we’re moving into Access Control—the part that focuses on preventing the wrong people from getting into your accounts and devices in the first place.</p><p>Most security controls ask you to choose: convenience or protection. </p><p>Longer passwords are more secure but harder to remember. Two-factor authentication adds friction. VPNs slow things down.</p><p>Device lock doesn’t work like that. </p><p>It costs you three seconds to unlock your device, dozens of times a day. </p><p>What you get: protection against someone gaining physical access to your unlocked screen.</p><p><strong>What Device Lock Is (AC-11)</strong></p><p>Your device locks after a set period of inactivity. You need a password, PIN, or biometric to unlock it. That’s it.</p><p>In NIST 800-53, this is AC-11—the first Access Control we’re covering in this series. Incident response (IR) was about what to do when things go wrong. </p><p>Access control (AC) is about preventing unauthorized access in the first place.</p><p><strong>The Actual Concern</strong></p><p>This isn’t about sophisticated attacks. </p><p>Device lock protects against opportunistic access—someone shoulder-surfing your screen at a coffee shop, a colleague glancing at your open laptop during a meeting, someone picking up your phone from a table.</p><p>This happens when someone has physical proximity to your device and you’re not actively guarding it. </p><p>The barrier doesn’t need to be sophisticated. It just needs to exist.</p><p><strong>What People Get Wrong</strong></p><p>The most common mistake isn’t refusing to use device lock—it’s using it inconsistently. </p><p>Phone locked at 2 minutes, laptop set to 30 minutes or never. Locked at work, disabled at home. </p><p>The inconsistency is the vulnerability.</p><p><strong>Set It Up Now</strong></p><p>Phone: Settings → Auto-Lock → 2-5 minutes </p><p>Laptop: System Settings → Lock Screen → 5-10 minutes</p><p>The exact number matters less than having it enabled everywhere.</p><p><strong>Why This Matters</strong></p><p>If you’re going to implement one control from this series, pick this one. </p><p>Not because the threat is catastrophic, but because the effort-to-protection ratio is unmatched. </p><p>Thirty seconds of setup, minimal friction, real protection against common access scenarios.</p><p>For more information: <a target="_blank" href="https://cyberberri.substack.com"><strong>cyberberri.substack.com</strong></a></p><p>This podcast is also available on <a target="_blank" href="https://podcasts.apple.com/us/podcast/cyberberri-cybersecurity-youll-actually-use/id1845878797">Apple</a><a target="_blank" href="https://open.spotify.com/show/00Kqqn7lOmq7gwRNzg6fZ8?si=72f8b36bbb6740a8">Spotify</a><a target="_blank" href="https://www.youtube.com/@theCyberberri">YouTube</a></p><p>For Cyberberri, check out: <a target="_blank" href="https://www.youtube.com/@theCyberberri">YouTube</a></p><p>Coming soon: <a target="_blank" href="http://instagram.com/thecyberberri">Instagram</a></p><p>Audio generated from the text using NotebookLM.</p> <br/><br/>This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit <a href="https://cyberberri.substack.com?utm_medium=podcast&utm_campaign=CTA_1">cyberberri.substack.com</a>
November 19, 2025
<p><strong>Incident Response: The Complete Picture</strong></p><p>We’ve covered all eight incident response controls. Here’s how they fit together and what each one does.</p><p><strong>The Controls</strong></p><p><strong>IR-4: Incident Handling</strong> - Your first steps when something goes wrong. Write down what to do for an email hack, lost phone, or suspicious charges so you’re not making it up at 2 AM.</p><p><strong>IR-5: Incident Monitoring</strong> - Turn on security alerts for your important accounts. You want to know when something weird happens, not find out weeks later.</p><p><strong>IR-8: Emergency Contact List</strong> - Everything in one document. Recovery info, who to call, what to do. When things go sideways, this is what you need.</p><p><strong>IR-6: Incident Reporting</strong> - Who to notify for different types of incidents. Some things you have to report. Better to know who ahead of time.</p><p><strong>IR-2: Training</strong> - Practice your response occasionally. It’s different when you’re actually stressed and something’s wrong.</p><p><strong>IR-3: Testing</strong> - Check that your setup works. Test your backup email, make sure device tracking is on. Find problems now instead of during an emergency.</p><p><strong>IR-7: Getting Help</strong> - Resources for when you need professional help. Fraud services, tech support, identity theft recovery programs. Look these up before you need them.</p><p><strong>IR-1: Your Overview</strong> - One page that points to everything else. Where your plans are, what you care about most, when you call for help.</p><p><strong>Catching Up</strong></p><p>Haven’t done all of these yet? Start here.</p><p><strong>First steps:</strong></p><p>* Turn on alerts for email and banking</p><p>* Enable Find My Device on your phone</p><p>* Write down the first three steps for email compromise</p><p>* Save actual customer service numbers for your critical accounts</p><p><strong>Then work on:</strong></p><p>* Creating your incident response document</p><p>* Building your “who to notify” list</p><p>* Looking up help resources</p><p>* Testing one piece of your setup</p><p><strong>After that:</strong></p><p>* Review everything every few months</p><p>* Test different parts of your system regularly</p><p>* Practice scenarios when you can</p><p>* Update contacts and info as things change</p><p><strong>Why It Matters</strong></p><p>This isn’t about buying expensive tools or becoming a security expert. You’re using features already available and writing down what to do with them.</p><p>When something goes wrong - and eventually something will - you’ll have a plan instead of having to figure it out while you’re panicking.</p><p><strong>What’s Next</strong></p><p>Coming up: Access Control. Who gets access to what in your digital life, and how to manage that.</p><p>If this series has been useful, share it. Everyone needs this stuff before they actually need it.</p><p>New here? Subscribe to get the next control family.</p><p>For more information: <a target="_blank" href="https://cyberberri.substack.com"><strong>cyberberri.substack.com</strong></a></p><p>This podcast is also available on <a target="_blank" href="https://podcasts.apple.com/us/podcast/cyberberri-cybersecurity-youll-actually-use/id1845878797">Apple</a><a target="_blank" href="https://open.spotify.com/show/00Kqqn7lOmq7gwRNzg6fZ8?si=72f8b36bbb6740a8">Spotify</a><a target="_blank" href="https://www.youtube.com/@theCyberberri">YouTube</a></p><p>Check out: <a target="_blank" href="https://www.youtube.com/@theCyberberri">YouTube</a></p><p>Coming soon: <a target="_blank" href="http://instagram.com/thecyberberri">Instagram</a></p><p>Audio generated from the text using NotebookLM.</p> <br/><br/>This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit <a href="https://cyberberri.substack.com?utm_medium=podcast&utm_campaign=CTA_1">cyberberri.substack.com</a>
Have a different question and can't find the answer you're looking for? Reach out to our support team by sending us an email and we'll get back to you as soon as we can.
Government security standards minus the boring parts. Each week, I take NIST 800-53 controls and translate them for real people and small businesses. Think: what to do when your email gets hacked at 3 AM, not 'enterprise-grade solutions' that cost a fortune.
Real scenarios, practical steps. <br/><br/><a href="https://cyberberri.substack.com?utm_medium=podcast">cyberberri.substack.com</a>
This podcast updates daily.
This podcast is available on 4 platforms including Apple Podcasts, Spotify, and more. You can also use the RSS feed directly.
No, this podcast does not typically feature guests.
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at hey@podengine.ai for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.