Ever wonder why cybercrime feels like it has better customer service than your cable provider? You're not alone!

In this episode of Cyber After Hours—The Rise of Cybercrime as a Service and How to Combat It—Paul and Evan are joined by their guest, Rob Davis, SVP and Head of Digital Identity Services at Citizens, share an eye-opening (and occasionally jaw-dropping) look at how cybercriminals have turned hacking into a neatly packaged, subscription-based business model.

Yes, cybercrime even has its own version of Amazon Prime—minus the taxes.

Starting off with casual chat about hobbies like 3D printing, the conversation quickly shifts into serious territory, unpacking the disturbing economics behind cybercrime and why simply throwing money at the problem won’t solve it.

Evan, Paul, and Rob explain how criminal syndicates operate like legitimate companies—complete with customer service departments, SLAs, and marketing strategies.

But don't despair just yet.

They also dive into practical strategies businesses can use to disrupt these criminal networks, emphasizing proactive defense, innovative tools like AI-driven bots, and the importance of incident response over the illusion of perfect security.

This episode highlights why cybersecurity resilience isn't just about defense—it's about understanding how attackers think and staying one step ahead.

It’s a call to action for collective international efforts to dismantle cybercrime infrastructures and reduce their profitability.

Tune in, grab your favorite beverage, and get ready to rethink cybersecurity—because protecting your business from cyber threats shouldn't be harder than canceling a gym membership.

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever wonder if those dusty legacy systems you’ve been ignoring are one breach away from disaster?

In Episode 29 of Cyber After Hours—titled “How to Secure Legacy Systems in a Modern World?”—co-hosts Evan Morgan and Paul Marco dig into the tough questions around outdated tech.

They talk about everything from finding the right work-life balance (and when it’s time to ask for help) to why “if you’re not learning or earning, it might be time to quit.”

Along the way, they highlight how hiring the right people can supercharge a team and how shifting to modern platforms—like SaaS—can help you ditch the security risks of old systems.

They also take a deeper look at the cultural hurdles that keep organizations from truly moving forward, reminding us that staying stuck on aging infrastructure can be just as costly as making the leap to new solutions.

With Windows 10 hitting end of support soon, risk management is no longer an option; it’s a necessity.

Throughout the episode, you’ll hear practical advice on communicating real-world risks to business leaders, plus candid insights on how to continuously manage—and mitigate—those risks.

Tune in, join the conversation, and learn why legacy systems may not be worth the gamble in today’s fast-paced cybersecurity landscape.

After all, if you’re not evolving, you might just be standing in the path of the next big threat.

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever felt like the pandemic was one massive, global disaster recovery test?

You're not alone.

In this episode of Cyber After Hours—Securing Remote Workforces: Lessons from the Pandemic—Paul and Evan are joined by their guest, John Vigeant, Chief Executive Officer (CEO) of Login VSI, to dive into how the world of cybersecurity (and office life itself!) changed almost overnight.

Starting with candid chats about the emotional roller coaster of pandemic-era decision-making, they quickly explore how remote work permanently shifted the way we think about hiring, collaboration, and trust.

From rapid-fire adoption of video conferencing and cloud tech, to navigating tricky trust issues and management pitfalls (spoiler: micromanaging didn't win anyone manager of the year), the duo reflects on why focusing on employee output—not just presence—became more important than ever.

They also discuss how organizations struggled with cybersecurity investments, bouncing between overkill and bare-minimum approaches.

And speaking of struggles, the episode highlights how essential flexibility, strategic team gatherings, and prioritizing employee well-being are for long-term loyalty and success.

Whether you’re leading teams, navigating remote life, or securing your digital workspace, join Paul and Evan as they unpack valuable pandemic lessons with humor, honesty, and a dash of cyber wisdom.

Pour a drink, settle in, and tune in to Cyber After Hours—where we turn tough lessons into valuable insights (and occasionally laugh at our own missteps).

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever wonder if Zero Trust is the next big buzzword or if it actually holds the key to modern cybersecurity?

In Episode 27 of Cyber After Hours—titled “Zero Trust: Buzzword or Best Practice?”—co-hosts Evan Morgan and Paul Marco kick things off with a friendly Star Wars vs. Star Trek debate before diving into the serious question of what it really takes to implement Zero Trust.

From the importance of saying “no” to avoid burnout, to the need for continuous authentication and behavioral analysis, they explore why this framework (not a product!) might be your best bet for securing sensitive data.

They also dig into the nuts and bolts of Role-Based Access Control (RBAC), revealing how even the best intentions can go off track without clearly defined roles.

The conversation covers everything from complex government environments to the everyday challenges of managing who should—and shouldn’t—be a domain admin.

Ultimately, they challenge listeners to think critically about whether Zero Trust is just another buzzword or a genuine best practice that can reshape our approach to security.

Tune in, join the conversation, and decide for yourself if Zero Trust is the future of cybersecurity or just the latest industry catchphrase.

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever wonder if universities are really prepping cybersecurity students for the real world—or just handing out degrees that look nice framed on a wall?

In this lively episode of Cyber After Hours—Developing Cybersecurity Talent: Is Academia Keeping Up?—Evan and Paul (who, humorously, admits he has a chronic name-forgetting phobia) dive headfirst into the debate about formal education versus hands-on experience.

From joking about daylight savings throwing off their cybersecurity routines, to Brett's adventure of learning Python "just because," the conversation quickly turns to serious questions:

Are certifications enough to bridge the gap between theory and practice?

Can lifelong learning replace a degree?

And how is AI changing the game for students and professionals alike?

Paul and Evan explore the necessity for academia and industry collaboration, stressing why practical, hands-on skills often speak louder than diplomas.

They also touch on ethical considerations—like how far is too far when padding your resume—and why mentorship and networking might be your greatest career accelerators.

Whether you're a seasoned pro, fresh graduate, or just cybersecurity-curious, grab your favorite beverage and tune in.

You'll laugh, learn, and maybe even reconsider your stance on degrees vs. experience.

Join us for another insightful (and delightfully human) cybersecurity chat at Cyber After Hours—because staying relevant in cyber means never stopping the conversation.

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever wonder if you’re throwing money at cybersecurity or genuinely investing in it? In Episode 25 of Cyber After Hours—titled “Cybersecurity Budgeting: Where to Spend, Where to Save”—co-hosts Paul Marco and Evan Morgan dive into the nuts and bolts of smart spending.

Fresh off their experiences at recent conferences, including some focused on K-12 education, they share what it really takes to build meaningful connections, why shifting conference landscapes like RSA matter, and how an authentic mission in cybersecurity can drive bigger impact than any shiny new tool.

From the excitement in Paul’s voice to Evan’s quest to match his energy, this lively conversation touches on the power of root cause analysis, the value of operationalizing what you already have, and why you should think twice before piling on more tech.

They also highlight why it’s critical to define your use cases first—because buying every buzzy product out there won’t help if you don’t have the right processes in place.

Whether you’re looking to optimize your existing toolset, stretch your budget further, or spark innovation by bringing diverse voices to the table, this episode is packed with entertaining anecdotes and practical insights.

Just remember, it’s all for conversation, not official consultation.

Tune in, join the discussion, and find out how to balance what you’re spending with what you’re truly getting.

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever feel like the faster you develop, the harder it gets to stay secure?

You're not alone—and you're certainly not imagining things!

In this episode of Cyber After Hours—Security in the DevOps Era: Balancing Speed and Safety—Paul and Evan are joined by Josh Dixon for a lively discussion that starts with relatable confessions about battling imposter syndrome (yes, even cybersecurity pros feel it!), and moves swiftly into the heart of DevSecOps.

From sharing laughs about remote work challenges during the pandemic, to diving deep into why blending security with rapid development can feel like walking a tightrope, the trio explores why effective communication, celebrating small victories, and strong leadership support are crucial in keeping teams motivated and secure.

Josh offers practical insights on overcoming friction in application development, discusses how Infrastructure as Code (IaC) is shaking things up, and explains why smaller teams might just have the advantage when implementing strict security measures.

Together, they unpack the “shift-left” trend, emphasizing how culture, context, and the right tools can bridge the gap between developers and security teams.

Because, let's face it: security shouldn't slow innovation—it should enable it.

Whether you're knee-deep in DevOps or just curious about building safer, faster development pipelines, join us for this honest (and sometimes hilarious) exploration into balancing speed with security.

Tune in, grab your favorite drink, and enjoy the ride—because cybersecurity conversations should be human, engaging, and just a bit fun.

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/

Ever wonder if hype cycles fuel genuine innovation or just add to the noise?

In this lively Episode 23 of Cyber After Hours—titled “Do Hype Cycles Help or Hurt?”—Evan and Paul kick things off with some personal updates and practical productivity pointers (including a radical approach to inbox management) before tackling one of tech’s most debated topics: are hype cycles driving us forward or holding us back?

Throughout the conversation, they chat about the evolution of network security, share personal tales about missteps in tech, and shed light on why acronyms in the industry can sometimes feel like code words for confusion.

From the promise of next-gen firewalls to the realities of cloud adoption costs and Zero Trust implementations, this episode challenges the gap between marketing buzz and actual results.

Evan and Paul don’t just highlight what’s overhyped; they also explore the critical thinking needed to extract genuine value from emerging trends.

By the end, you’ll walk away with fresh ideas on how to manage email overload, a clearer perspective on what’s real versus what’s hype in cybersecurity, and a reminder that true innovation should solve actual problems—not just invent new acronyms.

Tune in, join the conversation, and decide for yourself whether hype cycles are the spark that ignites progress or simply another tech distraction!

Connect with us on LinkedIn:

Evan: https://www.linkedin.com/in/evanmorgan/

Paul: https://www.linkedin.com/in/pm01/