Inside the Media Minds podcast featured image

Black Hat Special: Inside the Media Mind The Register’s Brandon Vigliarolo

In this special Black Hat episode of Inside the Media Minds, we welcome The Register’s government and enterprise IT reporter, Brandon Vigliarolo. Brandon shares his experience as a first-time attendee of the conference, his perspective on the most talked about themes, and the inside scoops that fascinated him the most.

Brandon’s Black Hat planning started about 2-3 weeks out, with several pre-briefings and corresponding stories prepared in advance of the conference with those whose talks seemed most interesting. While he loves this pre-Black Hat strategy, Brandon admits that next year he won’t spread himself too thin with briefings on-site after seeing how packed his schedule quickly became.

AI, for once, not in the spotlight

To Brandon’s surprise, artificial intelligence (AI) was not the overarching theme amongst the briefings and sessions he attended. Instead, there was significant buzz around critical infrastructure and election security. This included discussions on how the industry and government can collaborate to prepare for the next big sector attack – wherever it may be – as well as mixed emotions in response to CISA’s Jen Easterly’s keynote on election security.

Perhaps one of the more unique perspectives Brandon heard on-site came from his discussion with James Pope, Corelight threat hunter and security operations center lead for the Black Hat Network Operations Center (NOC). Brandon was fascinated by James’ anecdotes and observations pointing to the trend that, even though infosecurity professionals are highly skilled and take their jobs seriously, they may be overestimating the security of their own systems.

To hear more from Brandon on his opinions on Black Hat versus DEF CON, what he’s looking to cover in the next few months and more, tune in below or read the full transcript here!

Timestamps:

1:18 – From IT Support to Writing for Media

2:54 – Coverage Areas at The Register

6:04 – Preparing for vs. Experiencing Black Hat 

10:58 – Key Conference Themes

13:45 – Takeaways from Jen Easterly’s Keynote

16:13 – Most Memorable On-Site Conversation

18:54 – Coverage Plans Post-Conference

22:25 – Brandon’s Approach to Networking Events

24:19 – Black Hat vs. DEF CON

25:54 – Favorite Story to Cover

27:16 – Interests Outside of Work

Want to go inside more media minds? Find all of our past episodes here!

Transcript

Christine Blake (CB): Welcome to Inside the Media Minds. This is your host, Christine Blake. This show features in-depth interviews with tech reporters who share everything from their biggest pet peeves to their favorite stories. From our studio at W2 Communications. Let’s go Inside the Media Minds.

Hey everyone. This is Christine Blake, the host of Inside the Media Minds, here with my co-host Madison. And on today’s episode, we have Brandon Vigliarolo from The Register. He is a reporter at The Register, covering government and enterprise IT. So welcome, Brandon. Good to have you on the show.

Brandon Vigliarolo (BV): Yeah, thanks for having me on. Pretty excited to be here. 

CB: Awesome. Well, today we actually have a special episode to talk about your experience at Black Hat and DEF CON last week, so we’ll definitely get into that. But before we start on that topic, we’d love to know a little bit more about you, a quick overview of your background and how you got started in this industry.

BV: Yeah, so when I was in college, so I have an English and Philosophy degree from Michigan State University. So right, not, not anything near IT, or, you know, public sector government IT. But I did work when I was in college. My job was as IT support at the Superconducting Cyclotron laboratory at Michigan State. So, I basically, I did IT support and help desk work at a particle accelerator, which was pretty cool. You know, I didn’t get to do a lot of I didn’t get to do any of the science, and I didn’t really understand what was going on around me, but I did get to help people, you know, deal with tech issues. So that’s how I got started. 

And then after I graduated college, I ended up taking a job at an MSP for a while before my wife, my fiancé at the time, and I moved to Louisville, Kentucky from Northern Michigan. And then when we got here, I was like, I don’t want to do IT anymore. I don’t want to take another job at a help desk. I don’t want to have to go start getting certifications to move up in this career. What I would like to do is write about it. And so I ended up finding my way to Tech Republic when it was owned by CBS interactive, did some freelancing for them, before ending up on staff for a while, and then The Register came calling, and I ended up writing for them. So it was kind of, you know, I like to say that I actually I’m using my degree (A) and my experience working outside my degree field. So really, I couldn’t say that I ended up in a much more perfect spot for what I wanted to do. And that was right about technology. So.

CB: I love that. That’s a great, a great story, how you got there. So tell us a bit about, like, what the topics are that you cover most frequently right now.

BV: Yeah. So, I mean, I still do a lot of general IT reporting at The Register, right, enterprise IT is one of my, one of my things, so I cover a lot of general news. So, you know, bit of cybersecurity when it’s needed. You know, typical industry news, you know, writing up reports. And I even get to occasionally do a little bit of fun science stuff when it when it comes my way. So I am kind of a generalist, but I also do, you know, my beat is, you know, government IT, government technology and public sector stuff. I’m a veteran, so I kind of have an interest in, you know, government computing and defense computing too. That stuff really fascinates me. So, yeah, I get to kind of write about that more than or I like to write about that stuff more. General IT news keeps me pretty busy.

CB: Yeah, I’m sure.

BV: And policy stuff, policy, legal, I also really enjoy writing about those things too. You know, tech policy, how the government’s changing the way IT is structured, how, you know, the government is examining new forms of technology and figuring out how they can either, you know, put policies in place to ensure these are used well, or, you know, or not at all, and also legal cases. It’s really a lot of fun to dig into court cases. I really enjoy writing about and studying, you know, legal cases and things involving the tech industry. It’s a endless, endless, you know, pool of stuff to learn about.

Madison Farabaugh (MF): Yeah, no wonder you’re kept busy, because that’s definitely, I feel like a lot of the topics that you cover require a lot of reading and research as well, just to make sure that you’re writing about them properly too. So I can understand that. 

BV: Yeah, and I enjoy it, right? It’s fun to it’s fun to read through a legal paper. When I first started writing for The Register, I didn’t do a lot of legal stuff when I was at Tech Republic, but now that I’m at The Reg I’ve been doing a lot of stuff. You know, we have a Pacer account, so learning how to use the government’s, you know, document system, and then just kind of familiarizing myself with a lot of the legalese that goes on in these cases. It’s been a really kind of cool thing to learn about. I guess, you know, maybe the law is sort of adjacent to philosophy in a lot of ways. So there’s kind of some some logic and crtical thinking stuff that goes along with that, both those kind of things,

MF: Yeah, and it’s also like a whole other language sometimes too when you’re learning about that.

BV: Oh, my god, yeah. Yeah, I’ve definitely had to, you know, keep another tab open while I’m reading court cases to be like, What in the word? What in the world does this bit of Latin mean? I’ve never seen this before. I have to go look this up and, you know, and it’s always, yeah, there’s, there’s a lot of I never learned to code, but I did learn to understand legal documents, I guess. 

MF: Yeah, both require a lot of skill. So. Well, that’s awesome. Thank you so much for both you know, the journey to The Register and then also what you cover right now. So now we’re getting to the meat of this episode, which is talking all things Black Hat. So, we did hear that it was your first time attending the conference. So just keeping that into consideration, we’d love to hear a little bit about the process that you took in planning ahead for attending this year. So were there specific, you know, meetings and briefings that you were looking to schedule, or sessions you wanted to attend. How did you go about prioritizing all of that? 

BV: Yeah, so basically, when I started planning, when I learned I was going to go, and it was the same way last year, when I wasn’t going to go, but I was still covering some of the news, you know, that was happening in and around the event, from from from a distance. But, when I in both years, I basically started with, you know, okay, I’m attending. Let’s go through the talk list. Let’s see what kind of things are being talked about, who’s talking about them. And then I just, if it was interesting, I just started sending off emails. Hey, I want to talk to you about this. Do you have time to meet with me before Black Hat? Because I don’t know what kind of time I’m going to have while I’m there. And that’s, you know, it’s, it’s a pretty busy week in Vegas. 

And so I tried to get basically as many talks as I could scheduled in the weeks leading up to it, so that I could get a briefing, get an idea what’s going on, and then write an article in advance that would, you know, go live when the talk ended. And so I wouldn’t necessarily have to be there, which, you know, for a lot of these I wish I could have, because then I could have, you know, I talked to some people two weeks ago or three weeks before the event, right? And then I have to write the story a week before, and then hope that nothing seriously changes between me writing it and the actual presentation. And occasionally it does, right? There was a couple of times where I had to be like, Oh, I got to change this now. But thank you for letting me know, you know. So, yeah, I was starting to get my briefings together in probably mid July, so you know, at least two to three weeks before the event was when I started trying to contact people.

MF: Yeah, that’s really good context to have. So do you think next year, if you were to attend again in the future, would you take a similar approach? Or was there, is there anything that you might, you know, do a little bit differently in planning ahead? Or did it work out pretty well for you. 

BV: It worked out well leading up to it, right? So these pre briefs and everything were great. I was able to get, I think, about six or seven of them done before I left for Vegas. So, you know, my goal was to try to do five to eight or so of them, you know. I wanted to have lots of pieces in the in the in the pipeline, to just go live while I was there, so I wouldn’t have to write as much as I did. But I didn’t hear back from a lot of people, you know, and I would have loved to have filled my schedule before I left even more. 

Next year, I think I one of the things I was thinking from the very beginning was I’m like, I over committed myself while I was at Black Hat. I, you know, no no shade to throw at PR people, I think you guys do a great job of reaching out and being like, Hey, there’s this talk, you know. I you know, hey, you’re going to do a pre brief with someone, but while you’re there, do you want to meet with XYZ? And that’s great, but I ended up just really over committing. I had meetings scheduled, like, you know, with a half an hour in between each one, you know, and not always kind of paying attention on my own self to where each meeting was going to be. So I might have been in the Black Hat PR room on the second floor, and then had to dart down to the other side of the convention center, you know, in 20 minutes to get to my next briefing. So I think next time, I’ll probably, I’ll take the same approach ahead of time, right? I’m going to try to do the same thing of getting all these pre briefs scheduled beforehand so that I don’t have to sit in a lot of talks to write stories, I can hopefully get all those taken care of before I go, and then probably try to leave my schedule a bit more open just to experience more of the stuff that’s going on. So I think that was probably to my detriment, but, but leading up to it, preparation will probably be the same.

MF: Yeah, no, that makes sense, though, and I think it’s, I think it’s also one of those experiences where you have to be there and experience it first, to understand where everything’s located. I know Christine has been to Black Hat, and just location of everything can sometimes be what you have to think about.

BV: Oh yeah. I mean, the Mandalay Bay Convention Center is huge. And, I mean, you know, a lot of times someone will start with like, oh yeah, we’re gonna, we’re gonna have you meet in the press room or whatever. And then, like, you know, then there’ll be a talk in one of the restaurants in, like, you know, the Casino Proper. And so that’s a bit of a haul to get from A to B. Yeah, it’s really spread out. I mean, the convention center itself is nice and big and has a lot of room, but on the flip side of that, it’s also huge.

MF: Yeah. So speaking of all of these, the different briefings that you scheduled and sessions you attended, just kind of a big picture view first, because I know we’re going to get into some specifics afterwards, but in terms of trends and themes that you were seeing, both at Black Hat or at DEF CON  also, because we were keeping track of your page while you were there, your coverage page, because you have a lot of loyal readers at our agency. 

BV: Oh, wow, that’s. 

MF: Yes. A lot of them also said Hi because they realized we were interviewing you. So a lot of them have wished you well and said, Hi. 

BV: Oh well, tell them. I said, thanks, or they can hear my thanks when they listen.

CB: They’ll hear it.

MF: But yeah, just looking that big picture view. Were there any trends or themes that stood out to you this year? Because obviously, you know, election security or CrowdStrike, critical infrastructure, like, a lot of these were themes that we were seeing. But was there anything that stood out to you as the big ticket item?

BV: You know, going into it, right? And this might be more from my like, you know, the fact that I cover cybersecurity when I’m lucky enough to do it, but it’s not my main beat. So I come at it from an i from an IT perspective, primarily, right? So I’m thinking about things from the IT side, and cybersecurity definitely plays in there. But I think maybe my approach to what I was looking at and what I was seeing may have been slightly different than someone who mainly does cybersecurity. I went in expecting a lot of stuff on AI, right? There were some talks on AI, there was some discussion of AI, but it was not the focus by any stretch, you know. And looking on that now I’m like, Okay, well, maybe info security people aren’t as concerned with that, because it’s still kind of an edge use case. People are starting to use it more, but, I mean, a lot of AI cybersecurity, some kind of seems to come down to, like, just don’t let your bots be exposed to the internet. You know, keep this stuff internal and secure it properly, whereas maybe it’s not the problem that people are looking at, it’s how it’s being applied or used. 

But, you know, one of the things that I did notice was a lot of people talking about how like threats and critical infrastructure that we might not be preparing properly for the next sector that could be hit. Right? I talked to some people who were saying, you know, yeah, we experienced a lot of problems with hospital critical critical infrastructure, but we weren’t prepared for it, because hospitals weren’t a target for a long time, and then they became a target, and we didn’t respond quickly enough to the shift. And so there was a lot of discussion of what critical infrastructure sections, sectors might be next, on this list of things to hit that are getting ignored, that aren’t being secured as well as they should be, and this sort of overarching theme of, we’re probably not very well prepared for those next things either. 

And so it seemed like a lot of it was was coming down to, and I, you know, I think you were going to mention we wanted to talk a bit about Jen Easterly’s keynote too. But like she mentioned in there, that collaboration between various agencies and data sharing, you know, is essential. And it seems like that is the thing that, to me, at least, was on a lot of people’s minds, was, how can we improve, you know, information sharing, threat sharing, intelligence sharing, all these things you know, between both government agencies, states, local governments, companies, right? What are we, what are we not doing that’s that’s allowing some of these, you know, threats with critical infrastructure to possibly slip through the cracks in a way that we don’t need to let happen if we take a lot more proactive efforts to stop it before it gets there? But again, that requires knowing kind of or predicting where these threats are going to come from, and I think that people probably just aren’t quite sure.

CB: Yeah, on that talk too, Brandon, I know we wanted to discuss. I know you were there. You covered the Jen Easterly talk on election security. Her main theme was that election tech has never been more secure. What was kind of the vibe in the room when she was talking about that? What were you some of your takeaways? What did you hear from some of the people you interviewed about that topic?

BV: Yeah, so you know, when I when I first heard her say election technology has never been more secure, I was like, well, never more, never been more secure than what, right? Like, that’s not there’s no baseline to compare this to, right? If we’re comparing it to 2016, well, I’m glad it’s a lot better than that. But that doesn’t like, that was such a an ambiguous statement, and it was so open ended that it kind of leaves me thinking, okay, well, it’s more secure, right? Great. What’s the threat then? And it seems like to her, at least from her, and I think I even wrote this in my story, basically, is the threat that she seemed to be hitting on was like, yeah, election infrastructure isn’t the threat. The threat is all the misinformation and disinformation surrounding election security. You know, like she pointed out that that, like, you know, election infrastructure, particularly voting infrastructure, is often isolated from the internet. It’s not really going to be threatened. You know, the act of voting and the process of tallying the votes and everything is secure. It’s been secure for a long time. You know, the threats come to things like elect your voter registration systems, you know, records, things like that, seem to be the bigger threat. But, you know, she seemed to be way more concerned with the misinformation. 

The the other people I spoke to, so I got a chance to talk to some people in the Voting Village at DEF CON, right? And I think a few other outlets have written about this, basically, that this is yet another year where the Voting Village has seen a bunch of different flaws in election equipment, you know, both hardware and software wise, and that they’re not going to probably be able to address these things, or that, you know, the agencies, the companies that make these are not going to be able to get these patches installed before election day in November, right? We’ve got less than 100 days. But again, right, Easterly doesn’t seem to think that that’s necessarily that big of a threat. The hardware that the voting village is working on and playing with is stuff that’s not going to be connected to the internet, or if it is, it’s going to be isolated. So, it seems to me like there was definitely a focus on misinformation and disinformation, too. The threat that, you know, basically, if you can, if you can, trick people into thinking that the election system is not secure, either they don’t vote or they discount the results, and it makes it easier to throw it into chaos. So, you know, voting itself not the problem, you know, sort of civic reactions to the voting process? Yeah, that could, that could be more of the issue.

CB: Interesting. Yeah, that’s a good perspective. Well, I know you mentioned you had some interviews with people on topics like that and others. What were some of, like, the most unique perspectives that you’ve heard from subject matter experts while you were talking to them?

BV: So actually, I think one of my, one of my favorite chats I had with somebody was about activity in the Black Hat Network Operations Center, the NOC, right? I wrote about that, you guys are nodding, so you’ve probably seen that story. I really enjoyed talking to James Pope, who was the lead for the security operations center inside the NOC. He’s a threat hunter at Corelight. And he, he was telling me, you know, basically I was my thought going into the to the talking about the NOC was like, I want to know what you guys are seeing, right? What kind of activities going on on the Black Hat Network? What does that suggest about the state of cybersecurity, about the threats we’re seeing, you know, and it seemed like, and it’s one of these things that I write about frequently, right? Is that, you know, we’re only as good as how well we enforce these policies and how well we follow these rules. But it seems like cybersecurity people are just as bad at doing it as everybody else. You know, they were basically saying that they saw a lot of systems where that were leaking plain text information, that were transmitting files without them being encrypted. And, you know, one pretty high profile VPN company that were running on a lot of systems that were that were exposing GPS location coordinates, right on the network. 

And so it was really interesting to just kind of get this perspective of, like, yeah, you know, we even as info security people, we’re still not, you know, taking this seriously enough. Which, I guess, you know, in a way, isn’t a surprise, right? Like, I think, I can’t remember if it was a year or two ago now, where there was a study that came out that found that millennials, younger people, who’ve grown up with computers, are more likely to fall prey to basic scams than older people because they think they have more skill than they actually do. And I’m not saying that InfoSec people aren’t skilled. What I’m saying is they’re probably overestimating the security of their own systems, right? They’re not. This isn’t gonna happen to me. I’m a professional in this field. And, so the result is that they, then, in turn, aren’t doing it. And so it’s kind of hard to to scold users and say, oh, it’s your fault, right, for not protecting the network when InfoSec people are doing the same exact things as everybody else. I was interesting to hear that perspective from him, and I really enjoyed our chat.  Yeah, that’s really interesting. And we did read that story that you wrote about that. So that’s, again, a good perspective from someone in the mix.

MF: So based on some of these, you know, interesting, whether it was briefings or sessions or stories that you’ve been covering, is there anything that you, I guess, learned that was new to you at Black Hat or DEF CON this year, where you might be interested in looking into it a little bit further in the future? Has anything you heard while on site kind of influenced maybe your coverage plans for the next couple of months? 

BV: Well, you know, like I said, I don’t, cybersecurity is not my main beat, right? So if I had all the time in the world to write about cybersecurity, I would probably spend a lot of time talking to people in critical infrastructure, trying to get a bead on what sectors they think are going to be a risk now. Because, I mean, again, I write, I think a lot about public sector and government stuff. So, you know, critical critical infrastructure is something that I’m often thinking about and often wondering, like, you know, what’s the next thing? Right? If it’s not water utilities or it’s not school districts, what’s what’s going to go wrong next? You know, who is going to be the next industry that gets hit by these big players? You know, hospitals have to pay out a lot of times ransoms because they got to keep their systems online, right? Like this is critical stuff. So you know who’s next? 

I talked to one person about automotive systems, how, you know, there’s a lot of vehicle infotainment systems basically rely on one or two different open source kernels and and both of them have vulnerabilities that just aren’t being addressed by the car companies. And a lot of that’s because there’s this sense of, you know, it’s in the it’s in the commons, right? It’s open source. So whose responsibility is it to secure it? Well, it’s not ours. We’re just using it. It’s not our product. And so I think, you know, public sector, but also critical infrastructure, but also something about, you know, like, I’m just really interested in, too, in this shared responsibility model that I found people talking about too, about how there’s a lot of open source software out there that people aren’t taking ownership of, and so that’s creating security problems too, because no one knows what to deal with it. No one knows who should be fixing it. And, you know, relying on a few burned out, you know, maintainers is not not a good model, despite the fact that this stuff exists in, you know, 90 plus percent of of critical applications out there. 

MF: I think that’ll definitely be an interesting story to follow, is that shared responsibility of different sectors in critical infrastructure as well of what that’ll look like eventually.

BV: Yeah, I hope they can. I hope some people come up with some good ideas soon, because it’s, it’s, it’s pretty critical stuff. And yeah. 

MF: And then there’s a bunch of regulations too that are coming out. And then between tracking all the different regulations and comparing them and seeing where you align with this one versus where you align with this one, is there any overlap? That’s a whole other conversation. 

BV: No, no totally. That’s another thing that I’m really interested in, too, is is the idea that, you know, and specifically around cybersecurity incident reporting. I’ve covered a bit of that because that’s, you know, seems like every single organization, the Department of Justice, you know, what’s, the Securities and Exchange Commission, a lot of these different organizations have all these reporting requirements that are different. And so I’m also kind of curious about whether or not we’ll ever get a federal reporting standard that will require any report a certain amount of certain list of things in a certain time frame, you know. But right now, it seems like every every organization has a different requirement, and so it’s a bit chaotic. And I feel bad for all these big enterprises that have to try to conform to these reporting rules when, you know, they may end up running a foul of something they didn’t even realize they were going to run a foul of. It’s a complicated environment right now.

MF: It is definitely and we’re keeping close tabs on it, so your page will also be one that we’ll be checking quite frequently on that. Well, awesome. I think our last Black Hat related question is kind of just an on site, general one of how you approach networking events at conferences like this, and whether you attend a few, or what that looks like from your perspective.

BV: Yeah. So networking events at this event, at least, I spent, you know, all day on the show floor or in talks, and then, so by the end of the day, I had to basically head back to my hotel room and start writing. And, you know, and I was writing usually about till seven, eight o’clock Vegas time, after having been at DEF CON and Black Hat since, you know, 8am. So unfortunately, no, I didn’t really get much time to network at all, aside from the people I spoke to on the floor, right? 

You know, if this is, I mean, this the audience, the primary audience of this is PR folks, correct? So, yeah. So if I was going to speak to them about that, I would say, you know, more networking sessions during the day would be great. You know, stuff that’s happening maybe at the Con, maybe little breakouts, short, kind of chances to meet a few people and chat would be nice. You know, maybe some networking lunches, things like that. After hours, at least for me, from my perspective, you know, I don’t go to a lot of conferences because, again, I’m located in Kentucky, kind of the middle of nowhere compared to where all the big tech cons happen. So when I do get a chance to cover them, I’m usually pretty busy when I’m there and writing after hours. So more more daytime networking activities. If that’s, if that’s the sort of thing that would be possible.

CB: That’s a great perspective. I’m glad you shared that. I will definitely pass on. A lot of people don’t think about. You know, they have the happy hours, the dinners, and it’s like someone like you, you wrote so much during the actual conference itself. So it’s like, you have to get your work done at the end of the day. 

BV: Yeah, like, I had several people say, like, are you gonna be able to make this? Or you can be able to make that? And it’s like, no, I’m not. I guess there’s no way. There was a couple things that I put on my calendar, just like, you know, if I, if I have the time, I’d like to go, but I didn’t have the, you know, didn’t have the opportunity at all.

CB: Yeah. Before we wrap up, we just have a couple listener questions we’ll ask you. First one actually, is about Black Hat versus DEF CON. Sort of what the differences are, what you found valuable at each one versus the other. Love to hear your opinion on that.

BV: Well, I mean, I think anyone who’s attended or followed either convention probably knows pretty well that Black Hat is far more, you know, far more corporate versus versus DEF CON, which is very much like a community focused, kind of free for all. Honestly, it’s a very different environment between in both cons and I like both for very different reasons, right? You know, you’re able to get a vendor perspective at Black Hat. I think that you don’t necessarily get at DEF CON, but, but, yeah, I just. Both, I like both for different reasons, right? They were, they were both very different environments. I think, I think Black Hat just based on the very fact that it’s a bit more structured and a bit more corporate, it makes it easier to to go to do things right. Like DEF CON, I think was a bit more chaotic. It was crowded. People were going everywhere, this way and that way, and there was just a lot more happening. Whereas, you know, Black Hat is just much more kind of, it’s buttoned down and a little more organized. 

So, so, yeah, different, different environments, different different purposes. I think it’s, I felt like I was, you know, in an InfoSec gathering in one and I was in a hacker gathering at the other. And, you know, there’s a lot of overlap between what those both of those people do, but they’re very different environments and very different kinds of people. So I think, you know, going to both gives you a chance to encounter different sorts of folks. And I think it’s, it’s very valuable to do, to do both. Exhausting, but valuable.

CB: Yeah, no, it definitely seems that way. So no, that’s good insight to share too. What is your most memorable or favorite story that you’ve covered or written about?

BV: That’s such a hard question. I you know, that’s one of those things that it’s like, I don’t know if I could pick a particular story, especially since, like, you know, I follow general IT news a lot. So I think a lot of the stories I end up writing, I’ll write one thing and then something else will come out about that a few weeks later. So I feel like it’s almost more like themes that I’ve written about. You know, I really enjoy writing about some good tech disasters, you know, just the things that companies do that is just like, oh my god, what were you thinking? You know, I really enjoy writing that kind of stuff. It’s a lot of fun. It’s just kind of, you know, a little more loose than a hard news story. I really enjoyed covering the Elon Musk Twitter saga. I covered that extensively for The Register when it was going on. That was a lot of fun. 

And again, like I mentioned too, lawsuits, legal stuff, I really enjoy reading those kinds of things and learning about how tech law works and how policy, you know, supports or doesn’t support it. But I don’t know if I can actually pick a favorite story. I think it, I write three to, you know, two to three pieces a day, five days a week. I just, I don’t know. Sometimes I think back in someone has like, hey, you know that story you wrote a couple weeks ago? And I’m like, I don’t. It, it goes in and it goes out, you know, a lot of times, so.

CB: You produce a lot of content, for sure. So that’s that makes sense. I like the theme approach too. 

BV: Yeah. 

CB: And then lastly, unrelated, what do you like to do outside of work?

BV: Outside of work? So my wife and I are both big gardeners. We have a, we live in a in a small house in the city, a bit of a yard that we’ve basically filled with raised beds for gardening, with a lot of vegetables, lot of lot of flowers too. I really enjoy, you know, yeah, really enjoy gardening. We’re going to move in next year and and we’re going to try to set up a small scale farm too. So we’re going to do some animals and things like that. So I really enjoy, you know, kind of self sustaining and self, you know, agriculture and things like that, sustenance kind of stuff. Big outdoors person. I love going on hikes like camping, hiking, backpacking. And I’m also a huge video gamer. I’ve been doing that for, gosh, 30 plus years, probably now. You know, my first, my first gaming system was the Nintendo Entertainment System, and I bought a Steam Deck recently, you know? So I’ve gone from one end to the other, and I just, that’s, that’s probably my number one hobby, right? Like, if I, if someone’s like, here’s your choices. You got an afternoon free. What are you going to do? It’s like, well, I’m probably going to hide in a corner and play video games. 

CB: I love it, with a little bit of gardening mixed in that’s a healthy balance.

BV: Yeah, yeah. I go outside. It keeps you grounded, you know, touch grass, that kind of thing, right? 

CB: Literally, yeah, I love it. Well. Thank you so much, Brandon. We could talk to you all day, but we’ll definitely wrap it up now. But thank you so much for coming on and talking to us. Great to hear your insight on Black Hat from your perspective. So we definitely appreciate that.

BV: Yeah, thanks for having me on. This was a good time. I’ll be glad to come back someday. 

CB: Excellent, well, we’ll keep you to that. 

BV: Cool.

CB: Thank you everyone for listening this episode of Inside the Media Minds. 

Thank you for joining us on today’s episode of Inside the Media Minds. To learn more about our podcast and hear all of our episodes, please visit us at W2Comm.com/podcast and follow us on Twitter @MediaMindsShow, and you can subscribe anywhere podcasts are found.