All content for Legitimate Cybersecurity Podcasts is the property of LegitimateCybersecurity and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Leonardo da Vinci Had Better Wi-Fi: The $100M Louvre Heist #cybersecurity
Legitimate Cybersecurity Podcasts
37 minutes
1 day ago
Leonardo da Vinci Had Better Wi-Fi: The $100M Louvre Heist #cybersecurity
What happens when the most secure museum on Earth has a Wi-Fi password that’s literally “louvre”?💎 $100 million in jewels disappear, and the world’s best art collection learns what Defense in Dumb really means.In this episode of Legitimate Cybersecurity, Frank Downs and Dr. Dustin Brewer unpack how the Louvre Museum was robbed in broad daylight — not just by thieves, but by bad passwords, unpatched servers, and leadership that never took cybersecurity seriously.👉 Topics include:The Windows Server 2003 still guarding priceless art“Defense in Dumb” vs. real defense in depthWhy pen tests without remediation are a waste of moneyHow boredom and bureaucracy kill security programsThe Rosetta Stone irony: stolen artifacts complaining about theftWhat NIST CSF, GRC, and governance diffusion all have to do with itWhy multi-factor authentication isn’t two French guards and a shrugAnd yes — Leonardo da Vinci had better wireless security.📩 Media & Interview Requests: admin@legitimatecybersecurity.com🎧 Audio listeners: Subscribe on any platform →https://legitimatecybersecurity.podbean.com/👇 Comment below: What’s the dumbest password or security setup you’ve seen in the wild?We might feature your story in a future episode.Chapters00:00 – Cold Open: “Imagine robbing the most secure museum on Earth…”01:00 – Defense in Dumb: Louvre’s password was literally “louvre”02:10 – British & French museums suddenly hate theft03:45 – The Cyber Audit That Nobody Fixed05:30 – Pen Testing vs. Actually Doing the Work07:00 – Roof access, open windows, and Netflix-level stupidity09:00 – Boring but critical: why remediation never happens11:00 – Framework fails: ISO, NIST, GDPR, and no one enforces them13:30 – Cyber careers, boredom, and the “borification” of information16:00 – “It really HUMPS your packets”: why GRC isn’t sexy but matters18:30 – Leadership without packets: Steve Jobs, Woz, and cyber blind spots20:00 – How the Louvre failed every NIST CSF function23:00 – MDR myths: detection ≠ protection25:00 – APTs, insurance loopholes, and cyber blame games29:00 – Governance diffusion: when everyone assumes someone else did it31:00 – Legacy tech, no funding, and free open-source fixes33:00 – PFSense, Security Onion & AI helping broke orgs35:00 – Final Takeaway: “Leonardo da Vinci had better Wi-Fi security.”#LegitimateCybersecurity #LouvreHeist #CyberFail#DataBreach #cybersecurity#Hackers#PenTesting#InfoSec#NISTCSF#GRC#MDR#APT#CyberRisk#MuseumHeist#DefenseInDumb#WindowsServer2003
