Optery for Business GM Paul Mander recently joined cybersecurity expert and host David Raviv on the Unscripted Podcast to reveal how personal data is collected, sold, and weaponized, and how Optery helps individuals and companies fight back. From cookies to data brokers to playing offense against social engineering, this episode covers it all.
Paul sat down with David for a wide-ranging discussion on:
- The evolution of cookies: personalization vs. privacy, and when anonymized data stopped being anonymous
- GDPR and the shift in privacy awareness — why the EU acted and the US lagged behind
- CCPA, apathy, and the “I have nothing to hide” myth
- Data brokers explained: what kind of data is out there, and how it’s misused
- The real-world harms of exposed personal data
- Why it’s nearly impossible to scrub your own data
- How automation and AI fight back against brokers
- Why employee data is the easiest entry point into an organization
- Playing offense against phishing and social engineering
- Optery’s enterprise approach and proof-based removals
- The future of privacy and empowering consumers
…and more.
The message is clear: reactive measures alone aren’t enough. Companies that want to reduce social engineering and other PII-driven attacks need to address the root cause: employee data exposure.
Privacy today has become much more than just a nice-to-have. It’s foundational for security, safety, trust, and resilience in a world where data has become currency and the path of least resistance for attackers. This episode makes the case for playing offense.
On reducing social engineering attacks:
“Companies have all this infrastructure to block phishing attempts and they’ve got training and so forth. But really, this is where we’re talking to companies: let’s play offense. You can actually do something to not just be reactive and say, ‘Okay, with training I’m going to spot this phishing email.’ You can do something to reduce it. And we’ve got verified data with our customers showing we can reduce the number of incoming social engineering attempts—and that is by removing this data from data broker websites for your employees.” -Paul Mander
On exposed data creating tangible attack paths:
“The notion of the attack surface is not just my endpoints and my infrastructure from the traditional technical sense. This data that’s sitting there on these data broker websites… each of those is a vector for a social engineering attack.” -Paul Mander
On the speed of personal data aggregation:
“If you move your physical location and move to a new apartment or house it’s remarkable how quickly that address gets aggregated. It happened to me within two weeks of changing address. My new address was already available online and I’m just thinking like who else did I give this address to?” -David Raviv
On moving past apathy to action:
“Everybody has something to lose. I mean, the notion that we have nothing to hide, or the apathy around, ‘Well, my data is already out there, there’s nothing I can do about it.’ Well, there is something you can do about it.” -David Raviv