Good News York by Growth Mode Content - GNY at Winter Fair 2026 | Feat. Mike Lisi
Episode Date: February 3, 2026Syracuse Winter Fair and Cybersecurity Insights with Mike Lecy In this episode of Good News, New York, hosts Matt Major and Mike Ndii are live at the Syracuse Winter Fair. They are joined by Mike Lecy..., host of the Hack Dissection podcast, to discuss his journey in cybersecurity, the growth of his podcast, the importance of understanding cybersecurity risks, and exciting developments like his new office space at Inspire Innovation Hub. The conversation highlights cybersecurity trends, the impact of AI in cyber-attacks, and best practices for individuals and organizations to stay protected. Mike also shares tips on identifying common scams and emphasizes the importance of legitimate business operations in the tech industry. 00:00 Welcome to the Syracuse Winter Fair 00:16 Delicious Food and Fun Conversations 01:00 Meet Mike Lecy: Cybersecurity Expert 01:09 The Evolution of Content Creation 01:57 Hack Dissection Podcast: A Deep Dive 05:01 Understanding Pen Testing 10:52 AI in Cybersecurity 12:01 Common Cyber Threats and Scams 15:54 Mike Lecy's New Office Space 18:39 Final Thoughts and Farewell
Transcript
Discussion (0)
This is a message from sponsor Intuit TurboTax.
You've sent so many emails to your tax pro, and nothing.
It feels like you're chasing updates.
But now your taxes are done for you by a TurboTax expert, so you actually know what's happening.
You can match with an expert and just hand off all your tax stuff to them right in the app.
So instead of guessing, you can feel confident your TurboTax experts on it.
Now this is Taxes.
Intuit TurboTax. Visit turbotax.com to learn more.
Only available with TurboTax experts.
Real-time updates only in iOS.
mobile app. You're listening to a podcast right now, driving, working out, walking the dog.
If you're into podcasts, chances are you have something to say too. With RSS.com, starting your own
podcast is free and easy. Upload an episode and we distribute it to Apple Podcasts, Spotify, Amazon
music, and more. Track your listeners, see where they're from, and start earning from ads just like
this. If you've been thinking about starting a podcast, this is your sign. Start your new podcast for
free today at rss.com.
Welcome back to good news, York.
We are live and in person at the Syracuse Winter Fair.
Mike's fixing his teeth.
I just ate.
Delicious.
Yeah, what did you had?
I remember I had it last year.
Oh God, I'm going to screw it out.
Is it G. Wu's?
Korean, I had a Korean ramen bowl.
Nice.
Unbelievable.
Nice.
That's what I had last year when I was here.
So good.
So good.
I've had the.
So far, three quarters of a beef on wick.
Why only three quarters?
Because we had to interview, Mike.
Fair.
I think that's my spot right after we're done.
To be fair, I was trying real hard not to eat it in one, you know.
Mike, you're more important to us than beef on whack.
I hope that means a lot.
I like knowing where I rank.
Yeah, yeah.
Well, you rank way above beef on.
For those following along, I'm Matt Major.
That's Mike Rendisi.
And this is one of our returning champions, Mike Lisi.
who was also one of our first guests last year, correct?
It's been a year.
It's very different now being behind the mic now versus a year ago,
where I was just like losing my mind in my head.
You know what?
Mark O'Donnell, who was here earlier,
we were talking about the same thing,
and Mike was commenting on,
just the progression now of all of our creators, really.
Now that they've got that under your belt,
even, you know, folks like yourself,
who really just took to it like nothing from the beginning,
but still, you just get to it.
that progression, you figure things out and it becomes easier and less stressful, I think is the
biggest thing, right? You don't overthink it as much. Exactly. You just kind of go with it and
just let it go. Like, just see what happens. So, what's the worst is going to happen, right? You're
going to get yourself for a few minutes and everybody's going to forget it when they scroll the next video.
Exactly. 100%. That's the right mindset, man. I appreciate that you got that. For those who don't know,
Mike is the host of the Hack Dysection podcast that we make here at ClickStream Studios.
one of our most, I want to say kind of our breakout success.
And I think a lot of it just lends itself because, you know,
the cybersecurity topics that you talk about,
the pen testing, things like that,
are really just home base for the Internet.
So I think the second we put that out there,
people have jumped on it.
But people from all over, people in your networks all over the world have seen your content, right?
Yeah, yeah.
It was really weird the first time that I had somebody just,
send me a message on X or on Discord or whatever and be like, hey, you're showing up on my feet just out of nowhere.
Like, what the heck's going on?
And that was a weird feeling because I had never really done a lot of content recording, anything like that.
And yeah, now it's been great to reach out to more folks and they love sharing those stories.
Well, it's one of those things also that I think speaks to the fact that not only you but your guests, your team members that you bring on, you guys really know your stuff.
Yeah.
And this isn't this isn't one of those, you know, flukes.
shows. You guys really get into the weeds of your profession and the profession seems to really
respect it. You actually got ranked in a industry publication, right? Yeah, we got ranked in the top
cybersecurity podcast. So we were number five out of the top ten, which is great. That's awesome.
And a really close friend of mine had the number one and number three spots. So I'm bringing them on
one of the upcoming episodes maybe to help us. A hundred percent.
Edge up a little bit more. That's great. Mike, for those who don't,
know, can you just talk a little bit about your business and the topics that are also in the podcast?
Yeah, we specialize in cybersecurity. So our whole mission is to help organizations
identify their risks, physical, digital, whatever it may be, and just try and help them
become a little bit more secure because it affects everybody. No matter what you're doing
these days, the cybersecurity realm is impacting you professionally.
personally, just across the board.
So there's a lot of opportunity to help people, and that's what we like.
There is, and it's so interesting.
And that's one of the things I think is why your podcast is so interesting is because
you and your guys get on there and tell us some of the real life in the trenches
stories of vulnerabilities that you've discovered that companies were kind of living
with and, you know, all kinds of things like that.
What's interesting to me as always, you know, for those who don't know, I've got a background
in IT.
We kind of act as that general practitioner, right?
When you think about it like in the medical model, we're the first people.
You see, we know the guidelines.
We know how to keep people safe from basic things and make sure you're doing basic things.
But it gets so much more in depth.
And I always look at it like you guys are the heart surgeons, you know.
It's time to refer somebody who specializes in this.
That's what Mike and his team do.
Talk a little bit about that penetration testing piece,
because I think that's something that people don't necessarily understand in cybersecurity.
And also, I think it's kind of one of the most interesting parts.
Yeah, and think of it like this.
Like, when you're looking to secure something, say your house,
one of the things that you might do is just figure out,
hey, what's the best practices that I should take into consideration?
So maybe it's like a door locks or door alarms or whatever.
And that's where most organizations start.
They implement these things and they say, hey, like, we're doing good.
But then the next step is, how do we know?
Those alarms never go off.
Those locks are never tested.
Are they actually working for you?
So one of the things that we do is once those organizations have those foundational elements in place,
we'll come in and basically say like, hey, we're going to try and break in.
We're going to see what trips, what works, what doesn't work.
And if we notice anything, we're going to identify that, help point that out,
and give you some ideas on what you can do to recommend improving that.
and closing off those gaps.
That's incredible.
So we get to be the bad guys without going to jail.
Yeah.
To me, that's the most fun part.
Oh, that's great.
Especially when you talk about,
so we did an episode or two of your show
where we talked about physical pen testing, right?
Because a lot of them we talk about cybersecurity.
We're thinking programs and the internet things of that nature.
But you get into testing the security system of the building even, right?
Sure, yeah, because it all kind of overlaps in different ways.
So the physical space is just as important as the digital.
space. If you are expecting people to stay out or to have processes or procedures or whatever
to make sure that only the people that should be there are there, that's another area where you
could get some evaluation done and it overlaps with our realm because you have those things like
physical locks, digital locks, you know, just the spaces themselves, cameras, readers, all that
stuff. And we can actually help, you know, evaluate.
with those things and come up with some ideas that you might not have thought of.
Yeah.
That's so much fun.
I always think back in this might be dating myself with the old original McGiver show.
Hell yeah.
There was more than one episode where that was kind of McGiver's task was test this very high-tech system.
You got a paperclip and a pen get out of here.
I always thought that was the coolest part.
You guys get to do that stuff for a living.
I will say, you know, Danny Tripote, one of the members of our team, who was running the board right.
Now, we produce the podcast at ClickStream Studios, including yours.
And I am genuine when I say, I have to catch myself sometimes.
Because I'm supposed to be switching cameras where I am so into what you guys.
And I have no idea what you're telling.
It sounds like a foreign language sometimes.
But it's so interesting that I'm like, oh, right, I've got to work.
I think that's what I love about what you do and about the podcast
is that it's such a niche thing and such a thing that is interesting to people that aren't in that world.
that I think that's why you're getting picked up
by these third-party websites that are ranking them
and other people that live in that world
because it's such a unique niche.
And I'm just so impressed by it.
And I think that's why we've had so many interesting clips
because you want to hear about this stuff.
It's really, really interesting.
Well, think about it like true crime stuff.
Exactly.
Exactly.
Because you're getting kind of this look into a realm
that you're probably not going to really encounter.
or you don't want an encounter.
Yeah.
And then you're getting to get some of those stories from somebody that's doing that.
So, again, we're emulating the criminals.
We're getting to learn how they act and replicate some of those things.
And there's some curiosity behind that, regardless of what you're doing.
And I think that's really what's led to that success.
We always talk about heroes, you know, military vets or people in the military, police officers,
firemen, paramedics.
Honestly, if you really think about it, you guys are kind of unsung heroes,
You're protecting us on the internet.
The internet is, I mean, it's the world now.
So, I mean, you guys are really doing things that are so important to society, and I appreciate it.
I mean, it's a huge field.
I'm lucky to be part of it and just happy that it's not going anywhere.
It's certainly not.
Mike, along those lines, you know, what's very interesting is, as we both know,
cybersecurity starts at like the lowest level, right?
The everyday person, the everyday user at a company or even people at home.
home, what are a couple of the most misunderstood or the best bits of advice that you could offer,
just an everyday person, whether they're thinking about what they're doing at work or at home?
Well, it's always important for anybody in the organization to just understand some of those foundational elements,
you know, just knowing what the expectations are in the organization.
But really, my philosophy on that is that they should be aware of it, but they shouldn't be responsible for that necessarily.
There's other people in the organization that are really in charge of enforcing that security and making sure that it's working.
So, like, putting all that pressure onto, like, HR or the finance people is really unfair because they're trying to get through their day.
They're trying to just get their jobs done.
And if they misclick on something, like, that should be allowed.
And then the safeguard should be in place to take action when that happens.
Because you can't expect everybody to be 100% diligent.
all the time. So that's what we try and help with. It's just like, hey, you know, don't yell
at the HR person that doesn't understand cell phones or anything like that because they're going
to mess up. Yeah. It's just human nature. I mess up. Everybody does. So the action is, okay,
let's assume that they're going to mess up. What's the fallout that's going to come from that?
And what can you do to prevent that or at least mitigate it as much as possible? Like,
and how can we help? Has AI added another layer of danger,
now in your field? Is it something that you guys were always prepared for? You knew it was kind of coming.
I mean, it's been around longer than people think. Or is it now you guys are trying to train
and keep up with a, you know, because now all these new scams are happening using AI?
It's both, right? So on the attacker's side, on the actual criminal side, what we're seeing
is fully or almost fully AI-driven ransomware campaigns and compromises and just things that are
running autonomously with very minimal human interaction. So that's problematic because now you have
less resources that are needed from a threat actor's perspective to compromise an organization.
Now at the same time, we're using it on our benefit too, right? So I just had an engagement
this past week where I was able to identify and compromise a web application in less than an hour,
fully take it over with the assistance of AI. So as much as it's helping the criminals, it's
helping us too. And it's just going to be that constant game of
Well said. Who's taking better advantage of it?
Well said.
Mike, what are you seeing most commonly?
You know, people, for years, you worry about, I'm going to get hacked and people are going to break in and things like that.
What is the intention of these folks when they come after these American companies in reality these days?
It really depends on the organization themselves.
So in some cases, they're just going after essentially the systems on the network themselves, just locking them up.
completely and basically holding them hostage and saying like, hey, we locked all this down.
If you want it back, you got to pay us.
And there's two options that you can take from that point.
You can pay them and hopefully they're legitimate and they're going to unlock all your stuff.
Or you have plans and procedures in place that are like, hey, we've prepared for this.
Like screw off.
We're just going to restore all of our things.
We're back up and running.
And then we'll look into this and see how we can take further steps to prevent that in the future.
But for like the general public, you're looking at typical invoice scams, right?
They want your money in some form, whether that's gift cards, whether that's like crypto of some sort,
just whatever the case may be.
They'll take the money however they can get it.
So you'll see a lot of fake invoices, a lot of, hey, we're going to make this, you know,
you made this purchase from Apple.
If you didn't do this, call us at this number.
And it's never a number that's actually Apple or actually pay that.
So those are the things to really work out for.
Think about it a little bit more close for diving at.
That's incredible.
Have you, I had a buddy.
He's a mechanic.
He was a professional motocross driver, for lack of a better term.
And he used to tell me stories where he would go and get his car worked on.
And they'd try to scam him.
And he'd be like, guys, nice try.
You're a wrong guy.
Has that ever happened to you where someone tried to hack you or take advantage of you in the digital world?
And you're like, buddy.
and you got any cool stories like that?
Oh, let me see which ones I could talk about.
Oh, so there's, which ones?
I like having fun with that from time to time.
I don't take it too far.
There's actually some people out there that have content,
and they just call up the scammers and just try to wait as much time as possible.
So I do that from time to time.
Like, I'll just message them back.
What I see lately is people reaching out for, like, job opportunities.
They're like, oh, like, message me on WhatsApp,
and we'll talk about the opportunity, and I'll do that, you know, and we'll chat,
and they'll send me through all these loops, and I'll just essentially waste their time with it.
Sure.
So, you know, I just have fun with that, but I don't actually, like, attack back or do any of those things.
I'm sorry.
One quick.
Are there red flags you can tell, like Matt said, the everyday people?
I know it's a very broad question because there's so many different scams,
but, like, for example, like, I know that once they start asking you,
can you go down and buy some gift cards?
That's a red flag.
Are there some more that maybe are off the radar that people should listen for?
Largely if they're trying to redirect you from one communication channel to another,
that's a big red flag, right?
They're saying like, hey, here's something through email, now call me,
or here's something through email and text this number.
Like, they're trying to get from one channel to another,
and that's always something to be aware of if they're trying to do that.
Because if you're, like, when I work with Matt, right, he does a lot of IT stuff for us,
When I'm communicating with them, it's always the same thing.
I hit them up on the ticket.
They hit me up on email.
It's a back and forth in that same medium.
They're never like, hey, well, text me on this other platform that nobody can monitor,
and then we'll look into your security issue.
Like, that's not a thing.
At least that's not a legitimate thing that you should be more conscious of.
That's wild.
Great answer.
Mike Leesey, Hack Dysection Podcast.
Really a great one to listen to.
Such a cool thing.
thing. Before we let you go and let you enjoy the fair here, I want to talk about a little bit
because we're growing, we're expanding, we're opening in a new place downtown, and so are you.
Yeah. Tell us a little bit about your new office space. Yeah, so we're coming up on five years
of being in business, so hitting that, you know, that big, I don't know, milestone, I guess,
from a business perspective. And through the networking that we've done, we got an opportunity to
join the folks over at the Inspire Innovation Hub. And we opened up an office over there. And we opened up an
office over there to help all the startups there and just kind of have some presence downtown.
So, yeah, we're loving it. It's skid me out of the basement a little bit here.
Even though our teams, you know, all around the country, it's nice to have, you know,
something a little bit more legitimate for the business operations.
I think that's very interesting because a lot of people, you know, go back and forth,
and especially in your industry, we talk about long before the pandemic or any of that,
I've always said as technical guys, programmers, IT, cybersecurity, we were the remote
workers 20 years ago.
That's right. Nobody even
crashed with that concept, right?
So that's always kind of been
away a lot of these professionals work,
especially in your industry.
So to see you kind of go,
hey, let me get a commercial space
a little more traditional thing I think is interesting.
I see it more as just
adding some legitimacy to the operations.
Right? If somebody's looking up the company,
they're like, oh, where these guys are located?
Anything like that? It's like going to a resident.
address that's kind of weird. So it's more just of, hey, we have, we have an establishment,
we have this place downtown, we're with all these other, all these other organizations. It also helps
a lot in the networking side, right? I'm not interacting with a lot of business owners out of my
basement day to day. So opportunities there that I really didn't think about before I was a business
owner, right? No, I think that's great. And I think that's a great point. I did the same thing
when I started, you know, the IT business, we could very well operate out of our respective homes.
very easily, but for the same reason, for that, you know, legitimacy of, you're a real business
and you can come meet me in an office.
And that was huge for our business.
Honestly, I think it was well worth the money that I maybe didn't need to spend at the time,
but definitely paid off, so I'm glad to see you do that.
And a little programming note, Good News York will be touring the Inspire Innovation Hub coming up
this week, so pay attention for those episodes.
We'll pop in.
We'll give you the full layout.
It's a pretty neat space from what was formerly the tech.
garden.
Yeah, they did a lot of great work there.
What day are you guys going to be there?
I want to say Tuesday.
Tuesday?
Okay.
I can look if you.
But yeah, we'll hunch your house.
I'm just curious so I can try and be there and say hi.
Yeah, no, that would be great.
It is Tuesday, yeah.
All right, perfect.
But yeah.
So, Mike, before we let you go, give us the plugs, the website, stuff like that where people
can find you.
Yeah, so a couple of things that we have going on.
Obviously, the podcast, if you're interested in some of those stories, some things from
the industry.
That's hacked a section.
You can find it across all the platforms.
These guys take care of it for me.
So I love that.
Maltek Solutions for all your cybersecurity needs, MaltekSolutions.com.
And then we have some additional services for like darkwood monitoring, that type of thing.
And that's a service called Breach Monitor.
That's at breachmonitor.
And yeah, you can find us at any of those things.
Awesome.
Or downtown.
Mike Lacey, super cybersecurity expert based right here in town.
have to go to Austin or Silicon Valley to get real technical professionals, which I think is
something that's pretty awesome.
And Mike, thanks for joining us.
Thanks for everything.
Thank you.
We love you.
Hey, guys.
I appreciate being back, you know, a year later.
It's just really cool to have that come first full circle again and do this again.
So I'm hoping next year we'll do back here at the fair.
Bigger and better yet.
See what's going on.
That'll be it.
And with that, we'll take a break.
But we'll be back with more from the Syracuse Winter Fair in just a moment.
You're listening to a podcast right now.
Driving, working out, walking the dog.
If you're into podcasts, chances are you have something to say too.
With RSS.com, starting your own is free and easy.
Upload an episode and we distribute it to Apple Podcasts, Spotify, Amazon Music, and hundreds more.
Track your listeners, see where they're from, and start earning from ads like this.
Even with just 10 listeners a month.
If you've been thinking about starting a podcast, this is your sign.
Start free at rs.com.