Interview With Robert Siciliano – Founder at IDTheftSecurity
In this SafetyDetectives interview, we spoke with Robert Siciliano, a cybersecurity expert, bestselling author, and the founder of IDTheftSecurity.com. With decades of experience in personal and digital security, Robert has built a reputation for making complex security concepts accessible and actionable for individuals and businesses alike.
Robert shares how his early interest in personal safety led to a career in cybersecurity, the story behind launching his company, and how he helps people better understand and manage digital risk. We also discuss common mistakes around identity theft, how AI is changing the threat landscape, and what small businesses can do to improve their security—even on a tight budget.
Can you tell us about your journey—how you became a bestselling author, a cybersecurity expert, and what led to the launch of IDTheftSecurity.com?
Personal security is a topic that I had a strong interest in from the age of 12 when I was mugged in downtown Boston. Shortly after I met my first victim of sexual assault, and that woke me up to the predatory instinct of humans. Since I was a young teen, understanding the motivations of psychopaths, sociopaths, and hard-core narcissists and studying the human condition, and our response to them should they choose us as their next target has been a significant focus.
My philosophy is and it has always been that all security is personal. And whether that is personal security as it relates to physical violence prevention, or protecting your data or identity, anyone who invests a lifetime into the dissemination of information of any topic, will likely rise to expert status. My company was incorporated in 1995. In within six months, my small business got hacked. I watched as thousands of dollars of losses were incurred, which was my first experience with Internet fraud. From that point on, personal security meant so much more than physical security.
Can you walk us through the main services or training programs you offer through your website?
Covid pushed most companies in the direction of pre-recorded e-learning to maintain “compliance” in regards to security awareness training. However, being compliant doesn’t necessarily fix the employees lack of security appreciation problem. And while we offer e-learning, we prefer to deliver our message either live online or even better, live in person. The only way to move the needle in order to get people to “care” about security, is to affect them and you can’t do that unless you interact with them on a human level. A pre-recorded cartoon isn’t going to do that.
What’s the biggest mistake people make when trying to protect themselves from identity theft?
The biggest mistake is simply not doing what is necessary to protect themselves. The term “identity theft” is defined with extremely broad strokes, which results in most people doing next to nothing to protect themselves. And while identity protection services are available and have their value, most people do not engage in what’s called a “credit freeze” which is free and solves most of the pure identity theft issues revolving around “new account fraud”
How has identity theft evolved with the rise of AI and deepfake technology?
Artificial intelligence has just made fraud that much more accessible and feasible for bad actors. And humans who have been consuming media, in all its forms, since the written word are not positioned or capable of determining what’s real or fake. We are significantly disadvantaged, which is resulting in high dollar fraud losses for unprepared humans who trust by their nature.
What do you recommend for small businesses that don’t have a big security budget but still need to protect customer data?
Security is a profession, like being a car mechanic, or a doctor. And while you may attempt to change your oil, or even self diagnose a medical issue by doing some research on the Internet, in the end, you need a professional to handle certain aspects of your personal and professional life. Security is no different. Everyone is capable of installing antivirus, but are they capable of doing a vulnerability test? Are they capable of engaging in all of the requirements that a managed service provider or a managed security service provider engage in to ensure a networks security?
Information security needs to be looked at as a part of a businesses investment. Not doing so it’s just hedging ones bets. Network security also involves security awareness training to make sure that every employee that responds to phone calls, text messages and email understands risk management. Human hacking is designed to bypass all networks security. Security awareness training is fundamental to protecting company data.
What makes your approach to identity theft protection different from other options out there?
We arent the only company to suggest our philosophy and how we roll out security preparedness is “holistic” in its nature. But I challenge any other company to prove just what they’re holistic foundations mean. For us, that means starting off with the individual, their fears, their worries, there overall understanding of what security is, and isn’t.
We not only address the person from when they are a child, we address how their cultural upbringing and understanding of security has affected their belief systems, and how those beliefs systems prevent them from fully embracing the topic of security, which ultimately prevents them from engaging in proper risk management. Holistic means: characterized by the belief that the parts of something are interconnected and can be explained only by reference to the whole.
That’s what we do. And we do it by breaking it all down in such a way that is personal to the security of the individual, therefore, they develop a mindset to protect the company data or systems in which they are entrusted with.
Robert Siciliano CSP, CSI, CITRMS is a security expert and private investigator with 30+ years experience, #1 Best Selling Amazon author of 5 books, and the architect of the CSI Protection certification; a Cyber Social Identity and Personal Protection security awareness training program. He is a frequent speaker and media commentator, and CEO of Safr.Me and Head Trainer at ProtectNowLLC.com.