Plongez dans la liste complète des épisodes de Cyber Work. Chaque épisode est catalogué accompagné de descriptions détaillées, ce qui facilite la recherche et l'exploration de sujets spécifiques. Suivez tous les épisodes de votre podcast préféré et ne manquez aucun contenu pertinent.
Rows per page:
50
1–50 of 375
Date
Titre
Durée
14 Feb 2022
Data backup in ransomware situations | Guest Curtis Preston, aka “Mr. Backup”
01:00:32
Curtis Preston, aka “Mr. Backup,” has been in the backup and recovery space since 1993. He’s written four books, hosts a podcast called “Restore it all,” founded backupcentral.com and is a tech evangelist for SaaS data protection company Druva. We talk about disaster recovery, the role of good backup in ransomware situations and why the data recovery person and the information security person in your company need to become fast friends and start sharing notes. Also, why we’ve all been completely wrong about tape backup systems.
0:00 - Cyber Work intro 2:40 - Mr. Backup origin story 4:01 - How backup and recovery has changed 7:44 - Data duplication during a disaster 9:45 - Speed of data recovery changes 12:47 - Benefit to physical data backups 15:37 - Common long-term data backup mistakes 19:04 - Other issues with data recovery 23:22 - Limits of disaster recovery 34:16 - Encryption options 39:44 - Jobs in data backup and recovery 44:54 - Benefit to learning data backup and recovery 46:53 - Data backup and recovery outlook 52:52 - What is the Restore It All podcast? 56:15 - What is Druva? 59:45 - Where can I learn more about Mr. Backup? 1:00:32 - Cyber Work outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
03 Mar 2022
Working as a digital forensics analyst | Cybersecurity Career Series
00:08:36
Digital forensics analysts collect, analyze and interpret digital evidence to reconstruct potential criminal events and/or aid in preventing unauthorized actions from threat actors. They help recover data like documents, photos and emails from computer or mobile device hard drives and other data storage devices, such as zip folders and flash drives, that have been deleted, damaged or otherwise manipulated. Digital forensic analysts carefully follow chain of custody rules for digital evidence and provide evidence in acceptable formats for legal proceedings.
0:00 - Intro 0:26 - What is a digital forensics analyst? 0:57 - Digital forensics specialties 1:24 - How to become a digital forensics analyst 2:17 - Skills needed to be a digital forensics analyst 3:34 - Common tools for a digital forensics analyst 4:42 - Using digital forensics tools 5:17 - Digital forensics analyst jobs 6:30 - Moving from digital forensics to new roles 7:17 - Get started in digital forensics 8:18 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
21 Feb 2022
What does a security architect do? | Cybersecurity Career Series
00:13:52
Security Architects are responsible for planning, designing, testing, implementing and maintaining an organization's computer and network security infrastructure. Security Architects develop information technology rules and requirements that describe baseline and target architectures and support enterprise mission needs.
Advanced technical knowledge of network/web protocols, infrastructure, authentication, enterprise risk management, security engineering, communications and network security, identity and access management, and incident response, is critical to success in this role.
0:00 - Intro 0:31 - What is a security architect? 1:07 - How to become a security architect 2:15 - What certifications should a security architect get? 3:07 - Skills a security architect needs 4:07 - Learning as a security architect 7:06 - Security architect tools 7:58 - Where do security architects work 9:28 - Private vs federal security architects 11:09 - Related roles to security architect 12:12 - Start working toward security architect 13:23 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
28 Feb 2022
Three foundational cybersecurity certifications | Guest Mike Meyers
00:53:48
Infosec Skills author Mike Meyers of Total Seminars joins me to discuss three foundational certifications that will start you on just about any path you want to go. Specifically, the CompTIA A+, Network+ and Security+ certifications. Meyers dispenses tough love for people who want someone else to map their career for them, talks up the benefits of vendor-neutral certs and blows my mind by comparing certs with car windshield wipers. Intrigued? You should be! That’s all today, on Cyber Work!
0:00 - Intro 3:00 - Beginning in cybersecurity 3:23 - Why teach cybersecurity? 5:54 - Why CompTIA? 6:57 - Start vendor neutral with cybersecurity certification 12:10 - Being diverse in cybersecurity is essential 13:35 - Why A+, Network+ and Security+? 25:53 - Guiding your cybersecurity career 30:05 - Where to learn cybersecurity skills 42:02 - Cybersecurity job dilution 44:20 - Where do I begin my cybersecurity career? 48:32 - Using the Infosec Skills platform 49:38 - Mike Meyers' next projects 51:30 - What is Total Seminars? 52:12 - Learn more about Meyers and Total Seminars 53:23 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
07 Mar 2022
Working in DevOps | Guest Steve Pereira
00:55:05
Steve Pereira of Visible Value Stream Consulting discusses DevOps, SecOps, DevSecOps and his own lifelong love of streamlining projects. You’ll hear how his dad’s job with Bell Telephone facilitated his early explorations, the intersections of DevOps and Agile, the ever-important security component of it all and why following your interests and not the big money payouts might not work in the short run, but ultimately will get you where you want to go in the end.
0:00 - Intro 2:35 - Cybersecurity origin story 6:02 - Build and release engineering 9:27 - Tech and business 11:20 - DevOps projects 12:10 - Automating yourself out of your job 13:44 - What is DevOps? 23:45 - Method for DevOps success 31:47 - Development team vs security team 36:03 - DevOps history and Agile 44:50 - How do I work in DevOps? 52:09 - Visible Value Stream Consulting 54:42 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
14 Mar 2022
Cybersecurity and all things privacy | Guest Chris Stevens
00:50:09
Today's podcast highlights implementation privacy, policy privacy and all things privacy with privacy expert and Infosec Skills author and instructor Chris Stevens. From his years in the government’s office of national intelligence to his multiple IAPP certifications, Stevens is happy to tell you everything you ever wanted to know about careers in privacy, around privacy and careers that would be better with a helping of privacy skills on top!
0:00 - Cybersecurity privacy 3:30 - Getting interested in cybersecurity 4:40 - Cybersecurity in the Department of Defense 6:00 - Computer science studies 8:50 - Cybersecurity research 11:05 - Information privacy and privacy professionals 14:48 - What does U.S. privacy cover? 19:10 - Privacy certifications and more 21:36 - Privacy differences across countries 24:50 - Difference in privacy certifications 27:16 - Learning about privacy 30:16 - Positions available for information privacy 33:50 - Educational steps to work in privacy 36:00 - Getting a job in privacy 37:57 - Entry-level work in privacy roles 42:44 - How to stay on track in lifelong learning 46:37 - Cybersecurity education in the future 48:19 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
21 Mar 2022
What makes a good cyber range? | Guest Justin Pelletier
00:53:33
Justin Pelletier is the director of the cyber range program at the ESL Global Cybersecurity Institute at the Rochester Institute of Technology. Infosec Skills has some great cyber ranges, but Pelletier shows the organization’s massive, immersive simulations. Because they’ve also included cyber range technology for beginning cybersecurity pros transitioning from other jobs, we cover what’s involved in making a good cyber range, how to break down those early barriers of fear and self-doubt and how quickly you can move into a cyber career after hands-on training.
0:00 - Immersive cyber ranges 3:13 - Getting into cybersecurity 5:06 - Studying data breaches 11:03 - Cybersecurity at the Department of Defense 14:02 - Cyber range education at the RIT 16:20 - Work of the Global Cyber Range 24:20 - Cyber range scenarios 38:30 - What makes a good cyber range? 42:00 - Successfully getting into cybersecurity 45:33 - Cyber range upskilling 48:47 - Cybersecurity hiring changes 51:30 - Learn more about the cyber range center 52:30 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
28 Mar 2022
Better cybersecurity practices for journalists | Guest Marcus Fowler
00:50:32
Marcus Fowler, senior vice president of strategic engagement and threats at DarkTrace, talks about attack vectors currently facing embedded journalists, their need to be available at all times for potential sources and how that openness makes them, their company and their confidential sources potential attack vectors for cybercriminals. Fowler talks about security hardening strategies that don’t compromise journalistic availability, the work of threat research and why people with natural interests in cybersecurity will have their career path choose them, not the other way around.
0:00 - Cybersecurity threats to journalists 3:00 - Getting into cybersecurity 5:50 - CIA cybersecurity training 7:18 - Joining DarkTrace in engagement threat roles 10:22 - Tasks with engagement threat jobs 13:22 - Cybersecurity work balance 17:49 - Advanced persistent threats against media 23:33 - Attack vectors journalists face 26:14 - Journalist cybersecurity savvy 28:08 - A truly secure journalism source 32:58 - Damage from a compromised source 36:05 - Main cybersecurity threats right now 38:37 - Qualifications needed to work as a threat researcher 42:52 - Safe cybersecurity jobs 47:05 - What is DarkTrace? 49:06 - Learn more about Marcus Fowler 50:11 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
04 Apr 2022
Security awareness and social engineering psychology | Guest Dr. Erik Huffman
00:56:18
TEDx speaker, security researcher, host of the podcast MiC Club and all-around expert on security awareness and social engineering, Dr. Erik Huffman, is today's guest. Huffman spoke at the 2021 Infosec Inspire virtual conference, and for those of you who were captivated by his presentation, prepare for another hour of Dr. Huffman’s insights on why we need to teach security awareness from insight, rather than fear or punishment, how positive name recognition in an email can short-circuit our common sense and how to keep your extrovert family members from answering those questions online about your first pet and the street you lived on as a child.
0:00 - Clicking on phishing attacks 3:13 - First getting into cybersecurity 5:00 - Higher education and cybersecurity 7:41 - Cybersecurity research projects 10:05 - Impacting a cybersecurity breach 11:14 - Security awareness and social engineering 15:45 - Common social engineering tricks 23:00 - Changing security habits 30:15 - Cybersecurity communication avenues 33:30 - Getting family members cyber safe 38:00 - Harvesting info via social media 42:13 - Working in security awareness and threat research 44:54 - Importance of white papers and documentation 55:04 - Learn more about Erik Huffman 56:00 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
11 Apr 2022
The importance of cyber threat research | Guest Moshe Zioni
00:40:00
Moshe Zioni of Apiiro talks about threat research and how to properly report discovered code vulnerabilities. We discuss the ways that vulnerabilities can find their way into code despite your best intentions, the difference between full disclosure and responsible disclosure, and being in the last generation to still grow up before the internet changed everything.
0:00 - Cybersecurity threat research 2:21 - Getting interested in computers 3:25 - Penetration testing and threat research 6:15 - Code vulnerabilities 10:58 - Research process for vulnerabilities 17:05 - Proper reporting of threats 23:11 - Full disclosure vs proper disclosure 25:53 - Current security threats 30:20 - Day-to-day work of security researchers 32:02 - Tips for working in pentesting 35:32 - What is Apiiro? 39:11 - Learn more about Moshe Zioni 39:42 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
18 Apr 2022
What does an information risk analyst do? | Cybersecurity Career Series
00:20:09
Information risk analysts conduct objective, fact-based risk assessments on existing and new systems and technologies, and communicate findings to all stakeholders within the information system. They also identify opportunities to improve the risk posture of the organization and continuously monitor risk tolerance.
0:00 - Information risk analyst career 0:30 - Day-to-day tasks of an information risk analyst 2:09 - How to become an information risk analyst 4:00 - Training for an information risk analyst role 5:42 - Skills an information risk analyst needs 9:24 - Tools information risk analysts use 10:51 - Jobs for information risk analysts 13:08 - Other jobs information risk analysts can do 18:05 - First steps to becoming an information risk analyst
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
25 Apr 2022
What does a security engineer do? | Cybersecurity Career Series
00:15:10
Security engineers are responsible for implementing, and continuously monitoring security controls that protect computer assets, networks and organizational data. They often design security architecture and develop technical solutions to mitigate and automate security-related tasks. Technical knowledge of network/web protocols, infrastructure, authentication, log management and multiple operating systems and databases is critical to success in this role.
0:00 - What is a security engineer? 3:39 - How do I become a security engineer? 4:52 - Studying to become a security engineer 5:47 - Soft skills for security engineers 7:05 - Where do security engineers work? 9:43 - Tools for security engineers 12:10 - Roles adjacent to security engineer 13:15 - Become a security engineer right now
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
09 May 2022
What does an ICS security practitioner do? | Cybersecurity Career Series
00:13:42
Industrial control system (ICS) security practitioners are responsible for securing mission-critical SCADA and ICS information systems. They are responsible for restricting digital and physical access to ICS devices, such as PLCs and RTUs, to maximize system uptime and availability. Extensive knowledge of OT and IT protocols, incident response, Linux and Windows OS, configuration management, air-gapped or closed networks, insider threats and physical security controls are important competencies for any ICS security practitioner.
O:00 - ICS security practitioners 0:25 - What is an industrial control system practitioner? 2:22 - How to become an ICS practitioner 4:00 - Education required for an ICS practitioner 5:00 - Soft skills ICS practitioners need 6:05 - Common tools ICS practitioners use 7:59 - Where do ICS practitioners work? 10:05 - Can I move to another role after ICS practitioner? 12:18 - Getting started as an ICS practitioner
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
02 May 2022
A public discussion about privacy careers: Training, certification and experience | Cyber Work Live
01:02:44
Join Infosec Skills authors Chris Stevens, John Bandler and Ralph O’Brien as they discuss the intersection of privacy and cybersecurity. They’ll help you walk a path that will lead to an engaging career as a privacy specialist — a job role that grows with more opportunities year after year!
This episode was recorded live on April 12, 2022. Want to join the next Cyber Work Live and get your career questions answered? See upcoming events here: https://www.infosecinstitute.com/events/.
0:00 - Intro and guests 3:45 - What is privacy as a career? 8:15 - Day-to-day work of a cybersecurity privacy professional? 16:45 - Intersection of law and tech degrees 20:30 - What beginner privacy certifications should I pursue? 25:45 - Best practices for studying for IAPP certifications 33:00 - How to gain experience in cybersecurity privacy work 40:27 - How to interview for a cybersecurity privacy job 45:00 - GDPR and ransomware 51:52 - Implementation of privacy laws and security positions 58:15 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
16 May 2022
What does a cybersecurity beginner do? | Cybersecurity Career Series
00:14:47
Just getting started? This role is for you!
The Cybersecurity Beginner role focuses on the foundational skills and knowledge that will allow anyone to take the first step towards transitioning into a cybersecurity career. No prior knowledge of cybersecurity or work experience is required. The only prerequisite is a passion for technology and cybersecurity.
0:00 - Working as a cybersecurity beginner 0:41 - Tasks a cybersecurity beginner may take on 4:15 - Cybersecurity work imposter syndrome 5:49 - Common tools cybersecurity beginners use 9:08 - Jobs for cybersecurity beginners 13:50 - Get started in cybersecurity
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
23 May 2022
Working as a privacy manager | Cybersecurity Career Series
00:15:38
A Privacy Manager is responsible for the development, creation, maintenance and enforcement of the privacy policies and procedures of an organization. They ensure compliance with all privacy-related laws and regulations. The Privacy Manager takes an active lead role when a privacy incident or data breach occurs and will start the investigation. They will then monitor, track and resolve any privacy issues. The Privacy Manager builds a strategic and comprehensive privacy program for their organization that minimizes risk and ensures the confidentiality of protected information.
Advanced knowledge of privacy law and data protection is critical to success in this role.
0:00 - Working as a privacy manager 0:40 - What does a privacy manager do? 3:02 - Experience a privacy manager needs 5:15 - Is college necessary for a privacy manager? 8:05 - Skills needed to be a privacy manager 10:30 - What tools does a privacy manager use? 11:15 - Where do privacy managers work? 12:15 - Roles privacy managers can move to 13:30 - How do I get started becoming a privacy manager?
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
06 Jun 2022
Ethical user data collection and machine learning | Guest Ché Wijesinghe
00:24:00
Today on Cyber Work Ché Wijesinghe of Cape Privacy talks about the safe and ethical collection of user data when creating machine learning or predictive models. When your bank is weighing whether to give you a loan, they can make a better choice the more info they know about you. But how secure is that contextual data? Hint: not as secure as Wijesinghe would like!
0:00 - Machine learning and data collection 2:37 - Getting started in cybersecurity 3:15 - Being drawn to big data 4:35 - What data is driving decision-making? 9:04 - How is data collection regulated? 15:02 - Closing the encryption gap 16:50 - Careers in data privacy 19:07 - Where can you move from data privacy? 21:20 - Ethics of data collection 23:25 - Learn more about Wijesinghe 23:55 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
13 Jun 2022
Cybersecurity jobs: How to better apply, get hired and fill open roles | Guest Diana Kelley
01:00:37
Diana Kelley returns to the show to discuss her work as a board member of the Cyber Future Foundation and the goings-on at this year’s Cyber Talent Week. Whether you’re a cybersecurity hiring manager who doesn’t know why you’re not getting the applicants you want, a candidate who hears the profession has 0% unemployment but still can’t seem to get a callback or anyone in between, DO. NOT. MISS. THIS. EPISODE. This is one for the books, folks.
0:00 - Cybersecurity hiring and job searching 4:30 - Diana Kelley of Cyber Future Foundation 9:00 - Cyber Future Foundation talent week 13:58 - Reexamining cybersecurity job descriptions 21:52 - Cybersecurity hiring manager and applicant training 27:10 - Strategies to bring in diverse talent from other industries 33:06 - Narrowing your cybersecurity job pursuit 39:37 - Using different educations in cybersecurity roles 41:32 - Implementing an educational pipeline 44:40 - Hiring based on strong skills from other trades 48:22 - Cybersecurity apprenticeships 53:22 - Fostering cybersecurity community value 59:09 - Diana Kelley's future projects 1:00:30 - Outro
20 Jun 2022
What does a secure coder do? | Cybersecurity Career Series
00:20:56
Secure coders are responsible for developing and writing secure code in a way that protects against security vulnerabilities like bugs, defects and logic flaws. They take proactive steps to introduce secure coding methodologies before the application or software is introduced into a production environment, often following recommendations from the Open Web Application Security Project (OWASP) Foundation.
0:00 - Intro 0:25 - What does a secure coder do? 5:48 - How do you become a secure coder? 9:46 - What skills do secure coders need? 12:28 - What tools do secure coders use? 17:08 - What roles can secure coders transition into? 19:50 - What to do right now to become a secure coder
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
27 Jun 2022
Cybersecurity has a marketing problem — and we're going to fix it | Guest Alyssa Miller
00:56:22
On today's episode, we're breaking down phrases you've heard a million times: “security is everyone’s job,” “humans are the weakest link in the security chain,” “it’s not if you get breached, but when.” Returning guest Alyssa Miller drills into these comforting nostrums and explains why, even when they’re used for well-intended purposes, they often act to limit the conversation and the options, rather than address the hard work needed to overcome these evergreen problems. You’re not going to want to miss this one, folks! It’s all that, plus a little bit of book talk, today on Cyber Work!
0:00 - Intro 1:38 - Alyssa's tweet that inspired this episode 4:00 - Why you need to read the Cybersecurity Career Guide 9:10 - Cybersecurity platitudes and clichés 11:30 - Cliché 1: "It's not if you get breached, but when" 18:44 - Cliché 2:"Just patch your shit" 24:58 - Cliché 3: "Users are the weakest link" 32:34 - Cliché 4: "Security is everyone's job" 35:52 - Cliché 5: What is a "quality gate"? 44:14 - Cliché 6: "You just need passion to get hired" 48:14 - How to write a better cybersecurity job description 50:15 - Business value of diversity and inclusion 52:52 - Building a security champions program 55:12 - Where can you connect with Alyssa Miller? 56:44 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
18 Jul 2022
Keeping your inbox safe: Real-life BEC attacks and email fraud careers | Guest John Wilson
00:42:34
Today's episode is all about email fraud. John Wilson, head of the cyber intelligence division at Agari by HelpSystems, discusses Business Email Compromise (BEC), spearphishing, whaling, romance fraud and more. If you can name it, John’s studied it. And he's likely collected intel that’s managed to freeze cybercriminals’ assets — and even put them away. He gives career tips and advice for engaging in threat research at all levels, we discuss the pyrrhic victory that is the modern spam filter, and John tells me why BEC fraud hunters’ best asset is a degree in psychology! All that and loads more, today on Cyber Work!
0:00 - Free cybersecurity training resources 0:58 - Overview of today's episode 1:58 - Who is John Wilson? 3:02 - Getting into cybersecurity 4:58 - How spam has evolved over the years 8:12 - Why pursue a career in fraud? 11:10 - 3 primary vectors for email attacks 15:20 - Is BEC ever an insider threat? 16:16 - Is education making a difference on BEC attacks? 20:55 - Tracking down BEC actors and recovering assets 23:50 - Two angles to preventing BEC attacks 29:12 - Careers related to BEC and phishing prevention 34:42 - How to gain cybersecurity experience and get hired 37:25 - Agari and email fraud protection 42:16 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
25 Jul 2022
Your personal data is everywhere: What can you do about it? | Guest Mark Kapczynski
00:44:37
Today on the Cyber Work Podcast, Mark Kapczynski of OneRep reminds us of an awful truth most people either don’t know or don’t like to think about. Your personal information — your address, your phone number, your age — all of these things are on the public internet! Mark talks about OneRep’s mission to scrub personal information from these sites, suggests changes that could help prevent this problem, and shares ways you could base a career in this fight for data privacy and autonomy. All that and a detour into grade-school home computer shenanigans on today's episode.
0:00 - Free cybersecurity training resources 0:56 - Overview of today's episode 1:50 - Who is Mark Kapczynski? 2:44 - Data breaches are a way of life 3:36 - Getting started in IT and cybersecurity 5:41 - Helping the film industry go digital 7:31 - Transitioning industries from paper to digital 9:53 - What types of personal data are on the internet? 12:40 - How people search sites sell PII and make money 14:50 - How to get personal information removed from sites 18:07 - What type of services does OneRep offer? 19:19 - How is public personal data used in cybercrime? 23:01 - How can consumers limit personal data exposure? 26:38 - Regulatory changes needed to protect personal data 29:00 - Who owns your personal data? 30:55 - Web 3.0, smart contracts and other tech needed 33:58 - Jobs and careers related to data privacy 36:38 - Every professional needs to understand data 39:50 - What makes a data professional's resume stand out? 41:50 - What is OneRep? 44:30 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
01 Aug 2022
OWASP Top 10: What cybersecurity professionals need to know | Guest John Wagnon
00:39:08
On today's episode, our old pal John Wagnon, Infosec Skills author and keeper of the secrets of OWASP, joins me to talk about the big changes in the OWASP Top 10 that happened at the end of 2021, his own class teaching the Top 10, and some job tips, study hints and career pivots for people interested in these vulnerabilities. Find out why access managers are going to rule the world someday!
0:00 - Free cybersecurity training resources 0:56 - Overview of today's episode 1:43 - Who is John Wagnon? 2:50 - Working in cybersecurity and teaching OWASP 4:18 - What is the OWASP Top 10? 7:51 - How did the OWASP Top 10 change in 2021? 15:48 - Why do these security issues never go away? 19:06 - Cybersecurity roles using the OWASP Top 10 23:43 - What's covered in John's OWASP Top 10 courses? 26:42 - How to get hands-on cybersecurity experience 30:24 - Vulnerability-related cybersecurity career paths 34:16 - What is John working on with Infosec and Fortinet? 35:37 - Using your career as a learning opportunity 37:16 - Learn more about John Wagnon and OWASP 38:30 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
08 Aug 2022
Cybersecurity project management: A peek behind the curtain | Cyber Work Live
01:01:52
Last year, Cyber Work Live brought you into the world of cybersecurity project management — with tips for acquiring your skills, improving your resume and getting your foot in the door. But what does the day-to-day work of cybersecurity project managers look like?
Jackie Olshack and Ginny Morton return to answer that question. They’ll also share experiences they’ve gained while working on some of their biggest projects!
0:00 - Intro 0:50 - Who is Jackie Olshack? 1:24 - Who is Ginny Morton? 2:52 - Can non-technical PMs move into the tech space? 8:50 - Best way to manage projects with limited resources 13:30 - What certificates are needed for project management jobs? 18:52 - How do you kick off a cybersecurity project? 28:41 - How do you keep the project on schedule? 34:15 - Tips for networking in remote working situations 36:55 - Dealing with slowdowns and delays in projects 43:35 - Importance of a supportive environment in projects 47:40 - Dealing with delays from other teams in projects 50:35 - Tips for managing multiple projects at once 55:35 - How can teams support their project manager 56:35 - Transitioning into a cybersecurity career 59:00 - Outro and Infosec Skills giveaway
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
15 Aug 2022
Securing operational technology: ICS, IoT, AI and more | Guest Francis Cianfrocca
00:53:08
If you want to learn more about working with operational technology (OT) and internet-connected devices, then don't miss today's episode with Francis Cianfrocca, CEO of Insight Cyber Group. He discusses security problems around OT and IoT systems and shares some surprising stories of intruders in the electrical grid. He also talks about why it’s so hard to secure a set of machines that often pre-date computer technology and the small changes in your community that can make huge differences in the entire security industry.
0:00 - Free cybersecurity training resources 0:56 - Overview of today's episode 1:48 - Who is Francis Cianfrocca and Insight Cyber? 2:15 - Getting into tech and cybersecurity 4:13 - Francis' job roles and companies 5:22 - Early days of ICS systems security 10:15 - CEO duties at a cybersecurity startup 12:19 - Why is infrastructure security so bad? 16:05 - Different approaches needed for ICS and IOT systems 20:23 - Catching intruders early on with industrial systems 22:45 - Using artificial intelligence in ICS security 24:50 - Bad actors are really good at reconnaissance 27:20 - ICS and IOT environments cannot have downtime 30:00 - Asset and behavioral inventory is difficult 31:42 - Real-world examples of rogue ICS software 36:30 - ICS vs. IOT security 42:57 - How to promote industrial security careers 46:07 - Impact of AI on cybersecurity careers 48:40 - Preparing for an ICS cybersecurity career 51:07 - What's Insight Cyber working on? 52:45 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
22 Aug 2022
What's it like to work in emergency response? | Guest Christopher Tarantino
00:44:46
Learn all about emergency response — and the myriad techniques and skills that term implies — in today's episode featuring Christopher Tarantino, CEO of Epicenter Innovation. Is there a physical security component? Yes! Is there a cybersecurity component? Big time! Is there an educational element? Absolutely! Find out how disaster planning, preparation, remediation and post-event rebuilding and improvement are all opportunities to strengthen your security posture.
0:00 - Free cybersecurity training resources 0:56 - Overview of today's episode 1:47 - Who is Christopher Tarantino? 3:25 - What does an emergency response team do? 4:38 - Resilience in emergency response 7:45 - Importance of boring innovation 9:30 - Higher ed emergency response example 13:13 - Healthcare, higher ed and government resilience 16:00 - Years-long education around disasters 21:03 - Biggest cybersecurity blind spots 25:00 - Skills required for emergency response careers 30:00 - Importance of communication across community 35:50 - Transitioning careers from cybersecurity to emergency response 44:10 - Learn more about Epicenter Innovation 44:35 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
29 Aug 2022
Overcoming challenges to build a cybersecurity career | Guest Dr. Chanel Suggs
00:48:05
Today's Cyber Work Podcast features Dr. Chanel Suggs, the Duchess of Cybersecurity®. Dr. Suggs is a teacher, business owner and thought leader and has appeared on TV and podcast platforms around the world to talk about cybersecurity and the hacker mentality. She also had an incredibly challenging and seemingly insurmountable upbringing. Her tumultuous story can be found in her book, “Against All Odds: Overcoming Racial, Sexual and Gender Harassment on the Digital Battlefield.” This episode contains a lot of heartbreak and some challenging stories, as well as incredible insights and some thoroughly important takeaways.
0:00 - Free cybersecurity training resources 0:56 - Overview of today's episode 1:58 - Who is Chanel Suggs, the Duchess of Cybersecurity? 3:12 - Overcoming family obstacles 4:50 - What drew her to a career in cybersecurity 8:10 - First steps to learning IT and cybersecurity 10:45 - Earning cybersecurity certifications 12:20 - Making a cybersecurity training "dungeon" 14:40 - Workplace abuse and harassment 18:28 - Issues with hiring diverse candidates 22:23 - What is Wyvern Security? 27:25 - Changing the workplace culture 32:47 - Social media is key to finding diverse candidates 36:55 - Preventing burnout with employees 40:10 - Advice on earning advanced degrees 42:03 - Contract work vs. full-time employee 43:34 - Free resources and services 44:52 - What's Chanel Suggs book about? 47:48 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
12 Sep 2022
Corporate data breaches and security awareness training | Guest Mathieu Gorge
00:42:28
Mathieu Gorge of VigiTrust talks about the Marriott Hotel data breach that happened back in June, including the facts of the event and why once-per-year security awareness training isn’t enough when many employees only work seven months of the year. He also offers some privacy tips that will keep your hotel system privacy compliant under a whole host of different compliance frameworks.
0:00 - Security awareness and data breaches 2:50 - Elephant in the boardroom book 5:42 - Gorge's latest projects and book 9:38 - Hacking of the Marriott Hotel 19:22 - Marriott's privacy and data collection policies 23:20 - Ensuring data privacy worldwide 30:13 - How hotel franchises handle security 34:32 - Skills needed for securing the hotel industry 38:12 - What is DigiTrust? 41:20 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
19 Sep 2022
The importance of API security and PII | Guest Giora Engel
00:33:38
Today on Cyber Work, Giora Engel of NeoSec talks about securing APIs. Find out why APIs are the new network, why their very nature makes them vulnerable to abuse and how to position yourself as an authority in the ever-growing field of API security. All that and a little entrepreneur talk.
0:00 - API security and PII 2:40 - Giora Engel’s cybersecurity beginning 4:20 - Israeli Defense Force and CEO of NeoSec 5:22 - Starting a cybersecurity company 9:20 - What is API security? 13:15 - Misconfiguration errors in API 17:21 - API and privacy regulation 20:02 - How to work in API security 22:06 - Security plan for PII 24:44 - Skills and experience needed to work in API security 27:10 - API hiring practices 28:58 - Fragility of API 31:07 - What is NeoSec? 32:35 - Learn more about NeoSec and Engel 32:55 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
26 Sep 2022
Attack surface managers and the state of attack surfaces | Guest Dave Monnier
00:48:28
Dave Monnier of Team Cymru talks about the state of attack surfaces, the strengths and shortcomings of attack surface managers and why something we refer to as a “soft” skill might be the hardest skill of all! Plus, we touch on shadow IT.
0:00 - Attack surfaces 2:55 - Dave Monnier's first interest in cybersecurity 7:30 - Instinctual cybersecurity learning 9:20 - Monnier's work as a chief evangelist 14:00 - Cybersecurity soft skills 16:30 - What are attack surface managers? 28:25 - ASM 1.0 to ASM 2.0 32:22 - State of attack surfaces 34:58 - Asset infrastructure in your business 40:00 - Key skills cybersecurity novices need 43:07 - Learning in cybersecurity 45:42 - Learn more about Team Cymru 47:19 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
03 Oct 2022
Privacy and international business | Guest Noriswadi Ismail
00:45:39
Noriswadi Ismail of Breakwater Solutions and the Humanising 2030 campaign joins us to talk about privacy as it pertains to international business, cybersecurity and why it’s important not just to learn the certification variants but also the cultural variants that shape them. And via the Humanising 2030 campaign, Noriswadi and colleagues hope to bring a more ethical and diverse approach to programming and guiding AI in the coming decade.
0:00 - Privacy and international business 2:53 - Noriswadi's first interest in tech 6:38 - A path toward patent law 11:32 - Managing director at Breakwater 16:05 - State of international security and risk plans 18:52 - Certifications internationally 22:58 - Experience versus certification 25:40 - Humanising 2030 29:24 - AI bias and geopolitical impact 32:30 - Diversity and including in cybersecurity 38:23 - Other goals of Humanising 2030 41:22 - What is Breakwater Solutions? 44:44 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
10 Oct 2022
Bad data privacy protocols can become an identity fraud disaster | Guest Stephen Cavey
00:43:59
Stephen Cavey, co-founder and chief evangelist of Ground Labs, talks about the jagged jigsaw puzzle of data collection, data privacy and the dozens — if not hundreds — of privacy regulations and frameworks that govern them. Cavey and I talk about the bad old days of indiscriminate data collecting and grossly insecure payment process. We also address the places where the privacy experts of the future will shape the use and protection of personal data in all industries.
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
0:00 - Bad data privacy protocols 2:36 - How Stephen Cavey got into cybersecurity 4:55 - Shifting into cybersecurity privacy 8:30 - Business hurdles in cybersecurity 13:10 - Why do companies store my data? 20:20 - Breaking cybersecurity privacy law 25:45 - International privacy laws 28:07 - A universal privacy doctrine 31:30 - Principles for collecting user data 34:22 - Skills for working in data privacy 37:44 - Data privacy officer work 39:25 - The future of data collection and privacy 42:08 - What is Ground Labs? 43:30 - Learn more about Cavey and Ground Labs 43:43 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
17 Oct 2022
Digital identity and cybersecurity are inseparable | Guest Susan Morrow
00:49:14
Susan Morrow returns for her fourth time on the Cyber Work Podcast and the first since 2019. Morrow, simply put, is plugged into every aspect of digital identity currently being discussed, and she takes us deep into the security, ethical, practical and UX hurdles of current identity practices and gives us both an optimistic and pessimistic version of the digital identity practices in 10 years.
0:00 - Digital identity 3:00 - Current digital identity concerns 7:07 - Complicating digital identity 8:22 - Digital identity and daily work 13:00 - Secure coding 14:03 - Biggest problems in identity 20:54 - Competing identity systems 24:50 - How identity affects other areas 28:52 - The tech and processes of identity 30:04 - Identity in the next decade 34:24 - Jobs in identity 40:00 - Identity evangelist 42:20 - Women in identity 45:-02 - What is Avoco Secure? 47:28 - Learn more about Susan Morrow 48:40 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
24 Oct 2022
Cybersecurity public speaking techniques | Guest Lisa Tetrault
00:39:53
Lisa Tetrault of Arctic Wolf talks about the adhesives that hold cybersecurity together: communication, collaboration and strong teamwork. First, Tetrault discusses how public speaking at conferences and events made her a better cybersecurity professional; second, she talks about how her work mentoring cybersecurity students helps them fast-track their way into the cybersecurity community; and third, with her work in organizations with Women in Cyber and siberX, she helps bring diverse cybersecurity professionals into the community, build stronger, more multi-faceted teams, and with them, a more multi-faceted face of the industry!
0:00 - Public speaking in cybersecurity 3:17 - Getting into cybersecurity via Atari 4:59 - Network analyst to technician and more 9:10 - Cybersecurity public speaking 19:30 - How to promote yourself as a speaker 22:27 - Learn how to speak in cybersecurity 25:25 - Mentoring cybersecurity students 32:30 - Gender diversity in cybersecurity 36:14 - Where cybersecurity fails job mobility 38:29 - Cybersecurity diversity initiatives in 10 years 39:17 - Learn more about Lisa Tetrault 40:04 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
07 Nov 2022
CMMC has changed: Here's what you need to know | Guest Leighton Johnson
00:38:36
Infosec instructor and 40-year cybersecurity veteran Leighton Johnson talks to us about all things CMMC. After last year’s attempted rollout, CMMC pulled back and retooled its entire framework. But why? Johnson gives you all the details, including how to train to be a CMMC-certified auditor.
0:00 - CMMC in 2022 3:12 - Getting started in cybersecurity 4:15 - How to be CMMC compliant 5:15 - The evolution of CMMC 7:18 - CMMC compliance timeline 10:28 - Being assessed for CMMC compliance 14:30 - Becoming a CMMC auditor 18:08 - What if you don't meet CMMC compliance? 21:40 - Skills comparable with the CMMC auditor 23:25 - Evaluating your company and CMMC needs 28:54 - CMMC auditor job opportunities 31:03 - How to become a federal CMMC auditor 35:04 - What is ISFMT? 37:47 - Learn more about ISFMT and Johnson 38:18 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
14 Nov 2022
Behind the scenes of ransomware negotiation | Guest Tony Cook
00:38:45
Tony Cook of GuidePoint Security knows a lot about threat intelligence and incident response. But he’s also used these skills while working in ransomware negotiation! Cook has handled negotiations for all the big threat groups — REvil, Lockbit, Darkside, Conti and more — and he told me about what a ransomware negotiator can realistically accomplish, which threat groups are on the rise, and why negotiating with amateurs is sometimes worse and harder than dealing with elite cybercriminals.
0:00 - Ransomware negotiating 2:42 - How Tony Cook got into cybersecurity 4:00 - Cook's work at GuidePoint 9:31 - Life as a ransomware negotiator 11:41 - Ransomware negotiation in 2022 13:52 - Stages of a successful ransomware negotiation 15:23 - How does ransomware negotiation work? 19:11 - The difference between threat-acting groups 20:43 - Bad ransomware negotiating 22:43 - Ransomware negotiator support staff 25:21 - Ransomware research 26:26 - Is cyber insurance worth it? 29:14 - How do I become a ransomware negotiator? 32:25 - Soft skills for a ransomware negotiator 33:46 - Threat research and intelligence work 37:45 - Learn more about Cook and GuidePoint 38:17 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
21 Nov 2022
K-12 cybersecurity: Protecting schools from cyber threats | Guest Mike Wilkinson
00:37:41
Michael Wilkinson leads the digital forensics and incident response team at Avertium. The team is dedicated to helping clients investigate and recover from IT security incidents daily. Wilkinson talks about threat research, the threat of Vice Society, how K-12 cybersecurity can improve and much more.
0:00 - Digital forensics and incident response 3:12 - Getting interested in computers 6:00 - How had digital forensics changed over the years 9:03 - Handling overwhelming amounts of data 12:53 - The threat of Vice Society 17:20 - Why is Vice Society targeting K-12? 19:55 - How to minimize damage from data leaks 24:25 - How schools can improve cybersecurity 25:54 - What schools should do if cyberattacked 31:36 - How to work in threat research and intelligence 34:42 - Learn more about Avertium 36:40 - Learn more about Mike Wilkinson 37:08 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
05 Dec 2022
Connecting cloud security, data privacy and cybersecurity | Guest Ameesh Divatia
00:45:00
Ameesh Divatia, CEO of Baffle, Inc., talks about data privacy, data security, cloud security and how a skillset in the middle of that triangle will be your best asset in the years to come. All that, and a little bit of local-focused philanthropy.
0:00 - Data privacy, data security and cloud security 2:43 - Ameesh Divatia's start in cybersecurity 7:13 - Founding cybersecurity companies 10:19 - Security innovation 12:41 - Cybersecurity regulatory compliance 17:00 - Transferring skills to data security 21:23 - Cybersecurity interviews and knowledge 25:03 - Data privacy policies 27:44 - Data privacy requirements 30:22 - Confluence of data privacy, security and cloud 33:32 - Volunteering on a city's technology council 41:02 - What is Baffle? 44:11 - Connect with Divatia 44:43 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
12 Dec 2022
U.S. Cyber Games Season II: Behind the scenes with the head coach | Guest Ken Jenkins
00:55:32
Returning guest Ken Jenkins stops by to talk about his work as the head coach of the US Cyber Games. If you’re intrigued by this emerging e-sport, you will want to keep it here: Jenkins discusses the selection process for the athletes, the roles of the coaches and mentors, and the intense, real-time collaboration going on during the competitions.
0:00 - US Cyber Games 3:38 - How does the security scorecard work 9:06 - Ken Jenkin's typical workday 12:20 - Head coach at the US Cyber Games 18:20 - How do Cyber Games teams work? 20:50 - Cyber Games events 21:28 - Cyber Games draft 26:30 - Challenges for Cyber Games teams 30:00 - The makeup of a Cyber Games team 32:46 - Cyber Games participation explained 38:35 - Cyber Games red teaming 41:13 - How to get into the Cyber Games 44:31 - How Cyber Games translate to real-world skills 48:27 - Tackling a new cybersecurity challenge 51:12 - Follow the US Cyber Games 55:05 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
05 Jan 2023
How to keep symmetric and asymmetric cryptography straight | Cyber Work Hacks
00:06:03
Whether you’re studying for the CEH, CISSP, Pentest+, or even the Security+, there’s always one question about cryptography, and it’s easy to miss! Want to hear a cool trick to keep symmetric and asymmetric cryptography straight in your head? Keatron Evans has one, and he told it to me — stay tuned and listen closely because it’s a Cyber Work Hacks!
0:00 - Cryptography exam tips 0:23 - Certifications with cryptography questions 1:15 - Symmetric versus asymmetric cryptography 3:40 - Learn more about cryptography 4:50 - Find and learn from Keatron Evans
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
09 Jan 2023
The changing roles of red teaming | Guest Matt Lorentzen
00:49:09
Cyberis’ Matt Lorentzen talks all things pentesting, red teaming, the changing roles that red teaming has in fine-tuning and interrogating modern security and why you don’t have to stop doing the fun stuff even when you’re climbing the career ladder.
0:00 - Intelligent pentesting, red teaming and modern security 2:30 - Matt Lorentzen's interest in cybersecurity 3:51 - What is a security consultant 8:02 - Pentesting and red team operations 10:30 - Continued learning in cybersecurity 15:54 - Read teaming and testing cyberattacks 21:40 - Intelligence-driven red teaming 23:40 - Surprising attack vectors 26:53 - Common gaps in cybersecurity 28:46 - School systems and cybersecurity 32:33 - Adjustments to cybersecurity for school systems 36:14 - How to get into pentesting and red teaming 44:28 - Cybersecurity threats in the next decade 46:43 - What is Cyberis? 48:02 - Learn more about Matt Lorentzen 48:38 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
16 Jan 2023
How SOCs are changing: Location, remote work and more | Guest A.N. Ananth
00:35:08
A.N. Ananth of Netsurion joins us to talk about the future of SOCs. Security operations centers used to look more like bunkers crowded with network traffic analysts who rarely got to see the sun. Ananth sees the Covid-induced era of remote SOCs to be a new reality but also a way to bring new professionals in from small towns are far-away locations, making it a partial fix to the security skills gap.
0:00 - Changes to SOC 2:59 - How A.N. Ananth got into cybersecurity 4:07 - Ananth's projects and career 6:25 - Management in cybersecurity 8:40 - What is the SOC? 11:08 - How large is a SOC team? 14:30 - The SOC mentality 17:07 - Remote SOC work 18:52 - Security challenges for remote SOC work 20:55 - Bringing in new SOC talent 23:13 - How to get your foot into cybersecurity 28:53 - What should be on a SOC resume? 32:00 - What is Netsurion 34:00 - Connect with Ananth 34:57 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
19 Jan 2023
ISACA CISM changes: Less focus on management, more on security | Cyber Work Hacks
00:10:05
Infosec Skills author Leighton Johnson talks about major changes to CISM in 2022. CISM has shifted qualitatively from the “Manager” side of the cert name to the “Security” side.
0:00 - Changes to CISM's focus 2:21 - Why did CISM's focus change? 3:43 - How to study for the new CISM changes 6:47 - Important CISM skills to know 8:28 - Find Leighton Johnson 9:31 - Outro
About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
23 Jan 2023
Biggest cybercrime trends heading into 2023 | Guest Paul Giorgi
00:47:33
Paul Giorgi of XM Cyber helps us wrap up 2022 by discussing some of the most unusual and complex attack paths he and XM have seen in the past year. We discuss some of the most common breaches and methods, as well as several attack paths that are the very definition of “taking the scenic route,” which is, of course, why they worked so long. Also, tune in for some great advice about getting involved in risk management and access management.
0:00 - Unusual attack vectors in 2022 3:00 - First getting into cybersecurity 6:35 - What is a sales engineer? 11:50 - Average workday as director of sales 15:30 - Strangest attack vectors of 2022 20:08 - Lessons learned in 2022 cybersecurity 22:06 - DoD and zero trust 24:32 - Successful security attacks 31:30 - The uber breach and security landscape 36:01 - Smart cars and cybersecurity 39:03 - Working in cybersecurity solutions 42:21 - Learn about XM Cyber 46:27 - Learn more about Paul Giorgi 47:04 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
30 Jan 2023
Inside the Pentagon's new zero-trust policy | Guest Steve Judd
00:40:53
Venafi solutions architect Steve Judd talks about the recent directive from the Pentagon that a zero-trust policy be implemented at the Department of Defense in the next four years. Is this a workable deadline? What are the hurdles to be jumped? Judd also tells me what a solutions architect does and why he thinks it’s the most fun job in cybersecurity.
0:00 - Pentagon’s zero-trust policy and DoD 2:22- How did you get into cybersecurity? 5:10 - Cybersecurity solution architect work 9:05 - Scope of zero-trust policy 16:00 - Getting ahead of the zero-trust policy 17:49 - What skills do zero-trust make mandatory? 19:37 - New jobs via zero-trust 23:44 - DevOps and DevSecOps 28:48 - Areas of studies to emphasize 31:00 - Things not to study in cybersecurity 38:00 - What is Venefi 40:05 - Learn more about Steve Judd 40:36 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
02 Feb 2023
How to set up a digital forensics lab | Cyber Work Hacks
00:08:54
Infosec Skills author and Paraben founder and CEO Amber Schroader talks about how to quickly and inexpensively set up your own home digital forensics lab.
0:00 - Creating your digital forensics lab 1:00 - Benefits of your own digital forensics lab 1:40 - Space needed for digital forensics lab 2:30 - Essential hardware needed for a forensics lab 5:01 - Important forensic lab upgrades 5:42 - Running your forensics lab 6:51 - Forensic lab projects 7:35 - Getting into forensic labs 8:04 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
13 Feb 2023
Asset visibility and vulnerability detection | Guest Yossi Appleboum
00:45:20
Yossi Appleboum, CEO of Sepio, talks about Cybersecurity and Infrastructure Security Agency (CISA)’s operational directive for non-military federal agencies to adopt a strict set of asset visibility and vulnerability detection system starting as early as April of 2023. Yossi discusses this directive, saying that it takes FCEB agencies out of the cybersecurity stone ages and into the future. Can it work in such a short time frame? Yossi has thoughts!
0:00 - Asset visibility and vulnerability detection 3:10 – First getting into cybersecurity 6:21 – Co-founding cybersecurity companies 9:30 – What it’s like as CEO of a cybersecurity company 13:00 – Ambassador of the Global Cyber Alliance 15:32 – CISA’s operational directive for federal agencies 19:25 – What are asset management and vulnerability? 24:40 – What comes after asset protection? 28:40 – CISA’s deadline for asset visibility compliance 30:40 – Job outlook for asset visibility and vulnerability detection 35:07 – Work experience needed for asset visibility roles 36:30 – How to work in asset visibility 40:04 – How will this CISA directive change cybersecurity? 41:50 – What is Sepio? 43:56 – Learn more about Yossi Appleboum 44:50 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
16 Feb 2023
Goodbye (ISC)² CAP, hello new CGRC certification | Cyber Work Hacks
Infosec instructor and returning guest Leighton Johnson talks about the recent (ISC)² CAP certification change: the Certified Authorization Professional (CAP) is now Certified in Governance, Risk and Compliance (CGRC). Why are they changing the name of the CAP certification? Is the CAP content going to change as well? What does this mean for the future? Let’s figure this out together.
0:00 - CAP vs. CGRC certification 1:40 - What jobs require a CGRC certification? 2:50 - Why change the CAP name to CGRC? 4:17 - Is CAP exam content different from CGRC? 6:00 - Should I upgrade CAP to CGRC? 7:35 - Study tips for the CGRC exam 9:13 - Learn more about CGRC 9:53 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
02 Mar 2023
Breaking down digital forensics certifications | Cyber Work Hacks
00:09:27
Amber Schroader, CEO of Paraben, explains the different ways to pursue a career in digital forensics, like pursuing a college degree or studying toward a certification. And if a certification, which one will take you on the path you want? Schroader also talks about what doors can open for you, where to get started, and which upper-level certs you should work toward so you’re prepared for the job you want.
0:00 - Breaking down digital forensics certifications 1:08 - Different ways to learn digital forensics 2:07 - Digital forensics college courses versus certifications 3:45 - Main digital forensics certifications and paths 5:20 - Finding a digital forensics niche 6:18 - Hands-on projects for digital forensics experience 7:25 - How to get started in digital forensics 8:34 - Learn digital forensics 9:01 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
16 Mar 2023
Cybersecurity team cohesion in remote settings | Cyber Work Hacks
00:10:36
These days, keeping your security, IT or research team close now that more of us than ever work remotely is a challenge. How do you keep team bonds strong when your main interaction path is your tiny little colleagues trapped in little squares on a computer monitor? Susan Morrow has been managing a remote team for almost two decades. She dispenses wisdom on coordinating schedules in multiple time zones, ensuring everyone’s moving toward the same goal and helping team members of all work styles to do and feel their best.
0:00 - Cybersecurity team remote work 2:30 - Remotely working with multiple teams 4:16 - What doesn't work remotely? 5:51 - Avoiding remote work pitfalls 7:27 - Solving team drift 9:19 - Learn more from Susan Morrow 9:58 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
27 Feb 2023
A deep dive into GitHub's security strategy | Guest Jacob DePriest
00:38:54
Jacob DePriest, the VP and deputy chief security Officer at GitHub, talks about development security. In 2021, GitHub significantly ramped up its security department. DePriest told me all about the commitment to security and how you can move your organization toward a developer-focused security team. Whether you’re just hearing about GitHub now or you’re using GitHub from the moment your work day starts, you’ll want to check out this episode.
0:00 - GitHub's cybersecurity strategy 2:30 - How did you get into cybersecurity? 5:00 - Moving up in cybersecurity 8:57 - Working with NSA 10:08 - Working as a chief security officer 13:35 - Communication in cybersecurity 15:00 - What is GitHub? 17:46 - Coding as a team 19:30 - GitHub's security team 21:18 - Security threats GitHub faces 22:28 - GitHub's role in software security 25:10 - Navigating GitHub's tools 28:50 - How to study cybersecurity 30:54 - Entering software security 33:55 - Security tips for developers 36:45 - Learn more about DePriest and GitHub 38:25 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
30 Mar 2023
Set up your cybersecurity practice lab | Cyber Work Hacks
00:14:17
Paul Giorgi of XM Cyber, a man who told me his favorite way to learn new skills is to break things and put them back together, walked me through the basics of setting up your own cybersecurity practice lab at home for not too much money. But watch out because he says that once you start, your excitement about hands-on practice and buying old servers on eBay can get overwhelming!
0:00 - Build your own cybersecurity practice lab 1:30 - How to practice with a home cybersecurity lab 5:48 - Resource requirements for a cybersecurity lab 8:48 - Cost of a cybersecurity lab 10:28 - First projects for a cybersecurity lab 13:02 - Learn more about Paul Giorgi and XM Cyber 13:42 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
06 Mar 2023
Sorry, Terminator fans, ChatGPT is not going to become Skynet | Guest Jack Nichelson
00:47:44
Today on Cyber Work, my guest, Jack Nichelson, wants you to know something. AI is coming! But it’s not SkyNet; it’s not the rise of the machines. Whatever unnerving story you’ve read in the past few weeks about ChatGPT and what it will or won’t do to humanity, I’d like you to join us here and get a much fuller picture of AI as a tool and our role in shaping and building it.
0:00 - ChatGPT AI 2:50 - How Jack Nichelson got into cybersecurity 4:45 - Types of IT cybersecurity roles 6:57 - AI versus human value 10:46 - Life as a CISO 15:12 - The ChatGPT story 19:37 - Where is AI at right now? 24:20 - Actual applications of AI in the future 30:04 - Areas of study to enter cybersecurity and AI 34:27 - Where AI tools may lead cybersecurity 37:00 - Training for future AI malware 40:20 - Software to spot AI malware 44:50 - What is Inversion6? 46:55 - Learn more about Jack Nichelson 47:12 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
13 Mar 2023
CompTIA Data+ certification: Is it a good fit for your career? | Guest James Stanger
00:51:42
James Stanger, chief technology evangelist at CompTIA, walks through their new Data+ certification. Infosec is proud to provide bootcamp and course training for a range of CompTIA certifications, and James helpfully breaks down the basics of data analytics, the types of learning you’ll need to engage in to pass and why security professionals have a lot more data analyst in their job role than they might think. All that, and a bit of geeking out about the humanities.
0:00 - CompTIA Data+ 3:40 - How did James Stanger get into cybersecurity? 5:00 - From literature to IT 9:50 - Working for CompTIA as a tech evangelist 13:22 - What makes up a tech evangelist role? 18:00 - CompTIA's new Data+ certification 26:06 - Why is Data+ important for pros? 32:38 - Prerequisites for Data+ certification 40:05 - What does Data+ teach you? 43:53 - Training materials for Data+ certification
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
20 Mar 2023
Understanding developer behavior can augment DevSecOps | Guest Nir Valtman
00:55:14
Today on Cyber Work, Nir Valtman, CEO and co-founder of Arnica, discusses developer behavior-based security. In short, there are lots of ways that backdoors or vulnerabilities can make their way into developer code. One door we can close on these intrusions is implementing processes that detect behavior anomalies in developers. Think of your bank monitoring for unusual purchases calling you to ask whether you really just spent $300 on a bobblehead from The Last of Us that’s shipping from Brazil. If you did, not judging, full speed ahead. If not, then we’ve got a problem on our hands. Valtman explains the benefits and the limitations of behavior-based security measures, as well as tips for developers-in-training.
0:00 - Developer behavior-based security 2:56 - Nir Valtman’s start in cybersecurity 4:40 - Moving into the developer world 8:20 - Working as a cybersecurity CEO 10:33 - A typical day for a cybersecurity CEO 19:30 - Monitoring product features 20:15 - DevSecOps behavior-based security 27:42 - Flagging irregular online purchases 30:35 - Impact of pre-fab code on behavior anomaly detection 33:28 - GitHub impact on developer behavior and security 38:09 - Ensuring you don’t skimp on sec in DevSecOps 42:35 - What should future developers know? 44:56 - Skills and experiences for budding developers 51:09 - What is Arnica? 54:57 - Outro
Overcoming burnout in cybersecurity and VMware’s XDR announcement | Guest Karen Worstell
00:57:21
Karen Worstell is a 25-year veteran of the tech, IT and security space; she’s a senior cybersecurity strategist at VMware and a chaplain. This episode goes to many fascinating places, from her days learning coding on a TRS-80 computer, how her extremely visual and right-brained approach to learning has influenced her security journey, her experiences as a woman in the industry and how her work as a chaplain brought her back from a security industry hiatus to help people suffering chronically from burnout. There’s also a bit about XDR — and its a big deal!
0:00 - Burnout in cybersecurity 3:06 - Karen Worstell's start in cybersecurity 6:11 - A family of inventors 9:35 - Physical sciences and computer sciences 16:00 - Work as a senior cybersecurity strategist 18:18: - Working as a woman in cybersecurity 23:15 - Changes to make cybersecurity equitable 31:40 - Strategies for hiring equity in cybersecurity 34:00 - Burnout in cybersecurity 48:35 - Helpful cybersecurity organizations 51:37 - Why is XDR so important? 56:10 - Learn more about Worstell 56:44 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
13 Apr 2023
Optimizing your digital forensics profile while job searching | Cyber Work Hacks
00:10:25
Amber Schroader, CEO of Paraben, gives her best pieces of advice for the work of searching for a job in the field of digital forensics.
0:00 - Get a job in digital forensics 1:30 - Put your best foot forward on social media 3:00 - Updating your digital forensics resume 4:36 - Digital forensics interview tips 5:23 - Let your personality shine 6:14 - Success in your digital forensics job 9:30 - Find more from Amber Schroader
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
03 Apr 2023
Moving from “shift left” to “born left” | Guest David Melamed
00:39:28
David Melamed of Jit brings us a new wrinkle in our ongoing series of developer security topics! Melamed says we should move beyond “shift left,” shifting the security earlier in the CI/CD pipeline, into “Born Left,” a platform in which security tools are in the hands of developers at the point of creation. Melamed talks about his early programming experiences, his Ph.D. in Bioinformatics, and the delineation of responsibilities between developers and the DevSec team. All that and a bit of CTO talk.
0:00 - Moving from “shift left” to “born left” 3:05 - How David Melamed got into cybersecurity 6:00 - Choosing your cybersecurity job path 11:15 - Daily work as a cybersecurity CTO 13:02 - How to become a cybersecurity CTO 15:10 - Keeping a company on track 16:40 - DevSecOps shift left to born left 21:08 - Born left, and overall security 23:13 - Accountability for developers 25:07 - Application security and born left 29:33 - What will DevSecOps and born left look like in the future? 31:00 - How to work in software development security 34:35 - First steps to a cybersecurity development job 35:30 - What is Jit? 38:33 - Learn more about Melamed 39:08 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
27 Apr 2023
The fundamentals of GitHub | Cyber Work Hacks
00:10:16
Jacob DePriest, GitHub’s VP, deputy chief security officer, talks about what GitHub is, how it works and what to do with it once you start to understand it.
0:00 - GitHub fundamentals 1:30 - What is GitHub? 2:11 - How did GitHub get so popular? 3:15 - Where to start at GitHub 4:15 - How to search GitHub 5:52 - Evaluating GitHub materials 7:47 - GitHub shortcuts for security professionals 9:03 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
11 May 2023
Is CompTIA’s Cloud+ certification right for you? | Cyber Work Hacks
00:16:14
James Stanger, chief technology evangelist at CompTIA, discusses CompTIA's Cloud+ certification and why security professionals must consider adding it to the certification toolbox.
0:00 - CompTIA Cloud+ certification 1:06 - Benefits of Cloud+ 3:24 - Cloud+ is vendor agnostic 6:27 - Preparing for Cloud+ 8:43 - Cloud+'s future 11:18 - Good Cloud+ training 12:50 - How to study for Cloud+ 14:26 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
17 Apr 2023
Women Impact Tech’s work in the cybersecurity industry | Guest Paula Bratcher Ratliff
00:51:50
Paula Bratcher Ratliff owns and is president of Women Impact Tech, an organization committed to bringing women and diverse professionals into cybersecurity. They have clear goals, committed members and proven results.
0:00 - Women Impact Tech 3:11 - Paula's career 8:30 - Entering cybersecurity from different industries 11:40 - Employee retention in cybersecurity 16:32 - Cybersecurity hiring improvements 20:52 - Changing internal promotions 28:20 - Services from Women Impact Tech 32:50 - What Women Impact Tech does at events 36:30 - Effective strategies to bring equity in cybersecurity 43:52 - Protecting women online 47:44 - Upcoming Women Impact Tech events 50:00 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
24 Apr 2023
Changing careers to cybersecurity | Guest Dara Gibson
00:42:21
Dara Gibson of Optiv and the Phoenix, Arizona, branch of Women in Cybersecurity has developed and managed cybersecurity services for five years. After years of being an educator, Gibson felt the pull of cybersecurity and tech. For those of you who are thinking of making a later-in-life, life-changing career shift into cybersecurity and feeling a bit overwhelmed, do not miss this episode! Gibson strikes the perfect balance between pushing you out of the nest without pushing you off a cliff!
0:00 - Changing to a cybersecurity role from another profession 2:56 - Dara Gibson’s start in cybersecurity 7:28 - Guidance in cybersecurity 10:00 - Working as a cyber insurance specialist 15:00 - Phoenix Women in Cybersecurity 17:06 - Where Women in Cybersecurity members come from 21:00 - How to get past the HR barrier in cybersecurity 24:20 - Applying to cybersecurity jobs 26:52 - Common paths in cybersecurity for job changers 29:00 - Tips for cybersecurity job posting 34:40 - Advice to attract women to cybersecurity 36:35 - Get involved in Women in Cybersecurity 38:35 - Barriers to getting women in cybersecurity 40:42 - Learn more about Dara Gibson 41:15 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
01 May 2023
Reframing cybersecurity automation and its uses | Guest Leonid Belkind
00:54:12
Leonid Belkind is the chief technology officer (CTO) and co-founder of Torq, a no-code security automation platform. After asking him buckets of questions about the day-to-day work of a CTO in the tech field, we get into a fascinating discussion of all the ways that automation will change the work of cybersecurity, allowing professionals at all stages to work on higher-order problems. At the same time, the great automated data sifters do high-speed data analysis beyond our cognition. This one gets pretty heady folks, especially once we compare CTOs to orchestra conductors.
0:00 - Uses of automation 2:50 - How Leonid got into tech 5:30 - Chief technology officer and endpoint security roles 8:30 - Enpoint used during work from home 10:30 - Average day as a CTO at Torq 17:25 - Cybersecurity market predictions 19:30 - Skills and talents that make a good CTO 21:27 - Zero-trust Pentagon directive 24:35 - Reframing how we view automation 30:06 - Automation and disabilities 33:15 - Automation's big discussions 39:40 - How automation can improve jobs 42:20 - How to work in automation 48:02 - Communication in cybersecurity 50:55 - What is Torq? 53:04 - Learn more about Torq and Leonid Belkind 53:42 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
22 May 2023
The current state of crypto crime | Guest Lili Infante
00:47:59
CAT Labs CEO and founder Lili Infante worked as a special agent for the U.S. Department of Justice for 10 years specializing in cryptocurrency’s use in dark web investigations. Infante gives us the insider’s view of dark web investigations, why it’s so difficult to prosecute dark web actors when anonymity extends up and down the hierarchy, the current state of dark web markets, and the rise of state-sponsored crypto crime organizations like North Korea’s Lazarus Group. Plus, Infante gives you expert advice on getting started in crypto crime investigation and forensics research! You don’t need a Tor browser for this info.
0:00 - Crypto crime in 2023 2:46 - How Lili Infante began in cybersecurity 4:50 - Economics, bitcoin and crypto 9:20 - Liberal arts education and cybersecurity 14:05 - Taking on dark web cases 17:30 - What the dark web market is like 20:24 - Neutralizing a dark web market 24:00 - Main threats of crypto threats and fraud 26:50 - State-sponsored crypto theft 28:45 - Why begin CAT Labs 35:40 - Day-to-day CAT Labs CEO work 41:30 - How to work in crypto crime 45:40 - CAT Labs' future 46:58 - Learn more about Infante 47:43 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
05 Jun 2023
The nuts and bolts of asset detection and asset mapping | Guest Huxley Barbee
00:45:04
Tech evangelist Huxley Barbee from runZero talks about asset detection, and yes, just asset detection. Learn about the day-to-day work of asset detection and asset mapping. Go beyond the theory and speculation about whether the U.S. federal government will implement it on time, and join Barbee as he walks you through how it’s all done and what you need in order to do it well.
0:00 - Asset detection and asset mapping 2:56 - Getting into cybersecurity 4:12 - Shifting roles in cybersecurity to evangelist 6:02 - What does a security evangelist do? 8:30 - What is BSides NYC? 14:41 - Planning in cybersecurity assets 22:50 - Tools and techniques of asset inventory 32:13 - The importance of asset discovery 34:25 - Skills needed to work in asset detection 37:32 - Cybersecurity starts and ends with assets 42:22 - What does runZero do? 44:44 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
08 Jun 2023
Asset detection at home | Cyber Work Hacks
00:11:56
Huxley Barbee, security evangelist at runZero, talks about the nuts and bolts of asset detection on a large scale, specifically around the U.S. federal government’s current directive. Here, we will shrink the playing field and tell newcomers to security how to do your home asset detection!
0:00 - Asset detection at home 1:18 - What is asset detection? 2:44 - Is asset detection difficult? 3:39 - Do asset detection on your network 4:45 - Asset detection on a school network 6:50 - How to put asset detection on your resume 9:44 - What to study for asset detection roles 10:31 - Learn more about runZero 11:15 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
12 Jun 2023
Disaster recovery plans for small businesses | Guest Eric Sugar
00:41:53
ProServeIT President Eric Sugar discusses disaster recovery planning for small and medium businesses. This is an excellent add-on episode to our third episode from way back in 2018 when Keatron Evans discussed the work of an incident responder. If your small- or medium-sized company suffers an incident, whether a breach or a ransom or just a power failure, the first thing you’re going to hope is that you have a disaster recovery plan already written and sitting in the CEO’s locked desk drawer. If not, it’s time for you to prepare and breathe easier.
0:00 - Disaster recovery planning for small businesses 3:12 - Eric Sugar’s start in cybersecurity 4:40 - Working at ProServeIT 6:40 - Working as president of ProServeIT 9:07 - What is a small or medium cybersecurity business? 10:50 - How to have a disaster recovery plan 14:05 - Customize your disaster recovery plan 16:40 - Prioritized your disaster recovery plan 18:10 - How to choose potential disasters 21:28 - Examples of disaster recovery plans 26:20 - Education and skills needed to work in disaster recovery 31:40 - A good resume for disaster recovery 35:10 - Getting promoted in discovery recovery 37:33 - What is ProServeIT? 41:16 - Learn more about Eric Sugar and ProServeIT 41:34 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
26 Jun 2023
Digital safety services and equity in cybersecurity | Guest Leigh Honeywell
00:56:23
Leigh Honeywell, CEO and founder of Tall Poppy, a security company that is building tools and services to help companies protect their employees from online harassment and abuse, talks about her career running security incident response at Slack, protecting infrastructure running a million apps at Salesforce.com, shipping patches for billions of computers on the Patch Tuesday team at Microsoft and analyzing malware at Symantec.
We talk about how all of these demanding jobs prepared her for her work at Tall Poppy, get into what she learned about the intersection of First Amendment speech protections vs. online safety from working at the ACLU, why changing the culture of online harassment will probably have to be a marathon, not a sprint, and Leigh shares her experiences with several accelerator startup organizations.
0:00 - Equity in cybersecurity 3:10 - Getting into cybersecurity 7:15 - From physics to computer science 12:30 - How Tall Poppy came to be 19:26 - Technology fellow at the ACLU 26:26 - What is Tall Poppy? 31:20 - Social platforms and change 39:53 - How to work toward equity in cybersecurity 43:02 - Y combinator startup accelerator in cybersecurity 50:07 - LGBTQ+ inclusion in cybersecurity 54:27 - Learn more about Tall Poppy 56:06 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
29 Jun 2023
Crafting a basic disaster recovery plan | Cyber Work Hacks
00:08:55
Preparing for the worst is a drag. Nobody likes to think about it, and if you don’t watch out, inaction means that when you do get ransomed or breached, your first thought is not “let’s get the disaster manual and see what it says.” It’s panic. Today, ProServeIT’s Eric Sugar walks you through a crash course in developing a disaster recovery plan for your small business! Don’t panic! Help is on the way.
0:00 - Create a disaster recovery plan 1:15 - What is a disaster recovery plan? 2:35 - Beginning a disaster recovery plan 3:24 - How to work in disaster recovery 5:04 - Write a hypothetical disaster recovery plan 6:04 - A disaster recovery plan resume 7:08 - Futureproof your cybersecurity skills 8:01 - Learn about ProServeIT
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
31 Jul 2023
The changing responsibilities of the CISO position | Guest Mike Scott
00:57:52
We're talking about chief information security officers CISOs, one of the top-dog roles in cybersecurity, and for many professionals, it’s the brass ring they spend their careers trying to reach. The expectations of a CISO are changing, too, and requirements are growing in many different ways. Mike Scott, CISO of data security provider Immuta, has seen the role change a lot in the past 15 years, and he’s seen the role of CISO move from out of the shadows and into the spotlight for the C-suite, but at a price: when a breach happens, the CISO is often the one who takes a fall. Is this a reasonable expectation? Will the role of CISO change even more? I talked to Mike about all this and the eight years he spent as the CISO of the Wendy’s fast-food chain! We won’t judge you if you want to bite the corners off first, but I’ll be crying in my chili if you don’t keep it here for today’s episode of Cyber Work.
0:00 - Responsibilities of CISOs 3:15 - How Mike Scott of Immuta got into cybersecurity 6:55 - Leading Wendy's fast food restaurant as CISO 13:30 - Data security problems right now 18:40 - Shift left strategy 24:10 - How the CISO role is changing 31:00 - Increased CISO oversight 38:06 - The CISO's responsibility 48:30 - How to work as a CISO 51:50 - Cybersecurity in the federal government 54:48 - Learn more about Immuta 56:53 - Learn more about Mike Scott 57:35 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
07 Aug 2023
Uplifting women for leadership in the cybersecurity industry | Guest Katie O'Malley
00:40:14
We met Katie O’Malley, founder of (en)Courage Coaching and Counseling, at this year’s Women Impact Tech conference, and she gave a great talk about effective networking and giving confidence to tech professionals at all levels of the career ladder. Katie and I discussed finding your adjectives and using them to center your interactions, creating courageous workplace culture, and why women only being mentored by women turns into the new unpaid labor. Let’s all step up and make the workplace better!
0:00 - Coaching women in cybersecurity 3:10 - How Katie O'Malley got into coaching 4:57 - O'Malley's start in cybersecurity and coaching 8:51- The evolution of leadership 12:00 - How career coaching works 18:00 - Importance of networking and branding 24:20 - How to achieve gender parity in cybersecurity 29:30 - Courageous workplace culture 33:21 - Pitfalls in new cybersecurity jobs 36:40 - Lead change at your cybersecurity company 38:55 - What is (en)Courage Consulting and Coaching? 39:33 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
14 Aug 2023
Digital forensics careers: Facts versus fiction | Cyber Work Live
01:04:02
Forget what the crime scene TV shows have told you — digital forensics is not done on an overhead projector while the whole department watches! Learn about the day-to-day work of a digital forensics professional from a team of experts who have been putting in the work for decades!
In this episode of Cyber Work Live, you will learn:
- The types of tools you’ll use to help bring criminals to justice - Why a lack of technical experience isn’t a barrier to entry - How to get real-world forensics practice in your own home - Where a career in digital forensics can take you
0:00 - Digital forensics careers 4:28 - Limits of going off the grid 12:28 - What do SIM cards actually do? 33:12 - Gathering evidence in digital forensics 44:08 - Digital forensics and the cloud 51:44 - Working as a digital forensics professional 54:42 - Digital forensics certifications 59:50 - How to pursue a digital forensics career 1:02:24 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
28 Aug 2023
From software engineer to career coach for women in tech leadership | Guest Limor Bergman-Gross
00:42:31
Limor Bergman-Gross, founder of LBG Consulting, a results-oriented executive coaching service for women in tech, discusses her early programming experience, including Pascal instruction in high school, her move from software engineering manager to career coach and corporate mentorship instructor and why mentors can and should come at any level on the career ladder, not just management or executive. As Limor puts it, “all you need in a mentor is that they be a few steps further down the path than you are.” Lots of gems like that to be found today on Cyber Work.
0:00 - Career coach for women in tech 2:55 - Getting into cybersecurity 5:50 - Pursuing cybersecurity consulting 6:54 - How to get into consulting 8:15 - First steps with cybersecurity coaching 10:02 - How to help someone find their role 14:20 - Executive-level consulting 16:00 - A mentor versus an advocate 17:45 - Mentoring and training 20:00 - Speaking at an ISACA conference 22:28 - Achieving gender parity quickly 24:55 - Supporting underrepresented talent in cybersecurity 32:05 - Making a difference in diversity 35:00 - Women mentoring women 37:10 - Making yourself available as a mentor 40:37 - Learn more about LBG Consulting 42:20 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
21 Aug 2023
ICS security, Blue Team Con and security work in the Air Force Reserve | Guest Lesley Carhart
00:54:05
Lesley Carhart of Dragos, also known as Hack4Pancakes on social media, is a lifelong breaker and builder of things, and their insights on the deep mechanics of Industrial Control Systems are an absolute must-hear for any of you even considering this space. Carhart also talks about their keynote at this year’s Blue Team Con, the differences between incident response in the military vs. the private sector, and why standard cybersecurity studies won’t take you as far in ICS as it will to learn how train track switchers work. Seriously, this is one of the best episodes I’ve ever been a part of, and I can’t wait for you to hear it!
0:00 - ICS security 3:40 - Getting started in cybersecurity 9:13 - The early days of the internet 11:05 - Air Force cybersecurity 12:50 - Military cybersecurity training 15:00 - Incident response work at Motorolla 18:40 - Technical director of incident response 23:30 - State of ICS 39:13 - Starting work in ICS 41:57 - Keynote speaker at Blue Team Con 46:46 - Bringing diversity into ICS 53:46 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
13 Sep 2023
Bringing coding skills to underserved communities | Guest Brianne Caplan
00:40:05
Brianne Caplan is the founder and executive director of Code Your Dreams, a non-profit that brings knowledge, accessibility and excitement about programming and tech to learners from age 5 to adulthood in underserved communities. Caplan tells some incredible stories, like the women’s coding and data analysis group in Burundi, exciting coding projects for students interested in art, music and dance and why her experience inadvertently creating a non-profit company that was incorporated as a for-profit was a learning experience that helped kickstart Code Your Dreams! This one’s inspiring, so I hope you’ll keep it here for Cyber Work.
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
0:00 - Coding for underserved communities 3:11 - Brianne Caplan's start in cybersecurity 8:04 - Cash for Schools 10:50 - What is Code Your Dreams? 14:40 - How Code Your Dreams works 17:52 - Gaps in cybersecurity school education 21:00 - Baseline tech literacy for grade school 23:30 - Popular Code Your Dreams activities 27:08 - After Code Your Dreams 35:11 - Volunteer for Code Your Dreams 37:00 - Bring Code Your Dreams to your school 39:40 - Get in touch with Brianne Caplan 40:15 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
18 Sep 2023
Cybersecurity investment and launching new companies | Guest Leslie Lynn Smith
00:46:45
Leslie Lynn Smith is the National Executive Director for GET Cities. GET stands for Gender Equality in Tech. Today’s episode will move away from standard cybersecurity and IT insights in favor of a larger look at investment opportunities for tech startups, and where and on who we spend investment capital. Smith is a multi-decade authority on state- and city-wide community investment initiatives with a lifelong passion for bringing people of marginalized races and genders to the table in fulfilling their tech business dreams. Smith talks about bridging the gap from angel investor money to initial seed, and why the space between the two can sink new startups, the slow, patient process of affecting equitable change at the legislative level, and offers an accelerated way to make IT and cyber teams more inclusive and equitable. If you’ve wanted to get involved with angel investing and helping young companies get off the ground, Smith talks you through the process with no steps missed.
0:00 - Gender equity in tech 3:35 - Leslie Smith's journey in tech 9:40 - Equity in cybersecurity at GET Cities 15:03 - How does GET Cities work? 21:20 - Concrete ways to work towards gender equity in tech 30:30 - Imposter syndrome revised 35:00 - Where does equity work need to be done in tech? 40:30 - How to invest in tech and cybersecurity 43:33 - GET Cities upcoming initiatives 46:00 - Learn more about GET Cities and Smith 46:40 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
25 Sep 2023
Finding and supporting neurodiverse cybersecurity professionals | Guest Tara D. Anderson
00:59:48
Tara D. Anderson, managing director of Framework Security and an official member of the Forbes Technology Council, walks us through her journey, including her years in the world of finance, opens up about a traumatic event in her life that altered the way she learns and retains information and how her switch to IT and Cybersecurity was an ideal fit. From her days co-founding the consultancy firm Cognitive SLC, an organization whose founders were all neurodiverse, to Framework Security’s desire to make protection understandable to small charitable companies and organizations who couldn’t bounce back from hacking and theft, Anderson's ethos and vision, from work to the interview process, is a complete inspiration for anyone interested in bringing neurodiverse professionals into their organization.
0:00 - Neurodiversity in cybersecurity 3:46 - Getting into computers and tech 9:46 - Revenue officer roles 15:20 - Getting into IT and security 23:07 - Neurodiverse workers in cybersecurity 30:45 - Neurodiverse challenges in cybersecurity 41:40 - Remote cybersecurity work 52:03 - How to work in cybersecurity 56:34 - What is Framework Security? 59:30 - Outro
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
16 Oct 2023
How AI is affecting GRC and the future of cybersecurity | Guest Heather Buker
00:54:16
Dr. Heather Buker of 6clicks has been a technical SME in the cybersecurity field her entire career, and 6clicks has introduced Ask Hailey, an AI-based governance risk and compliance (GRC) tool that promises to move the work of GRC into a new era. Also on the show, Infosec’s vice president of portfolio product strategy and cybersecurity superstar Keatron Evans in a guest-host capacity! Buker, Keatron and I discuss the spaces in which governance risk and compliance can greatly benefit from AI/machine learning enhancement, the crucial need to prioritize the decision-making skills of humans over everything else and why seemingly disparate career roles and pivots can still lead you in the career direction you desire most.
0:00 - Ask Hailey AI 4:17 - Heather Buker's start in cybersecurity 6:40 - Security compliance migration work and more 13:15 - Tasks of a chief customer officer 18:40 - What is Ask Hailey AI? 23:00 - Challenges in risk assessment 27:15 - Ask Hailey AI and GRC 38:05 - Advice to get into government cybersecurity 42:50 - Advice for cybersecurity students 44:50 - The big picture of AI 53:00 - Learn more about Buker and 6clicks 54:11 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
23 Oct 2023
How generative AI can be used by bad actors | Guest Oliver Tavakoli
00:49:01
Oliver Tavakoli from VectraAI returns to the program to talk about – surprise! – AI! Having talked about Tavakoli's origin story on the past episode, we’re free to dig right into his main area of interest: the ways in which generative AI can be used by bad actors, whether introducing conflicting messages into GPT guardrail commands or escalating the nuance and complexity of fake-based social engineering attacks. We talk about long-term implications of this emerging tech opportunity, ways for new professionals to get comfortable with its requirements quickly, and Tavakoli lets us know what this “summer of AI” will mean for the coming years, and also why its endless innovation may cool for a few years, and that’s OK.
0:00 - Generative AI and bad actors 4:20 - Big changes for generative AI in 2020 7:11 - Example of an AI attack 15:30 - AI as a tool versus an intelligence 17:10 - Solutions with AI 22:47 - How AI will affect cybersecurity careers 32:18 - How does AI hurt your career? 38:40 - Job roles in cybersecurity that may become niche 40:40 - The year of AI? 43:25 - How to talk about AI 45:40 - What is VectraAI? 48:25 - Learn more about Tavakoli and VectraAI 49:30 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
30 Oct 2023
AI and the rise of DDoS attacks | Guest Anna Claiborne
00:56:34
Anna Claiborne from Zayo talks about the spike of DDoS attacks they saw in the past year. Although distributed denial of service (DDoS) attacks trend up nearly every year, new factors around advanced automation and ease of use may be driving the increase. Claiborne takes us back 20 years, when solutions to DDoS attacks involved trying the most far-out solution you could, often for the most far-out clients you could imagine! Seriously, I use the words “Wild West” to describe early security on a lot of episodes, but Claiborne really gives us some top-notch war stories. She’ll also let you know where to focus if you want to get started in telecom security, or any of near-infinite industries that would be impacted by telecom shutting down.
0:00 - AI and DDoS attacks 4:20 - How Anna Claiborne got into cybersecurity 8:24 - Claiborne's cybersecurity experiences 14:10 - The changes in DDoS attacks 16:55 - Current DDoS escalations 24:34 - Claiborne's role as a VP 34:25 - Why DDoS attacks have skyrocketed 38:32 - Why DDoS attacks are easier 42:55 - How much is DDoS effective? 44:24 - Tips for countering DDoS 47:16 - Careers involving DDoS attacks 51:09 - Acquire DDoS skills early 56:19 - Learn more about Claiborne and Zayo 57:48 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
09 Nov 2023
The role of film storytelling in making education stick | Cyber Work Hacks
00:21:31
Infosec IQ’s director of production, Steve Concotelli comes to us following years working in the movie and TV industry, and his ability to create and craft a great story is at the core of what makes Work Bytes the most award-winning security awareness series on the market! Learn more about Concotelli and the team’s ability to craft storylines with takeaways that stick, as well as the reasons why we create four different information delivery types to match the pace and time commitments of your workers. Maybe by the end, you’ll know which of the fantastical characters I mentioned at the start is most like you! Kick back and enjoy a few engaging minutes with this Cyber Work Hack. And take the Work Bytes Personality Quiz: https://infosec.involve.me/work-bytes-personality-quiz.
0:00 - Film storytelling in cybersecurity 2:48 - How Concotelli moved from Hollywood to Infosec 3:56 - What is Work Bytes? 5:50 - Telling the story of Work Bytes 7:47 - Balancing fun and info 14:07 - What's new in Work Bytes? 19:21 - Big goals for Work Bytes 20:29 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
06 Nov 2023
The future of passwords | Guest Tomas Smalakys
01:09:21
Tomas Smalakys, CTO at NordPass, is today's guest. As our future seems choked with a never-ending need for new passwords of ever-growing complexity for everything we sign up for, Smalakys, along with some large tech organizations, is embracing a post-password future with a system of passkeys. What will it look like? How is it implemented? How will you be able to do this bleeding-edge work in the future? Tune in for today’s episode of Cyber Work and find out!
0:00 - The future of online passwords 3:43 - Tomas Smalakys' start in cybersecurity 8:40 - Managing software engineers 15:33 - Chief technical officer at NordPass 20:05 - The state of password security 27:22 - Imperfections in two-factor security 42:13 - How to know you've been compromised online 47:55 - The passkey system 1:02:41 - How to work in passwords and passkeys 1:09:05 - Learn more about Smalakys and NordPass 1:10:07 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
13 Nov 2023
National security cyber issues and Stanford’s cyber policy program | Guest AJ Grotto
00:40:23
Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of international cyber risk and response, gives his tips for students just getting started in international policy and why a suspicious-looking email took him away from the law profession and into the security space.
0:00 - National security cyber issues 4:04 - How AJ Grotto got into cybersecurity 7:10 - Grotto's work in the National Security Council 10:25 - Skills used in the National Security Council 14:35 - Working at Sagewood 17:00 - Global trends in cybersecurity 19:00 - Economies down; cyber crime up? 20:17 - Cyber risk work at Stanford 23:10 - Cybersecurity students at Stanford 29:46 - How to take Grotto's class at Stanford 31:25 - Federal Zero Trust directives 34:49 - What to research for national security work 38:09 - Important global cybersecurity topics 40:06 - Learn more about Grotto, Stanford international policy 41:07 - Outro
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
27 Nov 2023
The transformative power of neurodiversity in cybersecurity practices | Guest Ian Campbell
00:59:54
Ian Campbell, security operations engineer at DomainTools, is someone who has truly carved a niche out for himself in his organization and in the cybersecurity landscape as a whole. His blogs for the DomainTools website have provided paths for neurodiverse cybersecurity professionals and allies who want to make their organizations more friendly to neurodiversity to undertake the small changes to work roles and company culture that can net huge improvements for folks with different types of cognition, patterns of learning, concentration challenges, and yes, nurturable strengths!
I’ve said it plenty of times here and I’ll say it again: cybersecurity is at its best when we’re all together, solving problems and creating solutions with our own diverse approaches.
0:00 - Neurodiversity in cybersecurity 4:00 - How Ian Campbell got into cybersecurity 6:50 - Cybersecurity journey 15:33 - What does a security operations engineer do? 18:37 - Chokepoints of security operations engineer role 20:22 - Supporting people with neurodiverse work and learning 25:50 - What hinders neurodiverse workers in cybersecurity? 30:17 - Altering work culture for neurodiverse workers 39:00 - Neurodivergent traits suited for cybersecurity 42:05 - Benefits of neurodiversity in cybersecurity 48:41 - Promoting communication for neurodiverse workers 52:36 - Positive policies for neurodivergent workers 58:20 - Learn more about DomainTools 1:00:00 - Learn more about Ian Campbell 1:00:23 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
04 Dec 2023
Empowering African Women through Cybersecurity | Guest Confidence Staveley
01:07:09
Confidence Staveley of the CyberSafe Foundation and the CyberGirls program is today's guest. CyberGirls is a year-long cohort program in which women in Africa ages 18 to 28 can learn cybersecurity basics and create career tracks to fast-track these students into cybersecurity careers! Staveley tells us about the workings of the program, how she uses her YouTube channel to teach API security with food analogies and explains the origins of what is likely the first-ever Afrobeat song about security awareness! This episode is as fun and inspiring as any I’ve recorded, so I hope you’ll tune in for today’s Cyber Work.
0:00 - Cybersecurity training for women in Africa 4:47 - How Confidence Staveley got into cybersecurity 10:35 - What is the CyberSafe Foundation? 16:57 - What is the CyberGirls fellowship? 21:30 - How to get involved in CyberGirls 30:10 - Inspiring success CyberGirls stories 43:11 - Keeping CyberGirls engaged 46:31 - API Kitchen YouTube show 52:00 - Cybersecurity initiatives in Africa 59:27 - Advice for working in cybersecurity 1:03:13 - CyberGirls' future 1:05:20 - Learn more about CyberSafe 1:07:22 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
11 Dec 2023
What it's like to be a CISO — and why they don't need more tech | Guest Dan Roberts
00:56:00
Dan Roberts, host of the “Tech Whisperers” podcast, and a mentor, coach and leader to CISOs and other tech-focused C-suite members for nearly four decades, is today's guest. We talk about Roberts' earliest work, including coining the term “Developing the human side of technology” all the way back in 1984, to spearheading the CyberLX program for CISOs and those aspiring to be. Roberts also provides a four-stage growth chart for CISOs that, quite frankly, scales well to just about any tech career and teases a very exciting guest on the “Tech Whisperers” podcast!
0:00 - CISO's need leadership experience 4:47 - How Dan Roberts got into cybersecurity and tech 6:34 - What was tech like in the '80s? 9:20 - Common difficulties as a CISO 16:52 - What is CyberLX? 24:10 - Joining CyberLX to become a CISO 29:50 - How to become a CISO 34:45 - Cybersecurity and soft skills 38:05 - Skills needed in tech and security now 40:30 - Leading with the seven Cs 43:00 - Start your CISO career journey 46:23 - Getting uncomfortable to evolve in cybersecurity 47:49 - What is the Tech Whisperers podcast? 52:06 - Tech for Good project 54:18 - Exciting new projects for Roberts 56:30 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
18 Dec 2023
Neurodiversity and cybersecurity leadership positions | Guest Anthony Pacilio
00:52:38
Today's guest is Anthony Pacilio, VP Neurodiverse Solutions at CAI. I met Pacilio at this year’s ISACA Digital Trust World event in Boston, and I was immediately fascinated with his insights on hiring and attracting neurodiverse professionals in security, IT, engineering and related industries, all of which suffer a skills gap and all of which are in need of new insights and working methods. Pacilio and I have a substantive conversation about changing the structure of the “6-hour marathon” interview process, the difference between an employee who stays in one job role vs. an employee who stays in but re-imagines that one job role, and why this new way of hiring and recruitment can lead to nothing less than an entire transformation of a company’s work culture.
0:00 - Neurodiversity and cybersecurity leadership 4:18 - Pacilio's early years with tech 7:40 - Shifting roles in cybersecurity 12:55 - VP of neurodiverse solutions 16:10 - CAI's dedication to neurodiversity 19:27 - Neurodiverse solutions in cybersecurity and IT 23:50 - Rethinking the cybersecurity role interview 26:32 - Adopting new interview strategies 33:03 - Examples and success stories 35:30 - Where neurodiverse workers succeed in cybersecurity 42:04 - Tips for neurodiverse learners in cybersecurity 45:58 - Advice for new cybersecurity professionals 52:30 - Learn more about CAI 53:05 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
08 Jan 2024
Don't chase unicorns to fix the cybersecurity skills gap | Guest Adrianna Iadarola
00:53:23
Adrianna Iadarola of CyberSN joins me today to break down every spot on the cybersecurity job search, hiring, upskilling and retention pipeline. After her raucous and highly informative presentation at ISACA Digital Trust World, I knew I had to introduce you to this great analyst and thinker. Whether you’re doing the hiring or being the hiree, you will find something crucial to your new year journey today on Cyber Work.
0:00 - Problems with cybersecurity hiring 2:19 - How Adrianna Iadarola got into cybersecurity 6:03 - Skills required to jump cybersecurity roles 8:13 - How the cybersecurity job landscape has changed 13:30 - Skills gap in cybersecurity and timing 15:15 - Cybersecurity HR hiring issues 20:05 - Why is AI security executive level? 25:16 - Change in soliciting cybersecurity candidates 30:16 - Recommendations on changing a cybersecurity team 35:30 - Strategies in cybersecurity language 40:00 - Advice for people heading into cybersecurity 43:20 - Where are cybersecurity budgets and investments going? 49:52 - What is CyberSN? 52:01 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
22 Jan 2024
The Wild West era of data collection is over | Guest Sean Falconer
00:43:41
Today on Cyber Work, Sean Falconer of Skyflow and host of the Partially Redacted and Software Huddle podcasts, joins me to talk about the present and future of consumer and user data privacy, the pros and cons of adding more privacy regulations into place and his journey from software development and engineering to his current place of working closely and deeply with the future of API-based data encryption and privacy. And stick around because Falconer will share the best career advice he ever received!
0:00 - Consumer and user data privacy 2:02 - When did Falconer get into tech? 6:40 - Three degrees in computer science 12:40 - Current issues around data privacy 19:25 - The end of "Wild West" data privacy laws 24:00 - External factors on data privacy 28:03 - Why am I accepting cookies on websites? 34:45 - Experiences and learning for data privacy careers 41:44 - Learn more about Skyflow and Falconer 42:26 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
29 Jan 2024
Security+ exam tips: What changed and how to pass the new exam | Cyber Work Hacks
00:12:13
Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober tells us about the new changes to the Security+ exam and how it will (or will not) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack.
0:00 - Security+ exam changes 1:05 - Key ways the Security+ exam has changed (SY0-701) 3:47 - Why make the Security+ exam changes? 5:30 - Security+ exam studying strategy 6:47 - Most crucial Security+ exam skills for the future 9:48 - Best advice before taking the Security+ exam 11:28 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
05 Feb 2024
45 billion cyberattacks a day?! Media myths and working in cybersecurity | Guest Ken Westin
00:38:49
Ken Westin of Panther Labs has a bit of fact-checking he wants to do on some of the tech stories we read daily in the papers. Does J.P. Morgan really get 45 billion cyberattacks per day? Really? Are there other factors in this number that aren’t emphasized in the interest of chasing panic clicks?
Westin and I talk about responsible ways to cover big security stories in the news, ways that each of us can become cyber fact-checkers and advocates, and Westin tells me about how his personal interests have turned into creating some very cool anti-theft tools. You can hear me audibly blown away by one in particular!
0:00 - Mega cyberattacks 2:00 - How Ken Westin got into cybersecurity 10:44 - J.P. Morgan cyberattacks 16:00 - Media and PR as a form of social engineering 17:48 - Reframing the cyberattack narrative 19:50 - CISO burnout and responsibility 23:04 - Advice to CISO workers to fight new threats 28:35 - Changing the cybersecurity narrative 33:43 - Advice to cybersecurity professionals 37:30 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
09 Feb 2024
Security+ exam questions and answers: What to expect | Cyber Work Hacks
00:18:47
Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober reviews Security+ exam sample questions and shares tips to pass your Security+ 701 exam.
0:00 - Security+ exam mechanics 1:15 - The different types of Security+ exam questions 3:55 - How do you see your Security+ exam results? 5:10 - Security+ exam example question 1 9:27 - Security+ exam example question 2 11:32- Security+ exam example question 3 15:08- Security+ practice exam 16:29 - Security+ exam day advice 18:05 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
12 Feb 2024
Are remote workers more security-savvy than on-premises? | Guest Joseph Nwanpka
00:46:29
Miami University's (in Oxford, Ohio) Farmer School of Business Information Systems and Security researcher Joseph Nwankpa joins Cyber Work today. Nwankpa recently wrote a report that overturns some huge assumptions: he found that work-from-home employees are, to a large degree, less of a security issue than many on-premises workers. Nwankpa discusses The Peltzman Effect, the persistent struggles to create security awareness that lasts past the initial training sessions and talks about some surprising reasons that the higher education sector has been shown to be less sophisticated in their security awareness than many other industries.
0:00 - Are remote workers more cyber secure? 2:00 - How did Joseph Nwankpa get into cybersecurity? 7:53 - Findings on remote worker security 12:00 - Cybersecurity strategies in different work locations 17:05 - A company's cybersecurity compliance culture 19:07 - Best lessons for best remote work security practices 22:00 - Internalizing securing awareness 26:40 - Higher ed issues with cybersecurity 31:00 - Higher ed and phishing emails 33:00 - Remote work security blind spots 35:50 - Become a security awareness professional 41:54 - Miami University's information systems program 44:00 - Learn more about Nwankpa 45:01 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
15 Feb 2024
Security+ Boot Camp: What to expect during your training | Cyber Work Hacks
00:16:03
Infosec and the Cyber Work Hacks podcast are here to help you pass the Security+ exam! For today’s hack, let’s talk bootcamps. If you’ve been piecing your way through the Sec+ study guide for six months or more, it’s possible that you would learn better in a concentrated, focused environment with expert instruction. I’m talking, of course, about Infosec boot camp instructor Tommy Gober!
Goberwill walks you through what the Infosec five-day Security+ boot camp is like the learning and memorizing strategies you’ll employ and all the ways that boot camp training can make the difference between passing on the first try and endless headaches and heartaches of re-sitting the exam. You don’t have to do it alone! But to learn more, you do have to keep it here for another Cyber Work Hack.
0:00 - Security+ boot camp 1:30 - Boot camp training versus classroom 6:25 - Breaking down five days of boot camp 8:50 - What is it like to attend a boot camp? 12:14 - How does the boot camp prepare for the exam? 14:01 - Is a boot camp right for you? 15:30 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT, and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and at home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
19 Feb 2024
A career in dental cybersecurity? Drilling down into this unique role | Guest Tom Terronez
00:35:17
Tom Terronez joins Cyber Work to discuss security in an industry that doesn’t always make the headlines for security news: dentistry. Terronez co-founded Medix Dental, an IT and security provider for the dental industry, 20 years ago, and has the lowdown on some of the specific security issues dentist offices and networks face. It is an uphill battle to get the industry to acknowledge its extreme insecurity, and I find out how a shared love of Hall & Oates got Terronez into this very specific area of the security sphere. And I promise that I tried to avoid overusing the phrase “drill down on this point.” Spoiler: I failed.
0:00 - Dental industry cybersecurity 2:00 - Terronez's interest in tech 3:55 - Dentistry cybersecurity 20 years ago 5:00 - Dentistry cybersecurity dangers and issues 15:55 - Why the dental industry is susceptible to cyberattacks 18:50 - Common attack vectors against dentists 23:37 - How to work in dental cybersecurity 25:20 - What working in dental cybersecurity is like 26:40 - Volunteer opportunities in dental cybersecurity 28:22 - 2024 dental cybersecurity trends 31:20 - Tom Terronez's best cybersecurity career advice 32:50 - Learn more about Medix Dental 34:03 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
22 Feb 2024
Renewing your Security+ certification | Cyber Work Hacks
00:16:05
Infosec and Cyber Work hacks want to help you pass the Security+ exam! We have three separate hacks on this channel to help you through the process of studying for and taking the exam. But what about in the years after, when it’s time to get ready to recertify? Infosec boot camp instructor Tommy Gober walks you through all the different ways you can earn your continuing education units (CEU), how many you need to re-certify your Security+ and some less-known activities that can keep your CEU numbers rising and make ongoing learning an ongoing process, not something you need to “cram” at the end of three years. Wanna know more? Well, it's all here in today’s Cyber Work Hack.
0:00 - Security+ certification renewal 1:30 - Why does CompTIA require renewal? 4:37 - How to earn continuing education units 6:51 - Fun ways to earn continuing education units 8:04 - Log your continuing education unit hours 9:44 - Continuing education unit consistency 12:25 - CompTIA certification continuing education 15:14 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
26 Feb 2024
Ethical hacking careers vs. cinema: What it's like to work as a hacker | Cyber Work Live
01:01:10
Don't believe the movies and TV shows — ethical hacking is not done by frantically typing on the keyboard in a race against the clock.
What's a career in ethical hacking and penetration testing really like? Join our panel of experts who have worked in the field for decades to find out!
In this one-hour live event, we'll cover:
0:00 - Ethical hacking fact vs fiction 7:45 - First, getting into cybersecurity 12:00 - Does ethical hacking fiction affect people? 19:20 - Cybersecurity students in higher ed 26:17 - Qualifying for penetration testing jobs 31:21 - A real-life cybersecurity attack 42:30 - Does Hollywood inspire cybersecurity workers? 44:30 - U.S. Cybergames 47:40 - Infosec Skills and real-life learning 50:35 - Cybersecurity career jump 53:30 - Criminal justice and cybersecurity 56:25 - From IT support to cybersecurity 59:00 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
29 Feb 2024
What a CISSP boot camp is like | Cyber Work Hacks
00:18:05
Infosec and the Cyber Work Hacks podcast are here to help you prepare for and pass the CISSP exam from ISC2. For today’s hack, we’re talking boot camps. If you’ve been preparing for the Certified Information Systems Security Professional (CISSP) study guide for six months or more, you might learn better in a concentrated, focused environment with expert instruction.
And that expert is Infosec boot camp instructor Steve Spearman, who has helped hundreds of learners prepare for and pass their CISSP. Steve will walk you through what the Infosec 7-day CISSP boot camp is like, which can make the difference between passing on the first try and the headache and heartache of having to re-sit the exam.
0:00 - What is a CISSP boot camp? 1:37 - A boot camp versus university cybersecurity education 2:47 - What is a cybersecurity boot camp schedule like? 6:54 - Cybersecurity boot camp communication 9:50 - Cybersecurity boot camp homework 12:13 - Taking a cybersecurity certification exam 15:44 - Is a cybersecurity boot camp right for me? 17:36 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
04 Mar 2024
What help do CISOs need in 2024? | Guest Alicia Olson
00:32:16
Alicia Olson, VP of Communications at Optiv, is today's guest. Olson came to cybersecurity from the oil and gas sector. She tells us how she got interested in communications for security professionals, explains how she turned Optiv’s distributed workforce into a cohesive unit and gives CISOs some crucial advice and ideas for dealing with that moment that no one wants to have to explain — the inevitable security breach.
0:00 - What do CISOs need in 2024? 1:40 - Working in communications 3:50 - Average workday as a VP of communications 6:56 - Cybersecurity issues with communications 9:50 - Why work in cybersecurity communications? 13:00 - How to enter cybersecurity communication roles 17:50 - Women mentoring women in cybersecurity 19:35 - Supporting DEI in cybersecurity 23:00 - Biggest problems for CISOs in 2024 25:05 - Missing CISO skills you should learn 27:38 - Remediation in cybersecurity communication 29:30 - Olson's best piece of career advice 30:15 - Learn more about Optiv 30:55 - Outro
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
11 Mar 2024
CISSP exam tips and tricks: Avoiding common mistakes | Cyber Work Hacks
00:17:13
Infosec and Cyber Work Hacks are here to help you pass the CISSP exam! This is part one of a two-part Cyber Work in which Infosec’s CISSP boot camp instructor Steve Spearman gives you his top tips and tricks for taking the CISSP exam! In part one, we’ll talk about what makes the CISSP such a difficult exam, common mistakes people make while taking the exam and what to do if, heaven forbid, you don’t pass on the first try. You don’t have to do this alone, but you need to listen to Spearman's suggestions.
0:00 - CISSP exam tips 1:43 - What makes the CISSP challenging? 4:51 - Common mistakes taking the CISSP 8:00 - Tricks for taking the CISSP test 11:40 - Advice on retaking the test 16:05 - Best advice for CISSP exam day 16:36 - Outro
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Améliorez votre compréhension de Cyber Work avec My Podcast Data
Chez My Podcast Data, nous nous efforçons de fournir des analyses approfondies et basées sur des données tangibles. Que vous soyez auditeur passionné, créateur de podcast ou un annonceur, les statistiques et analyses détaillées que nous proposons peuvent vous aider à mieux comprendre les performances et les tendances de Cyber Work. De la fréquence des épisodes aux liens partagés en passant par la santé des flux RSS, notre objectif est de vous fournir les connaissances dont vous avez besoin pour vous tenir à jour. Explorez plus d'émissions et découvrez les données qui font avancer l'industrie du podcast.
