Cyber Work
About
Available on
Community
329 episodes
Thomas Pace of NetRise talks about industrial control systems security. We’ll learn about Paces time in the United States Marine Corps in cyber-intelligence, his move to forensics and then ICS and why the greatest asset a security professional can have is the ability to find, clearly see and create narratives. I always find ICS professionals to be fascinating, and Pace took us down some new paths, so if you’re also interested in ICS Security, keep it here for today’s episode of Cyber Work! 0:00 - Industrial Control Systems security 1:39 - How Pace got into cybersecurity 4:31 - The speed of cybersecuritys change 5:20 - Paces career in cyber intelligence 10:08 - Importance of cybersecurity analysis 10:55 - Current state of ICS and infrastructure security in the U.S. 25:22 - How to work in ICS security 32:52 - Manufacturing security issues 38:00 - Security risks for cranes 40:51 - Best ICS security advice 44:09 - Best cybersecurity career advice 46:15 - What is NetRise? 47:40 - Learn more about Pace 48:25 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and Cyber Work Hacks want you to pass the Cisco CCNA exam! To help you do that, Infosec’s CCNA Boot Camp instructor Wilfredo Lanz gives you his top tips and tricks for taking the CCNA exam! Lanz will give you some advice for narrowing down the right answer by eliminating the obviously wrong ones, common mistakes people make while taking the exam and what to do if, for some reason, you don’t pass on the first try. And most importantly, why you must take the practice exams before the test. And then retake them. And again! 0:00 - CCNA exam tips 1:43 - What does the CCNA cover? 4:50 - Tricks for taking the CCNA exam 5:55 - Common CCNA exam mistakes 7:17 - What if you fail the CCNA exam? 8:40 - Best piece of advice for CCNA exam day 9:53 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Cyber Work Hacks is back to keep you updated with the CISSP exam! Infosec boot camp instructor Steve Spearman joins me to tell us about the new changes to the CISSP’s common body of knowledge (CBK) and how the changes to the CBK should (or shouldn’t!) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack. – Learn more about the CISSP: https://www.infosecinstitute.com/training/cissp/ – Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/ 0:00 - CISSP exam common body of knowledge 1:16 - Changes to CISSPs CBK 7:45 - Why did CISSP make CBK changes? 9:17 - How to study for the CISSP 11:37 - Most important CISSP exam items 14:04 - Best advice for taking the CISSP exam 15:03 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and Cyber Work Hacks are here to help you pass the CISSP exam. Today’s Hack is part two, so I encourage you to go back and listen to part one of Steve Spearman’s CISSP exam tips and tricks. In part two, I pass the mic to Spearman to give you his top five test-taking strategies for the CISSP. What’s the Sesame Street rule? How does the CISSP feel about absolutes? Keep it here, and you’ll find out in part two of this week’s Cyber Work Hack. 1:30 - Look for absolutes in questions 3:17 - The Sesame Street principle 4:45 - Watch for algebraic equations 6:23 - Look for the "golden words" 7:38 - Change management is likely the answer 8:55 - Keep an eye on senior management and impact 10:19 - Think like a CISO 11:53 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and Cyber Work Hacks are here to help you pass the CISSP exam! This is part one of a two-part Cyber Work in which Infosec’s CISSP boot camp instructor Steve Spearman gives you his top tips and tricks for taking the CISSP exam! In part one, we’ll talk about what makes the CISSP such a difficult exam, common mistakes people make while taking the exam and what to do if, heaven forbid, you don’t pass on the first try. You don’t have to do this alone, but you need to listen to Spearmans suggestions. – Learn more about the CISSP: https://resources.infosecinstitute.com/overview/cissp/ – Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/ 0:00 - CISSP exam tips 1:43 - What makes the CISSP challenging? 4:51 - Common mistakes taking the CISSP 8:00 - Tricks for taking the CISSP test 11:40 - Advice on retaking the test 16:05 - Best advice for CISSP exam day 16:36 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Alicia Olson, VP of Communications at Optiv, is todays guest. Olson came to cybersecurity from the oil and gas sector. She tells us how she got interested in communications for security professionals, explains how she turned Optiv’s distributed workforce into a cohesive unit and gives CISOs some crucial advice and ideas for dealing with that moment that no one wants to have to explain — the inevitable security breach. 0:00 - What do CISOs need in 2024? 1:40 - Working in communications 3:50 - Average workday as a VP of communications 6:56 - Cybersecurity issues with communications 9:50 - Why work in cybersecurity communications? 13:00 - How to enter cybersecurity communication roles 17:50 - Women mentoring women in cybersecurity 19:35 - Supporting DEI in cybersecurity 23:00 - Biggest problems for CISOs in 2024 25:05 - Missing CISO skills you should learn 27:38 - Remediation in cybersecurity communication 29:30 - Olsons best piece of career advice 30:15 - Learn more about Optiv 30:55 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and the Cyber Work Hacks podcast are here to help you prepare for and pass the CISSP exam from ISC2. For today’s hack, we’re talking boot camps. If you’ve been preparing for the Certified Information Systems Security Professional (CISSP) study guide for six months or more, you might learn better in a concentrated, focused environment with expert instruction. And that expert is Infosec boot camp instructor Steve Spearman, who has helped hundreds of learners prepare for and pass their CISSP. Steve will walk you through what the Infosec 7-day CISSP boot camp is like, which can make the difference between passing on the first try and the headache and heartache of having to re-sit the exam. 0:00 - What is CISSP boot camp? 1:37 - A boot camp versus university cybersecurity education 2:47 - What is a cybersecurity boot camp schedule like? 6:54 - Cybersecurity boot camp communication 9::50 - Cybersecurity boot camp homework 12:13 - Taking a cybersecurity certification exam 15:44 - Is a cybersecurity boot camp right for me? 17:36 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Dont believe the movies and TV shows — ethical hacking is not done by frantically typing on the keyboard in a race against the clock. Whats a career in ethical hacking and penetration testing really like? Join our panel of experts who have worked in the field for decades to find out! In this one-hour live event, well cover: 0:00 - Ethical hacking fact vs fiction 7:45 - First, getting into cybersecurity 12:00 - Does ethical hacking fiction affect people? 19:20 - Cybersecurity students in higher ed 26:17 - Qualifying for penetration testing jobs 31:21 - A real-life cybersecurity attack 42:30 - Does Hollywood inspire cybersecurity workers? 44:30 - U.S. Cybergames 47:40 - Infosec Skills and real-life learning 50:35 - Cybersecurity career jump 53:30 - Criminal justice and cybersecurity 56:25 - From IT support to cybersecurity 59:00 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast https://www.infosecinstitute.com/podcast/ About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and Cyber Work hacks want to help you pass the Security+ exam! We have three separate hacks on this channel to help you through the process of studying for and taking the exam. But what about in the years after, when it’s time to get ready to recertify? Infosec boot camp instructor Tommy Gober walks you through all the different ways you can earn your continuing education units (CEU), how many you need to re-certify your Security+ and some less-known activities that can keep your CEU numbers rising and make ongoing learning an ongoing process, not something you need to “cram” at the end of three years. Wanna know more? Well, its all here in today’s Cyber Work Hack. 0:00 - Security+ certification renewal 1:30 - Why does CompTIA require renewal? 4:37 - How to earn continuing education units 6:51 - Fun ways to earn continuing education units 8:04 - Log your continuing education unit hours 9:44 - Continuing education unit consistency 12:25 - CompTIA certification continuing education 15:14 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Tom Terronez joins Cyber Work to discuss security in an industry that doesn’t always make the headlines for security news: dentistry. Terronez co-founded Medix Dental, an IT and security provider for the dental industry, 20 years ago, and has the lowdown on some of the specific security issues dentist offices and networks face. It is an uphill battle to get the industry to acknowledge its extreme insecurity, and I find out how a shared love of Hall & Oates got Terronez into this very specific area of the security sphere. And I promise that I tried to avoid overusing the phrase “drill down on this point.” Spoiler: I failed. 0:00 - Dental industry cybersecurity 2:00 - Terronezs interest in tech 3:55 - Dentistry cybersecurity 20 years ago 5:00 - Dentistry cybersecurity dangers and issues 15:55 - Why the dental industry is susceptible to cyberattacks 18:50 - Common attack vectors against dentists 23:37 - How to work in dental cybersecurity 25:20 - What working in dental cybersecurity is like 26:40 - Volunteer opportunities in dental cybersecurity 28:22 - 2024 dental cybersecurity trends 31:20 - Tom Terronezs best cybersecurity career advice 32:50 - Learn more about Medix Dental 34:03 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and the Cyber Work Hacks podcast are here to help you pass the Security+ exam! For today’s hack, let’s talk bootcamps. If you’ve been piecing your way through the Sec+ study guide for six months or more, it’s possible that you would learn better in a concentrated, focused environment with expert instruction. I’m talking, of course, about Infosec boot camp instructor Tommy Gober! Goberwill walks you through what the Infosec five-day Security+ boot camp is like the learning and memorizing strategies you’ll employ and all the ways that boot camp training can make the difference between passing on the first try and endless headaches and heartaches of re-sitting the exam. You don’t have to do it alone! But to learn more, you do have to keep it here for another Cyber Work Hack. 0:00 - Security+ boot camp 1:30 - Boot camp training versus classroom 6:25 - Breaking down five days of boot camp 8:50 - What is it like to attend a boot camp? 12:14 - How does the boot camp prepare for the exam? 14:01 - Is a boot camp right for you? 15:30 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT, and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and at home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Miami Universitys (in Oxford, Ohio) Farmer School of Business Information Systems and Security researcher Joseph Nwankpa joins Cyber Work today. Nwankpa recently wrote a report that overturns some huge assumptions: he found that work-from-home employees are, to a large degree, less of a security issue than many on-premises workers. Nwankpa discusses The Peltzman Effect, the persistent struggles to create security awareness that lasts past the initial training sessions and talks about some surprising reasons that the higher education sector has been shown to be less sophisticated in their security awareness than many other industries. 0:00 - Are remote workers more cyber secure? 2:00 - How did Joseph Nwankpa get into cybersecurity? 7:53 - Findings on remote worker security 12:00 - Cybersecurity strategies in different work locations 17:05 - A companys cybersecurity compliance culture 19:07 - Best lessons for best remote work security practices 22:00 - Internalizing securing awareness 26:40 - Higher ed issues with cybersecurity 31:00 - Higher ed and phishing emails 33:00 - Remote work security blind spots 35:50 - Become a security awareness professional 41:54 - Miami Universitys information systems program 44:00 - Learn more about Nwankpa 45:01 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober reviews Security+ exam sample questions and shares tips to pass your Security+ 701 exam. 0:00 - Security+ exam mechanics 1:15 - The different types of Security+ exam questions 3:55 - How do you see your Security+ exam results? 5:10 - Security+ exam example question 1 9:27 - Security+ exam example question 2 11:32- Security+ exam example question 3 15:08- Security+ practice exam 16:29 - Security+ exam day advice 18:05 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbmVORFd6NW5UTHhOMVlTbGRlcHlkaFpEaFJYUXxBQ3Jtc0trVzZsNkVjZ1NYczZxcDVoSTFhS2lrNHgxakVySXhxWXRBOUx5N0dHRTMwS2xIMkNIWU1Lc20wZGIwMDYyZWc4eEdMZVNtQ2lWVUMwNUV6QWZ5RFJUczRVeGYtVDcwTHRHcVlMZThSS3M0a25RWHRmSQ&q=https%3A%2F%2Fwww.infosecinstitute.com%2Ffree&v=JuS94tAEqXM – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa0JCaWZvWjVLX2tkWGU2NENtZ0lzeGtfbnNHd3xBQ3Jtc0trOG82WUpkT2xRMDhMajA0c2hjSXUxd1dINE1XMGx3ZUhSdGNhYVJXOGlYSWRpR2NhbW9hV0NlWldMRHJCeVlhNUNEeV9BVXBHN01tSERaY2ZvcHczTjNFcGFvdk1NMEUxRDJSMHZyUE1qX0V6ei1JUQ&q=https%3A%2F%2Fwww.infosecinstitute.com%2Fpodcast&v=JuS94tAEqXM About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Ken Westin of Panther Labs has a bit of fact-checking he wants to do on some of the tech stories we read daily in the papers. Does J.P. Morgan really get 45 billion cyberattacks per day? Really? Are there other factors in this number that aren’t emphasized in the interest of chasing panic clicks? Westin and I talk about responsible ways to cover big security stories in the news, ways that each of us can become cyber fact-checkers and advocates, and Westin tells me about how his personal interests have turned into creating some very cool anti-theft tools. You can hear me audibly blown away by one in particular! 0:00 - Mega cyberattacks 2:00 - How Ken Westin got into cybersecurity 10:44 - J.P. Morgan cyberattacks 16:00 - Media and PR as a form of social engineering 17:48 - Reframing the cyberattack narrative 19:50 - CISO burnout and responsibility 23:04 - Advice to CISO workers to fight new threats 28:35 - Changing the cybersecurity narrative 33:43 - Advice to cybersecurity professionals 37:30 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober tells us about the new changes to the Security+ exam and how it will (or will not) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack. Get your free Security+ ebook, "CompTIA Security+ 701: How the worlds most popular cert is changing in 2024" https://www.infosecinstitute.com/form/comptia-security-601/ 0:00 - Security+ exam changes 1:05 - Key ways the Security+ exam has changed (SY0-701) 3:47 - Why make the Security+ exam changes? 5:30 - Security+ exam studying strategy 6:47 - Most crucial Security+ exam skills for the future 9:48 - Best advice before taking the Security+ exam 11:28 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Today on Cyber Work, Sean Falconer of Skyflow and host of the Partially Redacted and Software Huddle podcasts, joins me to talk about the present and future of consumer and user data privacy, the pros and cons of adding more privacy regulations into place and his journey from software development and engineering to his current place of working closely and deeply with the future of API-based data encryption and privacy. And stick around because Falconer will share the best career advice he ever received! 0:00 - Consumer and user data privacy 2:02 - When did Falconer get into tech? 6:40 - Three degrees in computer science 12:40 - Current issues around data privacy 19:25 - The end of "Wild West" data privacy laws 24:00 - External factors on data privacy 28:03 - Why am I accepting cookies on websites? 34:45 - Experiences and learning for data privacy careers 41:44 - Learn more about Skyflow and Falconer 42:26 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Adrianna Iadarola of CyberSN joins me today to break down every spot on the cybersecurity job search, hiring, upskilling and retention pipeline. After her raucous and highly informative presentation at ISACA Digital Trust World, I knew I had to introduce you to this great analyst and thinker. Whether you’re doing the hiring or being the hiree, you will find something crucial to your new year journey today on Cyber Work. 0:00 - Problems with cybersecurity hiring 2:19 - How Adrianna Iadarola got into cybersecurity 6:03 - Skills required to jump cybersecurity roles 8:13 - How the cybersecurity job landscape has changed 13:30 - Skills gap in cybersecurity and timing 15:15 - Cybersecurity HR hiring issues 20:05 - Why is AI security executive level? 25:16 - Change in soliciting cybersecurity candidates 30:16 - Recommendations on changing a cybersecurity team 35:30 - Strategies in cybersecurity language 40:00 - Advice for people heading into cybersecurity 43:20 - Where are cybersecurity budgets and investments going? 49:52 - What is CyberSN? 52:01 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Todays guest is Anthony Pacilio, VP Neurodiverse Solutions at CAI. I met Pacilio at this year’s ISACA Digital Trust World event in Boston, and I was immediately fascinated with his insights on hiring and attracting neurodiverse professionals in security, IT, engineering and related industries, all of which suffer a skills gap and all of which are in need of new insights and working methods. Pacilio and I have a substantive conversation about changing the structure of the “6-hour marathon” interview process, the difference between an employee who stays in one job role vs. an employee who stays in but re-imagines that one job role, and why this new way of hiring and recruitment can lead to nothing less than an entire transformation of a company’s work culture. 0:00 - Neurodiversity and cybersecurity leadership 4:18 - Pacilios early years with tech 7:40 - Shifting roles in cybersecurity 12:55 - VP of neurodiverse solutions 16:10 - CAIs dedication to neurodiversity 19:27 - Neurodiverse solutions in cybersecurity and IT 23:50 - Rethinking the cybersecurity role interview 26:32 - Adopting new interview strategies 33:03 - Examples and success stories 35:30 - Where neurodiverse workers succeed in cybersecurity 42:04 - Tips for neurodiverse learners in cybersecurity 45:58 - Advice for new cybersecurity professionals 52:30 - Learn more about CAI 53:05 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Dan Roberts, host of the “Tech Whisperers” podcast, and a mentor, coach and leader to CISOs and other tech-focused C-suite members for nearly four decades, is todays guest. We talk about Roberts earliest work, including coining the term “Developing the human side of technology” all the way back in 1984, to spearheading the CyberRX program for CISOs and those aspiring to be. Roberts also provides a four-stage growth chart for CISOs that, quite frankly, scales well to just about any tech career and teases a very exciting guest on the “Tech Whisperers” podcast! 0:00 - CISOs need leadership experience 4:47 - How Dan Roberts got into cybersecurity and tech 6:34 - What was tech like in the 80s? 9:20 - Common difficulties as a CISO 16:52 - What is CyberRX? 24:10 - Joining CyberRX to become a CISO 29:50 - How to become a CISO 34:45 - Cybersecurity and soft skills 38:05 - Skills needed in tech and security now 40:30 - Leading with the seven Cs 43:00 - Start your CISO career journey 46:23 - Getting uncomfortable to evolve in cybersecurity 47:49 - What is the Tech Whisperers podcast? 52:06 - Tech for Good project 54:18 - Exciting new projects for Roberts 56:30 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Confidence Staveley of the CyberSafe Foundation and the CyberGirls program is todays guest. CyberGirls is a year-long cohort program in which women in Africa ages 18 to 28 can learn cybersecurity basics and create career tracks to fast-track these students into cybersecurity careers! Staveley tells us about the workings of the program, how she uses her YouTube channel to teach API security with food analogies and explains the origins of what is likely the first-ever Afrobeat song about security awareness! This episode is as fun and inspiring as any I’ve recorded, so I hope you’ll tune in for today’s Cyber Work. 0:00 - Cybersecurity training for women in Africa 4:47 - How Confidence Staveley got into cybersecurity 10:35 - What is the CyberSafe Foundation? 16:57 - What is the CyberGirls fellowship? 21:30 - How to get involved in CyberGirls 30:10 - Inspiring success CyberGirls stories 43:11 - Keeping CyberGirls engaged 46:31 - API Kitchen YouTube show 52:00 - Cybersecurity initiatives in Africa 59:27 - Advice for working in cybersecurity 1:03:13 - CyberGirls future 1:05:20 - Learn more about CyberSafe 1:07:22 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Ian Campbell, security operations engineer at DomainTools, is someone who has truly carved a niche out for himself in his organization and in the cybersecurity landscape as a whole. His blogs for the DomainTools website have provided paths for neurodiverse cybersecurity professionals and allies who want to make their organizations more friendly to neurodiversity to undertake the small changes to work roles and company culture that can net huge improvements for folks with different types of cognition, patterns of learning, concentration challenges, and yes, nurturable strengths! I’ve said it plenty of times here and I’ll say it again: cybersecurity is at its best when we’re all together, solving problems and creating solutions with our own diverse approaches. 0:00 - Neurodiversity in cybersecurity 4:00 - How Ian Campbell got into cybersecurity 6:50 - Cybersecurity journey 15:33 - What does a security operations engineer do? 18:37 - Chokepoints of security operations engineer role 20:22 - Supporting people with neurodiverse work and learning 25:50 - What hinders neurodiverse workers in cybersecurity? 30:17 - Altering work culture for neurodiverse workers 39:00 - Neurodivergent traits suited for cybersecurity 42:05 - Benefits of neurodiversity in cybersecurity 48:41 - Promoting communication for neurodiverse workers 52:36 - Positive policies for neurodivergent workers 58:20 - Learn more about DomainTools 1:00:00 - Learn more about Ian Campbell 1:00:23 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of international cyber risk and response, gives his tips for students just getting started in international policy and why a suspicious-looking email took him away from the law profession and into the security space. 0:00 - National security cyber issues 4:04 - How AJ Grotto got into cybersecurity 7:10 - Grottos work in the National Security Council 10:25 - Skills used in the National Security Council 14:35 - Working at Sagewood 17:00 - Global trends in cybersecurity 19:00 - Economies down; cyber crime up? 20:17 - Cyber risk work at Stanford 23:10 - Cybersecurity students at Stanford 29:46 - How to take Grottos class at Stanford 31:25 - Federal Zero Trust directives 34:49 - What to research for national security work 38:09 - Important global cybersecurity topics 40:06 - Learn more about Grotto, Stanford international policy 41:07 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec IQ’s director of production, Steve Concotelli comes to us following years working in the movie and TV industry, and his ability to create and craft a great story is at the core of what makes Work Bytes the most award-winning security awareness series on the market! Learn more about Concotelli and the team’s ability to craft storylines with takeaways that stick, as well as the reasons why we create four different information delivery types to match the pace and time commitments of your workers. Maybe by the end, you’ll know which of the fantastical characters I mentioned at the start is most like you! Kick back and enjoy a few engaging minutes with this Cyber Work Hack. And take the Work Bytes Personality Quiz: https://infosec.involve.me/work-bytes-personality-quiz. 0:00 - Film storytelling in cybersecurity 2:48 - How Concotelli moved from Hollywood to Infosec 3:56 - What is Work Bytes? 5:50 - Telling the story of Work Bytes 7:47 - Balancing fun and info 14:07 - Whats new in Work Bytes? 19:21 - Big goals for Work Bytes 20:29 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Tomas Smalakys, CTO at NordPass, is todays guest. As our future seems choked with a never-ending need for new passwords of ever-growing complexity for everything we sign up for, Smalakys, along with some large tech organizations, is embracing a post-password future with a system of passkeys. What will it look like? How is it implemented? How will you be able to do this bleeding-edge work in the future? Tune in for today’s episode of Cyber Work and find out! 0:00 - The future of online passwords 3:43 - Tomas Smalakys start in cybersecurity 8:40 - Managing software engineers 15:33 - Chief technical officer at NordPass 20:05 - The state of password security 27:22 - Imperfections in two-factor security 42:13 - How to know youve been compromised online 47:55 - The passkey system 1:02:41 - How to work in passwords and passkeys 1:09:05 - Learn more about Smalakys and NordPass 1:10:07 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Anna Claiborne from Zayo talks about the spike of DDoS attacks they saw in the past year. Although distributed denial of service (DDoS) attacks trend up nearly every year, new factors around advanced automation and ease of use may be driving the increase. Claiborne takes us back 20 years, when solutions to DDoS attacks involved trying the most far-out solution you could, often for the most far-out clients you could imagine! Seriously, I use the words “Wild West” to describe early security on a lot of episodes, but Claiborne really gives us some top-notch war stories. She’ll also let you know where to focus if you want to get started in telecom security, or any of near-infinite industries that would be impacted by telecom shutting down. – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast 0:00 - AI and DDoS attacks 4:20 - How Anna Claiborne got into cybersecurity 8:24 - Claibornes cybersecurity experiences 14:10 - The changes in DDoS attacks 16:55 - Current DDoS escalations 24:34 - Claibornes role as a VP 34:25 - Why DDoS attacks have skyrocketed 38:32 - Why DDoS attacks are easier 42:55 - How much is DDoS effective? 44:24 - Tips for countering DDoS 47:16 - Careers involving DDoS attacks 51:09 - Acquire DDoS skills early 56:19 - Learn more about Claiborne and Zayo 57:48 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Oliver Tavakoli from VectraAI returns to the program to talk about – surprise! – AI! Having talked about Tavakolis origin story on the past episode, we’re free to dig right into his main area of interest: the ways in which generative AI can be used by bad actors, whether introducing conflicting messages into GPT guardrail commands or escalating the nuance and complexity of fake-based social engineering attacks. We talk about long-term implications of this emerging tech opportunity, ways for new professionals to get comfortable with its requirements quickly, and Tavakoli lets us know what this “summer of AI” will mean for the coming years, and also why its endless innovation may cool for a few years, and that’s OK. 0:00 - Generative AI and bad actors 4:20 - Big changes for generative AI in 2020 7:11 - Example of an AI attack 15:30 - AI as a tool versus an intelligence 17:10 - Solutions with AI 22:47 - How AI will affect cybersecurity careers 32:18 - How does AI hurt your career? 38:40 - Job roles in cybersecurity that may become niche 40:40 - The year of AI? 43:25 - How to talk about AI 45:40 - What is VectraAI? 48:25 - Learn more about Tavakoli and VectraAI 49:30 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Dr. Heather Buker of 6clicks has been a technical SME in the cybersecurity field her entire career, and 6clicks has introduced Ask Hailey, an AI-based governance risk and compliance (GRC) tool that promises to move the work of GRC into a new era. Also on the show, Infosec’s vice president of portfolio product strategy and cybersecurity superstar Keatron Evans in a guest-host capacity! Buker, Keatron and I discuss the spaces in which governance risk and compliance can greatly benefit from AI/machine learning enhancement, the crucial need to prioritize the decision-making skills of humans over everything else and why seemingly disparate career roles and pivots can still lead you in the career direction you desire most. 0:00 - Ask Hailey AI 4:17 - Heather Bukers start in cybersecurity 6:40 - Security compliance migration work and more 13:15 - Tasks of a chief customer officer 18:40 - What is Ask Hailey AI? 23:00 - Challenges in risk assessment 27:15 - Ask Hailey AI and GRC 38:05 - Advice to get into government cybersecurity 42:50 - Advice for cybersecurity students 44:50 - The big picture of AI 53:00 - Learn more about Buker and 6clicks 54:11 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Tara D. Anderson, managing director of Framework Security and an official member of the Forbes Technology Council, walks us through her journey, including her years in the world of finance, opens up about a traumatic event in her life that altered the way she learns and retains information and how her switch to IT and Cybersecurity was an ideal fit. From her days co-founding the consultancy firm Cognitive SLC, an organization whose founders were all neurodiverse, to Framework Security’s desire to make protection understandable to small charitable companies and organizations who couldn’t bounce back from hacking and theft, Andersons ethos and vision, from work to the interview process, is a complete inspiration for anyone interested in bringing neurodiverse professionals into their organization. 0:00 - Neurodiversity in cybersecurity 3:46 - Getting into computers and tech 9:46 - Revenue officer roles 15:20 - Getting into IT and security 23:07 - Neurodiverse workers in cybersecurity 30:45 - Neurodiverse challenges in cybersecurity 41:40 - Remote cybersecurity work 52:03 - How to work in cybersecurity 56:34 - What is Framework Security? 59:30 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Leslie Lynn Smith is the National Executive Director for GET Cities. GET stands for Gender Equality in Tech. Today’s episode will move away from standard cybersecurity and IT insights in favor of a larger look at investment opportunities for tech startups, and where and on who we spend investment capital. Smith is a multi-decade authority on state- and city-wide community investment initiatives with a lifelong passion for bringing people of marginalized races and genders to the table in fulfilling their tech business dreams. Smith talks about bridging the gap from angel investor money to initial seed, and why the space between the two can sink new startups, the slow, patient process of affecting equitable change at the legislative level, and offers an accelerated way to make IT and cyber teams more inclusive and equitable. If you’ve wanted to get involved with angel investing and helping young companies get off the ground, Smith talks you through the process with no steps missed. 0:00 - Gender equity in tech 3:35 - Leslie Smiths journey in tech 9:40 - Equity in cybersecurity at GET Cities 15:03 - How does GET Cities work? 21:20 - Concrete ways to work towards gender equity in tech 30:30 - Imposter syndrome revised 35:00 - Where does equity work need to be done in tech? 40:30 - How to invest in tech and cybersecurity 43:33 - GET Cities upcoming initiatives 46:00 - Learn more about GET Cities and Smith 46:40 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Brianne Caplan is the founder and executive director of Code Your Dreams, a non-profit that brings knowledge, accessibility and excitement about programming and tech to learners from age 5 to adulthood in underserved communities. Caplan tells some incredible stories, like the women’s coding and data analysis group in Burundi, exciting coding projects for students interested in art, music and dance and why her experience inadvertently creating a non-profit company that was incorporated as a for-profit was a learning experience that helped kickstart Code Your Dreams! This one’s inspiring, so I hope you’ll keep it here for Cyber Work. – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast 0:00 - Coding for underserved communities 3:11 - Brianne Caplans start in cybersecurity 8:04 - Cash for Schools 10:50 - What is Code Your Dreams? 14:40 - How Code Your Dreams works 17:52 - Gaps in cybersecurity school education 21:00 - Baseline tech literacy for grade school 23:30 - Popular Code Your Dreams activities 27:08 - After Code Your Dreams 35:11 - Volunteer for Code Your Dreams 37:00 - Bring Code Your Dreams to your school 39:40 - Get in touch with Brianne Caplan 40:15 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
