Leslie Lynn Smith is the National Executive Director for GET Cities. GET stands for Gender Equality in Tech. Today’s episode will move away from standard cybersecurity and IT insights in favor of a larger look at investment opportunities for tech startups, and where and on who we spend investment capital. Smith is a multi-decade authority on state- and city-wide community investment initiatives with a lifelong passion for bringing people of marginalized races and genders to the table in fulfilling their tech business dreams. Smith talks about bridging the gap from angel investor money to initial seed, and why the space between the two can sink new startups, the slow, patient process of affecting equitable change at the legislative level, and offers an accelerated way to make IT and cyber teams more inclusive and equitable. If you’ve wanted to get involved with angel investing and helping young companies get off the ground, Smith talks you through the process with no steps missed. 

0:00 - Gender equity in tech
3:35 - Leslie Smith's journey in tech
9:40 - Equity in cybersecurity at GET Cities
15:03 - How does GET Cities work? 
21:20 - Concrete ways to work towards gender equity in tech
30:30 - Imposter syndrome revised
35:00 - Where does equity work need to be done in tech?
40:30 - How to invest in tech and cybersecurity
43:33 - GET Cities upcoming initiatives
46:00 - Learn more about GET Cities and Smith
46:40 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Brianne Caplan is the founder and executive director of Code Your Dreams, a non-profit that brings knowledge, accessibility and excitement about programming and tech to learners from age 5 to adulthood in underserved communities. Caplan tells some incredible stories, like the women’s coding and data analysis group in Burundi, exciting coding projects for students interested in art, music and dance and why her experience inadvertently creating a non-profit company that was incorporated as a for-profit was a learning experience that helped kickstart Code Your Dreams! This one’s inspiring, so I hope you’ll keep it here for Cyber Work.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Coding for underserved communities 
3:11 - Brianne Caplan's start in cybersecurity
8:04 - Cash for Schools
10:50 - What is Code Your Dreams?
14:40 - How Code Your Dreams works
17:52 - Gaps in cybersecurity school education
21:00 - Baseline tech literacy for grade school
23:30 - Popular Code Your Dreams activities
27:08 - After Code Your Dreams
35:11 - Volunteer for Code Your Dreams
37:00 - Bring Code Your Dreams to your school
39:40 - Get in touch with Brianne Caplan
40:15 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Limor Bergman-Gross, founder of LBG Consulting, a results-oriented executive coaching service for women in tech, discusses her early programming experience, including Pascal instruction in high school, her move from software engineering manager to career coach and corporate mentorship instructor and why mentors can and should come at any level on the career ladder, not just management or executive. As Limor puts it, “all you need in a mentor is that they be a few steps further down the path than you are.” Lots of gems like that to be found today on Cyber Work.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Career coach for women in tech 
2:55 - Getting into cybersecurity 
5:50 - Pursuing cybersecurity consulting
6:54 - How to get into consulting 
8:15 - First steps with cybersecurity coaching
10:02 - How to help someone find their role
14:20 - Executive-level consulting 
16:00 - A mentor versus an advocate
17:45 - Mentoring and training 
20:00 - Speaking at an ISACA conference
22:28 - Achieving gender parity quickly
24:55 - Supporting underrepresented talent in cybersecurity
32:05 - Making a difference in diversity
35:00 - Women mentoring women
37:10 - Making yourself available as a mentor 
40:37 - Learn more about LBG Consulting
42:20 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Lesley Carhart of Dragos, also known as Hack4Pancakes on social media, is a lifelong breaker and builder of things, and their insights on the deep mechanics of Industrial Control Systems are an absolute must-hear for any of you even considering this space. Carhart also talks about their keynote at this year’s Blue Team Con, the differences between incident response in the military vs. the private sector, and why standard cybersecurity studies won’t take you as far in ICS as it will to learn how train track switchers work. Seriously, this is one of the best episodes I’ve ever been a part of, and I can’t wait for you to hear it!

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - ICS security 
3:40 - Getting started in cybersecurity 
9:13 - The early days of the internet
11:05 - Air Force cybersecurity 
12:50 - Military cybersecurity training 
15:00 - Incident response work at Motorolla
18:40 - Technical director of incident response
23:30 - State of ICS
39:13 - Starting work in ICS
41:57 - Keynote speaker at Blue Team Con
46:46 - Bringing diversity into ICS
53:46 - Outro 

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Forget what the crime scene TV shows have told you — digital forensics is not done on an overhead projector while the whole department watches! Learn about the day-to-day work of a digital forensics professional from a team of experts who have been putting in the work for decades!

In this episode of Cyber Work Live, you will learn:

- The types of tools you’ll use to help bring criminals to justice
- Why a lack of technical experience isn’t a barrier to entry
- How to get real-world forensics practice in your own home
- Where a career in digital forensics can take you 

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Digital forensics careers 
4:28 - Limits of going off the grid 
12:28 - What do SIM cards actually do? 
33:12 - Gathering evidence in digital forensics
44:08 - Digital forensics and the cloud
51:44 - Working as a digital forensics professional 
54:42 - Digital forensics certifications 
59:50 - How to pursue a digital forensics career
1:02:24 - Outro 

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

We met Katie O’Malley, founder of (en)Courage Coaching and Counseling, at this year’s Women Impact Tech conference, and she gave a great talk about effective networking and giving confidence to tech professionals at all levels of the career ladder. Katie and I discussed finding your adjectives and using them to center your interactions, creating courageous workplace culture, and why women only being mentored by women turns into the new unpaid labor. Let’s all step up and make the workplace better!

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Coaching women in cybersecurity 
3:10 - How Katie O'Malley got into coaching
4:57 - O'Malley's start in cybersecurity and coaching
8:51- The evolution of leadership 
12:00 - How career coaching works
18:00 - Importance of networking and branding
24:20 - How to achieve gender parity in cybersecurity 
29:30 - Courageous workplace culture 
33:21 - Pitfalls in new cybersecurity jobs
36:40 - Lead change at your cybersecurity company
38:55 - What is (en)Courage Consulting and Coaching?
39:33 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

We're talking about chief information security officers CISOs, one of the top-dog roles in cybersecurity, and for many professionals, it’s the brass ring they spend their careers trying to reach. The expectations of a CISO are changing, too, and requirements are growing in many different ways. Mike Scott, CISO of data security provider Immuta, has seen the role change a lot in the past 15 years, and he’s seen the role of CISO move from out of the shadows and into the spotlight for the C-suite, but at a price: when a breach happens, the CISO is often the one who takes a fall. Is this a reasonable expectation? Will the role of CISO change even more? I talked to Mike about all this and the eight years he spent as the CISO of the Wendy’s fast-food chain! We won’t judge you if you want to bite the corners off first, but I’ll be crying in my chili if you don’t keep it here for today’s episode of Cyber Work.

0:00 - Responsibilities of CISOs
3:15 - How Mike Scott of Immuta got into cybersecurity
6:55 - Leading Wendy's fast food restaurant as CISO
13:30 - Data security problems right now
18:40 - Shift left strategy
24:10 - How the CISO role is changing
31:00 - Increased CISO oversight
38:06 - The CISO's responsibility
48:30 - How to work as a CISO
51:50 - Cybersecurity in the federal government
54:48 - Learn more about Immuta
56:53 - Learn more about Mike Scott
57:35 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Preparing for the worst is a drag. Nobody likes to think about it, and if you don’t watch out, inaction means that when you do get ransomed or breached, your first thought is not “let’s get the disaster manual and see what it says.” It’s panic. Today, ProServeIT’s Eric Sugar walks you through a crash course in developing a disaster recovery plan for your small business! Don’t panic! Help is on the way.

0:00 - Create a disaster recovery plan
1:15 - What is a disaster recovery plan?
2:35 - Beginning a disaster recovery plan
3:24 - How to work in disaster recovery
5:04 - Write a hypothetical disaster recovery plan
6:04 - A disaster recovery plan resume
7:08 - Futureproof your cybersecurity skills
8:01 - Learn about ProServeIT

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Leigh Honeywell, CEO and founder of Tall Poppy, a security company that is building tools and services to help companies protect their employees from online harassment and abuse, talks about her career running security incident response at Slack, protecting infrastructure running a million apps at Salesforce.com, shipping patches for billions of computers on the Patch Tuesday team at Microsoft and analyzing malware at Symantec.

We talk about how all of these demanding jobs prepared her for her work at Tall Poppy, get into what she learned about the intersection of First Amendment speech protections vs. online safety from working at the ACLU, why changing the culture of online harassment will probably have to be a marathon, not a sprint, and Leigh shares her experiences with several accelerator startup organizations.

0:00 - Equity in cybersecurity
3:10 - Getting into cybersecurity
7:15 - From physics to computer science
12:30 - How Tall Poppy came to be
19:26 - Technology fellow at the ACLU
26:26 - What is Tall Poppy?
31:20 - Social platforms and change
39:53 - How to work toward equity in cybersecurity
43:02 - Y combinator startup accelerator in cybersecurity
50:07 - LGBTQ+ inclusion in cybersecurity
54:27 - Learn more about Tall Poppy
56:06 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

ProServeIT President Eric Sugar discusses disaster recovery planning for small and medium businesses. This is an excellent add-on episode to our third episode from way back in 2018 when Keatron Evans discussed the work of an incident responder. If your small- or medium-sized company suffers an incident, whether a breach or a ransom or just a power failure, the first thing you’re going to hope is that you have a disaster recovery plan already written and sitting in the CEO’s locked desk drawer. If not, it’s time for you to prepare and breathe easier.

0:00 - Disaster recovery planning for small businesses
3:12 - Eric Sugar’s start in cybersecurity
4:40 - Working at ProServeIT
6:40 - Working as president of ProServeIT
9:07 - What is a small or medium cybersecurity business?
10:50 - How to have a disaster recovery plan
14:05 - Customize your disaster recovery plan
16:40 - Prioritized your disaster recovery plan
18:10 - How to choose potential disasters
21:28 - Examples of disaster recovery plans
26:20 - Education and skills needed to work in disaster recovery
31:40 - A good resume for disaster recovery
35:10 - Getting promoted in discovery recovery 
37:33 - What is ProServeIT?
41:16 - Learn more about Eric Sugar and ProServeIT
41:34 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Huxley Barbee, security evangelist at runZero, talks about the nuts and bolts of asset detection on a large scale, specifically around the U.S. federal government’s current directive. Here, we will shrink the playing field and tell newcomers to security how to do your home asset detection!

0:00 - Asset detection at home
1:18 - What is asset detection?
2:44 - Is asset detection difficult?
3:39 - Do asset detection on your network
4:45 - Asset detection on a school network
6:50 - How to put asset detection on your resume
9:44 - What to study for asset detection roles
10:31 - Learn more about runZero
11:15 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Tech evangelist Huxley Barbee from runZero talks about asset detection, and yes, just asset detection. Learn about the day-to-day work of asset detection and asset mapping. Go beyond the theory and speculation about whether the U.S. federal government will implement it on time, and join Barbee as he walks you through how it’s all done and what you need in order to do it well.

0:00 - Asset detection and asset mapping
2:56 - Getting into cybersecurity
4:12 - Shifting roles in cybersecurity to evangelist
6:02 - What does a security evangelist do?
8:30 - What is BSides NYC?
14:41 - Planning in cybersecurity assets
22:50 - Tools and techniques of asset inventory
32:13 - The importance of asset discovery
34:25 - Skills needed to work in asset detection
37:32 - Cybersecurity starts and ends with assets
42:22 - What does runZero do?
44:44 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

CAT Labs CEO and founder Lili Infante worked as a special agent for the U.S. Department of Justice for 10 years specializing in cryptocurrency’s use in dark web investigations. Infante gives us the insider’s view of dark web investigations, why it’s so difficult to prosecute dark web actors when anonymity extends up and down the hierarchy, the current state of dark web markets, and the rise of state-sponsored crypto crime organizations like North Korea’s Lazarus Group. Plus, Infante gives you expert advice on getting started in crypto crime investigation and forensics research! You don’t need a Tor browser for this info.

0:00 - Crypto crime in 2023
2:46 - How Lili Infante began in cybersecurity
4:50 - Economics, bitcoin and crypto
9:20 - Liberal arts education and cybersecurity
14:05 - Taking on dark web cases
17:30 - What the dark web market is like
20:24 - Neutralizing a dark web market
24:00 - Main threats of crypto threats and fraud
26:50 - State-sponsored crypto theft
28:45 - Why begin CAT Labs
35:40 - Day-to-day CAT Labs CEO work
41:30 - How to work in crypto crime
45:40 - CAT Labs' future
46:58 - Learn more about Infante
47:43 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

James Stanger, chief technology evangelist at CompTIA, discusses CompTIA's Cloud+ certification and why security professionals must consider adding it to the certification toolbox.

0:00 - CompTIA Cloud+ certification 
1:06 - Benefits of Cloud+
3:24 - Cloud+ is vendor agnostic
6:27 - Preparing for Cloud+
8:43 - Cloud+'s future  
11:18 - Good Cloud+ training   
12:50 - How to study for Cloud+
14:26 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Leonid Belkind is the chief technology officer (CTO) and co-founder of Torq, a no-code security automation platform. After asking him buckets of questions about the day-to-day work of a CTO in the tech field, we get into a fascinating discussion of all the ways that automation will change the work of cybersecurity, allowing professionals at all stages to work on higher-order problems. At the same time, the great automated data sifters do high-speed data analysis beyond our cognition. This one gets pretty heady folks, especially once we compare CTOs to orchestra conductors.

0:00 - Uses of automation
2:50 - How Leonid got into tech
5:30 - Chief technology officer and endpoint security roles
8:30 - Enpoint used during work from home
10:30 - Average day as a CTO at Torq
17:25 - Cybersecurity market predictions
19:30 - Skills and talents that make a good CTO
21:27 - Zero-trust Pentagon directive
24:35 - Reframing how we view automation
30:06 - Automation and disabilities
33:15 - Automation's big discussions
39:40 - How automation can improve jobs
42:20 - How to work in automation
48:02 - Communication in cybersecurity
50:55 - What is Torq?
53:04 - Learn more about Torq and Leonid Belkind
53:42 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Dara Gibson of Optiv and the Phoenix, Arizona, branch of Women in Cybersecurity has developed and managed cybersecurity services for five years. After years of being an educator, Gibson felt the pull of cybersecurity and tech. For those of you who are thinking of making a later-in-life, life-changing career shift into cybersecurity and feeling a bit overwhelmed, do not miss this episode! Gibson strikes the perfect balance between pushing you out of the nest without pushing you off a cliff!

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Changing to a cybersecurity role from another profession
2:56 - Dara Gibson’s start in cybersecurity
7:28 - Guidance in cybersecurity 
10:00 - Working as a cyber insurance specialist 
15:00 - Phoenix Women in Cybersecurity
17:06 - Where Women in Cybersecurity members come from
21:00 - How to get past the HR barrier in cybersecurity 
24:20 - Applying to cybersecurity jobs
26:52 - Common paths in cybersecurity for job changers
29:00 - Tips for cybersecurity job posting
34:40 - Advice to attract women to cybersecurity
36:35 - Get involved in Women in Cybersecurity 
38:35 - Barriers to getting women in cybersecurity
40:42 - Learn more about Dara Gibson
41:15 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Paula Bratcher Ratliff owns and is president of Women Impact Tech, an organization committed to bringing women and diverse professionals into cybersecurity. They have clear goals, committed members and proven results.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Women Impact Tech
3:11 - Paula's career
8:30 - Entering cybersecurity from different industries
11:40 - Employee retention in cybersecurity
16:32 - Cybersecurity hiring improvements
20:52 - Changing internal promotions
28:20 - Services from Women Impact Tech
32:50 - What Women Impact Tech does at events
36:30 - Effective strategies to bring equity in cybersecurity 
43:52 - Protecting women online
47:44 - Upcoming Women Impact Tech events
50:00 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Amber Schroader, CEO of Paraben, gives her best pieces of advice for the work of searching for a job in the field of digital forensics.

0:00 - Get a job in digital forensics
1:30 - Put your best foot forward on social media
3:00 - Updating your digital forensics resume
4:36 - Digital forensics interview tips
5:23 - Let your personality shine
6:14 - Success in your digital forensics job
9:30 - Find more from Amber Schroader

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

David Melamed of Jit brings us a new wrinkle in our ongoing series of developer security topics! Melamed says we should move beyond “shift left,” shifting the security earlier in the CI/CD pipeline, into “Born Left,” a platform in which security tools are in the hands of developers at the point of creation. Melamed talks about his early programming experiences, his Ph.D. in Bioinformatics, and the delineation of responsibilities between developers and the DevSec team. All that and a bit of CTO talk.

0:00 - Moving from “shift left” to “born left”
3:05 - How David Melamed got into cybersecurity
6:00 - Choosing your cybersecurity job path
11:15 - Daily work as a cybersecurity CTO
13:02 - How to become a cybersecurity CTO
15:10 - Keeping a company on track
16:40 - DevSecOps shift left to born left
21:08 - Born left, and overall security
23:13 - Accountability for developers
25:07 - Application security and born left
29:33 - What will DevSecOps and born left look like in the future?
31:00 - How to work in software development security
34:35 - First steps to a cybersecurity development job
35:30 - What is Jit?
38:33 - Learn more about Melamed
39:08 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Paul Giorgi of XM Cyber, a man who told me his favorite way to learn new skills is to break things and put them back together, walked me through the basics of setting up your own cybersecurity practice lab at home for not too much money. But watch out because he says that once you start, your excitement about hands-on practice and buying old servers on eBay can get overwhelming! 

0:00 - Build your own cybersecurity practice lab
1:30 - How to practice with a home cybersecurity lab
5:48 - Resource requirements for a cybersecurity lab
8:48 - Cost of a cybersecurity lab
10:28 - First projects for a cybersecurity lab
13:02 - Learn more about Paul Giorgi and XM Cyber
13:42 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Karen Worstell is a 25-year veteran of the tech, IT and security space; she’s a senior cybersecurity strategist at VMware and a chaplain. This episode goes to many fascinating places, from her days learning coding on a TRS-80 computer, how her extremely visual and right-brained approach to learning has influenced her security journey, her experiences as a woman in the industry and how her work as a chaplain brought her back from a security industry hiatus to help people suffering chronically from burnout. There’s also a bit about XDR — and its a big deal! 

0:00 - Burnout in cybersecurity
3:06 - Karen Worstell's start in cybersecurity
6:11 - A family of inventors
9:35 - Physical sciences and computer sciences
16:00 - Work as a senior cybersecurity strategist
18:18: - Working as a woman in cybersecurity
23:15 - Changes to make cybersecurity equitable
31:40 - Strategies for hiring equity in cybersecurity
34:00 - Burnout in cybersecurity
48:35 - Helpful cybersecurity organizations
51:37 - Why is XDR so important?
56:10 - Learn more about Worstell
56:44 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

These days, keeping your security, IT or research team close now that more of us than ever work remotely is a challenge. How do you keep team bonds strong when your main interaction path is your tiny little colleagues trapped in little squares on a computer monitor? Susan Morrow has been managing a remote team for almost two decades. She dispenses wisdom on coordinating schedules in multiple time zones, ensuring everyone’s moving toward the same goal and helping team members of all work styles to do and feel their best. 

0:00 - Cybersecurity team remote work
2:30 - Remotely working with multiple teams
4:16 - What doesn't work remotely? 
5:51 - Avoiding remote work pitfalls
7:27 - Solving team drift
9:19 - Learn more from Susan Morrow
9:58 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

James Stanger, chief technology evangelist at CompTIA, walks through their new Data+ certification. Infosec is proud to provide bootcamp and course training for a range of CompTIA certifications, and James helpfully breaks down the basics of data analytics, the types of learning you’ll need to engage in to pass and why security professionals have a lot more data analyst in their job role than they might think. All that, and a bit of geeking out about the humanities.

0:00 - CompTIA Data+
3:40 - How did James Stanger get into cybersecurity?
5:00 - From literature to IT
9:50 - Working for CompTIA as a tech evangelist
13:22 - What makes up a tech evangelist role?
18:00 - CompTIA's new Data+ certification
26:06 - Why is Data+ important for pros?
32:38 - Prerequisites for Data+ certification
40:05 - What does Data+ teach you?
43:53 - Training materials for Data+ certification

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Today on Cyber Work, my guest, Jack Nichelson, wants you to know something. AI is coming! But it’s not SkyNet; it’s not the rise of the machines. Whatever unnerving story you’ve read in the past few weeks about ChatGPT and what it will or won’t do to humanity, I’d like you to join us here and get a much fuller picture of AI as a tool and our role in shaping and building it.

0:00 - ChatGPT AI
2:50 - How Jack Nichelson got into cybersecurity
4:45 - Types of IT cybersecurity roles
6:57 - AI versus human value
10:46 - Life as a CISO
15:12 - The ChatGPT story
19:37 - Where is AI at right now?
24:20 - Actual applications of AI in the future
30:04 - Areas of study to enter cybersecurity and AI
34:27 - Where AI tools may lead cybersecurity
37:00 - Training for future AI malware
40:20 - Software to spot AI malware
44:50 - What is Inversion6?
46:55 - Learn more about Jack Nichelson
47:12 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Amber Schroader, CEO of Paraben, explains the different ways to pursue a career in digital forensics, like pursuing a college degree or studying toward a certification. And if a certification, which one will take you on the path you want? Schroader also talks about what doors can open for you, where to get started, and which upper-level certs you should work toward so you’re prepared for the job you want.

0:00 - Breaking down digital forensics certifications 
1:08 - Different ways to learn digital forensics 
2:07 - Digital forensics college courses versus certifications
3:45 - Main digital forensics certifications and paths
5:20 - Finding a digital forensics niche
6:18 - Hands-on projects for digital forensics experience
7:25 - How to get started in digital forensics 
8:34 - Learn digital forensics
9:01 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Jacob DePriest, the VP and deputy chief security Officer at GitHub, talks about development security. In 2021, GitHub significantly ramped up its security department. DePriest told me all about the commitment to security and how you can move your organization toward a developer-focused security team. Whether you’re just hearing about GitHub now or you’re using GitHub from the moment your work day starts, you’ll want to check out this episode.

0:00 - GitHub's cybersecurity strategy
2:30 - How did you get into cybersecurity?
5:00 - Moving up in cybersecurity
8:57 - Working with NSA
10:08 - Working as a chief security officer
13:35 - Communication in cybersecurity
15:00 - What is GitHub?
17:46 - Coding as a team
19:30 - GitHub's security team
21:18 - Security threats GitHub faces
22:28 - GitHub's role in software security
25:10 - Navigating GitHub's tools
28:50 - How to study cybersecurity
30:54 - Entering software security
33:55 - Security tips for developers
36:45 - Learn more about DePriest and GitHub
38:25 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Learn more about the (ISC)² CGRC certification: https://resources.infosecinstitute.com/overview/cgrc/

Enroll in a CGRC boot camp: https://www.infosecinstitute.com/courses/isc%C2%B2-cgrc-training-boot-camp/

Infosec instructor and returning guest Leighton Johnson talks about the recent (ISC)² CAP certification change: the Certified Authorization Professional (CAP) is now Certified in Governance, Risk and Compliance (CGRC). Why are they changing the name of the CAP certification? Is the CAP content going to change as well? What does this mean for the future? Let’s figure this out together.

0:00 - CAP vs. CGRC certification
1:40 - What jobs require a CGRC certification?
2:50 - Why change the CAP name to CGRC?
4:17 - Is CAP exam content different from CGRC?
6:00 - Should I upgrade CAP to CGRC?
7:35 - Study tips for the CGRC exam
9:13 - Learn more about CGRC
9:53 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Yossi Appleboum, CEO of Sepio, talks about Cybersecurity and Infrastructure Security Agency (CISA)’s operational directive for non-military federal agencies to adopt a strict set of asset visibility and vulnerability detection system starting as early as April of 2023. Yossi discusses this directive, saying that it takes FCEB agencies out of the cybersecurity stone ages and into the future. Can it work in such a short time frame? Yossi has thoughts!

0:00 - Asset visibility and vulnerability detection
3:10 – First getting into cybersecurity
6:21 – Co-founding cybersecurity companies
9:30 – What it’s like as CEO of a cybersecurity company
13:00 – Ambassador of the Global Cyber Alliance
15:32 – CISA’s operational directive for federal agencies
19:25 – What are asset management and vulnerability?
24:40 – What comes after asset protection?
28:40 – CISA’s deadline for asset visibility compliance
30:40 – Job outlook for asset visibility and vulnerability detection
35:07 – Work experience needed for asset visibility roles
36:30 – How to work in asset visibility
40:04 – How will this CISA directive change cybersecurity?
41:50 – What is Sepio?
43:56 – Learn more about Yossi Appleboum
44:50 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec Skills author and Paraben founder and CEO Amber Schroader talks about how to quickly and inexpensively set up your own home digital forensics lab. 

0:00 - Creating your digital forensics lab
1:00 - Benefits of your own digital forensics lab
1:40 - Space needed for digital forensics lab
2:30 - Essential hardware needed for a forensics lab
5:01 - Important forensic lab upgrades
5:42 - Running your forensics lab
6:51 - Forensic lab projects
7:35 - Getting into forensic labs
8:04 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.