A massive number of Infosec students have come to us as part of the military, Pentagon, Department of Defense or other government departments, and it’s likely that many listeners and learners are interested in a career in cybersecurity that could lead to a career in the government. If so, you’re going to find this episode quite interesting and enlightening.

Today’s guest is Chad Hardaway, deputy director of the University of South Carolina’s Office of Economic Engagement and a founding faculty member of the new Master's Program of Engineering Entrepreneurship and Innovation in the College of Engineering and Computing. The University of South Carolina Office of Economic Engagement created SC Cyber to be the central point of focus for academic, government and corporate collaboration in the area of cybersecurity. The results are a strong and connected pipeline between the academic study and research of cybersecurity strategies and military and government applications for them.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

It’s been a while since we’ve talked penetration testing and offense-oriented network security on the show, and I know some of you have been asking for it, so today’s your lucky day!

On the show we have Dr. Wesley McGrew, the director of Cyber Operations for HORNE Cyber. We’re going to talk about going on the offense as a good defense, the current state of pentesting and the raw work of reverse engineering malicious software and vulnerability testing. If you’re looking for the type of job that gets you out on the cybersecurity battlefield and fighting the bad guys, you’re going to want to give this episode your undivided attention!

Wesley McGrew is the author of penetration testing and forensic tools used by many practitioners. He is a frequent presenter at DEF CON and Black Hat USA. At the National Forensics Training Center, he provided digital forensics training to law enforcement and wounded veterans. As an adjunct professor he designed a course he teaches on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. This effort was undertaken as part of earning National Security Agency CAE Cyber Ops certification for the university. He has presented his work on critical infrastructure security to the DHS joint working group on industrial control systems. Wesley earned his Ph.D. in computer science at Mississippi State University for his research in vulnerability analysis of SCADA HMI systems used in national critical infrastructure. He served as a research professor in MSU’s Department of Computer Science & Engineering and Distributed Analytics and Security Institute.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Kevin O’Brien is the CEO and Co-founder of GreatHorn, a high-growth, venture-backed email security company based in Boston, Massachusetts, that is focused on solving phishing, credential theft, malware, ransomware and business email compromise for cloud email platforms, and was named a Gartner Cool Vendor, RSA Innovation Sandbox finalist and Infosec Awards Cutting Edge winner. If you are well on your way up the cybersecurity career ladder, you might think that startup would be the next step. Kevin and Cyber Work podcast host Chris Sienko tell us about his career to that point and some of the highlights and pitfalls of such a massive endeavor.

Currently CEO and co-founder of email security company GreatHorn, Kevin O’Brien is a frequent speaker, commentator and author that advises customers and the public on data security and privacy issues. With 20 years of deep cybersecurity expertise, most notably with CloudLock (Cisco), Conjur (CyberArk) and @stake (Symantec), Kevin also serves as co-chair for the Mass Technology Leadership Council’s cybersecurity group. Outside of security, Kevin is a lifelong martial artist, avid skier and amateur sailor.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast


About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Ted Shorter, CTO and Co-founder of Keyfactor, and Cyber Work host Chris Sienko discuss a research report published by Keyfactor in December showing that many of the IoT and network devices in use today are leveraging weak digital certificates, potentially exposing them to attack.

Ted is going to talk about the report, the danger of so-called “predictable randomness,” the raw work of cryptography in keeping devices like these safe, the importance of building security into their devices during design and development, and some career advice for those who might like a career in cryptography.

Ted Shorter is the chief technology officer and co-founder at Keyfactor. Ted has worked in the security arena for over 20 years, in the fields of cryptography, application security, authentication and authorization services, and software vulnerability analysis. His past experience includes 10 years at the National Security Agency, a Master’s Degree in Computer Science from The Johns Hopkins University and an active CISSP certification.

As a computer scientist and team lead at NSA, Ted briefed high-level government officials, including Presidential advisors and members of the Joint Chiefs of Staff. Ted also served as lead software developer on a contract with the Department of Defense to integrate Biometric authentication with the DoD Common Access Card program. He lives in Akron, Ohio with his wife and two sons. Ted is an accomplished musician and played in a rock band for a number of years in Baltimore, MD. He is a passionate sports fan, and actively follows baseball, football and various forms of auto racing.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Robert McMillen, an Infosec Skills course creator and cybersecurity consultant, discusses his early experiences as an IT consultant, the perpetual changes of the IT career landscape, his work with IT course creation, and tips on how to keep your cybersecurity and IT skills fresh and employable.

Robert McMillen is the past President and founder of All Tech 1, LLC., a Portland, Oregon-based network consulting company. In 2017, the company was sold to Blackpoint-IT Consulting based out of Seattle.

Some of his higher profile jobs have been restoring email for the government to prosecute Enron executives, training the network vulnerability assessment team for the U.S. Army, and performing wireless security auditing for the State of Washington. The NSA also requested an interview, but he decided he had enough people looking over his shoulder for now.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Infosec Skills is kind of a big deal.  The interactive learning platform boasts 500+ cybersecurity courses featuring cloud-hosted cyber ranges, hands-on projects, customizable certification practice exams, skill assessments and other features. John Wagnon, Senior Solution Developer at F5 Networks, is a course creator for Infosec Skills and has created an informative and in-depth study of the OWASP Top 10 list.  John and Cyber Work host Chris Sienko talk about skills-based education, in-demand job skills, learning programming on your own and, of course, the OWASP Top 10.

John is a Senior Solution Developer for F5 Network’s DevCentral technical community. In this role, he helps analyze and solve complex problems for F5 users all over the world. He frequently writes articles and records videos that are featured on the DevCentral website. Prior to his work at F5, John was a Communications Officer in the US Air Force where he specialized in ground and satellite networks. After leaving the Air Force, he worked for a technology consulting firm where he analyzed cyber-attacks against U.S. Department of Defense computer systems and networks. John holds a Bachelor of Science in Computer Engineering and a Master of Science in Computer Networks.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

From fraud to extortion to intellectual property theft, new cybercrimes are being committed daily. Digital forensics and incident response (DFIR) professionals help piece together those crimes so that organizations can better protect themselves — and the bad guys get prosecuted.

This episode of the Cyber Work Podcast is a rebroadcast of a webinar featuring Cindy Murphy, President at Gillware Digital Forensics. In this podcast, you’ll get the inside scoop on what it’s like to be a DFIR professional from someone with more than 25 years in the field and learn practical information on how to kickstart a career in DFIR.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Adam Darrah, Director of Intelligence at Vigilante ATI and an expert on Eurasian political machinations, specifically about Russia and disinformation campaigns, and Cyber Work Podcast host Chris Sienko discuss foreign vote tampering and all other election security concerns for 2020. 

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Cyber Work just hit a huge milestone — 100 episodes — and we're giving all our fans an entire month of free training to celebrate! Just use the code "cyberwork" to claim your free month of Infosec Skills.

1. Go here: https://www.infosecinstitute.com/skills/
2. Click the "Get Started" button under monthly ($34) and create your account (direct link: https://flex.infosecinstitute.com/portal/skills/subscription/monthly)
3. On the payment page, enter the coupon code "cyberwork" to get your first month for free.

Happy learning!

Irena Mroz, VP and Co-founder of Nucleus Cyber, and Cyber Work Podcast host Chris Sienko discuss all things internal threats, from intentional and malicious attacks to poor employee practices and awareness. Vi

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Mari Galloway, CEO of Women's Society of Cyberjutsu, and Cyber Work Podcast host Chris Sienko discuss Mari's career journey, the ethos of Women's Society of Cyberjutsu, and insights on how to diversify the cybersecurity workforce.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Evan Reiser, CEO of Abnormal Security, and Cyber Work Podcast host Chris Sienko discuss where email attacks are headed in 2020 and how AI and machine learning can help detect business email compromise.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Are your employees prepared to protect the cardholder data they process, store and transmit? With over 120 billion card payments — or $6.48 trillion dollars in transactions — processed yearly in the U.S. alone, it’s easy to see why payment card fraud remains on hackers’ holiday wish lists this season and beyond. This episode of the Cyber Work podcast is a rebroadcast of a webinar featuring Elizabeth Terry, Community Engagement Manager at PCI Security Standards Council, and Lisa Plaggemier, Chief Evangelist at Infosec. In this podcast, you’ll learn how to build, communicate, and report on an engaging awareness program that complies with PCI DSS requirements.

– Watch the video version: https://www.youtube.com/watch?v=zFQNt99qocs
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Chris Triolo, VP of Customer Success for Respond Software, and Cyber Work podcast host Chris Sienko discuss the Federal Cybersecurity Reskilling Academy and the top soft skills that can help you break into a cybersecurity career.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Whether you’re new to cybersecurity or an experienced professional, CompTIA has a certification for you — and training for those certifications is easier than ever with the new on-demand training platform Infosec Skills. This episode of the Cyber Work podcast is a rebroadcast of a webinar featuring Patrick Lane, CompTIA Director of Products, and Jeff Peters, Product Marketing Manager for Infosec. In this podcast, you'll get an overview of CompTIA certifications, learn about potential IT and security career paths and hear questions from live viewers about training and certifications.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Sam Bouso, Founder of Precognitive Inc, and Cyber Work podcast host Chris Sienko discuss current security risks in online retail, fraud prevention, online shopping behavior, and how some fraud prevention strategies can actually hurt online retailers.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Kelly Shortridge, VP of Product Strategy at Capsule8, and Cyber Work Podcast host Chris Sienko discuss how for introduce security teams early into the product development process, as well as cognitive biases in security decision-making at all levels of employment from analysts to CISOs.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Gene Yoo, who's worked for Sony, Warner Bros, Coca-Cola, and other megacorporations, and Cyber Work podcast host Chris Sienko, discuss the specific needs for these large companies, how to recover from cyber attacks, career strategies, and gender parity cybersecurity.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Nir Gaist, Founder and CTO at Nyotron, and Cyber Work podcast host Chris Sienko, discuss Nir's cybersecurity journey (which started from hacking at the age of 6), the cyber skills gap and how to present yourself to hiring managers.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Bob Stevens, VP of Americas at Lookout, and Cyber Work Podcast host Chris Sienko, discuss election cybersecurity strategies, tips and ramifications for 2020.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Security awareness programs help organizations achieve the ultimate goal of fewer security incidents, but how do the benefits compare to the costs and time requirements? A new study by Osterman Research uses data from 230 organizations to answer this question and quantify the ROI of security awareness training for both large and small organizations. This episode of the Cyber Work Podcast is a rebroadcast of a webinar featuring Michael Osterman, President and Analyst at Osterman Research, and Lisa Plaggemier, Chief Evangelist at Infosec. In this podcast, you'll learn how to calculate security awareness ROI at your organization, the opportunity cost of not having an awareness program and the costs and returns of security awareness training.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

John Wheeler, Vice President of Security at Topcoder, and Cyber Work host Chris Sienko discuss hyperspecialization in cybersecurity and coding.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Scott Madsen, CEO of Cingo Solutions, and Cyber Work host Chris Sienko discuss transferring into cybersecurity from another career, the importance of transparency in job listings and ways to fix the cyber skills gap.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Gary Berman, creator of The Cyberhero Adventures: Defenders of the Digital Universe comic book series, and Cyber Work host Chris Sienko discuss Berman's long history of being hacked, how we overcame it, and his new cybersecurity comic books series aimed to educate from his mistakes.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Celebrate National Cybersecurity Awareness Month by learning about privacy with IAPP's Channel Sales Manager Byron Johnson — plus get 30 days of free training with Infosec Skills! This episode of the Cyber Work podcast is a rebroadcast of a webinar featuring Byron Johnson. In this podcast, you'll learn everything you need to know about the shifting privacy landscape, including how privacy is changing cybersecurity, privacy skills and how they apply to different cybersecurity roles, the future of online privacy and data protection laws and privacy certification and career questions from live viewers.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Tia Hopkins, Vice President of Global Sales Engineering at eSentire, and Cyber Work host Chris Sienko discuss Hopkins' past in physical networking, her pursuit of education and how she advanced her career.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Dave Farrow discusses his unconventional career journey and the intersection of engineering and cybersecurity.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Atif Mushtaq, founder and CEO of SlashNext, and Cyber Work host Chris Sienko discuss the current and future trends of web-based phishing and malware attacks.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Celebrate National Cybersecurity Awareness Month by learning how to start a cybersecurity career with CompTIA's Chief Technology Evangelist James Stanger — plus get 30 days of free training with Infosec Skills! This episode of the Cyber Work Podcast is a rebroadcast of a live webinar featuring James Stanger. In this podcast, you'll learn everything you need to know about getting started in cybersecurity, including using the CompTIA career path to build your skills and land your first cybersecurity job, why Security+ has become the go-to entry-level cybersecurity certification, the different types of entry-level cybersecurity jobs available and how you can train to earn your next CompTIA certification.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast