Normal view

There are new articles available, click to refresh the page.
Before yesterdayInfosec Resources

Long-term cybersecurity career strategies | Guest Maxime Lamothe-Brassard

By: Infosec
7 February 2022 at 08:00

Maxime Lamothe-Brassard, founder of LimaCharlie, has worked for Crowdstrike, Google X and Chronicle Security before starting his own company. This episode goes deep into thinking about your long-term career strategies, so don’t miss this one if you’re thinking about where you want to go in cybersecurity in two, five or even 10 years from now.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:56 - First getting into cybersecurity 
6:46 - Working in Canada's national defense
9:33 - Learning on the job
10:39 - Security practices in government versus private sector
13:50 - Average day at LimaCharlie
16:40 - Career journey
19:25 - Skills picked up at each position 
23:57 - How is time length changing? 
27:53 - Security tools and how they could be
31:34 - Where do security tool kits fail? 
34:04 - Current state of practice and study
37:10 - Advice for cybersecurity students in 2022
38:21 - More about LimaCharlie
39:50 - Learn more about LImaCharlie or Maxime
40:08 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Avoiding hardware-based cybersecurity threats | Guest Jessica Amado

By: Infosec
31 January 2022 at 08:00

Jessica Amado, head of cyber research at Sepio Systems, discusses hardware-based cybersecurity threats. We’ve all heard the USB in the parking lot trick, but Amado tells us about the increasingly complex ways cybercriminals bypass hardware safeguards, and lets you know how to make sure that the keyboard or mouse you’re plugging in isn’t carrying a dangerous passenger.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:30 - Initial cybersecurity draw
6:30 - Day-to-day work as head of cybersecurity research
8:44 - How Amado does research
9:37 - Amado's routine 
10:35 - Hardware-based ransomware
13:00 - Other hardware threat factors
17:54 - Security practices with USBs
20:10 - How to check hardware
21:52 - Recommendations on security protocols
23:57 - The future of ransomware and malware
27:20 - How to work in hardware security 
31:35 - Cybersecurity in other industries
32:33 - Advice for cybersecurity students 
34:11 - Sepio Systems 
35:58 - Learn more about Sepio or Amado
36:23 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

What does a cloud security engineer do? | Cybersecurity Career Series

By: Infosec
27 January 2022 at 08:00

Cloud security engineers design, develop, manage and maintain a secure infrastructure leveraging cloud platform security technologies. They use technical guidance and engineering best practices to securely build and scale cloud-native applications and configure network security defenses within the cloud environment. These individuals are proficient in identity and access management (IAM), using cloud technology to provide data protection, container security, networking, system administration and zero-trust architecture.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– Learn more about the role of cloud security engineer: https://www.infosecinstitute.com/skills/train-for-your-role/cloud-security-engineer/

0:00 - Intro 
0:25 - What does a cloud security engineer do? 
1:55 - How to become a cloud security engineer? 
2:55 - How to gain knowledge for the role
4:43 - Skills needed for cloud security engineers
6:00 - Common tools cloud security engineers use
7:43 - Job options available for this work
8:35 - Types of jobs
9:16 - Can you pivot into other roles? 
11:03 - What can I do right now?
12:33 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Cybersecurity project management: Your career starts here | Cyber Work Live

By: Infosec
24 January 2022 at 08:00

Are you great with details? Do you like juggling multiple projects at once? Is your organization system the topic of awed discussion between your co-workers? Or are you just interested in getting into cybersecurity from a different angle? If so, you might already be a top-notch project manager and not even know it!

Join a panel of past Cyber Work Podcast guests as they discuss their tips to become a project management all-star:
– Jackie Olshack, Senior Program Manager, Dell Technologies
– Ginny Morton, Advisory Manager, Identity Access Management, Deloitte Risk & Financial Advisory

If you’re interested in project management as a long-term career, Jackie and Ginny will discuss their career histories and tips for breaking into the field. If you plan to use project management as a way to learn more about other cybersecurity career paths, we’ll also cover how to leverage those skills to transition into roles.

This episode was recorded live on December 15, 2021. Want to join the next Cyber Work Live and get your career questions answered? See upcoming events here: https://www.infosecinstitute.com/events/

– Want to earn your PMP certification? Learn more here: https://www.infosecinstitute.com/courses/pmp-boot-camp-training/
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

The topics covered include:
0:00 - Intro
0:51 - Meet the panel
3:12 - Why we're talking project management
6:27 - Agenda for this discussion
6:55 - Part 1: Break into cybersecurity project management
7:45 - Resume recommendations for project managers
12:35 - Interview mistakes for project managers
19:22 - Creating your elevator pitch
23:10 - Importance of your LinkedIn page
25:05 - What certifications should I get?
30:38 - Do I need to be technical to be successful?
34:20 - How to build cybersecurity project management skills
38:28 - Part 2: Doing the work of project management
40:47 - Getting team members to lead themselves
44:50 - Dealing with customer ambiguity
47:30 - Part 3: Pivoting out of project management
47:48 - How do I change roles in an organization
51:50 - What's the next step after cybersecurity project manager?
53:43 - How to move from PMing security teams into leading them?
59:05 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

What does a SOC analyst do? | Cybersecurity Career Series

By: Infosec
20 January 2022 at 08:00

Security operations center (SOC) analysts are responsible for analyzing and monitoring network traffic, threats and vulnerabilities within an organization’s IT infrastructure. This includes monitoring, investigating and reporting security events and incidents from security information and event management (SIEM) systems. SOC analysts also monitor firewall, email, web and DNS logs to identify and mitigate intrusion attempts.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– Learn more about the SOC analyst role: https://www.infosecinstitute.com/role-soc-analyst/.

0:00 Intro 
1:20 - What is a SOC analyst? 
1:58 - Levels of SOC analyst
2:24 - How to become a SOC analyst
2:53 - Certification requirements
3:29 - Skills needed to succeed
4:38 - Tools SOC analysts use
5:32 - Open-source tool familiarity 
6:05 - Pivoting from a SOC analyst
6:50 - What can I do right now?
7:32 - Experience for your resume 
8:07 - Outro  

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Top cybersecurity breaches of 2021 | Guest Keatron Evans

By: Infosec
17 January 2022 at 08:00

Infosec’s Principal Security Researcher, instructor and cybersecurity renaissance man Keatron Evans returns to the show for the first in a series of once-quarterly episodes breaking down big stories in the news and cybersecurity trends for the future! We talk Solarwinds, Colonial Access Pipeline, Oldsmar, Keatron’s origin story and why, just like practicing your scales makes you a better musician, master pentesters and security pros got where they did by mastering the art of repetition in learning.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:30 - How did you get into cybersecurity? 
4:00 - What skills did you have early on? 
6:10 - First interaction with Infosec
10:34 - Work as a principal security researcher
13:20 - Machine learning in cybersecurity 
14:14 - Infosec classes
17:28 - Equity in cybersecurity 
20:25 - You don't need a technical background
21:36 - Major security breaches of 2021
22:15 - SolarWinds breach
24:56 - What job roles help stop these breaches?
27:50 - Water treatment plant breach
31:42 - Infrastructure security 
34:30 - President Biden and cybersecurity
39:22 - Supply chain security 
43:20 - Security trends for 2022
49:00 - Projects to keep an eye on
50:52 - Learn more about Evans
51:44 - Outro

💾

What does a security manager do? | Cybersecurity Career Series

By: Infosec
13 January 2022 at 08:00

Security managers develop security strategies that align with the organization's goals and objectives. In addition, they direct and monitor security policies, regulations and rules that the technical team implements. Knowledge in areas like information security governance, program development and management, incident response and risk management are important to success in any security management role.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– Learn more the security manager role: https://www.infosecinstitute.com/role-security-manager/

0:00 - Intro 
0:26 - What does a security manager do? 
3:15 - How do you become a security manager?
4:54 - What education is required for security managers?
5:55 - What certificates are required for security managers?
7:23 - What skills does a security manager need to have?
9:58 - Common tools security managers use
11:48 - Where do security managers work?
13:45 - How well do security managers pivot into other roles?
15:36 - What step can someone take now to become a security manager?
17:27 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Predictions for cybersecurity in 2022 | Guest Andrew Howard

By: Infosec
10 January 2022 at 08:00

Andrew Howard, CEO of Kudelski Security, returns to give us his cybersecurity predictions for 2022! How will cybersecurity protect the supply chain, why is quantum computing on all of his clients' minds, and how would Andrew rewrite security from the ground up if a genie granted him three wishes?

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:00 - Getting into cybersecurity
4:00 - How has the cloud evolved?
6:46 - The past year in cybersecurity
8:20 - The next cybersecurity innovation 
8:57 - Where quantum computing is going
10:15 - Concerns about encryption data
10:54 - The state of ransomware
12:57 - Cybersecurity supply chain issues. 
16:18 - Hybrid work cybersecurity
18:42 - The year of cyber insurance
20:35 - DOD directive to close security gaps
22:15 - What would you change in cybersecurity?
25:45 - What would put phishing out of mind? 
28:10 - Advice to 2022 cybersecurity students 
29:37 - Kudelski Security 
30:58 - Blockchain security in 2022
31:57 - Learn more about Kudelski
32:10 - Outro   

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

What does a penetration tester do? | Cybersecurity Career Series

By: Infosec
6 January 2022 at 08:00

Penetration testers, or ethical hackers, are responsible for planning and performing authorized, simulated attacks within an organization’s information systems, networks, applications and infrastructure to identify vulnerabilities and weaknesses. Findings are documented in reports to advise clients on how to lower or mitigate risk. Penetration testers often specialize in a number of areas such as networks and infrastructures, Windows, Linux and Mac operating systems, embedded computer systems, web/mobile applications, supervisory control data acquisition (SCADA) control systems, cloud systems and internet of things (IoT) devices.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– Learn more about the role of penetration tester: https://www.infosecinstitute.com/role-penetration-tester/

0:00 - Intro 
0:26 - What does a penetration tester do? 
1:10 - Levels of penetration testers
1:50 - How to become a penetration tester
3:08 - Education needed to be a pentester
3:50 - Skills needed to pentest
4:24 - Common tools of the pentester
5:07 - Training with the tools
5:42 - Job options for pentesters
6:36 - Work duty expectations
7:45 - Can you move to a different role?
9:09 - What can I do to become a pentester?
9:54 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Security risks facing streamers on Twitch and YouTube | Guest Roderick Jones

By: Infosec
3 January 2022 at 08:00

Roderick Jones of Concentric talks about security risks facing content creators, influencers, gamers and streamers on Twitch, YouTube and elsewhere. Online harassment is often seen as “part of the package” if you’re going to work in a public-facing streamer community, but Jones knows that this isn’t inevitable, and it is fixable. A future without a shrug-shoulders approach to online abuse?

– Create your free Infosec Skills account: https://infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:37 - How did you get into cybersecurity?
5:30 - Were you scouted for your role? 
6:44 - How did the landscape change?
8:40 - Security intelligence to private sector
11:50 - Daily work at Concentric 
13:25 - Staying up on trends
15:09 - Gaming, streaming and security issues
21:31 - Desentization and online personalities 
25:42 - The future of online access
27:37 - How to protect streamers
31:40 - Censoring on streaming platforms with AI
35:06 - Safeguards streams should have in place
40:06 - Cybersecurity jobs related to streaming security 
41:58 - Being courteous online 
42:43 - More about Concentric
43:58 - Learn more about Jones
44:35 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

High-tech hacking tools and how to defend against them | Guest Bentsi Ben-Atar

By: Infosec
20 December 2021 at 08:00

Bentsi Ben-Atar of Sepio Systems talks about some truly scary high-tech hacking weapons and techniques, from Raspberry Pis in your mouse or keyboard to charging cables that can exfiltrate data from a mile away. What do we do? How do we prepare?

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:18 - Getting into cybersecurity
4:30 - Career highlights 
5:50 - Co-founding two companies 
7:22 - Typical work day at CTO and CMO
11:29 - New stealthy hacking tools
13:08 - Hacking a smart copy machine
17:46 - Stealing data with a Raspberry Pi
26:01 - The ninja cable 
32:11 - Security awareness while traveling 
35:20 - How to work battling high-tech cybercrime
36:35 - Exploring cybersecurity 
37:47 - More about Bentsi’s companies
39:31 - Find more about Bentsi 
39:57 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to work in cloud security | Guest Menachem Shafran

By: Infosec
13 December 2021 at 08:00

On today’s podcast, Menachem Shafran of XM Cyber talks about cloud security. Menachem tells us about the work of project manager and product manager, how the haste to migrate to the cloud can unnecessarily leave vulnerabilities wide open and why a cloud security expert also needs to be a good storyteller.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:40 - Getting into cybersecurity
5:47 - Project manager in cybersecurity
9:12 - Identifying pain points
10:24 - Working as a VP of product
14:09 - Data breaches
16:30 - Critical versus non-critical data breaches
18:19 - Attacker’s market 
19:38 - How do we secure the cloud?
22:45 - A safer cycle of teams
24:40 - How to implement cybersecurity changes
28:50 - How to work in cloud security
30:48 - A good cloud security resume 
33:02 - Work from home and cloud security
34:30 - XM Cyber’s services 
37:21 - Learn more about Menachem
38:00 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to get started with bug bounties and finding vulnerabilities | Guest Casey Ellis

By: Infosec
6 December 2021 at 08:00

On this week’s Cyber Work Podcast, BugCrowd and disclose.io! founder Casey Ellis discusses how to think like a cybercriminal, the crucial need for transparent vulnerability disclosure, the origins of BugCrowd and why mentorship is a gift that goes in both directions.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:15 - Getting into cybersecurity
4:30 - Criminal mindset in cybersecurity
5:49 - Ellis’s career to date 
9:10 - Healthcare cybersecurity
11:47 - Mentoring others 
13:52 - Mentorship as a two-way street
16:12 - Bugcrowd and bug bounty
19:18 - Vulnerability disclosure project
21:30 - Bug bounty popularity 
24:52 - U.S. sanctions on hacking groups
26:52 - Hiring hackers 
31:52 - Pursue specialization 
33:51 - Cyber threats flying under the radar
39:17 - Working from home safely
40:48 - How to get into bug bounties
42:18 - How to report vulnerabilities
44:04 - Advice to begin ethical hacking 
45:23 - Learn more about Ellis 
45:56 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to begin your own cybersecurity consulting business | Guest Kyle McNulty

By: Infosec
29 November 2021 at 08:00

On today’s podcast, Kyle McNulty of Secure Ventures talks about interviewing the people behind the most up-and-coming cybersecurity startups. We discuss the best advice he’s received on the show, how to get your own podcast off the ground and his own security startup, ConsultPlace.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:40 - Getting into cybersecurity
6:00 - McNulty’s education and career
9:50 - Getting into consulting and startups
14:08 - Secure Ventures podcast
17:45 - Best insight from a podcast guest
20:13 - Startup stories 
22:10 - Startups during COVID
23:42 - Advice for startups
25:22 - How to begin a podcast 
33:25 - Tips for cybersecurity newcomers
35:04 - Upcoming podcasts
36:15 - ConsultPlace work 
38:00 - Find more about McNulty
38:42 - Outro

💾

How to disrupt ransomware and cybercrime groups | Guest Adam Flatley

By: Infosec
22 November 2021 at 08:00

On today’s podcast, Adam Flatley of Redacted talks about 14 years spent with the NSA and working in global intelligence. He also delineates the process of disrupting ransomware and cybercrime groups by dismantling organizations, putting on pressure and making the crime of ransomware more trouble than it’s worth!

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:13 - Getting into cybersecurity 
4:27 - Why work for the DoD?
6:37 - Average work day in threat intelligence
9:28 - Main security threats today
11:53 - Issues cybersecurity is ignoring
16:12 - Disrupting ransomware offensively 
23:00 - How to handle ransomware 
25:07 - How do I fight cybercriminals 
27:15 - How to convey self learning on a resume
28:24 - Security recommendations for your company 
31:40 - Logistics of changing security 
34:40 - Cybercrime in five years
36:57 - Learn about Redacted
39:18 - Learn more about Adam
40:00 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to become a cyber threat researcher | Guest John Bambenek

By: Infosec
15 November 2021 at 08:00

On today’s podcast, John Bambenek of Netenrich and Bambenek Consulting talks about threat research, intelligence analytics, why the same security problems are so evergreen and the importance of pitching in a little extra bit of your time and talents to make the world a bit better than you found it.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:45 - Getting into cybersecurity 
9:40 - Threat researcher versus security researcher and threat analyst
12:05 - How to get into a research or analyst role
16:32 - Unusual types of malware
19:03 - An ideal work day
23:06 - Current main threat actors
28:50 - What cybersecurity isn’t addressing
31:38 - Where can I volunteer?
36:02 - Skills needed for threat researchers
40:53 - Adjacent careers to threat research
45:11 - Threat research in five years
48:55 - Bambenek Consulting 
49:35 - Learn more about Bambenek
50:26 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to become a great cybersecurity leader and manager | Guest Cicero Chimbanda

By: Infosec
8 November 2021 at 08:00

On today’s podcast, Cicero Chimbanda, Infosec Skills author and lecturer, discusses his cybersecurity leadership and management courses. We discuss the many paths of a cybersecurity leadership role, the soft skills that separate a good information security manager from a great one and why a baseline of cybersecurity knowledge can enhance any job, even if you don’t plan to pivot into the industry.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:37 - Getting into cybersecurity 
6:43 - First learning cybersecurity
7:54 - Skills needed to move up 
10:41 - CISM certification
13:00 - Two tracks of technology
15:13 - Are certifications important?
18:50 - Work as a college lecturer 
22:43 - Important cybersecurity soft skills
27:40 - Cybersecurity leadership and management 
32:33 - Where to go after security leadership 
35:26 - Soft skills for cybersecurity managers
37:23 - Benefits to skills-based education
39:40 - Tips for lifelong learning
43:46 - Cybersecurity education’s future
45:21 - Outro  

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Cybersecurity collaboration, team building and working as CEO | Guest Wendy Thomas

By: Infosec
1 November 2021 at 07:00

On today’s podcast, Secureworks president and CEO Wendy Thomas talks about the company’s drive to provide innovative, best-in-class security solutions that sit at the heart of customers’ security operations. Thomas shares over 25 years of experience in strategic and functional leadership roles, including work as a chief financial officer, chief product officer and VP of strategy. Thomas has worked across multiple technology-driven companies and has a wealth of knowledge.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro
3:18 - Wendy’s origin in cybersecurity
5:13 - Climbing the career ladder
8:10 - Average day as CEO
10:38 - Collaboration in cybersecurity
13:07 - Roadblocks in collaboration 
15:03 - Strategies to encourage collaboration
17:53 - Is there collaboration now? 
19:30 - Solving technology security gaps
21:35 - Limiting incident response noise
23:10 - Addressing the skills shortage
25:07 - Women in cybersecurity
30:45 - Developing your team
32:53 - Advice for those entering cybersecurity
34:18 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to learn web application security | Guest Ted Harrington

By: Infosec
25 October 2021 at 07:00

On today’s podcast, Infosec Skills author Ted Harrington talks about authoring a recent Infosec Skills learning path, “How To Do Application Security Right,” which is also the subtitle of his recent book, “Hackable: How To Do Application Security Right.” Harrington shares his application security expertise, or AppSec, the benefits of skills-based learning, and what it was like to hack the iPhone.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:00 - Hacking the iPhone 
8:30 - IOT security 
14:00 - “Hackable” book 
17:14 - Using the book as a roadmap
18:42 - Most important skills right now
21:45 - Taking Harrington’s class
24:40 - Demystifying application security
26:48 - Career opportunities
28:26 - Roadblocks in application security
30:55 - Education tips for application security
33:40 - Benefits of skills-based education
37:21 - The skills gap and hiring process
41:19 - Tips for lifelong learners
43:43 - Harrington’s next projects
44:33 - Cybersecurity’s education’s future
45:38 - Connect with Harrington 
46:50 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to become a secure coder | Guest Chrys Thorsen

By: Infosec
18 October 2021 at 07:00

On today’s podcast Infosec Skills author Chrys Thorsen talks about founding IT Without Borders, a humanitarian organization built to empower underserved communities through capacity building information and communications technology (ICT) skills and information access. She’s also a consultant and educator. And, for our purpose, she is the author of several learning paths on our Infosec Skills platform. She has written course paths for Writing Secure Code in Android and Writing Secure Code in iOS, as well as a forthcoming CertNexus Cyber Secure Coder path.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro
2:43 - Thorsen’s origin story in cybersecurity 
4:53 - Gaining about 40 certifications
6:20 - Cross certification knowledge
7:25 - Great certification combos 
8:45 - How useful are certifications?
11:12 - Collecting certifications
13:01 - Changing training landscape
14:20 - How teaching changed
16:36 - In-demand cybersecurity skills
17:48 - What is secure coding?
19:34 - Secure coders versus coders 
20:31 - Secure coding in iOS versus Android 
22:39 - CertNexus secure coder certification
24:13 - Secure coding before coding 
24:42 - Secure coding curriculum 
26:27 - Recommended studies post secure coding
26:50 - Benefits to skills-based education
27:43 - Tips for lifelong learning
29:29 - Cybersecurity education’s future 
30:54 - IT Without Borders
33:38 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Learning Linux is key to building your cybersecurity skills | Guest Jasmine Jackson

By: Infosec
11 October 2021 at 07:00

On today’s podcast, Jasmine Jackson takes us through how you can get noticed on your resume, how Linux basics can set you up for learning other aspects of cybersecurity, and how capture the flag activities are crucial to enriching your work skills. Jackson has over 10 years of information security experience and shares her passion for cybersecurity by presenting and teaching workshops, including new courses now available in Infosec Skills. She is currently the Jeopardy-style capture the flag (CTF) coach for the inaugural U.S. Cyber Games and works as a senior application security engineer for a Fortune 500 company. 

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro
3:08 - Jasmine Jackson’s origin story
4:25 - Winning a computer
6:22 - Jackson’s career path
13:46 - Thoughts on certifications 
19:10 - Ideal job description 
21:01 - Most important cybersecurity skills 
22:54 - Linux fundamentals class
25:07 - What does knowing Linux do for you?
26:35 - How to build upon a Linux foundation
28:51 - Benefits to skills training
29:50 - Tips for lifelong learning
31:30 - Coaching in the U.S. Cyber Games
34:26 - How are team members chosen for the games?
37:47 - An intriguing CTF puzzle 
41:43 - Where is cybersecurity education heading?
43:36 - Learn more about Jackson
46:33 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Cryptography, encryption and building a secure photo app | Guest Alex Amiryan

By: Infosec
4 October 2021 at 07:00

Today's guest is Alex Amiryan, a software developer with over 18 years of experience specializing in cybersecurity and cryptography. Alex is the creator of the popular SafeCamera app, which was the predecessor of Stingle Photos, an end-to-end encrypted, open-source gallery and sync app able to prevent theft by breach. How does it work, and how did Alex come by his obsession for cryptography? Tune in and find out!

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
1:41 - Origin story in cybersecurity
3:38 - Running afoul of the law
4:44 - Beginning your own company
7:10 - Advice on starting a business
9:15 - What is Stingle Photos? 
12:30 - End-to-end encryption
15:20 - Black box storage
17:47 - Encryption safety
19:01 - Preventing photo theft
22:20 - Working in encryption and cryptography
24:24 - Skills needed for encryption and cryptography
26:43 - An "aha" moment 
28:00 - Cryptographer job market 
29:45 - Next steps in cryptography
35:52 - Learn more about Stingle Photos
36:28 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Saving McDonald’s from a possible data breach | Guest Connor Greig

By: Infosec
27 September 2021 at 07:00

This week we chat with Connor Greig of CreatorSphere (creatorsphere.co) about beginning a career in IT at age 17 when he joined Hewlett Packard as an applications engineer, but after just a few weeks was promoted to project manager. He went on to work on secure projects for the British government and was a project manager for secure cloud computing and software development modernization during the WannaCry, Spectre and Meltdown vulnerabilities that were found.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:00 - Origin story
4:58 - Getting into IT
8:53 - Being scouted by HP at 17
11:34 - What did HP see in you?
15:42 - Working with the British government
17:49 - Being fast on your feet
19:51 - Area of specialty 
21:30 - Balancing work and management
25:25 - Saving McDonald's from a data breach
31:58 - McDonald's reaction 
38:56 - Starting your own company
45:25 - Advice for starting your own company
49:15 - How to learn new concepts and skills
53:15 - What's it like being a gay man in cybersecurity?
55:30 - Making cybersecurity more welcoming 
58:15 - Cybersecurity career advice
1:00:33 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Inside the Security Yearbook: Industry trends, career advice and more! | Guest Richard Stiennon

By: Infosec
20 September 2021 at 07:00

Security Yearbook creator Richard Stiennon joins today’s podcast to share his career journey. He talks about creating the first ISP in the Midwest in the ‘90s, the role of the Security Yearbook in telling the history of cybersecurity and the best place to start your cybersecurity career. Hint: It’s not necessarily with the big firms!

– Save 50% on your copy of the Security Yearbook with code "infoseclive": https://it-harvest.com/shop
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Infosec Skills Monthly Challenge
0:50 - Intro 
2:50 - How Richard got started in cybersecurity
7:22 - Penetration testing in the ‘90s
10:17 - Working as a research analyst
14:39 - How the cyberwar landscape is changing
19:33 - Skills needed as a cybersecurity researcher
20:30 - Launching the Security Yearbook
27:20 - Security Yearbook 2021 
29:00 - Importance of cybersecurity history
30:48 - How do cybersecurity investors see the industry
34:08 - Impact of COVID-19 and work from home
35:50 - Using the Security Yearbook to guide your career
40:38 - How cybersecurity careers are changing
43:29 - Current pentesting trends 
47:06 - First steps to becoming a research analyst
48:20 - Plans for Security Yearbook 2022
50:20 - Learn more about Richard Stiennon
51:09 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Diversity, equity and inclusion in cybersecurity hiring | Cyber Work Live

By: Infosec
13 September 2021 at 07:00

Cybersecurity hiring managers, and the entire cybersecurity industry, can benefit from recruiting across a wide range of backgrounds and cultures, yet many organizations still struggle with meaningfully implementing effective diversity, equity and inclusion (DEI) hiring processes.

Join a panel of past Cyber Work Podcast guests as they discuss these challenges, as well as the benefits of hiring diversely:
– Gene Yoo, CEO of Resecurity, and the expert brought in by Sony to triage the 2014 hack
– Mari Galloway, co-founder of Women’s Society of Cyberjutsu
– Victor “Vic” Malloy, General Manager, CyberTexas

This episode was recorded live on August 19, 2021. Want to join the next Cyber Work Live and get your career questions answered? See upcoming events here: https://www.infosecinstitute.com/events/

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

The topics covered include:
0:00 - Intro
1:20 - Meet the panel
3:28 - Diversity statistics in cybersecurity
4:30 - Gene on HR's diversity mindset
5:50 - Vic's experience being the "first"
10:00 - Mari's experience as a woman in cybersecurity
12:22 - Stereotypes for women in cybersecurity
15:40 - Misrepresenting the work of cybersecurity
17:30 - HR gatekeeping and bias
25:56- Protecting neurodivergent employees
31:15 - Hiring bias against ethnic names
37:57 - We didn't get any diverse applicants!
43:20 - Lack of developing new talent
46:48 - The skills gap is "nonsense"
49:41- Cracking the C-suite ceiling
53:56 - Visions for the future of cybersecurity
58:15 - Outro

– Join the Infosec Skills monthly challenge: https://www.infosecinstitute.com/challenge

– Download our developing security teams ebook: https://www.infosecinstitute.com/ebook

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Episode 200 extravaganza! Best of the Cyber Work Podcast (and $1,000 in prizes!)

By: Infosec
30 August 2021 at 07:00

PLEASE NOTE: Around minute 47, I incorrectly say that Eric Milam, author of the definitive report on the BAHAMUT threat group, is employed by HP. He is, in fact, employed by Blackberry. I sincerely apologize to Mr. Milam for the error.

In this special episode, we look back at how the show has evolved over the past three years and celebrate our amazing guests and viewers. You've helped grow the Cyber Work Podcast to nearly a million plays!

To give back, we're launching a brand new way for EVERYONE to build their cybersecurity skills. It's free. It's hands-on. Oh, and did we mention there's more than $1,000 in prizes EVERY MONTH.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Huge thank you to all the past guests who shared their expertise over the past 200 episodes. The timings of everyone in this episode are listed below. Happy listening!

0:00 - Intro
0:42 - Monthly challenges and $1,000 in prizes!
1:30 - Cyber Work Podcast origins 
2:32 - First episode with Leighton Johnson
3:16 - Finding our first guests
3:46 - Keatron Evans on incident response
6:54 - Susan Morrow on two-factor authentication
8:54 - Susan Morrow on GDPR 
11:03 - Susan Morrow on "booth babes" and speaking up
13:20 - Alissa Knight on getting arrested for hacking at 17
16:39 - Alissa Knight on API security
19:14 - Ron Gula on cybersecurity challenges
23:23 - Amber Schroader on the real work of digital forensics
26:19 - Theme of the Cyber Work Podcast
27:01 - Jeff Williams on creating the OWASP Top Ten
31:23 - David Balcar on the biggest APTs
33:46 - Elie Bursztein on breaking into cybersecurity
37:37 - Sam King on AppSec frameworks and analysis
41:17 - Gary DeMercurio on getting arrested for red teaming
47:19 - Eric Milam on the BAHAMUT threat group 
53:39 - Feedback from Cyber Work Podcast listeners
55:16 - Alyssa Miller on finding your career path 
57:24 - Amber Schroader on computer forensics tasks
59:07 - Richard Ford on malware analyst careers
1:02:02 - Career action you can take today  
1:02:19 - Rita Gurevich on reading and learning
1:03:20 - Snehal Antani on transitioning careers
1:04:26 - Promoting underrepresented voices
1:05:09 - Mari Galloway on women in cybersecurity
1:05:31 -  Alyssa Miller on diversity "dog whistles"
1:10:11 - Christine Izuakor on creating role models
1:10:52 - We want to hear your story
1:11:40 - Monthly challenges and outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

How to excel at penetration testing | Guest Gemma Moore

By: Infosec
23 August 2021 at 07:00

Gemma Moore of Cyberis Limited talks about her incredible pentesting career and shares her advice for aspiring pentesters. She also discusses security as it regards the human cost of social engineering, which is the title of a recent article Gemma wrote. 

– Download our ebook, Developing cybersecurity talent and teams: https://www.infosecinstitute.com/ebook
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
0:00 - Intro
5:26 - Becoming a world-class pentester
13:55 - 2004 pentesting versus now
17:25 - Early years of pentesting 
19:30 - Natural skills to be a pentester
23:12 - Advice for aspiring pentesters 
25:50 - Working in pentesting 
27:50 - Red teaming 
31:08 - How to be a great pentester
33:04 - Learn about CREST
36:13 - What should be on my resume?
37:45 - Cyberis Limited 
40:25 - Diversity and inclusion 
43:42 - The human cost of social engineering
50:06 - Training staff positively
52:54 - Current projects
54:20 - Outro 

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Becoming an ethical hacker with Offensive Security | Guest Ning Wang

By: Infosec
16 August 2021 at 07:00

Ning Wang of Offensive Security talks to us about her role as CEO of Offensive Security. In her role she is responsible for the company culture, vision, strategy and execution. We talk about Wang’s cybersecurity journey, her direction at OffSec and the ways that white hat hackers can be recruited into the industry, possibly riding the interest of big news-story hacking events like the Colonial Pipeline hack to do so.

– Download our ebook, Developing cybersecurity talent and teams: https://www.infosecinstitute.com/ebook
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
2:21 - Origin story
5:31 - Changing careers 
7:46 - Skills learned throughout Wang’s career
11:46 - Taking a chance on a new career
12:50 - What is Offensive Security? 
16:19 - Try harder mindset
19:42 - Offensive Security certification
23:02 - Recruiting ethical hackers
28:12 - Civic responsibility 
33:10 - Ethical hacking job specialties 
36:49 - Tips for ethical hacking learners
40:09 - Women in cybersecurity 
43:56 - Offensive Security’s future 
46:35 - Feedback from students
48:11 - Learn more about Wang OS
48:48 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

Consumer protection careers: Fraud, identity theft and social engineering | Guest Adam Levin

By: Infosec
9 August 2021 at 07:00

Adam Levin of CyberScout talks to us about scams, identity theft and more across the cybersecurity industry from the 1970s until today. He also tells us about his podcast, What the Hack with Adam Levin, which is focused on hacking, fraud and theft.

– Download our ebook, Developing cybersecurity talent and teams: https://www.infosecinstitute.com/ebook
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Intro 
3:01 - Origin story
7:07 - Bank safety in the old days
8:02 - Fraud and scams over the years
9:27 - Tactics today
13:15 - Scam experiences
14:33 - Scam embarrassment and stigma
18:17 - What the Hack podcast
20:22 - A taste of What the Hack
21:28 - How do you pursue stories for the podcast?
25:38 - How do you structure episodes?
26:44 - Humor in cybersecurity environment
28:43 - Work from home balance
30:25 - What is hot in fraud right now
36:50 - Credit reports
38:28 - Consumer protection and fraud careers
42:53 - Cyber savvy countries 
44:31 - Predictions on fraud evolution
48:26 - Benefit to nationwide education?
50:42 - Optimism for security education
52:26 - Find out more about What the Hack
52:58 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

💾

❌
❌