How can you stand out from the crowd when applying for your dream cybersecurity job, and how much should you make? Karl Sharman, a cybersecurity staffing and recruiting pro at BeecherMadden, answers those questions and more on today's episode. Learn how to get your foot in the door, how organizations can avoid writing Magical Unicorn Candidate job descriptions, and why the cybersecurity career landscape is closer to a diamond than a pyramid in shape.

– Free election security resources: https://www.infosecinstitute.com/iq/election-security-training/
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Karl Sharman is a former Head of Recruitment in Football (Soccer) that assisted in selling £1 million worth of talent for a variety of clubs. Since switching to cybersecurity recruitment in 2017, Karl is now the North America Practice Leader for prominent cybersecurity recruitment company, BeecherMadden. With 10 years of recruitment experience, he helps organizations identify, acquire and retain talent in the cybersecurity and risk management sector across North America. He consults the industry on career paths, salary benchmarking, talent pools, and recruitment and retaining strategies. Karl was featured in the top 1% of Search & Staffing Professionals globally by LinkedIn, and BeecherMadden won security recruitment company of the year for 2019.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

The 2020 presidential election is just around the corner, and cybersecurity is once again at the forefront. From disinformation campaigns and election-related vulnerabilities to lockdowns and vote by mail efforts due to COVID-19, we cover it all — and more — in this jam packed episode featuring returning favorite, John Dickson, Principal at Denim Group, Ltd.

– Free election security resources: https://www.infosecinstitute.com/iq/election-security-training/
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd.  He has nearly 20 years of hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO’s) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Explore the hidden corners of the internet and the stolen identities that live there with today's guest, Amyn Gilani, Vice President of Product at 4iQ. He talks about his path from red teaming to cyber attribution intelligence, where bad guys hide on the internet, and what it's like to be “on a mission to unmask cybercriminals.”

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Amyn Gilani is the Vice President of Product at 4iQ, a Los Altos-based adversary intelligence company. Previously, he was a Chief Technologist at Booz Allen Hamilton where he provided expertise to federal and commercial clients focusing on incident response, red teaming, threat hunting and cybersecurity operations engineering. Prior to joining Booz Allen, Amyn was a Vice President in Information Security at Goldman Sachs where he led red team operations and emulated sophisticated attacks against securities trading platforms and payment systems. He began his career serving in the United States Air Force as an intelligence analyst and was on detail at the National Security Agency and United States Cyber Command.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Put on your white hat and learn how to hack for the good guys! Ethical hackers use the same techniques used by cybercriminals to assess an organization’s vulnerabilities and help keep them safe. Join Keatron Evans, Infosec instructor and Managing Partner at KM Cyber Security, in this audio rebroadcast of a popular webinar. You'll learn about getting started in ethical hacking, in-demand ethical hacking skills, popular ethical hacking training and certifications, common ethical hacking jobs and career paths, and more.

– View the webinar recording of this episode on YouTube: https://www.youtube.com/watch?v=n3tl43QpnXM
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Keatron Evans is regularly engaged in training, consulting, penetration testing and incident response for government, Fortune 50 and small business. In addition to being the lead author of the best selling book, Chained Exploits: Advanced Hacking Attacks from Start to Finish, you will see Keatron on major news outlets such as CNN, Fox News and others on a regular basis as a featured analyst concerning cybersecurity events and issues. For years, Keatron has worked regularly as both an employee and consultant for several intelligence community organizations on breaches and offensive cybersecurity and attack development. Keatron also provides world class training for the top training organizations in the industry, including Infosec Flex live boot camps and the Infosec Skills on-demand skill development platform.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Is what you're watching real, fake or a combination of both? Machine learning and artificial intelligence make it easier than ever to blur those lines, and cybercriminals are already exploiting the technology. Today's guest is Infosec Skills author Emmanuel Tsukerman, who literally wrote the book on machine learning for cybersecurity. He discusses the deep learning applications of cybercrime, how machine learning technologies are being used by security professionals, and ways you can leverage these new skills to help boost your cybersecurity career.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Dr. Tsukerman graduated from Stanford University and UC Berkeley. He began his cybersecurity career in a small startup as a cybersecurity data scientist, where he developed a machine-learning-based anti-ransomware solution that won the Top 10 Ransomware Products award by PC Magazine. In addition, Dr. Tsukerman designed a machine-learning malware detection system for Palo Alto Network's firewall service, securing over 30,000 enterprise customers in real time. He is the author of the “Machine Learning for Cybersecurity Cookbook” and the popular Infosec learning paths “Cybersecurity Data Science” and “Machine Learning for Red Team Hackers.”

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Dive back into the world of Red Team operations with today's guest, John Cartrett of the SpiderLabs team at Trustwave. He leads clandestine-style operations in simulated attacks on organizations to help them find their least expected and most dangerous vulnerability points and tighten them up. Despite being a newly hot practice that a lot of people are just getting into, John has been red teaming for five years, with another thirteen years before that of IT experience and other forms of offensive testing.

Listeners are always asking how to get started in red teaming and what they need to know to get on that ladder, so we'll be talking about career strategies and skill sets — but I also want to know whether anything has changed or will now change in the light of the current global COVID-19 pandemic.  With red team staffs currently scattered and isolating at home and the economy suffering, will this change the nature of red teaming now or in the years to come?

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

John is a Principal Consultant and the Red Team lead for the SpiderLabs team at Trustwave. His responsibilities mainly include managing all red team services in the Americas from start to finish, as well as being a subject matter expert on red team services globally. He has eighteen years of information technology experience and ten years of offensive testing experience with the last five years focused on clandestine-style Red Teaming. He has directed and executed close to one hundred full-scope red team operations for organizations of all sizes and geographic locations. He has obtained many certifications from organizations such as Microsoft,Cisco, GIAC and Offensive Security, as well as attended thousands of hours of skills-based training.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Digital forensics is an interesting field, but one that also can be a bit murky. It's handled in different ways in the private sector, military scenarios or government applications. (Spoiler: If you perform investigations on extremists and terror groups, be prepared to watch some fairly disgusting videos.) Learn all about military digital forensics and incident response from today's guest, Daniel Young, managing partner and co-founder of QuoLab Technologies. He discusses what it's like working on huge multi-person operations in the DoD and Air Force, as well as the importance of comprehensive threat information sharing, both internally and externally.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

With nearly 15 years of experience in digital forensics and incident response, Dan Young helps drive the overall direction of his new company, QuoLab Technologies, a developer of a collaborative and threat driven Security Operations Platform (SOP). Prior to QuoLab, Dan was involved with the U.S. Department of Defense and United States Air Force in several digital forensics analyst positions. Dan is very passionate about bridging the gap between technological efficiency and human ingenuity, and firmly believes that our best way forward as an industry is to focus on collaboration and data sharing at all levels.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Regulation never rolls backwards. Once passed and enforced, it is only a matter of time before every state in the U.S. adopts new regulations like the California Consumer Privacy Act (CCPA). Join Scott Madsen, CEO at Cingo Solutions, and Jeff Dennis, Head of Privacy and Data Security at Newmeyer Dillion, for expert advice to help you stay compliant in 2020 and beyond.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Learn how cybersecurity professionals can deal with the changing compliance landscape, including what organizations are affected by CCPA and equivalent laws, why IT and security pros need regulatory compliance expertise, and how to build privacy and compliance into your overall cybersecurity strategy.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Organizations may be hesitant to share attack vectors, data breaches and other cybersecurity information, but that siloed approach is holding cybersecurity back, says Cody Cornell, co-founder and CEO of Swimlane. On today's episode, Cody discusses the open sharing of security information, how it can transform cybersecurity from a source of consternation into an opportunity and ways to get your company to buy into this new way of thinking.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Cody is responsible for the strategic direction of Swimlane and the development of its security automation and orchestration solution. His passion for open exchange of security information and deep vendor integration drives him to pursue opportunities to maximize the value his customers receive from their investments in security operations. In 2011, Cody co-founded Phoenix Data Security Inc., a cybersecurity professional services organization known for their ability to blend strategy and engineering with an organization’s business requirements. After beginning his career in the U.S. Coast Guard, Cody spent 15 years in IT and security, including roles with the U.S. Defense Information Systems Agency, Department of Homeland Security, American Express and IBM Global Business Services.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Patrick Craven, the director of (ISC)²'s Center for Cyber Safety and Education, teaches kids how to be safe on the internet, and he does so with the persuasive power of Garfield! On today's episode, Patrick discusses the goals of the center, including how they received exclusive use from Jim Davis to use his characters to teach internet safety to kids, teens, parents and the elderly. He also shares tips for staying safe online and how to help friends, family and loved ones stay safe from bad actors on the internet.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Patrick Craven has over 30 years of experience working within the non-profit industry and has held various C-Level executive leadership roles across the country at notable charitable organizations such as Big Brothers Big Sisters, Vietnam Veterans Memorial Fund and the Boy Scouts of America. As Director for the Center for Cyber Safety and Education, he is responsible for all business operations, supporting the Board of Trustees, service delivery, providing leadership to employees and volunteers, managing multiple income streams, overseeing marketing and business development functions, new program development and liaising with external agencies. Patrick has been successful across the country developing innovative and award-winning marketing, advertising, sales, management and fundraising programs. He has a bachelor's in communication from Xavier University (Cincinnati, OH). Patrick is also a member of the ECPI University, Lake Mary Campus’ Program Advisory Board, Cyber and Network Security.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Explore the world of military cybersecurity careers, capture-the-flag (CTF) competitions and offensive security with Ken Jenkins, CTO of By Light’s Cyberspace Operations Vertical. Ken discusses the various jobs he held in the military, conducting computer forensics investigations and some of the best run CTFs being held today.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Ken Jenkins currently serves at the Chief Technology Officer of By Light’s Cyberspace Operations Vertical and leads the organization’s EmberSec team. He brings more than 24 years of Information Technology and Cybersecurity expertise to his work in red teaming, penetration testing, threat hunting, threat emulation, incident response and systems engineering. Ken is also a decorated combat veteran and retired soldier. His active duty responsibilities covered operations and defense of DoD networks and battle command systems. Ken regularly completes in Capture the Flag competitions and is a technical mentor to the Cyber Patriot Program. He earned his bachelor's in Technical Management from DeVry university and holds over 30 commercial certifications, including CISSP, OSCP and many more.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Learn all about fuzzing and application security with repeat guest Dr. Jared DeMott, CEO and founder of VDA labs. The last time he appeared (October 2018), the focus was on Internet-of-Things (IoT) security, but Jared is also the author of Fuzzing for Software Security Testing and Quality Assurance. In this episode we go deeper into continuous integration and deployment (CI/CD), fuzzing, dynamic analysis security testing and other AppSec tools, as well as practical tips and suggestions for entering the field.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Dr. Jared DeMott is the Founder & CEO of VDA Labs, a full-scope cybersecurity company. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB and others. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the U.S. Military Academy. Jared is a Pluralsight author, and is often interviewed by media to weigh in on cyber matters.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Learn how to transition into a career in cyber risk in this episode featuring Ryan Wallace, a cyber risk analyst at HORNE Cyber. Ryan was a small business owner specializing in branding, graphic design and consulting before transitioning into cybersecurity. It’s important to note that cybersecurity professionals come from all walks of life, and you can do your job really well and pursue opportunities in the cybersecurity field even if you haven’t been hacking into government mainframes since childhood! We talk about transferable skills from non-security to security roles, soft skills you need for both and climbing the ladder on the cyber risk analyst path.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Ryan Wallace is a cyber risk supervisor at HORNE Cyber where he specializes in IT risk related assurance services. He provides analytic expertise regarding policy design and implementation as well as IT compliance. Ryan also consults on information systems environment compliance and management for public and middle-market clients. Ryan joined the firm in 2014 with previous experience as a small business owner specializing in branding, graphic design and consulting. Ryan earned a Bachelor of Accountancy at Mississippi State University.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Take a deep dive into worms, spam, hijacked accounts, fraudulent transactions and more in this week's episode featuring Fang Yu, CTO of fraud detection platform DataVisor. Fang discusses her work developing algorithms and building systems for identifying malicious traffic, the process of co-founding a security startup and lessons learned from seven years at Microsoft.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Fang started in the Microsoft cybersecurity research department with her DataVisor co-founder, Yinglian Xie,  before the two started their company. Fang received her Ph.D. degree from the EECS Department at University of California at Berkeley. Her interests center on “big-data for security.” Over the past 10 years, she has been developing algorithms and building systems for identifying various malicious traffic such as worms, spam, bot queries, faked and hijacked account activities, and fraudulent financial transactions. Fang has published many papers at top security conferences and filed over 20 patents. Product wise, she has helped different online services combat large-scale attacks with multiple successful stories. DataVisor’s customers are an impressive bunch, they span the likes of Alibaba, Pinterest, LetGo, most major U.S. banking institutions and some of the largest Chinese insurance companies.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

A massive number of Infosec students have come to us as part of the military, Pentagon, Department of Defense or other government departments, and it’s likely that many listeners and learners are interested in a career in cybersecurity that could lead to a career in the government. If so, you’re going to find this episode quite interesting and enlightening.

Today’s guest is Chad Hardaway, deputy director of the University of South Carolina’s Office of Economic Engagement and a founding faculty member of the new Master's Program of Engineering Entrepreneurship and Innovation in the College of Engineering and Computing. The University of South Carolina Office of Economic Engagement created SC Cyber to be the central point of focus for academic, government and corporate collaboration in the area of cybersecurity. The results are a strong and connected pipeline between the academic study and research of cybersecurity strategies and military and government applications for them.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

It’s been a while since we’ve talked penetration testing and offense-oriented network security on the show, and I know some of you have been asking for it, so today’s your lucky day!

On the show we have Dr. Wesley McGrew, the director of Cyber Operations for HORNE Cyber. We’re going to talk about going on the offense as a good defense, the current state of pentesting and the raw work of reverse engineering malicious software and vulnerability testing. If you’re looking for the type of job that gets you out on the cybersecurity battlefield and fighting the bad guys, you’re going to want to give this episode your undivided attention!

Wesley McGrew is the author of penetration testing and forensic tools used by many practitioners. He is a frequent presenter at DEF CON and Black Hat USA. At the National Forensics Training Center, he provided digital forensics training to law enforcement and wounded veterans. As an adjunct professor he designed a course he teaches on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. This effort was undertaken as part of earning National Security Agency CAE Cyber Ops certification for the university. He has presented his work on critical infrastructure security to the DHS joint working group on industrial control systems. Wesley earned his Ph.D. in computer science at Mississippi State University for his research in vulnerability analysis of SCADA HMI systems used in national critical infrastructure. He served as a research professor in MSU’s Department of Computer Science & Engineering and Distributed Analytics and Security Institute.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Kevin O’Brien is the CEO and Co-founder of GreatHorn, a high-growth, venture-backed email security company based in Boston, Massachusetts, that is focused on solving phishing, credential theft, malware, ransomware and business email compromise for cloud email platforms, and was named a Gartner Cool Vendor, RSA Innovation Sandbox finalist and Infosec Awards Cutting Edge winner. If you are well on your way up the cybersecurity career ladder, you might think that startup would be the next step. Kevin and Cyber Work podcast host Chris Sienko tell us about his career to that point and some of the highlights and pitfalls of such a massive endeavor.

Currently CEO and co-founder of email security company GreatHorn, Kevin O’Brien is a frequent speaker, commentator and author that advises customers and the public on data security and privacy issues. With 20 years of deep cybersecurity expertise, most notably with CloudLock (Cisco), Conjur (CyberArk) and @stake (Symantec), Kevin also serves as co-chair for the Mass Technology Leadership Council’s cybersecurity group. Outside of security, Kevin is a lifelong martial artist, avid skier and amateur sailor.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast


About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Ted Shorter, CTO and Co-founder of Keyfactor, and Cyber Work host Chris Sienko discuss a research report published by Keyfactor in December showing that many of the IoT and network devices in use today are leveraging weak digital certificates, potentially exposing them to attack.

Ted is going to talk about the report, the danger of so-called “predictable randomness,” the raw work of cryptography in keeping devices like these safe, the importance of building security into their devices during design and development, and some career advice for those who might like a career in cryptography.

Ted Shorter is the chief technology officer and co-founder at Keyfactor. Ted has worked in the security arena for over 20 years, in the fields of cryptography, application security, authentication and authorization services, and software vulnerability analysis. His past experience includes 10 years at the National Security Agency, a Master’s Degree in Computer Science from The Johns Hopkins University and an active CISSP certification.

As a computer scientist and team lead at NSA, Ted briefed high-level government officials, including Presidential advisors and members of the Joint Chiefs of Staff. Ted also served as lead software developer on a contract with the Department of Defense to integrate Biometric authentication with the DoD Common Access Card program. He lives in Akron, Ohio with his wife and two sons. Ted is an accomplished musician and played in a rock band for a number of years in Baltimore, MD. He is a passionate sports fan, and actively follows baseball, football and various forms of auto racing.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Robert McMillen, an Infosec Skills course creator and cybersecurity consultant, discusses his early experiences as an IT consultant, the perpetual changes of the IT career landscape, his work with IT course creation, and tips on how to keep your cybersecurity and IT skills fresh and employable.

Robert McMillen is the past President and founder of All Tech 1, LLC., a Portland, Oregon-based network consulting company. In 2017, the company was sold to Blackpoint-IT Consulting based out of Seattle.

Some of his higher profile jobs have been restoring email for the government to prosecute Enron executives, training the network vulnerability assessment team for the U.S. Army, and performing wireless security auditing for the State of Washington. The NSA also requested an interview, but he decided he had enough people looking over his shoulder for now.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Infosec Skills is kind of a big deal.  The interactive learning platform boasts 500+ cybersecurity courses featuring cloud-hosted cyber ranges, hands-on projects, customizable certification practice exams, skill assessments and other features. John Wagnon, Senior Solution Developer at F5 Networks, is a course creator for Infosec Skills and has created an informative and in-depth study of the OWASP Top 10 list.  John and Cyber Work host Chris Sienko talk about skills-based education, in-demand job skills, learning programming on your own and, of course, the OWASP Top 10.

John is a Senior Solution Developer for F5 Network’s DevCentral technical community. In this role, he helps analyze and solve complex problems for F5 users all over the world. He frequently writes articles and records videos that are featured on the DevCentral website. Prior to his work at F5, John was a Communications Officer in the US Air Force where he specialized in ground and satellite networks. After leaving the Air Force, he worked for a technology consulting firm where he analyzed cyber-attacks against U.S. Department of Defense computer systems and networks. John holds a Bachelor of Science in Computer Engineering and a Master of Science in Computer Networks.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

From fraud to extortion to intellectual property theft, new cybercrimes are being committed daily. Digital forensics and incident response (DFIR) professionals help piece together those crimes so that organizations can better protect themselves — and the bad guys get prosecuted.

This episode of the Cyber Work Podcast is a rebroadcast of a webinar featuring Cindy Murphy, President at Gillware Digital Forensics. In this podcast, you’ll get the inside scoop on what it’s like to be a DFIR professional from someone with more than 25 years in the field and learn practical information on how to kickstart a career in DFIR.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Adam Darrah, Director of Intelligence at Vigilante ATI and an expert on Eurasian political machinations, specifically about Russia and disinformation campaigns, and Cyber Work Podcast host Chris Sienko discuss foreign vote tampering and all other election security concerns for 2020. 

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Cyber Work just hit a huge milestone — 100 episodes — and we're giving all our fans an entire month of free training to celebrate! Just use the code "cyberwork" to claim your free month of Infosec Skills.

1. Go here: https://www.infosecinstitute.com/skills/
2. Click the "Get Started" button under monthly ($34) and create your account (direct link: https://flex.infosecinstitute.com/portal/skills/subscription/monthly)
3. On the payment page, enter the coupon code "cyberwork" to get your first month for free.

Happy learning!

Irena Mroz, VP and Co-founder of Nucleus Cyber, and Cyber Work Podcast host Chris Sienko discuss all things internal threats, from intentional and malicious attacks to poor employee practices and awareness. Vi

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Mari Galloway, CEO of Women's Society of Cyberjutsu, and Cyber Work Podcast host Chris Sienko discuss Mari's career journey, the ethos of Women's Society of Cyberjutsu, and insights on how to diversify the cybersecurity workforce.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Evan Reiser, CEO of Abnormal Security, and Cyber Work Podcast host Chris Sienko discuss where email attacks are headed in 2020 and how AI and machine learning can help detect business email compromise.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Are your employees prepared to protect the cardholder data they process, store and transmit? With over 120 billion card payments — or $6.48 trillion dollars in transactions — processed yearly in the U.S. alone, it’s easy to see why payment card fraud remains on hackers’ holiday wish lists this season and beyond. This episode of the Cyber Work podcast is a rebroadcast of a webinar featuring Elizabeth Terry, Community Engagement Manager at PCI Security Standards Council, and Lisa Plaggemier, Chief Evangelist at Infosec. In this podcast, you’ll learn how to build, communicate, and report on an engaging awareness program that complies with PCI DSS requirements.

– Watch the video version: https://www.youtube.com/watch?v=zFQNt99qocs
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Chris Triolo, VP of Customer Success for Respond Software, and Cyber Work podcast host Chris Sienko discuss the Federal Cybersecurity Reskilling Academy and the top soft skills that can help you break into a cybersecurity career.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Whether you’re new to cybersecurity or an experienced professional, CompTIA has a certification for you — and training for those certifications is easier than ever with the new on-demand training platform Infosec Skills. This episode of the Cyber Work podcast is a rebroadcast of a webinar featuring Patrick Lane, CompTIA Director of Products, and Jeff Peters, Product Marketing Manager for Infosec. In this podcast, you'll get an overview of CompTIA certifications, learn about potential IT and security career paths and hear questions from live viewers about training and certifications.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast