The story of today's guests is ripped straight from the headlines. Gary DeMercurio and Justin Wynn, both of the company Coalfire, were arrested at the Dallas County Courthouse while doing red team pentesting for the State of Iowa’s judicial branch. Their story is fascinating, and they discuss that fateful night as well as ways in which similar incidents could be avoided in the future. You can’t be too timid as a red teamer, they say. "If you're bragging as a red teamer about how you've never been caught, you're not pushing the operation as far as you should. You SHOULD be caught sometimes."

– Get your free security awareness toolkit: https://infosecinstitute.com/ncsam2020
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Gary DeMercurio runs one of the largest groups in Coalfire Labs as a Senior Manager working with technologies every day. His expertise focuses on social engineering, physical testing and network devices. At Coalfire, Gary manages day-to-day business involved with FedRAMP, PCI, HIPPA and penetration testing, while helping to spearhead the physical and social engineering portion of testing.

As a Senior Security Consultant, Justin Wynn is responsible for actively compromising and reporting on virtual environments typically encountered at Fortune 500 companies. Justin performs wireless, physical, red team and social engineering engagements. Justin also conducts research to include the production of open-source models for printing/milling to aid in red team engagements, with specific regard to tool gaps in the locksport industry as well as master keys for access control/elevator overrides. Currently, Justin is researching security vulnerabilities in various RFID devices.

About Infosec
At Infosec, we believe knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with certifications and skills training. We also empower all employees with security awareness training to stay cybersafe at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations to defend themselves from cybercrime. It’s what we do every day — equipping everyone with the latest security skills and confidence to be safe online. Learn more at infosecinstitute.com.

Despite being told she was “too young, too inexperienced, and too naïve” to contribute anything to the industry, Christine Izuakor decided to pursue a Ph.D. in Security Engineering at the age of 23. Four years later she completed the program, making her the youngest student and first African American woman to do so. On today’s episode, Dr. Izuakor talks about being a security engineering prodigy, hiring for a diverse workforce and her new company, Cyber Pop-up, an on-demand cybersecurity service platform powered by vetted freelancers.

– Get your free security awareness toolkit: http://infosecinstitute.com/ncsam2020
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Christine Izuakor is a Houston native, born of two parents who immigrated to America from Nigeria to pursue higher education. Starting from humble beginnings, Christine has always been motivated to maximize on the opportunities her parents and community created for her. In 2013, Christine decided to pursue a Ph.D. in Security Engineering at the University of Colorado. Her research contributions were published in numerous international journals, and she presented in international conferences from South Korea to Rome, Italy. During this entire journey, Dr. Izuakor also maintained a full-time job within the cyber security team of a Fortune 100 company. 

Most recently, in 2020, Dr. Christine Izuakor shook up the industry with her departure from the corporate arena coupled with the launch of her new cybersecurity startup, Cyber Pop-up (www.cyberpopup.com), an on-demand cybersecurity service platform powered by vetted freelancers.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

What exactly is the cloud? And how do you secure infrastructure that is not your own? On today’s episode, Oliver Tavakoli, chief technology officer at Vectra AI, discusses current cloud security best practices as well as tips he’s picked up during his 25-year cybersecurity career. He also has some good advice for people thinking of starting their own company (hint: have cash saved up, you're going to be money-losing for quite a while!).

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Oliver Tavakoli is a technologist who has alternated between working for large and small companies throughout his 25-year career – he is clearly doing the latter right now. Prior to joining Vectra AI, Oliver spent more than seven years at Juniper as chief technical officer for the security business. Oliver joined Juniper as a result of its acquisition of Funk Software, where he was CTO and better known as developer #1 for Steel-Belted Radius. Prior to joining Funk Software, Oliver co-founded Trilogy Inc., and prior to that, he did stints at Novell, Fluent Machines and IBM. Oliver received an MS in mathematics and a BA in mathematics and computer science from the University of Tennessee. 

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Learn all about cybersecurity job hunting with Eric Jeffery, senior managing consultant and solutions architect for IBM Security. Eric created the "Cyber Security Gray Beard" podcast to share his job experiences and help others advance their careers so they too can enjoy professional happiness in the cybersecurity industry. We dive deep into job hunting, rebounding if you've been fired or let go, ways non-technical people can make an impact in cybersecurity and other types of career advice he dispenses on his show.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Eric Jeffery has over 20 years’ experience in cybersecurity and currently works as a senior managing consultant and solutions architect for IBM Security. Eric has extensive industry experience with stints in entertainment, defense, aerospace, healthcare and technology, among others. He’s published numerous articles and spoken at several conferences around the U.S. and Canada. He runs a podcast under the moniker of Cyber Security Grey Beard® where he helps students and early professionals begin and grow in the cybersecurity field. Eric lives outside of Denver, Colorado, with his wife and has four grown children.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

This week we're excited to have back one of the major figures in digital forensics, Paraben CEO Amber Schroader. Amber dives deep into the specific forensics skills you need to be successful, traits that make a good forensics investigator (her best team member is someone with a psychology background!) and the art of understanding language and semantics — all while walking us through key moments of a case. If you're looking towards career advice in computer forensics, get ready to learn from one of the best!

– Don't miss Amber's live forensics demo on Discord: https://www.youtube.com/watch?v=7jdVqtXT5d8
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Amber Schroader is the CEO & Founder of Paraben Corporation. She has spent the last two decades as a driving force for innovation in digital forensics. Amber has developed over two-dozen software programs designed for the purposes of recovering digital data from mobile phones, computer hard drives, email and live monitoring services. In addition to designing technology for digital forensics, she also spearheaded the procedures for mobile and smartphone devices as well as the emerging field of IoT devices. Amber is the patent holder on the EMI shielding container, otherwise known as a Faraday bag, as well as inventor to many other shielding products. Amber has written and taught numerous classes for this specialized field as well as founded multiple certifications in the field. Ms. Schroader continues support through book contributions and other industry speaking engagements.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Get a peek behind the curtain of security architecture careers from Pranshu Bajpai, a security architect with Motorola who recently earned his doctorate in computer science with an emphasis on ransomware research and analysis. Pranshu discusses how to break into security architecture and build the skills you need for that type of a career. In particular, he says academic study at that height mostly prepares you for research and teaching work, and there are there are quicker and easier ways to build up your skill set.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Pranshu Bajpai has research interests in systems security, malware, digital forensics and threat intelligence. He has authored several papers for reputed magazines and journals including IEEE, Elsevier, ACM and ISACA. His work has been featured in various media outlets including Scientific American, The Conversation, Salon, Business Standard, Michigan Radio, GCN, GovTech and others. He is an active speaker at conferences and has spoken at APWG eCrime, DEFCON, GrrCon, Bsides, ToorCon and many others. He obtained his doctorate in Computer Science from Michigan State University and master's in Information Security from Indian Institute of Information Technology. 

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Whose responsibility is privacy, and what skills do you need to effectively implement and carry out new regulations like the right to be forgotten? On today's episode, Gabe Gumbs, Chief Innovation Officer at Spirion, discusses how GDPR and CCPA are affecting cybersecurity careers and how the data privacy job market will shift in the coming years. He also shares his thoughts on the much-discussed cybersecurity skills gap — and why it's never really existed.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Gabe Gumbs has a deep-rooted passion for technology, information security and problem solving. As Chief Innovation Officer of Spirion, a leader in rapid identification and protection of sensitive data, he’s channeling that passion to make the digital world a safer place. By spearheading Spirion’s vision for data privacy in the next decade and beyond, he’s leading the way to a more secure and private future for us all.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Few people know what it's like to help take down a $1.2 billion dollar Ponzi scheme, but that's exactly what today's guest did. Sam Rubin, VP at The Crypsis Group, explains how he had to re-create the crime within a courtroom, as well as the tasks of digital forensics folks at all levels, from intern to the person giving the testimony. There's a good chance you may want to go into a career in forensics after listening to all of Sam's stories.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Sam Rubin is a Vice President at The Crypsis Group, where he leads the firm’s Managed Security Services business, assists clients and develops the firm’s business expansion strategies. Sam is an industry-recognized cybersecurity professional with wide-ranging expertise in data breach incident response, digital forensics and cybersecurity risk management. Sam frequently serves as an expert witness and has provided expert opinions in numerous high-stakes matters, including a landmark civil trade secret misappropriation case, a criminal securities fraud matter and civil litigation stemming from a multi-billion-dollar Ponzi scheme. Sam is a frequent presenter, author and lecturer on cyber-related topics, including digital forensics and incident response, insider threats and information security best practices. Before joining Crypsis in 2017, Sam was at Stroz Friedberg, where he was Managing Director and head of the company’s west region digital forensic practice.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Go deep into the weeds of Threat Modeling with Infosec Skills author Geoffrey Hill. He shares his Arnold Schwarzenegger impersonation, waxes rhapsodic about the Radio Shack TRS-80 computer and explains threat modeling as a controlled form of sci-fi storytelling: "you can imagine a completely different world every day." He also provides excellent insight into the day-to-day duties of a threat modeler. 

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Geoffrey Hill has been in the IT industry since 1990, when he wrote and sold C++ based solutions to measure risk in the commodities markets in New York City. Since then he has worked around the world, specifically New York, Sydney, Tokyo, Emmerich-am-Rhein and London. In the mid-2000s, He was the main custodian of the Microsoft Security Development Lifecycle (SDL) initiative in the UK and then international services organization as part of the Microsoft Security Center of Excellence (SCOE). From 2013 – 2018, he worked as the sole application security architect for Visa Europe in London, where he started Tutamantic Ltd, a producer of software risk automation. Geoff is the inventor of the Rapid Threat Model Prototyping (RTMP) methodology. This threat model methodology allows for quick modelling in Agile and DevOps environments.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

The demand for skilled cybersecurity professionals continues to grow, and effectively closing that gap requires a shared set of expectations around common work roles, core competency areas and upskilling employees.

Join Leo Van Duyn, Cybersecurity & Technology Workforce Development Strategy at JPMorgan Chase & Co., and Bill Newhouse, Deputy Director of the National Initiative for Cybersecurity Education (NICE) to learn how your organization can use the NICE Cybersecurity Workforce Framework (soon to be renamed the Workforce Framework for Cybersecurity) to establish a common language around skill development, provide targeted role-based training, create custom role profiles to match your organization, and better identify, hire and cross-train employees.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Alissa Knight returns as the first ever three-peat Cyber Work guest, and the topic this week is — herself! Recorded at the end of pride month, Alissa talks about the benefits of diversity and inclusion when it comes to cybersecurity, her work hacking Bluetooth LE smart devices, her new company Knight Ink and a concept she’s created called “adversarial content.”

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Alissa Knight is a published author, the managing partner at Knight Ink, principal analyst at Alissa Knight & Associates and group CEO at Brier & Thorn. She is a recovering hacker of 20 years and as a serial entrepreneur has started and sold two companies prior to her ventures she runs now. Alissa is a cybersecurity influencer working for market leaders and challenger brands in cybersecurity as a content creator. Follow her on Twitter and LinkedIn, and subscribe to her YouTube channel to follow her adventures in entrepreneurship and cybersecurity.

– YouTube: https://www.youtube.com/channel/UCejZj1i5m_UlwPqu_7IqBwQ
– Twitter: https://twitter.com/alissaknight?lang=en
– LinkedIn: https://www.linkedin.com/in/alissaknight/

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Today we're discussing a common career path, moving from networking to cybersecurity. Brad Pierce, Director of Network Security for HORNE Cyber, is a former network engineer turned pentesting and security professional. He does a great job of explaining the different skill sets required for network engineering versus cybersecurity, where those skills overlap and tips he picked up during his career transition.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

With 15 years of experience in IT and cybersecurity, Brad Pierce, Director of Network Security for HORNE Cyber, focuses on collaborating with executive leadership teams to strengthen their security posture. He has experience working with organizations in various industries to uncover and remediate vulnerabilities and develop and implement security programs. Brad manages HORNE Cyber’s cybersecurity operations center where he, along with a team of cyber analysts, monitors live network traffic for clients in search of active threats. Brad creates information security awareness programs and guides clients on how to best address cyber risks and remediate vulnerabilities.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

We love red teaming here at Cyber Work, and this week we're excited to explore a topic just few shades down the spectrum: purple teaming! Luke Willadsen of EmberSec dives into the ways combining red and blue team operations can help stress-test your security department — and explains the benefits of a purple team better than we've ever heard it before. He also has some great stuff to say about the importance of soft skills like writing, reporting and, most crucially, empathy, since it may feel like a pentester holds the security team's career in their hands.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Luke Willadsen currently serves as a security consultant with EmberSec, a By Light company. He began his cybersecurity career in the U.S. Navy, where he trained to conduct offensive security operations for the Department of Defense. He participated in daily computer network exploitation missions in support of national intelligence requirements and protection against foreign nation-state sponsored hackers. After separating from the U.S. Navy, Luke joined the start-up company IronNet Cybersecurity where he conducted penetration tests and vulnerability assessments, while also providing product development support and threat hunting capabilities. Following his time at IronNet, Luke worked as a director at a security consulting firm, where he specialized in red teaming, penetration testing, intelligence gathering, threat hunting, digital forensics and technical writing. Luke has an M.S. degree from Eastern Michigan University and is CISSP, OSCP and CEH certified.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Uncover the dark, sticky details of malware, ransomware and other nasties that reside one unguarded click away. On today's episode, Danny Jenkins, CEO and Co-Founder of ThreatLocker®, talks about some of the ways these ever-evolving malware types can ruin your digital life, the nuts and bolts of malware analysis, and why your CISO should be "annoying you if they're doing their job."

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Danny Jenkins is a technical guru with a deep understanding of corporate IT and cybersecurity. He has an entrepreneurial background and two decades of experience in building and securing corporate networks. Before taking the reins at ThreatLocker, Danny held CEO and CTO positions at multiple IT companies and founded a few cybersecurity businesses of his own.  

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Students high school age and younger are getting fast-tracked into cybersecurity. Some are even learning concepts like packet tracing at just six years old, says Victor “Vic” Malloy, an Independent Consultant working with the CyberTexas Foundation as their General Manager. On today's episode, Vic shares his wealth of engaging stories about inspiring young people through the CyberTexas Foundation, getting people of all ages interested in cybersecurity and developing the next generation of the workforce.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Vic earned a bachelor’s degree from the University of North Texas and a master’s degree from Webster University. He had multiple assignments over 13 years working in cyberspace security at multiple network operations and security centers in the U.S. Air Force. His last position in the Air Force was overseeing daily cyber operations tasked missions within the AF Cyberspace Operations Center, which was responsible for the cyber defense of all Air Force global networks and the global employment of cyberspace capabilities to support ongoing combat operations. Previously, he served as Chief Information Officer for National Security Agency/Central Security Service in Texas. 

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Take a deep dive into the world of cyber threat intelligence with today's guest, Charles DeBeck of IBM’s X-Force Incident Response and Intelligence Services. Threat intelligence is all about research and storytelling, combining hands-on know-how with analytical thinking skills to make a true cybersecurity tactician! You’re not just preparing for the battle in front of you, but for the waves of attacks you’ll see in the future. 

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Charles DeBeck is a Strategic Cyber Threat Expert for IBM’s X-Force Incident Response and Intelligence Services. He’s had a connected passel of job titles that encompasses risk management, risk analysis and vulnerability assessment, all of which have helped him in his current position.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

When it comes to your career, should you go red team, blue team or both? Today's guest is QuoLab Technologies Co-Founder Fabien Dombard, who's had roles ranging from penetration tester to malware incident responder to company founder. Fabien shares share thoughts on the skills, disposition and training needed in both defensive and offensive security roles, as well as tips on why you shouldn't be "networking," you should be "making new friends for the future."

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

With over a decade of experience working in several diverse positions, as well as experiencing firsthand the evolution of security practices and technologies found around the world today, Fabien Dombard has been an integral part in building his new company, QuoLab Technologies, a developer of a collaborative and threat-driven Security Operations Platform (SOP). Prior to QuoLab, Fabien began working in small shop penetration testing roles in several European nations, and his renowned expertise and work ethic eventually led to him heading the Malware Incident Response Team for Deutsche Bank — one of the largest financial institutions in the world. He then founded QuoScient, located in Frankfurt, Germany, with the aim to reconcile humans and machines in the context of security operations, incident response and threat intelligence, and it is actually where QuoLab spun out from. Fabien is committed in his professional endeavors to reconcile human creativity and intuition with the complexity of information technology in the context of security operations. It was precisely this passion that drew him to conceptualize QuoLab and is what brings focus to him and his team moving forward.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Information security analyst is the fastest-growing job category in the U.S., with 32 percent overall growth expected between 2018 and 2028. Take advantage of this opportunity and learn about the updated CompTIA CySA+ certification, which was refreshed in April 2020 to align with the most in-demand skills in this growing field.

Join Patrick Lane, Director of Products at CompTIA, in this audio version of our webinar to learn everything you need to know about the latest CySA+ certification and exam (CS0-002), including evolving security analyst job skills, common job roles for CySA+ holders, tips to pass the updated CySA+ exam and questions from live viewers.

– Watch the video version of the webinar: https://www.youtube.com/watch?v=zj9yBtDUH8E
– View the presentation's slides: https://www.slideshare.net/InfoSecInstituteEdu/comptia-cysa-certification-changes-everything-you-need-to-know
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Individuals and organizations are shifting routines to accommodate Coronavirus health concerns, and bad actors are updating their strategies to capitalize on the new opportunities. Aaron Cockerill, CSO of Lookout, discusses how cybercriminals are looking to cash in or otherwise disrupt organizations during the pandemic, as well how workplace security is evolving with so many individuals now working from home.

– Free election security resources: https://www.infosecinstitute.com/iq/election-security-training/
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Aaron Cockerill joined Lookout with nearly 20 years of software product management experience. As the Chief Strategy Officer, Aaron is responsible for developing, validating and implementing cross-functional strategic product initiatives that align with the Lookout vision of a secure connected world. Most recently, he served as VP of Mobile Technologies at Citrix, where he and his team were responsible for the development of Citrix’s mobile apps and container technology, while driving the acquisition of Zenprise. Prior to working on mobile technologies, Aaron drove the creation of Citrix’s desktop virtualization product, XenDesktop, which grew into more than $1 billion yearly revenue for Citrix during his five years of leadership. Before joining Citrix, Aaron worked for Akamai leading product management on their enterprise content delivery solution as well as working on the development and deployment of many of Akamai’s advanced content delivery networking technologies. Prior to that, Aaron led product management for OneSoft’s e-commerce system, and he held multiple positions at BHP Billiton in Australia. He holds a BE Materials (Honors) from Wollongong University, Australia.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

How can you stand out from the crowd when applying for your dream cybersecurity job, and how much should you make? Karl Sharman, a cybersecurity staffing and recruiting pro at BeecherMadden, answers those questions and more on today's episode. Learn how to get your foot in the door, how organizations can avoid writing Magical Unicorn Candidate job descriptions, and why the cybersecurity career landscape is closer to a diamond than a pyramid in shape.

– Free election security resources: https://www.infosecinstitute.com/iq/election-security-training/
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Karl Sharman is a former Head of Recruitment in Football (Soccer) that assisted in selling £1 million worth of talent for a variety of clubs. Since switching to cybersecurity recruitment in 2017, Karl is now the North America Practice Leader for prominent cybersecurity recruitment company, BeecherMadden. With 10 years of recruitment experience, he helps organizations identify, acquire and retain talent in the cybersecurity and risk management sector across North America. He consults the industry on career paths, salary benchmarking, talent pools, and recruitment and retaining strategies. Karl was featured in the top 1% of Search & Staffing Professionals globally by LinkedIn, and BeecherMadden won security recruitment company of the year for 2019.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

The 2020 presidential election is just around the corner, and cybersecurity is once again at the forefront. From disinformation campaigns and election-related vulnerabilities to lockdowns and vote by mail efforts due to COVID-19, we cover it all — and more — in this jam packed episode featuring returning favorite, John Dickson, Principal at Denim Group, Ltd.

– Free election security resources: https://www.infosecinstitute.com/iq/election-security-training/
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd.  He has nearly 20 years of hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO’s) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Explore the hidden corners of the internet and the stolen identities that live there with today's guest, Amyn Gilani, Vice President of Product at 4iQ. He talks about his path from red teaming to cyber attribution intelligence, where bad guys hide on the internet, and what it's like to be “on a mission to unmask cybercriminals.”

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Amyn Gilani is the Vice President of Product at 4iQ, a Los Altos-based adversary intelligence company. Previously, he was a Chief Technologist at Booz Allen Hamilton where he provided expertise to federal and commercial clients focusing on incident response, red teaming, threat hunting and cybersecurity operations engineering. Prior to joining Booz Allen, Amyn was a Vice President in Information Security at Goldman Sachs where he led red team operations and emulated sophisticated attacks against securities trading platforms and payment systems. He began his career serving in the United States Air Force as an intelligence analyst and was on detail at the National Security Agency and United States Cyber Command.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Put on your white hat and learn how to hack for the good guys! Ethical hackers use the same techniques used by cybercriminals to assess an organization’s vulnerabilities and help keep them safe. Join Keatron Evans, Infosec instructor and Managing Partner at KM Cyber Security, in this audio rebroadcast of a popular webinar. You'll learn about getting started in ethical hacking, in-demand ethical hacking skills, popular ethical hacking training and certifications, common ethical hacking jobs and career paths, and more.

– View the webinar recording of this episode on YouTube: https://www.youtube.com/watch?v=n3tl43QpnXM
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Keatron Evans is regularly engaged in training, consulting, penetration testing and incident response for government, Fortune 50 and small business. In addition to being the lead author of the best selling book, Chained Exploits: Advanced Hacking Attacks from Start to Finish, you will see Keatron on major news outlets such as CNN, Fox News and others on a regular basis as a featured analyst concerning cybersecurity events and issues. For years, Keatron has worked regularly as both an employee and consultant for several intelligence community organizations on breaches and offensive cybersecurity and attack development. Keatron also provides world class training for the top training organizations in the industry, including Infosec Flex live boot camps and the Infosec Skills on-demand skill development platform.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Is what you're watching real, fake or a combination of both? Machine learning and artificial intelligence make it easier than ever to blur those lines, and cybercriminals are already exploiting the technology. Today's guest is Infosec Skills author Emmanuel Tsukerman, who literally wrote the book on machine learning for cybersecurity. He discusses the deep learning applications of cybercrime, how machine learning technologies are being used by security professionals, and ways you can leverage these new skills to help boost your cybersecurity career.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Dr. Tsukerman graduated from Stanford University and UC Berkeley. He began his cybersecurity career in a small startup as a cybersecurity data scientist, where he developed a machine-learning-based anti-ransomware solution that won the Top 10 Ransomware Products award by PC Magazine. In addition, Dr. Tsukerman designed a machine-learning malware detection system for Palo Alto Network's firewall service, securing over 30,000 enterprise customers in real time. He is the author of the “Machine Learning for Cybersecurity Cookbook” and the popular Infosec learning paths “Cybersecurity Data Science” and “Machine Learning for Red Team Hackers.”

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Dive back into the world of Red Team operations with today's guest, John Cartrett of the SpiderLabs team at Trustwave. He leads clandestine-style operations in simulated attacks on organizations to help them find their least expected and most dangerous vulnerability points and tighten them up. Despite being a newly hot practice that a lot of people are just getting into, John has been red teaming for five years, with another thirteen years before that of IT experience and other forms of offensive testing.

Listeners are always asking how to get started in red teaming and what they need to know to get on that ladder, so we'll be talking about career strategies and skill sets — but I also want to know whether anything has changed or will now change in the light of the current global COVID-19 pandemic.  With red team staffs currently scattered and isolating at home and the economy suffering, will this change the nature of red teaming now or in the years to come?

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

John is a Principal Consultant and the Red Team lead for the SpiderLabs team at Trustwave. His responsibilities mainly include managing all red team services in the Americas from start to finish, as well as being a subject matter expert on red team services globally. He has eighteen years of information technology experience and ten years of offensive testing experience with the last five years focused on clandestine-style Red Teaming. He has directed and executed close to one hundred full-scope red team operations for organizations of all sizes and geographic locations. He has obtained many certifications from organizations such as Microsoft,Cisco, GIAC and Offensive Security, as well as attended thousands of hours of skills-based training.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Digital forensics is an interesting field, but one that also can be a bit murky. It's handled in different ways in the private sector, military scenarios or government applications. (Spoiler: If you perform investigations on extremists and terror groups, be prepared to watch some fairly disgusting videos.) Learn all about military digital forensics and incident response from today's guest, Daniel Young, managing partner and co-founder of QuoLab Technologies. He discusses what it's like working on huge multi-person operations in the DoD and Air Force, as well as the importance of comprehensive threat information sharing, both internally and externally.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

With nearly 15 years of experience in digital forensics and incident response, Dan Young helps drive the overall direction of his new company, QuoLab Technologies, a developer of a collaborative and threat driven Security Operations Platform (SOP). Prior to QuoLab, Dan was involved with the U.S. Department of Defense and United States Air Force in several digital forensics analyst positions. Dan is very passionate about bridging the gap between technological efficiency and human ingenuity, and firmly believes that our best way forward as an industry is to focus on collaboration and data sharing at all levels.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Regulation never rolls backwards. Once passed and enforced, it is only a matter of time before every state in the U.S. adopts new regulations like the California Consumer Privacy Act (CCPA). Join Scott Madsen, CEO at Cingo Solutions, and Jeff Dennis, Head of Privacy and Data Security at Newmeyer Dillion, for expert advice to help you stay compliant in 2020 and beyond.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Learn how cybersecurity professionals can deal with the changing compliance landscape, including what organizations are affected by CCPA and equivalent laws, why IT and security pros need regulatory compliance expertise, and how to build privacy and compliance into your overall cybersecurity strategy.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win. 

Organizations may be hesitant to share attack vectors, data breaches and other cybersecurity information, but that siloed approach is holding cybersecurity back, says Cody Cornell, co-founder and CEO of Swimlane. On today's episode, Cody discusses the open sharing of security information, how it can transform cybersecurity from a source of consternation into an opportunity and ways to get your company to buy into this new way of thinking.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Cody is responsible for the strategic direction of Swimlane and the development of its security automation and orchestration solution. His passion for open exchange of security information and deep vendor integration drives him to pursue opportunities to maximize the value his customers receive from their investments in security operations. In 2011, Cody co-founded Phoenix Data Security Inc., a cybersecurity professional services organization known for their ability to blend strategy and engineering with an organization’s business requirements. After beginning his career in the U.S. Coast Guard, Cody spent 15 years in IT and security, including roles with the U.S. Defense Information Systems Agency, Department of Homeland Security, American Express and IBM Global Business Services.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Patrick Craven, the director of (ISC)²'s Center for Cyber Safety and Education, teaches kids how to be safe on the internet, and he does so with the persuasive power of Garfield! On today's episode, Patrick discusses the goals of the center, including how they received exclusive use from Jim Davis to use his characters to teach internet safety to kids, teens, parents and the elderly. He also shares tips for staying safe online and how to help friends, family and loved ones stay safe from bad actors on the internet.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

Patrick Craven has over 30 years of experience working within the non-profit industry and has held various C-Level executive leadership roles across the country at notable charitable organizations such as Big Brothers Big Sisters, Vietnam Veterans Memorial Fund and the Boy Scouts of America. As Director for the Center for Cyber Safety and Education, he is responsible for all business operations, supporting the Board of Trustees, service delivery, providing leadership to employees and volunteers, managing multiple income streams, overseeing marketing and business development functions, new program development and liaising with external agencies. Patrick has been successful across the country developing innovative and award-winning marketing, advertising, sales, management and fundraising programs. He has a bachelor's in communication from Xavier University (Cincinnati, OH). Patrick is also a member of the ECPI University, Lake Mary Campus’ Program Advisory Board, Cyber and Network Security.

About Infosec
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.