AT&T Cybersecurity’s head of evangelism, Theresa Lanowitz, is today's guest. Lanowitz has amazing and wide-ranging career achievements, from her time with analyst firms Gartner and Voke, work on Java’s JBuilder environment and strategic marketing for the Jini Project, which was proto-IoT going back to the late ‘90s! With all of these incredible stories, we talked far and wide about manufacturing security concerns, she breaks down the key pain points around edge computing and talks extensively about her love of both the English language and programming languages of all sorts. They all have grammar, they all have style, and if you’re a linguist or a lover of learning new languages, perhaps computer languages are an opportunity you hadn’t pursued? All that and a ton more – seriously, I could have talked to Lanowitz for hours – on today’s episode of Cyber Work.

0:00 - Manufacturing security 
 2:02 - Theresa Lanowitz’s early interest in computers
 3:52 - Learning programming languages in the early days
 6:12 - English language’s connection to programming language
 8:24 - Evolution of programming language
 11:55 - How language impacts programming
 13:52 - Lanowitz’s cybersecurity career
 17:20 - An average day as head of cybersecurity evangelism
 22:53 - Edge computing use in manufacturing
 26:35 - Biggest security issues in manufacturing
 30:02 - The bad actors in manufacturing security
 33:41 - Manufacturing cybersecurity technology
 39:02 - Skills needed to work in manufacturing cybersecurity
 41:00 - Biggest skills gaps in manufacturing security
 41:44 - Best cybersecurity career advice
 42:15 - Where are manufacturing security issues heading?
 45:06 - Security issues with third-party vendors
 47:53 - Learn more about AT&T cybersecurity 
 48:48 - Learn more about Theresa Lanowitz
 49:04 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Thomas Pace of NetRise talks about industrial control systems security. We’ll learn about Pace's time in the United States Marine Corps in cyber-intelligence, his move to forensics and then ICS and why the greatest asset a security professional can have is the ability to find, clearly see and create narratives. I always find ICS professionals to be fascinating, and Pace took us down some new paths, so if you’re also interested in ICS Security, keep it here for today’s episode of Cyber Work!

0:00 - Industrial Control Systems security
1:39 - How Pace got into cybersecurity
4:31 - The speed of cybersecurity's change
5:20 - Pace's career in cyber intelligence
10:08 - Importance of cybersecurity analysis
10:55 - Current state of ICS and infrastructure security in the U.S.
25:22 - How to work in ICS security
32:52 - Manufacturing security issues
38:00 - Security risks for cranes
40:51 - Best ICS security advice
44:09 - Best cybersecurity career advice
46:15 - What is NetRise?
47:40 - Learn more about Pace
48:25 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec and Cyber Work Hacks want you to pass the Cisco CCNA exam! To help you do that, Infosec’s CCNA Boot Camp instructor Wilfredo Lanz gives you his top tips and tricks for taking the CCNA exam! Lanz will give you some advice for narrowing down the right answer by eliminating the obviously wrong ones, common mistakes people make while taking the exam and what to do if, for some reason, you don’t pass on the first try. And most importantly, why you must take the practice exams before the test. And then retake them. And again! 

0:00 - CCNA exam tips 
1:43 - What does the CCNA cover? 
4:50 - Tricks for taking the CCNA exam 
5:55 - Common CCNA exam mistakes 
7:17 - What if you fail the CCNA exam? 
8:40 - Best piece of advice for CCNA exam day 
9:53 - Outro 

About Infosec 

Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Cyber Work Hacks is back to keep you updated with the CISSP exam! Infosec boot camp instructor Steve Spearman joins me to tell us about the new changes to the CISSP’s common body of knowledge (CBK) and how the changes to the CBK should (or shouldn’t!) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack.

– Learn more about the CISSP: https://www.infosecinstitute.com/training/cissp/
– Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/
 
0:00 - CISSP exam common body of knowledge 
1:16  - Changes to CISSP's CBK
7:45 - Why did CISSP make CBK changes?
9:17 - How to study for the CISSP
11:37 - Most important CISSP exam items 
14:04 - Best advice for taking the CISSP exam
15:03 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec and Cyber Work Hacks are here to help you pass the CISSP exam. Today’s Hack is part two, so I encourage you to go back and listen to part one of Steve Spearman’s CISSP exam tips and tricks. In part two, I pass the mic to Spearman to give you his top five test-taking strategies for the CISSP. What’s the Sesame Street rule? How does the CISSP feel about absolutes? Keep it here, and you’ll find out in part two of this week’s Cyber Work Hack. 

– Learn more about the CISSP: https://resources.infosecinstitute.com/overview/cissp/
– Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/

1:30 - Look for absolutes in questions
3:17 - The Sesame Street principle 
4:45 - Watch for algebraic equations 
6:23 - Look for the "golden words"
7:38 - Change management is likely the answer
8:55 - Keep an eye on senior management and impact
10:19 - Think like a CISO
11:53 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec and Cyber Work Hacks are here to help you pass the CISSP exam! This is part one of a two-part Cyber Work in which Infosec’s CISSP boot camp instructor Steve Spearman gives you his top tips and tricks for taking the CISSP exam! In part one, we’ll talk about what makes the CISSP such a difficult exam, common mistakes people make while taking the exam and what to do if, heaven forbid, you don’t pass on the first try. You don’t have to do this alone, but you need to listen to Spearman's suggestions.

– Learn more about the CISSP: https://resources.infosecinstitute.com/overview/cissp/
– Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/

0:00 - CISSP exam tips
1:43 - What makes the CISSP challenging? 
4:51 - Common mistakes taking the CISSP
8:00 - Tricks for taking the CISSP test
11:40 - Advice on retaking the test
16:05 - Best advice for CISSP exam day
16:36 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Alicia Olson, VP of Communications at Optiv, is today's guest. Olson came to cybersecurity from the oil and gas sector. She tells us how she got interested in communications for security professionals, explains how she turned Optiv’s distributed workforce into a cohesive unit and gives CISOs some crucial advice and ideas for dealing with that moment that no one wants to have to explain — the inevitable security breach. 

0:00 - What do CISOs need in 2024?
1:40 - Working in communications
3:50 - Average workday as a VP of communications
6:56 - Cybersecurity issues with communications 
9:50 - Why work in cybersecurity communications? 
13:00 - How to enter cybersecurity communication roles
17:50 - Women mentoring women in cybersecurity 
19:35 - Supporting DEI in cybersecurity
23:00 - Biggest problems for CISOs in 2024
25:05 - Missing CISO skills you should learn
27:38 - Remediation in cybersecurity communication
29:30 - Olson's best piece of career advice
30:15 - Learn more about Optiv
30:55 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec and the Cyber Work Hacks podcast are here to help you prepare for and pass the CISSP exam from ISC2. For today’s hack, we’re talking boot camps. If you’ve been preparing for the Certified Information Systems Security Professional (CISSP) study guide for six months or more, you might learn better in a concentrated, focused environment with expert instruction. 

And that expert is Infosec boot camp instructor Steve Spearman, who has helped hundreds of learners prepare for and pass their CISSP. Steve will walk you through what the Infosec 7-day CISSP boot camp is like, which can make the difference between passing on the first try and the headache and heartache of having to re-sit the exam. 

0:00 - What is a CISSP boot camp?
1:37 - A boot camp versus university cybersecurity education
2:47 - What is a cybersecurity boot camp schedule like? 
6:54 - Cybersecurity boot camp communication 
9:50 - Cybersecurity boot camp homework
12:13 - Taking a cybersecurity certification exam
15:44 - Is a cybersecurity boot camp right for me? 
17:36 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Don't believe the movies and TV shows — ethical hacking is not done by frantically typing on the keyboard in a race against the clock.

What's a career in ethical hacking and penetration testing really like? Join our panel of experts who have worked in the field for decades to find out!

In this one-hour live event, we'll cover:

0:00 - Ethical hacking fact vs fiction
7:45 - First, getting into cybersecurity
12:00 - Does ethical hacking fiction affect people?
19:20 - Cybersecurity students in higher ed
26:17 - Qualifying for penetration testing jobs
31:21 - A real-life cybersecurity attack
42:30 - Does Hollywood inspire cybersecurity workers?
44:30 - U.S. Cybergames
47:40 - Infosec Skills and real-life learning
50:35 - Cybersecurity career jump
53:30 - Criminal justice and cybersecurity
56:25 - From IT support to cybersecurity
59:00 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec and Cyber Work hacks want to help you pass the Security+ exam! We have three separate hacks on this channel to help you through the process of studying for and taking the exam. But what about in the years after, when it’s time to get ready to recertify? Infosec boot camp instructor Tommy Gober walks you through all the different ways you can earn your continuing education units (CEU), how many you need to re-certify your Security+ and some less-known activities that can keep your CEU numbers rising and make ongoing learning an ongoing process, not something you need to “cram” at the end of three years. Wanna know more? Well, it's all here in today’s Cyber Work Hack. 

0:00 - Security+ certification renewal
1:30 - Why does CompTIA require renewal?
4:37 - How to earn continuing education units
6:51 - Fun ways to earn continuing education units
8:04 - Log your continuing education unit hours
9:44 - Continuing education unit consistency 
12:25 - CompTIA certification continuing education 
15:14 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Tom Terronez joins Cyber Work to discuss security in an industry that doesn’t always make the headlines for security news: dentistry. Terronez co-founded Medix Dental, an IT and security provider for the dental industry, 20 years ago, and has the lowdown on some of the specific security issues dentist offices and networks face. It is an uphill battle to get the industry to acknowledge its extreme insecurity, and I find out how a shared love of Hall & Oates got Terronez into this very specific area of the security sphere. And I promise that I tried to avoid overusing the phrase “drill down on this point.” Spoiler: I failed.

0:00 - Dental industry cybersecurity
2:00 - Terronez's interest in tech
3:55 - Dentistry cybersecurity 20 years ago
5:00 - Dentistry cybersecurity dangers and issues
15:55 - Why the dental industry is susceptible to cyberattacks
18:50 - Common attack vectors against dentists
23:37 - How to work in dental cybersecurity
25:20 - What working in dental cybersecurity is like
26:40 - Volunteer opportunities in dental cybersecurity
28:22 - 2024 dental cybersecurity trends
31:20 - Tom Terronez's best cybersecurity career advice
32:50 - Learn more about Medix Dental
34:03 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec and the Cyber Work Hacks podcast are here to help you pass the Security+ exam! For today’s hack, let’s talk bootcamps. If you’ve been piecing your way through the Sec+ study guide for six months or more, it’s possible that you would learn better in a concentrated, focused environment with expert instruction. I’m talking, of course, about Infosec boot camp instructor Tommy Gober!

Goberwill walks you through what the Infosec five-day Security+ boot camp is like the learning and memorizing strategies you’ll employ and all the ways that boot camp training can make the difference between passing on the first try and endless headaches and heartaches of re-sitting the exam. You don’t have to do it alone! But to learn more, you do have to keep it here for another Cyber Work Hack.

0:00 - Security+ boot camp   
1:30 - Boot camp training versus classroom
6:25 - Breaking down five days of boot camp
8:50 - What is it like to attend a boot camp?
12:14 - How does the boot camp prepare for the exam?
14:01 - Is a boot camp right for you?
15:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT, and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and at home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Miami University's (in Oxford, Ohio) Farmer School of Business Information Systems and Security researcher Joseph Nwankpa joins Cyber Work today. Nwankpa recently wrote a report that overturns some huge assumptions: he found that work-from-home employees are, to a large degree, less of a security issue than many on-premises workers. Nwankpa discusses The Peltzman Effect, the persistent struggles to create security awareness that lasts past the initial training sessions and talks about some surprising reasons that the higher education sector has been shown to be less sophisticated in their security awareness than many other industries.

0:00 - Are remote workers more cyber secure?
2:00 - How did Joseph Nwankpa get into cybersecurity?
7:53 - Findings on remote worker security
12:00 - Cybersecurity strategies in different work locations
17:05 - A company's cybersecurity compliance culture
19:07 - Best lessons for best remote work security practices
22:00 - Internalizing securing awareness
26:40 - Higher ed issues with cybersecurity
31:00 - Higher ed and phishing emails
33:00 - Remote work security blind spots
35:50 - Become a security awareness professional
41:54 - Miami University's information systems program
44:00 - Learn more about Nwankpa
45:01 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober reviews Security+ exam sample questions and shares tips to pass your Security+ 701 exam.

0:00 - Security+ exam mechanics
1:15 - The different types of Security+ exam questions
3:55 - How do you see your Security+ exam results?
5:10 - Security+ exam example question 1
9:27 - Security+ exam example question 2
11:32- Security+ exam example question 3
15:08- Security+ practice exam
16:29 - Security+ exam day advice
18:05 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Ken Westin of Panther Labs has a bit of fact-checking he wants to do on some of the tech stories we read daily in the papers. Does J.P. Morgan really get 45 billion cyberattacks per day? Really? Are there other factors in this number that aren’t emphasized in the interest of chasing panic clicks?

Westin and I talk about responsible ways to cover big security stories in the news, ways that each of us can become cyber fact-checkers and advocates, and Westin tells me about how his personal interests have turned into creating some very cool anti-theft tools. You can hear me audibly blown away by one in particular!

0:00 - Mega cyberattacks
2:00 - How Ken Westin got into cybersecurity
10:44 - J.P. Morgan cyberattacks
16:00 - Media and PR as a form of social engineering
17:48 - Reframing the cyberattack narrative
19:50 - CISO burnout and responsibility
23:04 - Advice to CISO workers to fight new threats
28:35 - Changing the cybersecurity narrative
33:43 - Advice to cybersecurity professionals
37:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober tells us about the new changes to the Security+ exam and how it will (or will not) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack.

Get your free Security+ ebook, "CompTIA Security+ 701: How the world's most popular cert is changing in 2024" https://www.infosecinstitute.com/form/comptia-security-601/

0:00 - Security+ exam changes 
1:05 - Key ways the Security+ exam has changed (SY0-701)
3:47 - Why make the Security+ exam changes? 
5:30 - Security+ exam studying strategy 
6:47 - Most crucial Security+ exam skills for the future
9:48 - Best advice before taking the Security+ exam  
11:28 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Today on Cyber Work, Sean Falconer of Skyflow and host of the Partially Redacted and Software Huddle podcasts, joins me to talk about the present and future of consumer and user data privacy, the pros and cons of adding more privacy regulations into place and his journey from software development and engineering to his current place of working closely and deeply with the future of API-based data encryption and privacy. And stick around because Falconer will share the best career advice he ever received!

0:00 - Consumer and user data privacy
2:02 - When did Falconer get into tech?
6:40 - Three degrees in computer science
12:40 - Current issues around data privacy
19:25 - The end of "Wild West" data privacy laws
24:00 - External factors on data privacy
28:03 - Why am I accepting cookies on websites?
34:45 - Experiences and learning for data privacy careers
41:44 - Learn more about Skyflow and Falconer
42:26 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Adrianna Iadarola of CyberSN joins me today to break down every spot on the cybersecurity job search, hiring, upskilling and retention pipeline. After her raucous and highly informative presentation at ISACA Digital Trust World, I knew I had to introduce you to this great analyst and thinker. Whether you’re doing the hiring or being the hiree, you will find something crucial to your new year journey today on Cyber Work.

0:00 - Problems with cybersecurity hiring
2:19 - How Adrianna Iadarola got into cybersecurity
6:03 - Skills required to jump cybersecurity roles
8:13 - How the cybersecurity job landscape has changed
13:30 - Skills gap in cybersecurity and timing
15:15 - Cybersecurity HR hiring issues
20:05 - Why is AI security executive level?
25:16 - Change in soliciting cybersecurity candidates
30:16 - Recommendations on changing a cybersecurity team
35:30 - Strategies in cybersecurity language
40:00 - Advice for people heading into cybersecurity
43:20 - Where are cybersecurity budgets and investments going?
49:52 - What is CyberSN?
52:01 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Today's guest is Anthony Pacilio, VP Neurodiverse Solutions at CAI. I met Pacilio at this year’s ISACA Digital Trust World event in Boston, and I was immediately fascinated with his insights on hiring and attracting neurodiverse professionals in security, IT, engineering and related industries, all of which suffer a skills gap and all of which are in need of new insights and working methods. Pacilio and I have a substantive conversation about changing the structure of the “6-hour marathon” interview process, the difference between an employee who stays in one job role vs. an employee who stays in but re-imagines that one job role, and why this new way of hiring and recruitment can lead to nothing less than an entire transformation of a company’s work culture. 

0:00 - Neurodiversity and cybersecurity leadership
4:18 - Pacilio's early years with tech
7:40 - Shifting roles in cybersecurity
12:55 - VP of neurodiverse solutions
16:10 - CAI's dedication to neurodiversity
 19:27 - Neurodiverse solutions in cybersecurity and IT
23:50 - Rethinking the cybersecurity role interview
26:32 - Adopting new interview strategies
33:03 - Examples and success stories
35:30 - Where neurodiverse workers succeed in cybersecurity
42:04 - Tips for neurodiverse learners in cybersecurity
45:58 - Advice for new cybersecurity professionals
52:30 - Learn more about CAI
53:05 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Dan Roberts, host of the “Tech Whisperers” podcast, and a mentor, coach and leader to CISOs and other tech-focused C-suite members for nearly four decades, is today's guest. We talk about Roberts' earliest work, including coining the term “Developing the human side of technology” all the way back in 1984, to spearheading the CyberLX program for CISOs and those aspiring to be. Roberts also provides a four-stage growth chart for CISOs that, quite frankly, scales well to just about any tech career and teases a very exciting guest on the “Tech Whisperers” podcast!

0:00 - CISO's need leadership experience
4:47 - How Dan Roberts got into cybersecurity and tech
6:34 - What was tech like in the '80s?
9:20 - Common difficulties as a CISO
16:52 - What is CyberLX?
24:10 - Joining CyberLX to become a CISO
29:50 - How to become a CISO
34:45 - Cybersecurity and soft skills
38:05 - Skills needed in tech and security now
40:30 - Leading with the seven Cs
43:00 - Start your CISO career journey
46:23 - Getting uncomfortable to evolve in cybersecurity
47:49 - What is the Tech Whisperers podcast?
52:06 - Tech for Good project
54:18 - Exciting new projects for Roberts
56:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Confidence Staveley of the CyberSafe Foundation and the CyberGirls program is today's guest. CyberGirls is a year-long cohort program in which women in Africa ages 18 to 28 can learn cybersecurity basics and create career tracks to fast-track these students into cybersecurity careers! Staveley tells us about the workings of the program, how she uses her YouTube channel to teach API security with food analogies and explains the origins of what is likely the first-ever Afrobeat song about security awareness!  This episode is as fun and inspiring as any I’ve recorded, so I hope you’ll tune in for today’s Cyber Work.

0:00 - Cybersecurity training for women in Africa
4:47 - How Confidence Staveley got into cybersecurity
10:35 - What is the CyberSafe Foundation?
16:57 - What is the CyberGirls fellowship?
21:30 - How to get involved in CyberGirls
30:10 - Inspiring success CyberGirls stories
43:11 - Keeping CyberGirls engaged
46:31 - API Kitchen YouTube show
52:00 - Cybersecurity initiatives in Africa
59:27 - Advice for working in cybersecurity
1:03:13 - CyberGirls' future
1:05:20 - Learn more about CyberSafe
1:07:22 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Ian Campbell, security operations engineer at DomainTools, is someone who has truly carved a niche out for himself in his organization and in the cybersecurity landscape as a whole. His blogs for the DomainTools website have provided paths for neurodiverse cybersecurity professionals and allies who want to make their organizations more friendly to neurodiversity to undertake the small changes to work roles and company culture that can net huge improvements for folks with different types of cognition, patterns of learning, concentration challenges, and yes, nurturable strengths!

I’ve said it plenty of times here and I’ll say it again: cybersecurity is at its best when we’re all together, solving problems and creating solutions with our own diverse approaches.

0:00 - Neurodiversity in cybersecurity
4:00 - How Ian Campbell got into cybersecurity
6:50 - Cybersecurity journey
15:33 - What does a security operations engineer do?
18:37 - Chokepoints of security operations engineer role
20:22 - Supporting people with neurodiverse work and learning
25:50 - What hinders neurodiverse workers in cybersecurity?
30:17 - Altering work culture for neurodiverse workers
39:00 - Neurodivergent traits suited for cybersecurity
42:05 - Benefits of neurodiversity in cybersecurity
48:41 - Promoting communication for neurodiverse workers
52:36 - Positive policies for neurodivergent workers
58:20 - Learn more about DomainTools
1:00:00 - Learn more about Ian Campbell
1:00:23 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of international cyber risk and response, gives his tips for students just getting started in international policy and why a suspicious-looking email took him away from the law profession and into the security space. 

0:00 - National security cyber issues
4:04 - How AJ Grotto got into cybersecurity
7:10 - Grotto's work in the National Security Council
10:25 - Skills used in the National Security Council
14:35 - Working at Sagewood 
17:00 - Global trends in cybersecurity
19:00 - Economies down; cyber crime up? 
20:17 - Cyber risk work at Stanford
23:10 - Cybersecurity students at Stanford
29:46 - How to take Grotto's class at Stanford
31:25 - Federal Zero Trust directives
34:49 - What to research for national security work
38:09 - Important global cybersecurity topics
40:06 - Learn more about Grotto, Stanford international policy
41:07 - Outro   

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Infosec IQ’s director of production, Steve Concotelli comes to us following years working in the movie and TV industry, and his ability to create and craft a great story is at the core of what makes Work Bytes the most award-winning security awareness series on the market! Learn more about Concotelli and the team’s ability to craft storylines with takeaways that stick, as well as the reasons why we create four different information delivery types to match the pace and time commitments of your workers. Maybe by the end, you’ll know which of the fantastical characters I mentioned at the start is most like you! Kick back and enjoy a few engaging minutes with this Cyber Work Hack. And take the Work Bytes Personality Quiz: https://infosec.involve.me/work-bytes-personality-quiz.

0:00 - Film storytelling in cybersecurity 
2:48 - How Concotelli moved from Hollywood to Infosec
3:56 - What is Work Bytes?
5:50 - Telling the story of Work Bytes
7:47 - Balancing fun and info
14:07 - What's new in Work Bytes?
19:21 - Big goals for Work Bytes
20:29 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Tomas Smalakys, CTO at NordPass, is today's guest. As our future seems choked with a never-ending need for new passwords of ever-growing complexity for everything we sign up for, Smalakys, along with some large tech organizations, is embracing a post-password future with a system of passkeys. What will it look like? How is it implemented? How will you be able to do this bleeding-edge work in the future? Tune in for today’s episode of Cyber Work and find out!

0:00 - The future of online passwords
3:43 - Tomas Smalakys' start in cybersecurity
8:40 - Managing software engineers
15:33 - Chief technical officer at NordPass
20:05 - The state of password security
27:22 - Imperfections in two-factor security
42:13 - How to know you've been compromised online
47:55 - The passkey system
1:02:41 - How to work in passwords and passkeys
1:09:05 - Learn more about Smalakys and NordPass
1:10:07 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Anna Claiborne from Zayo talks about the spike of DDoS attacks they saw in the past year. Although distributed denial of service (DDoS) attacks trend up nearly every year, new factors around advanced automation and ease of use may be driving the increase. Claiborne takes us back 20 years, when solutions to DDoS attacks involved trying the most far-out solution you could, often for the most far-out clients you could imagine! Seriously, I use the words “Wild West” to describe early security on a lot of episodes, but Claiborne really gives us some top-notch war stories. She’ll also let you know where to focus if you want to get started in telecom security, or any of near-infinite industries that would be impacted by telecom shutting down.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - AI and DDoS attacks 
4:20 - How Anna Claiborne got into cybersecurity
8:24 - Claiborne's cybersecurity experiences 
14:10  - The changes in DDoS attacks
16:55 - Current DDoS escalations 
24:34 - Claiborne's role as a VP
34:25 - Why DDoS attacks have skyrocketed
38:32 - Why DDoS attacks are easier
42:55 - How much is DDoS effective?
44:24 - Tips for countering DDoS
47:16 - Careers involving DDoS attacks
51:09 - Acquire DDoS skills early
56:19 - Learn more about Claiborne and Zayo
57:48 - Outro
 
About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Oliver Tavakoli from VectraAI returns to the program to talk about – surprise! – AI! Having talked about Tavakoli's origin story on the past episode, we’re free to dig right into his main area of interest: the ways in which generative AI can be used by bad actors, whether introducing conflicting messages into GPT guardrail commands or escalating the nuance and complexity of fake-based social engineering attacks. We talk about long-term implications of this emerging tech opportunity, ways for new professionals to get comfortable with its requirements quickly, and Tavakoli lets us know what this “summer of AI” will mean for the coming years, and also why its endless innovation may cool for a few years, and that’s OK.

0:00 - Generative AI and bad actors
4:20 - Big changes for generative AI in 2020
7:11 - Example of an AI attack
15:30 - AI as a tool versus an intelligence
17:10 - Solutions with AI
22:47 - How AI will affect cybersecurity careers
32:18 - How does AI hurt your career?
38:40 - Job roles in cybersecurity that may become niche
40:40 - The year of AI?
43:25 - How to talk about AI
45:40 - What is VectraAI?
48:25 - Learn more about Tavakoli and VectraAI
49:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.