Reading view

There are new articles available, click to refresh the page.

CISSP is changing! Common body of knowledge changes for 2024 | Cyber Work Hacks

Cyber Work Hacks is back to keep you updated with the CISSP exam! Infosec boot camp instructor Steve Spearman joins me to tell us about the new changes to the CISSP’s common body of knowledge (CBK) and how the changes to the CBK should (or shouldn’t!) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack.

– Learn more about the CISSP: https://www.infosecinstitute.com/training/cissp/
– Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/
 
0:00 - CISSP exam common body of knowledge 
1:16  - Changes to CISSP's CBK
7:45 - Why did CISSP make CBK changes?
9:17 - How to study for the CISSP
11:37 - Most important CISSP exam items 
14:04 - Best advice for taking the CISSP exam
15:03 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

CISSP exam tips and tricks: Top test-taking strategies | Cyber Work Hacks

Infosec and Cyber Work Hacks are here to help you pass the CISSP exam. Today’s Hack is part two, so I encourage you to go back and listen to part one of Steve Spearman’s CISSP exam tips and tricks. In part two, I pass the mic to Spearman to give you his top five test-taking strategies for the CISSP. What’s the Sesame Street rule? How does the CISSP feel about absolutes? Keep it here, and you’ll find out in part two of this week’s Cyber Work Hack. 

– Learn more about the CISSP: https://resources.infosecinstitute.com/overview/cissp/
– Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/

1:30 - Look for absolutes in questions
3:17 - The Sesame Street principle 
4:45 - Watch for algebraic equations 
6:23 - Look for the "golden words"
7:38 - Change management is likely the answer
8:55 - Keep an eye on senior management and impact
10:19 - Think like a CISO
11:53 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

CISSP exam tips and tricks: Avoiding common mistakes | Cyber Work Hacks

Infosec and Cyber Work Hacks are here to help you pass the CISSP exam! This is part one of a two-part Cyber Work in which Infosec’s CISSP boot camp instructor Steve Spearman gives you his top tips and tricks for taking the CISSP exam! In part one, we’ll talk about what makes the CISSP such a difficult exam, common mistakes people make while taking the exam and what to do if, heaven forbid, you don’t pass on the first try. You don’t have to do this alone, but you need to listen to Spearman's suggestions.

– Learn more about the CISSP: https://resources.infosecinstitute.com/overview/cissp/
– Get your free ebook, "CISSP exam tips and tricks (to ace your exam on the first try)": https://www.infosecinstitute.com/form/cissp-exam-tips-ebook/

0:00 - CISSP exam tips
1:43 - What makes the CISSP challenging? 
4:51 - Common mistakes taking the CISSP
8:00 - Tricks for taking the CISSP test
11:40 - Advice on retaking the test
16:05 - Best advice for CISSP exam day
16:36 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

What help do CISOs need in 2024? | Guest Alicia Olson

Alicia Olson, VP of Communications at Optiv, is today's guest. Olson came to cybersecurity from the oil and gas sector. She tells us how she got interested in communications for security professionals, explains how she turned Optiv’s distributed workforce into a cohesive unit and gives CISOs some crucial advice and ideas for dealing with that moment that no one wants to have to explain — the inevitable security breach. 

0:00 - What do CISOs need in 2024?
1:40 - Working in communications
3:50 - Average workday as a VP of communications
6:56 - Cybersecurity issues with communications 
9:50 - Why work in cybersecurity communications? 
13:00 - How to enter cybersecurity communication roles
17:50 - Women mentoring women in cybersecurity 
19:35 - Supporting DEI in cybersecurity
23:00 - Biggest problems for CISOs in 2024
25:05 - Missing CISO skills you should learn
27:38 - Remediation in cybersecurity communication
29:30 - Olson's best piece of career advice
30:15 - Learn more about Optiv
30:55 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

What a CISSP boot camp is like | Cyber Work Hacks

Infosec and the Cyber Work Hacks podcast are here to help you prepare for and pass the CISSP exam from ISC2. For today’s hack, we’re talking boot camps. If you’ve been preparing for the Certified Information Systems Security Professional (CISSP) study guide for six months or more, you might learn better in a concentrated, focused environment with expert instruction. 

And that expert is Infosec boot camp instructor Steve Spearman, who has helped hundreds of learners prepare for and pass their CISSP. Steve will walk you through what the Infosec 7-day CISSP boot camp is like, which can make the difference between passing on the first try and the headache and heartache of having to re-sit the exam. 

0:00 - What is a CISSP boot camp?
1:37 - A boot camp versus university cybersecurity education
2:47 - What is a cybersecurity boot camp schedule like? 
6:54 - Cybersecurity boot camp communication 
9:50 - Cybersecurity boot camp homework
12:13 - Taking a cybersecurity certification exam
15:44 - Is a cybersecurity boot camp right for me? 
17:36 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Ethical hacking careers vs. cinema: What it's like to work as a hacker | Cyber Work Live

Don't believe the movies and TV shows — ethical hacking is not done by frantically typing on the keyboard in a race against the clock.

What's a career in ethical hacking and penetration testing really like? Join our panel of experts who have worked in the field for decades to find out!

In this one-hour live event, we'll cover:

0:00 - Ethical hacking fact vs fiction
7:45 - First, getting into cybersecurity
12:00 - Does ethical hacking fiction affect people?
19:20 - Cybersecurity students in higher ed
26:17 - Qualifying for penetration testing jobs
31:21 - A real-life cybersecurity attack
42:30 - Does Hollywood inspire cybersecurity workers?
44:30 - U.S. Cybergames
47:40 - Infosec Skills and real-life learning
50:35 - Cybersecurity career jump
53:30 - Criminal justice and cybersecurity
56:25 - From IT support to cybersecurity
59:00 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Renewing your Security+ certification | Cyber Work Hacks

Infosec and Cyber Work hacks want to help you pass the Security+ exam! We have three separate hacks on this channel to help you through the process of studying for and taking the exam. But what about in the years after, when it’s time to get ready to recertify? Infosec boot camp instructor Tommy Gober walks you through all the different ways you can earn your continuing education units (CEU), how many you need to re-certify your Security+ and some less-known activities that can keep your CEU numbers rising and make ongoing learning an ongoing process, not something you need to “cram” at the end of three years. Wanna know more? Well, it's all here in today’s Cyber Work Hack. 

0:00 - Security+ certification renewal
1:30 - Why does CompTIA require renewal?
4:37 - How to earn continuing education units
6:51 - Fun ways to earn continuing education units
8:04 - Log your continuing education unit hours
9:44 - Continuing education unit consistency 
12:25 - CompTIA certification continuing education 
15:14 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

A career in dental cybersecurity? Drilling down into this unique role | Guest Tom Terronez

Tom Terronez joins Cyber Work to discuss security in an industry that doesn’t always make the headlines for security news: dentistry. Terronez co-founded Medix Dental, an IT and security provider for the dental industry, 20 years ago, and has the lowdown on some of the specific security issues dentist offices and networks face. It is an uphill battle to get the industry to acknowledge its extreme insecurity, and I find out how a shared love of Hall & Oates got Terronez into this very specific area of the security sphere. And I promise that I tried to avoid overusing the phrase “drill down on this point.” Spoiler: I failed.

0:00 - Dental industry cybersecurity
2:00 - Terronez's interest in tech
3:55 - Dentistry cybersecurity 20 years ago
5:00 - Dentistry cybersecurity dangers and issues
15:55 - Why the dental industry is susceptible to cyberattacks
18:50 - Common attack vectors against dentists
23:37 - How to work in dental cybersecurity
25:20 - What working in dental cybersecurity is like
26:40 - Volunteer opportunities in dental cybersecurity
28:22 - 2024 dental cybersecurity trends
31:20 - Tom Terronez's best cybersecurity career advice
32:50 - Learn more about Medix Dental
34:03 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Security+ Boot Camp: What to expect during your training | Cyber Work Hacks

Infosec and the Cyber Work Hacks podcast are here to help you pass the Security+ exam! For today’s hack, let’s talk bootcamps. If you’ve been piecing your way through the Sec+ study guide for six months or more, it’s possible that you would learn better in a concentrated, focused environment with expert instruction. I’m talking, of course, about Infosec boot camp instructor Tommy Gober!

Goberwill walks you through what the Infosec five-day Security+ boot camp is like the learning and memorizing strategies you’ll employ and all the ways that boot camp training can make the difference between passing on the first try and endless headaches and heartaches of re-sitting the exam. You don’t have to do it alone! But to learn more, you do have to keep it here for another Cyber Work Hack.

0:00 - Security+ boot camp   
1:30 - Boot camp training versus classroom
6:25 - Breaking down five days of boot camp
8:50 - What is it like to attend a boot camp?
12:14 - How does the boot camp prepare for the exam?
14:01 - Is a boot camp right for you?
15:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT, and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and at home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Are remote workers more security-savvy than on-premises? | Guest Joseph Nwanpka

Miami University's (in Oxford, Ohio) Farmer School of Business Information Systems and Security researcher Joseph Nwankpa joins Cyber Work today. Nwankpa recently wrote a report that overturns some huge assumptions: he found that work-from-home employees are, to a large degree, less of a security issue than many on-premises workers. Nwankpa discusses The Peltzman Effect, the persistent struggles to create security awareness that lasts past the initial training sessions and talks about some surprising reasons that the higher education sector has been shown to be less sophisticated in their security awareness than many other industries.

0:00 - Are remote workers more cyber secure?
2:00 - How did Joseph Nwankpa get into cybersecurity?
7:53 - Findings on remote worker security
12:00 - Cybersecurity strategies in different work locations
17:05 - A company's cybersecurity compliance culture
19:07 - Best lessons for best remote work security practices
22:00 - Internalizing securing awareness
26:40 - Higher ed issues with cybersecurity
31:00 - Higher ed and phishing emails
33:00 - Remote work security blind spots
35:50 - Become a security awareness professional
41:54 - Miami University's information systems program
44:00 - Learn more about Nwankpa
45:01 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Security+ exam questions and answers: What to expect | Cyber Work Hacks

Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober reviews Security+ exam sample questions and shares tips to pass your Security+ 701 exam.

0:00 - Security+ exam mechanics
1:15 - The different types of Security+ exam questions
3:55 - How do you see your Security+ exam results?
5:10 - Security+ exam example question 1
9:27 - Security+ exam example question 2
11:32- Security+ exam example question 3
15:08- Security+ practice exam
16:29 - Security+ exam day advice
18:05 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

45 billion cyberattacks a day?! Media myths and working in cybersecurity | Guest Ken Westin

Ken Westin of Panther Labs has a bit of fact-checking he wants to do on some of the tech stories we read daily in the papers. Does J.P. Morgan really get 45 billion cyberattacks per day? Really? Are there other factors in this number that aren’t emphasized in the interest of chasing panic clicks?

Westin and I talk about responsible ways to cover big security stories in the news, ways that each of us can become cyber fact-checkers and advocates, and Westin tells me about how his personal interests have turned into creating some very cool anti-theft tools. You can hear me audibly blown away by one in particular!

0:00 - Mega cyberattacks
2:00 - How Ken Westin got into cybersecurity
10:44 - J.P. Morgan cyberattacks
16:00 - Media and PR as a form of social engineering
17:48 - Reframing the cyberattack narrative
19:50 - CISO burnout and responsibility
23:04 - Advice to CISO workers to fight new threats
28:35 - Changing the cybersecurity narrative
33:43 - Advice to cybersecurity professionals
37:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Security+ exam tips: What changed and how to pass the new exam | Cyber Work Hacks

Cyber Work Hacks is here to answer your questions about the CompTIA Security+ exam! Today, Infosec boot camp instructor Tommy Gober tells us about the new changes to the Security+ exam and how it will (or will not) affect your study and preparation for the exam! Keep learning, and keep it here for another Cyber Work Hack.

Get your free Security+ ebook, "CompTIA Security+ 701: How the world's most popular cert is changing in 2024" https://www.infosecinstitute.com/form/comptia-security-601/

0:00 - Security+ exam changes 
1:05 - Key ways the Security+ exam has changed (SY0-701)
3:47 - Why make the Security+ exam changes? 
5:30 - Security+ exam studying strategy 
6:47 - Most crucial Security+ exam skills for the future
9:48 - Best advice before taking the Security+ exam  
11:28 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

The Wild West era of data collection is over | Guest Sean Falconer

Today on Cyber Work, Sean Falconer of Skyflow and host of the Partially Redacted and Software Huddle podcasts, joins me to talk about the present and future of consumer and user data privacy, the pros and cons of adding more privacy regulations into place and his journey from software development and engineering to his current place of working closely and deeply with the future of API-based data encryption and privacy. And stick around because Falconer will share the best career advice he ever received!

0:00 - Consumer and user data privacy
2:02 - When did Falconer get into tech?
6:40 - Three degrees in computer science
12:40 - Current issues around data privacy
19:25 - The end of "Wild West" data privacy laws
24:00 - External factors on data privacy
28:03 - Why am I accepting cookies on websites?
34:45 - Experiences and learning for data privacy careers
41:44 - Learn more about Skyflow and Falconer
42:26 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Don't chase unicorns to fix the cybersecurity skills gap | Guest Adrianna Iadarola

Adrianna Iadarola of CyberSN joins me today to break down every spot on the cybersecurity job search, hiring, upskilling and retention pipeline. After her raucous and highly informative presentation at ISACA Digital Trust World, I knew I had to introduce you to this great analyst and thinker. Whether you’re doing the hiring or being the hiree, you will find something crucial to your new year journey today on Cyber Work.

0:00 - Problems with cybersecurity hiring
2:19 - How Adrianna Iadarola got into cybersecurity
6:03 - Skills required to jump cybersecurity roles
8:13 - How the cybersecurity job landscape has changed
13:30 - Skills gap in cybersecurity and timing
15:15 - Cybersecurity HR hiring issues
20:05 - Why is AI security executive level?
25:16 - Change in soliciting cybersecurity candidates
30:16 - Recommendations on changing a cybersecurity team
35:30 - Strategies in cybersecurity language
40:00 - Advice for people heading into cybersecurity
43:20 - Where are cybersecurity budgets and investments going?
49:52 - What is CyberSN?
52:01 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Neurodiversity and cybersecurity leadership positions | Guest Anthony Pacilio

Today's guest is Anthony Pacilio, VP Neurodiverse Solutions at CAI. I met Pacilio at this year’s ISACA Digital Trust World event in Boston, and I was immediately fascinated with his insights on hiring and attracting neurodiverse professionals in security, IT, engineering and related industries, all of which suffer a skills gap and all of which are in need of new insights and working methods. Pacilio and I have a substantive conversation about changing the structure of the “6-hour marathon” interview process, the difference between an employee who stays in one job role vs. an employee who stays in but re-imagines that one job role, and why this new way of hiring and recruitment can lead to nothing less than an entire transformation of a company’s work culture. 

0:00 - Neurodiversity and cybersecurity leadership
4:18 - Pacilio's early years with tech
7:40 - Shifting roles in cybersecurity
12:55 - VP of neurodiverse solutions
16:10 - CAI's dedication to neurodiversity
 19:27 - Neurodiverse solutions in cybersecurity and IT
23:50 - Rethinking the cybersecurity role interview
26:32 - Adopting new interview strategies
33:03 - Examples and success stories
35:30 - Where neurodiverse workers succeed in cybersecurity
42:04 - Tips for neurodiverse learners in cybersecurity
45:58 - Advice for new cybersecurity professionals
52:30 - Learn more about CAI
53:05 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

What it's like to be a CISO — and why they don't need more tech | Guest Dan Roberts

Dan Roberts, host of the “Tech Whisperers” podcast, and a mentor, coach and leader to CISOs and other tech-focused C-suite members for nearly four decades, is today's guest. We talk about Roberts' earliest work, including coining the term “Developing the human side of technology” all the way back in 1984, to spearheading the CyberLX program for CISOs and those aspiring to be. Roberts also provides a four-stage growth chart for CISOs that, quite frankly, scales well to just about any tech career and teases a very exciting guest on the “Tech Whisperers” podcast!

0:00 - CISO's need leadership experience
4:47 - How Dan Roberts got into cybersecurity and tech
6:34 - What was tech like in the '80s?
9:20 - Common difficulties as a CISO
16:52 - What is CyberLX?
24:10 - Joining CyberLX to become a CISO
29:50 - How to become a CISO
34:45 - Cybersecurity and soft skills
38:05 - Skills needed in tech and security now
40:30 - Leading with the seven Cs
43:00 - Start your CISO career journey
46:23 - Getting uncomfortable to evolve in cybersecurity
47:49 - What is the Tech Whisperers podcast?
52:06 - Tech for Good project
54:18 - Exciting new projects for Roberts
56:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Empowering African Women through Cybersecurity | Guest Confidence Staveley

Confidence Staveley of the CyberSafe Foundation and the CyberGirls program is today's guest. CyberGirls is a year-long cohort program in which women in Africa ages 18 to 28 can learn cybersecurity basics and create career tracks to fast-track these students into cybersecurity careers! Staveley tells us about the workings of the program, how she uses her YouTube channel to teach API security with food analogies and explains the origins of what is likely the first-ever Afrobeat song about security awareness!  This episode is as fun and inspiring as any I’ve recorded, so I hope you’ll tune in for today’s Cyber Work.

0:00 - Cybersecurity training for women in Africa
4:47 - How Confidence Staveley got into cybersecurity
10:35 - What is the CyberSafe Foundation?
16:57 - What is the CyberGirls fellowship?
21:30 - How to get involved in CyberGirls
30:10 - Inspiring success CyberGirls stories
43:11 - Keeping CyberGirls engaged
46:31 - API Kitchen YouTube show
52:00 - Cybersecurity initiatives in Africa
59:27 - Advice for working in cybersecurity
1:03:13 - CyberGirls' future
1:05:20 - Learn more about CyberSafe
1:07:22 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

The transformative power of neurodiversity in cybersecurity practices | Guest Ian Campbell

Ian Campbell, security operations engineer at DomainTools, is someone who has truly carved a niche out for himself in his organization and in the cybersecurity landscape as a whole. His blogs for the DomainTools website have provided paths for neurodiverse cybersecurity professionals and allies who want to make their organizations more friendly to neurodiversity to undertake the small changes to work roles and company culture that can net huge improvements for folks with different types of cognition, patterns of learning, concentration challenges, and yes, nurturable strengths!

I’ve said it plenty of times here and I’ll say it again: cybersecurity is at its best when we’re all together, solving problems and creating solutions with our own diverse approaches.

0:00 - Neurodiversity in cybersecurity
4:00 - How Ian Campbell got into cybersecurity
6:50 - Cybersecurity journey
15:33 - What does a security operations engineer do?
18:37 - Chokepoints of security operations engineer role
20:22 - Supporting people with neurodiverse work and learning
25:50 - What hinders neurodiverse workers in cybersecurity?
30:17 - Altering work culture for neurodiverse workers
39:00 - Neurodivergent traits suited for cybersecurity
42:05 - Benefits of neurodiversity in cybersecurity
48:41 - Promoting communication for neurodiverse workers
52:36 - Positive policies for neurodivergent workers
58:20 - Learn more about DomainTools
1:00:00 - Learn more about Ian Campbell
1:00:23 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

National security cyber issues and Stanford’s cyber policy program | Guest AJ Grotto

Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of international cyber risk and response, gives his tips for students just getting started in international policy and why a suspicious-looking email took him away from the law profession and into the security space. 

0:00 - National security cyber issues
4:04 - How AJ Grotto got into cybersecurity
7:10 - Grotto's work in the National Security Council
10:25 - Skills used in the National Security Council
14:35 - Working at Sagewood 
17:00 - Global trends in cybersecurity
19:00 - Economies down; cyber crime up? 
20:17 - Cyber risk work at Stanford
23:10 - Cybersecurity students at Stanford
29:46 - How to take Grotto's class at Stanford
31:25 - Federal Zero Trust directives
34:49 - What to research for national security work
38:09 - Important global cybersecurity topics
40:06 - Learn more about Grotto, Stanford international policy
41:07 - Outro   

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

The role of film storytelling in making education stick | Cyber Work Hacks

Infosec IQ’s director of production, Steve Concotelli comes to us following years working in the movie and TV industry, and his ability to create and craft a great story is at the core of what makes Work Bytes the most award-winning security awareness series on the market! Learn more about Concotelli and the team’s ability to craft storylines with takeaways that stick, as well as the reasons why we create four different information delivery types to match the pace and time commitments of your workers. Maybe by the end, you’ll know which of the fantastical characters I mentioned at the start is most like you! Kick back and enjoy a few engaging minutes with this Cyber Work Hack. And take the Work Bytes Personality Quiz: https://infosec.involve.me/work-bytes-personality-quiz.

0:00 - Film storytelling in cybersecurity 
2:48 - How Concotelli moved from Hollywood to Infosec
3:56 - What is Work Bytes?
5:50 - Telling the story of Work Bytes
7:47 - Balancing fun and info
14:07 - What's new in Work Bytes?
19:21 - Big goals for Work Bytes
20:29 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

The future of passwords | Guest Tomas Smalakys

Tomas Smalakys, CTO at NordPass, is today's guest. As our future seems choked with a never-ending need for new passwords of ever-growing complexity for everything we sign up for, Smalakys, along with some large tech organizations, is embracing a post-password future with a system of passkeys. What will it look like? How is it implemented? How will you be able to do this bleeding-edge work in the future? Tune in for today’s episode of Cyber Work and find out!

0:00 - The future of online passwords
3:43 - Tomas Smalakys' start in cybersecurity
8:40 - Managing software engineers
15:33 - Chief technical officer at NordPass
20:05 - The state of password security
27:22 - Imperfections in two-factor security
42:13 - How to know you've been compromised online
47:55 - The passkey system
1:02:41 - How to work in passwords and passkeys
1:09:05 - Learn more about Smalakys and NordPass
1:10:07 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

AI and the rise of DDoS attacks | Guest Anna Claiborne

Anna Claiborne from Zayo talks about the spike of DDoS attacks they saw in the past year. Although distributed denial of service (DDoS) attacks trend up nearly every year, new factors around advanced automation and ease of use may be driving the increase. Claiborne takes us back 20 years, when solutions to DDoS attacks involved trying the most far-out solution you could, often for the most far-out clients you could imagine! Seriously, I use the words “Wild West” to describe early security on a lot of episodes, but Claiborne really gives us some top-notch war stories. She’ll also let you know where to focus if you want to get started in telecom security, or any of near-infinite industries that would be impacted by telecom shutting down.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - AI and DDoS attacks 
4:20 - How Anna Claiborne got into cybersecurity
8:24 - Claiborne's cybersecurity experiences 
14:10  - The changes in DDoS attacks
16:55 - Current DDoS escalations 
24:34 - Claiborne's role as a VP
34:25 - Why DDoS attacks have skyrocketed
38:32 - Why DDoS attacks are easier
42:55 - How much is DDoS effective?
44:24 - Tips for countering DDoS
47:16 - Careers involving DDoS attacks
51:09 - Acquire DDoS skills early
56:19 - Learn more about Claiborne and Zayo
57:48 - Outro
 
About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

How generative AI can be used by bad actors | Guest Oliver Tavakoli

Oliver Tavakoli from VectraAI returns to the program to talk about – surprise! – AI! Having talked about Tavakoli's origin story on the past episode, we’re free to dig right into his main area of interest: the ways in which generative AI can be used by bad actors, whether introducing conflicting messages into GPT guardrail commands or escalating the nuance and complexity of fake-based social engineering attacks. We talk about long-term implications of this emerging tech opportunity, ways for new professionals to get comfortable with its requirements quickly, and Tavakoli lets us know what this “summer of AI” will mean for the coming years, and also why its endless innovation may cool for a few years, and that’s OK.

0:00 - Generative AI and bad actors
4:20 - Big changes for generative AI in 2020
7:11 - Example of an AI attack
15:30 - AI as a tool versus an intelligence
17:10 - Solutions with AI
22:47 - How AI will affect cybersecurity careers
32:18 - How does AI hurt your career?
38:40 - Job roles in cybersecurity that may become niche
40:40 - The year of AI?
43:25 - How to talk about AI
45:40 - What is VectraAI?
48:25 - Learn more about Tavakoli and VectraAI
49:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

How AI is affecting GRC and the future of cybersecurity | Guest Heather Buker

Dr. Heather Buker of 6clicks has been a technical SME in the cybersecurity field her entire career, and 6clicks has introduced Ask Hailey, an AI-based governance risk and compliance (GRC) tool that promises to move the work of GRC into a new era. Also on the show, Infosec’s vice president of portfolio product strategy and cybersecurity superstar Keatron Evans in a guest-host capacity! Buker, Keatron and I discuss the spaces in which governance risk and compliance can greatly benefit from AI/machine learning enhancement, the crucial need to prioritize the decision-making skills of humans over everything else and why seemingly disparate career roles and pivots can still lead you in the career direction you desire most.

0:00 - Ask Hailey AI
4:17 - Heather Buker's start in cybersecurity
6:40 - Security compliance migration work and more
13:15 - Tasks of a chief customer officer
18:40 - What is Ask Hailey AI?
23:00 - Challenges in risk assessment
27:15 - Ask Hailey AI and GRC
38:05 - Advice to get into government cybersecurity
42:50 - Advice for cybersecurity students
44:50 - The big picture of AI
53:00 - Learn more about Buker and 6clicks
54:11 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Finding and supporting neurodiverse cybersecurity professionals | Guest Tara D. Anderson

Tara D. Anderson, managing director of Framework Security and an official member of the Forbes Technology Council, walks us through her journey, including her years in the world of finance, opens up about a traumatic event in her life that altered the way she learns and retains information and how her switch to IT and Cybersecurity was an ideal fit. From her days co-founding the consultancy firm Cognitive SLC, an organization whose founders were all neurodiverse, to Framework Security’s desire to make protection understandable to small charitable companies and organizations who couldn’t bounce back from hacking and theft, Anderson's ethos and vision, from work to the interview process, is a complete inspiration for anyone interested in bringing neurodiverse professionals into their organization. 

0:00 - Neurodiversity in cybersecurity 
3:46 - Getting into computers and tech
9:46 - Revenue officer roles 
15:20 - Getting into IT and security
23:07 - Neurodiverse workers in cybersecurity 
30:45 - Neurodiverse challenges in cybersecurity
41:40 - Remote cybersecurity work
52:03 - How to work in cybersecurity 
56:34 - What is Framework Security?
59:30 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Cybersecurity investment and launching new companies | Guest Leslie Lynn Smith

Leslie Lynn Smith is the National Executive Director for GET Cities. GET stands for Gender Equality in Tech. Today’s episode will move away from standard cybersecurity and IT insights in favor of a larger look at investment opportunities for tech startups, and where and on who we spend investment capital. Smith is a multi-decade authority on state- and city-wide community investment initiatives with a lifelong passion for bringing people of marginalized races and genders to the table in fulfilling their tech business dreams. Smith talks about bridging the gap from angel investor money to initial seed, and why the space between the two can sink new startups, the slow, patient process of affecting equitable change at the legislative level, and offers an accelerated way to make IT and cyber teams more inclusive and equitable. If you’ve wanted to get involved with angel investing and helping young companies get off the ground, Smith talks you through the process with no steps missed. 

0:00 - Gender equity in tech
3:35 - Leslie Smith's journey in tech
9:40 - Equity in cybersecurity at GET Cities
15:03 - How does GET Cities work? 
21:20 - Concrete ways to work towards gender equity in tech
30:30 - Imposter syndrome revised
35:00 - Where does equity work need to be done in tech?
40:30 - How to invest in tech and cybersecurity
43:33 - GET Cities upcoming initiatives
46:00 - Learn more about GET Cities and Smith
46:40 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

Bringing coding skills to underserved communities | Guest Brianne Caplan

Brianne Caplan is the founder and executive director of Code Your Dreams, a non-profit that brings knowledge, accessibility and excitement about programming and tech to learners from age 5 to adulthood in underserved communities. Caplan tells some incredible stories, like the women’s coding and data analysis group in Burundi, exciting coding projects for students interested in art, music and dance and why her experience inadvertently creating a non-profit company that was incorporated as a for-profit was a learning experience that helped kickstart Code Your Dreams! This one’s inspiring, so I hope you’ll keep it here for Cyber Work.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Coding for underserved communities 
3:11 - Brianne Caplan's start in cybersecurity
8:04 - Cash for Schools
10:50 - What is Code Your Dreams?
14:40 - How Code Your Dreams works
17:52 - Gaps in cybersecurity school education
21:00 - Baseline tech literacy for grade school
23:30 - Popular Code Your Dreams activities
27:08 - After Code Your Dreams
35:11 - Volunteer for Code Your Dreams
37:00 - Bring Code Your Dreams to your school
39:40 - Get in touch with Brianne Caplan
40:15 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

From software engineer to career coach for women in tech leadership | Guest Limor Bergman-Gross

Limor Bergman-Gross, founder of LBG Consulting, a results-oriented executive coaching service for women in tech, discusses her early programming experience, including Pascal instruction in high school, her move from software engineering manager to career coach and corporate mentorship instructor and why mentors can and should come at any level on the career ladder, not just management or executive. As Limor puts it, “all you need in a mentor is that they be a few steps further down the path than you are.” Lots of gems like that to be found today on Cyber Work.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Career coach for women in tech 
2:55 - Getting into cybersecurity 
5:50 - Pursuing cybersecurity consulting
6:54 - How to get into consulting 
8:15 - First steps with cybersecurity coaching
10:02 - How to help someone find their role
14:20 - Executive-level consulting 
16:00 - A mentor versus an advocate
17:45 - Mentoring and training 
20:00 - Speaking at an ISACA conference
22:28 - Achieving gender parity quickly
24:55 - Supporting underrepresented talent in cybersecurity
32:05 - Making a difference in diversity
35:00 - Women mentoring women
37:10 - Making yourself available as a mentor 
40:37 - Learn more about LBG Consulting
42:20 - Outro

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

💾

❌