Cyber Work

Follow Cyber Work
Share on
Copy link to clipboard

Knowledge is your best defense against cybercrime. Each week on Cyber Work, host Chris Sienko sits down with a new industry thought leader to discuss the latest cybersecurity trends — and how those trends are affecting the work of infosec professionals. Together we’ll empower everyone with the knowl…

Infosec


    • Jun 2, 2025 LATEST EPISODE
    • every other week NEW EPISODES
    • 39m AVG DURATION
    • 387 EPISODES

    4.7 from 95 ratings Listeners of Cyber Work that love the show mention: cyber security, cybersecurity, interesting information, programming, listening to these podcasts, useful information, it's always, interesting topics, always interesting, complex, network, app, new episodes, waiting, education, really like, soon, cool, simple, helpful.


    Ivy Insights

    The Cyber Work podcast is a highly informative and valuable resource for anyone interested in the field of cyber security. Hosted by Chris, the podcast features in-depth conversations with industry leaders who share their experiences and insights on navigating the constantly evolving landscape of data security and compliance. Whether you are an established cyber security professional or just starting out, this podcast offers a wealth of knowledge that is both practical and applicable to your role.

    One of the best aspects of The Cyber Work podcast is the range of topics covered. From discussions on emerging trends and technologies to practical tips for improving security measures, each episode provides valuable information that can be applied to real-world scenarios. The guests featured on the show are experts in their respective fields, offering unique perspectives and insights into various aspects of cyber security. The questions posed by Chris are detailed and thought-provoking, allowing listeners to gain a deeper understanding of the subject matter.

    Another great aspect of this podcast is its accessibility. The episodes are easy to understand, thanks to Chris's engaging hosting style and the clear explanations provided by the guests. The podcasts can be listened to anywhere - whether it's during a commute, while exercising, or at home - making it convenient for busy professionals to stay up-to-date on important industry topics. Additionally, if a topic is particularly interesting or complex, listeners have the option to re-listen at their own pace for further comprehension.

    While there are many positive aspects of The Cyber Work podcast, one possible area for improvement is providing more frequent episodes. Given the rapidly changing nature of cyber security, it would be beneficial to have more regular updates and discussions on current trends and developments. However, this should not detract from the overall quality and value provided by each episode.

    In conclusion, The Cyber Work podcast is essential listening for anyone in or aspiring to be in the field of cyber security. With its wide range of topics covered and insightful conversations with industry experts, this podcast offers valuable knowledge and practical advice that can help listeners navigate the complex world of data security and compliance. Whether you are a seasoned professional or just starting out, this podcast is a must-listen resource.



    Search for episodes from Cyber Work with a specific topic:

    Latest episodes from Cyber Work

    Build your own pen testing tools and master red teaming tactics | Ed Williams

    Play Episode Listen Later Jun 2, 2025 34:46 Transcription Available


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastEd Williams, Vice President of EMEA Consulting and Professional Services (CPS) at TrustWave, shares his two decades of pentesting and red teaming experience with Cyber Work listeners. From building his first programs on a BBC Micro (an early PC underwritten by the BBC network in England to promote computer literacy) to co-authoring award-winning red team security tools, Ed discusses his favorite red team social engineering trick (hint: it involves fire extinguishers!), and the ways that pentesting and red team methodologies have (and have not) changed in 20 years. As a bonus, Ed explains how he created a red team tool that gained accolades from the community in 2013, and how building your own tools can help you create your personal calling card in the Cybersecurity industry! Whether you're breaking into cybersecurity or looking to level up your pentesting skills, Ed's practical advice and red team “war stories,” as well as his philosophy of continuous learning that he calls “Stacking Days,” bring practical and powerful techniques to your study of Cybersecurity.0:00 - Intro to today's episode2:17 - Meet Ed Williams and his BBC Micro origins5:16 - Evolution of pentesting since 200812:50 - Creating the RedSnarf tool in 201317:18 - Advice for aspiring pentesters in 202519:59 - Building community and finding collaborators 22:28 - Red teaming vs pentesting strategies24:19 - Red teaming, social engineering, and fire extinguishers27:07 - Early career obsession and focus29:41 - Essential skills: Python and command-line mastery31:30 - Best career advice: "Stacking Days"32:12 - About TrustWave and connecting with EdAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    The Future is Cloud: Master Azure Certs for Cybersecurity Success | Guest Wilfredo Lanz

    Play Episode Listen Later May 12, 2025 12:52 Transcription Available


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastInfosec instructor Wilfredo Lanz joins Cyber Work Hacks to break down the critical differences between the Azure AZ-104 certification for cloud administrators and the AZ-500 certification for cloud security professionals. Wilfredo explains why these complementary certifications can supercharge your cybersecurity career and emphasizes that cloud skills aren't optional in today's tech landscape. Whether you're in government, healthcare, finance or any other sector, cloud proficiency is quickly becoming mandatory for all cybersecurity professionals.0:00 - Intro to cloud certifications 1:00 - Cybersecurity Salary Guide promo 1:35 - Meet Wilfredo Lanz and intro to Azure certs 2:06 - Azure vs. AWS and other cloud platforms4:45 - Industries favoring Azure (government, healthcare, finance) 7:00 - AZ-104 Administrator vs. AZ-500 Security Engineer certifications 9:31 - Why all cybersecurity professionals need cloud skills 10:30 - "Cloud is the present and future" — career implications11:45 - Wrap up and final thoughtsView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout Infosec: Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cloud career roadmap: Azure Administrator vs Security Engineer certs | Guest Wilfredo Lanz

    Play Episode Listen Later May 5, 2025 8:44


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast Today on Cyber Work Hacks, Infosec Boot Camp instructor Wilfredo Lanz discusses the importance of Microsoft Azure certifications for IT and security professionals. With over 90% of businesses moving to the cloud, understanding how to administer cloud resources is crucial. Wilfredo highlights the differences between the Azure Administrator Associate and Azure Security Engineer Associate certifications and how they can enhance career opportunities in IT, cybersecurity, project management and networking. Tune in to learn how cloud certifications can future-proof your career. And don't miss out on the free cybersecurity salary guide ebook linked in the description. 00:00 - The booming IT and cybersecurity job market00:52 - Free cybersecurity salary guide01:29 - Meet Wilfredo Lanz: Azure certification expert02:20 - Azure administrator associate vs. Azure security engineer associate04:53 - Importance of cloud certifications for IT and cybersecurity professionals07:53 - Pursuing Microsoft Azure certs– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    When AI Goes Rogue: API Security in the Age of AI Agents | Guest Sam Chehab

    Play Episode Listen Later Apr 21, 2025 49:35


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastToday on Cyber Work, Sam Chehab, the head of security and IT at Postman, dives into API security and the intriguing concept of rogue AI agents. Chehab discusses the internal challenges posed by well-meaning developers, the potential threat of hackers using AI to create more sophisticated malware, and the evolving roles of development and security teams. The episode also navigates through Chehab's career, including his time at Nvidia and leading a zero-trust strategy deployment for Palo Alto Networks. Listeners will gain insights on integrating AI tools for API defense, the future of cybersecurity roles, and practical advice for breaking into the industry. Plus, learn about Postman's strategies and tools to ensure secure API development and management.– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast00:00 API security and rogue AI agents00:45 Sam Chehab's background and career journey03:54 Transition to data security12:47 Implementing a zero-trust strategy at Palo Alto20:06 Responsibilities at Postman23:02 Understanding rogue AI agents26:42 Ensuring API security and collaboration27:34 Challenges in securing APIs28:31 Postman's approach to API hygiene29:39 The future of API security34:42 Career advice for aspiring security professionals39:18 The role of AI in API security45:20 Postman and upcoming events47:59 OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Why Medical Device Security Needs Transparency: The SBOM Revolution | Guest Ken Zalevsky

    Play Episode Listen Later Apr 14, 2025 53:44


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastIn this episode of Cyber Work, Ken Zalevsky, founder and CEO of Vigilant Ops, joins us to discuss the importance of a Software Bill of Materials (SBOM) in the medical device industry. Zalevsky shares how SBOMs provide transparency and critical security insights, akin to the ingredients list on food packaging, to help identify and defend against vulnerabilities. We also delve into Zalevsky's extensive career in healthcare cybersecurity, starting from his early tech interests influenced by his father to his pivotal role at Bayer Healthcare. The discussion covers the impact of legacy systems, current security trends, the integration of AI in medical device security, and valuable insights for those looking to build a career in this crucial sector. Tune in to learn more about medical device security and the latest in cybersecurity trends, and get some expert advice straight from a seasoned professional.00:00 Understanding SBOMs in medical devices04:20 The evolution of medical device security07:22 Ken Zalevsky's journey in cybersecurity09:28 Challenges in medical device security13:06 The role of SBOMs in cybersecurity15:56 Implementing SBOMs in organizations18:28 Ken Zalevsky's role at Vigilant Ops22:01 Technical aspects of SBOMs27:14 Legacy devices and security measures28:24 Manufacturer's role in device security30:07 Healthcare industry's response to security threats30:42 Impact of major breaches on policy34:13 Generative AI and machine learning in healthcare security40:22 Skills and certifications for healthcare security careers46:46 Career advice and educational paths49:04 About Vigilant Ops and their services52:15 Outro– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    From CIA to CISO: AI security predictions and career strategies | Guest Ross Young

    Play Episode Listen Later Mar 31, 2025 51:33


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastRoss Young, CISO in residence at Team8, joins this week's Cyber Work episode to share insights from his fascinating career journey from the CIA to cybersecurity leadership. With over a decade of experience across intelligence agencies and major companies, Young discusses the rapidly evolving AI security landscape, predicts how AI will transform security roles and offers valuable career advice for cybersecurity professionals at all levels. Learn how security professionals can stay relevant in an AI-driven future and why continuous learning is non-negotiable in this field.00:00 Intro00:27 Ross Young's journey in cybersecurity01:18 Cybersecurity job market insights02:12 Ross Young's educational path07:38 Experience at the CIA10:38 Transition to the private sector13:15 Current role at Team818:30 Daily life of a CISO in residence22:12 Impact of AI on cybersecurity25:23 Identifying phishing emails25:49 New risks with AI models27:08 Exploiting AI for malicious purposes30:55 Defending against AI exploits32:24 AI in security automation33:30 Common mistakes in AI implementation36:59 Future of cybersecurity with AI43:18 Advice for security professionals46:17 Career advice – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Securing Apple vs Windows: Which is harder? | Guest Weldon Dodd

    Play Episode Listen Later Mar 24, 2025 63:53


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastToday on Cyber Work, we welcome Weldon Dodd, Senior Vice President of Global Partnerships at Kandji. Dodd discusses a recent report highlighting why Apple devices are perceived as more secure than Windows systems in the event of a global software outage. He dives into the technical and social reasons behind these security differences, explores the challenges in securing different platforms and offers career advice for aspiring cybersecurity professionals. Learn why a commitment to continuous learning and focus is essential, and get insights into the growing role of Apple in the enterprise environment. This episode is packed with valuable tips for breaking into and advancing up the ladder in the cybersecurity industry. 00:00 Cybersecurity job market insights 02:03 Weldon Dodd's cybersecurity career journey 14:39 Joining Kandji and building teams 25:22 Kandji's report on Apple vs. Windows security 30:37 Mac as a target for malicious software 32:03 Windows vs. Mac: A bigger target 33:12 Apple's growing presence in enterprises 34:00 Sector-specific Apple adoption 36:49 Impact of the report on operating systems 39:21 Career paths in cybersecurity 44:46 Skills and certifications for entry-level cybersecurity roles 50:11 Advice for aspiring IT professionals 54:20 Best cybersecurity career advice received 58:17 About Kandji and its services 1:02:30 Outro– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Using  ChatGPT for Offensive Security | Guest Robert Morrell

    Play Episode Listen Later Mar 17, 2025 20:46


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastIn this episode of Cyberwork Hacks, host Chris Sanko welcomes Infosec Skills Instructor Robert Morrell to discuss his learning path, "ChatGPT for Offensive Security." Morrell outlines the seven-course path, including five courses of learning and two interactive labs, focused on using ChatGPT in various offensive security tasks. The discussion includes crafting cross-site scripting attacks, generating phishing campaigns and engineering prompts for optimal results. Morrell also provides insight on effectively using ChatGPT to write detailed bug reports and demonstrate AI security skills to potential employers. Additionally, he shares information about his company, Pointless AI, a platform for bug bounty and vulnerability disclosure services. This episode offers a comprehensive guide for cybersecurity professionals looking to integrate AI tools into their offensive security toolkit.00:00 Introduction to Cyberwork Hacks and guest Robert Morrell00:08 Overview of ChatGPT for offensive security learning path02:53 Understanding ChatGPT and its applications04:57 Comparing ChatGPT with other AI models07:24 Deep dive into the offensive security learning path12:52 Using ChatGPT for offensive security in real-world scenarios14:43 Final thoughts and advice on using ChatGPT18:37 Conclusion and additional resources– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    CompTIA Network+ training: What to expect in a boot camp | Instructor Tommy Gober

    Play Episode Listen Later Mar 10, 2025 17:41


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastIn this episode of Cyber Work Hacks, Infosec Boot Camp Instructor Tommy Gober walks us through what his Network+ training course is like. He talks about the supportive learning environment and explains how the boot camp is designed for those new to the field. He covers the structure of the five-day program, touching on topics like the OSI model, binary number systems, networking hardware and more. He also shares his insights on the benefits of boot camp learning versus self-study or traditional schooling — and offers tips for taking the Network+ exam. 0:00 Introduction 1:19 Free cybersecurity salary guide2:54 Boot camp training vs. other learning methods4:23 In-person and online boot camp experience9:13 Network+ boot camp daily breakdown11:56 Network+ exam preparation and testing strategies14:55 Final thoughts and wrap up– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Understanding CompTIA CEUs: How to renew your Network+ | Guest Tommy Gober

    Play Episode Listen Later Mar 4, 2025 18:10 Transcription Available


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastInfosec Boot Camp instructor Tommy Gober returns to Cyber Work to share insights on maintaining your CompTIA Network+ certification through continuing education credits (CEUs). Learn the best practices for accruing CEUs, including documenting projects, attending conferences and engaging in hands-on learning experiences. Tommy also discusses the importance of staying current in the field and tips for avoiding the last-minute scramble to earn CEUs. Discover how advancing your certification level can simplify the renewal process and keep you updated with the latest industry trends. 0:00 Introduction1:28 Free cybersecurity salary guide3:10 What are CEUs/CPEs and why are they required5:50 What are the ways to earn Network+ CEUs8:40 Ways to stay ahead on your CEU credits11:35 CompTIA's CEU credit breakdown16:40 Final thoughts and wrap-up– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Network+ practice questions: Tips to pass your exam | Guest Tommy Gober

    Play Episode Listen Later Feb 24, 2025 20:08 Transcription Available


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastInfosec Boot Camp Instructor Tommy Gober joins Cyber Work Hacks to discuss the mechanics of the CompTIA Network+ exam. This episode features an overview of different question types, including multiple-choice, multiple-answer and performance-based questions. Tommy guides you through sample exam questions, providing insights into CIDR notation, subnetting and troubleshooting IP addresses. Additionally, learn about the benefits of practice exams and receive essential tips for exam day success. This episode is perfect for anyone preparing for the Network+ certification or looking to strengthen their networking knowledge.0:00 Introduction 0:38 Cybersecurity salary guide2:37 Understanding Network+ exam question types6:07 Practice question: CIDR notation 9:10 Practice question: IP addresses11:15 Practice questions: Troubleshooting & IP addresses15:18 Practice exam and preparation tips17:33 Final advice19:20 Conclusion– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    CompTIA Network+: Is it necessary for a cybersecurity career? | Guest Tommy Gober

    Play Episode Listen Later Jan 27, 2025 10:45


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastInfosec Instructor Tommy Gober joins Cyber Work Hacks to discuss the CompTIA Network+ certification. Despite often being bypassed in favor of Security+, Gober explains why Network+ is fundamental for a robust cybersecurity knowledge base. Learn about critical networking concepts like the OSI model, IP addresses and protocols, which are vital for understanding how cyberattacks work. Discover how strengthening your networking proficiency can enhance your cybersecurity career, even if you don't aim to become a network admin. Gober also shares top tips for excelling in the Network+ exam, including mastering port numbers and subnetting. Don't miss this enriching episode designed to boost your cybersecurity skills!0:00 Introduction 0:50 Cybersecurity salary ebook1:44 Overview of Network+ certification2:55 Deep dive into networking concepts5:15 Integrating Network+ with Security+7:03 Essential networking skills for cybersecurity9:03 Top tips for Network+ exam preparation10:02 Final thoughts– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Incident response: What I learned from a hands-on project | Guest Gamuchirai Muchafa

    Play Episode Listen Later Jan 13, 2025 33:02


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastWatch the video here: https://www.youtube.com/watch?v=OSZ1Qi-tzSEToday on Cyber Work, we welcome Gamuchirai Muchafa from Africa's CyberGirls program to discuss her journey in cybersecurity. Muchafa shares the rigorous application process for this mentorship program, her transition from a healthcare assistant to an IT professional and the importance of documentation in cybersecurity. We delve into her experiences with incident response challenges and her hands-on project involving an automated incident detection and response system. Muchafa also reflects on her aspirations and offers advice for aspiring cybersecurity professionals.00:00 - Introduction 02:29 - Muchafa's journey into cybersecurity05:43 - CyberGirls program07:03 - Programming without a laptop08:06 - CyberGirls fellowship projects13:07 - Incident response problem walkthrough20:53 - Advice for cybersecurity students24:57 - Future plans 30:27 - Support for CyberGirls fellowship31:37 - OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    How to hack an API: A walkthrough | Guest Katie Paxton-Fear

    Play Episode Listen Later Jan 6, 2025 23:46


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcast Watch the walkthrough here: https://www.youtube.com/watch?v=-CvvtwKXYjEJoin us on Cyber Work Hacks as Katie Paxton-Fear, known as InsiderPhD, demonstrates how to hack APIs and uncover vulnerabilities in shopping apps. Paxton-Fear provides a visual walkthrough of common mistakes in API security, emphasizing problem-solving and creativity over technical skills. You'll learn how to use tools like Burp Suite and Repeater to exploit vulnerabilities, access personal information and make unauthorized transactions. Paxton-Fears' insights make API hacking an accessible entry point into cybersecurity, highlighting the path to becoming a bug bounty hunter. Plus, discover tips on starting your API hacking journey and utilizing Infosec resources to build a successful career in cybersecurity. Don't miss this comprehensive guide to API hacking!00:00 - Introduction to API security03:16 - Understanding APIs and their vulnerabilities05:26 - Live API hacking demonstration05:43 - Exploring Burp Suite and Repeater08:28 - Identifying and exploiting API vulnerabilities09:50 - Real-world API hacking examples17:21 - Tools and tips for aspiring hackers19:31 - Steps to start bug bounty hunting22:23 - Conclusion – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    CompTIA CySA+: Your key to cybersecurity analyst roles | Guest James Stanger

    Play Episode Listen Later Dec 16, 2024 14:49


    Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastIn this episode of Cyberwork Hacks, host Chris Sienko speaks with James Stanger from CompTIA about the CySA+ certification, designed for aspiring cybersecurity analysts. They discuss the certification's importance, breaking down its domains and how it prepares candidates for hands-on security roles. Addressing concerns about AI and the evolving role of security analysts, Stanger emphasizes the need for continuous upskilling. He also shares practical advice for those considering the certification, highlighting its practical, hands-on learning approach. Tune in for insights on how CySA+ can be a calling card in your cybersecurity career.00:00 - Introduction to CySA+ certification01:00 - Cybersecurity salary ebook01:53 - Welcome to Cyberwork Hacks02:09 - Meet James Stanger from CompTIA02:53 - Specializing in cybersecurity04:16 - The impact of AI on security analysts07:37 - Domains in the CySA+ certification09:49 - Is CySA+ right for you?12:41 - Advice for aspiring security analysts13:44 - Conclusion– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Penetration testing careers 101: Learning and getting certified | Cyber Work Hacks

    Play Episode Listen Later Dec 9, 2024 12:32


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastIn this episode of Cyber Work Hacks, guest James Stanger from CompTIA dives into the PenTest+ certification. He explains the critical distinctions between pentesting and hacking and outlines the essential career skills involved in pentesting, such as network discovery, social engineering and vulnerability analytics. Viewers will also learn about hands-on activities to enhance their resumes and hear valuable advice for entering cybersecurity roles. The episode touches on adjacent career paths like GRC, threat hunting and vulnerability management while providing practical tips for preparing for the PenTest+ exam.00:00 - Introduction to PenTest+ certification01:02 - Overview of cybersecurity job market01:56 - Guest introduction: James Stanger from CompTIA02:33 - Deep dive into PenTest+ certification04:42 - Career paths with PenTest+ certification07:27 - Getting started in pentesting09:12 - Hands-on experience and practical tips10:58 - Study tips for PenTest+ exam11:34 - Conclusion and final thoughtsView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Understanding DoD 8140 and CompTIA certifications | Cyber Work Hacks

    Play Episode Listen Later Dec 2, 2024 9:44


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastIn this episode of Cyber Work Hacks, James Stanger from CompTIA discusses the U.S. Department of Defense's 8140 directive. Explore the high standards set for IT and cybersecurity expertise, focusing on the certifications and career mapping skills required for DoD roles. With practical advice and resources, host Chris Sienko and Stanger guide viewers on how to leverage CompTIA certifications, like Security+, for various DoD job roles. Additionally, they delve into career development strategies under the 8140 framework, highlighting resources such as CompTIA's interactive tools and the DoD marketplace. Tune in for actionable insights on building a successful cybersecurity career within the DoD landscape.00:00 - Introduction to Cyber Hacks with James Stanger00:56 - Free cybersecurity salary guide01:48 - Welcome to Cyber Work Hacks02:18 - Deep dive into DoD 814004:24 - CompTIA certifications for DoD roles05:32 - Creating learning pathways for DoD careers06:36 - DoD 8140 career advice08:53 - Conclusion and community engagementView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Certifications 101: Why A+, Network+ and Security+ are game changers | Cyber Work Hacks

    Play Episode Listen Later Nov 18, 2024 15:35


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastJames Stanger from CompTIA joins today's Cyber Work Hacks episode to delve into the Tech Trifecta of certifications: A+, Network+ and Security+. These foundational certifications are vital for anyone looking to launch or advance their career in IT and cybersecurity. James explains how each certification interacts, the domains they cover, and why mastering all three can help you stand out in the competitive job market. Don't miss this informative discussion that could shape your future in tech!0:00 - Intro to today's episode1:00 - Cybersecurity Salary Guide1:50 - Meet James Stanger3:02 - Breakdown of the Tech Trifecta5:25 - How A+, Netowrk+ and Security+ work together7:50 - Job prospects with CompTIA certs9:40 - Importance of hands-on experience9:15 - Value of a diverse skill set12:00 - Recommended training path12:40 - Advice for getting certified14:48 - Wrap up View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Navigating ISO 27001 and cybersecurity management | Guest Gry Evita Sivertsen

    Play Episode Listen Later Nov 11, 2024 46:31


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastToday on Cyber Work, Gry Evita Sivertsen, a consultant and COO with extensive ISO 27001 experience, joins us. Sivertsen shares how an early job in the Philippines ignited her cybersecurity career and discusses her approach to open dialogue for managing risks within a company. We delve into the ISO 27001 framework and its relevance, along with tips for becoming an ISO 27001 auditor, trainer or implementer. Sivertsen also highlights her journey from a cybersecurity manager to a leadership role at Grittera Security, underscoring the importance of good communication and practical experience in the field. Plus, she has insights into preparing for different roles in information security and the significance of training young women in tech through her volunteer work.00:00 - Introduction to Today's Episode00:15 - Gry's Early Career and ISO 2700101:15 - Cybersecurity Job Market Insights02:02 - Welcome and Guest Introduction03:37 - Gry's Journey into Cybersecurity06:27 - Understanding ISO 2700114:00 - Roles and Responsibilities in Cybersecurity19:27 - Transition to Consultancy and Leadership26:25 - Advice for Aspiring Cybersecurity Professionals36:05 - Empowering Women in Tech41:26 - Conclusion and Career Advice45:07 - Outro and ResourcesAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Mentorship and career growth in cybersecurity | Guest Anneka Gupta

    Play Episode Listen Later Nov 4, 2024 51:58


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastToday on Cyber Work, Anneka Gupta from Rubrik joins us to discuss STEM education, transitioning into cybersecurity and strategies for effective and diverse hiring. Gupta delves into her role as Chief Product Officer, highlighting the dynamic tasks and problem-solving skills required. She shares practical advice on networking, crafting impactful resumes and acing interviews while also emphasizing the importance of go-to-market strategies and inclusive work environments. Discover strategies to foster diversity in tech, the role of mentoring, and Rubrik's focus on cyber resilience. Tune in to gain valuable insights from Gupta's inspiring journey and learn how to excel in cybersecurity. 00:00 - Meet Anneka Gupta00:26 - Diverse hiring strategies in cybersecurity00:51 - Networking tips and mentorship01:11 - Cybersecurity job market insights02:23 - Gupta's background and career journey07:10 - Role and responsibilities of a Chief Product Officer12:31 - Career growth and transformational moments18:06 - State of STEM and diversity in tech27:14 - Crafting impactful resumes27:40 - Navigating a tough job market28:03 - The power of hustle in job hunting29:47 - Advice for college students in STEM32:14 - Creating an inclusive cybersecurity culture34:59 - Overcoming educational challenges in STEM40:00 - The importance of mentorship44:05 - Networking tips for new graduates47:46 - Best career advice received48:36 - About Rubrik and its mission49:54 - Where to find more information50:25 - OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    How secure is your food: Cybersecurity threats and careers | Guest Jonathan Braley

    Play Episode Listen Later Oct 28, 2024 45:38


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastToday on Cyber Work, Jonathan Braley from the Food and Agriculture Information Sharing and Analysis Center (Food and Ag ISAC) delves into the critical security challenges in the food, farming and production sectors. Featuring insights on the evolution of cybersecurity, the role of ISACs, and real-world threats like ransomware and phishing, this episode offers a comprehensive look at how cybersecurity professionals within this industry are working to safeguard vital systems. Braley shares tips on obtaining competitive roles, the convergence of IT and OT security and the importance of continuous learning. Tune in to grasp the latest trends and get invaluable career advice to stay ahead in the ever-evolving field of cybersecurity.View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcast00:00 - Introduction to cyber work and guest Jonathan Braley00:53 - The growing cybersecurity job market02:05 - From biology to cybersecurity04:48 - Early career and learning at Valley Apps09:26 - Role and responsibilities at Food and Ag ISAC17:07 - Understanding cyber threats in food and agriculture23:23 - The growing connectivity and vulnerabilities in agriculture23:49 - Cybersecurity challenges for small towns and farms25:28 - The Reality of cyberattacks on small farms26:59 - Global implications of cybersecurity in agriculture28:44 - Insights from a cybersecurity expert in agriculture33:13 - Career opportunities in food and agriculture cybersecurity37:37 - Staying informed and prepared in the cybersecurity field40:04 - Cybersecurity career adviceAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Becoming an API security and bug bounty pro | Guest Katie Paxton-Fear

    Play Episode Listen Later Oct 21, 2024 59:51


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastJoin us on this episode of Cyber Work with Katie Paxton-Fear, an API hacker and technical marketing manager at Traceable, known for her YouTube channel InsiderPhD. Dive into API security, common defense mistakes and bug bounty insights. Listen as Paxton-Fear shares her academic journey blending tech and linguistics, her pioneering NLP work on insider threats and tips on becoming an API security expert. Learn about detecting insider cyber threats, the role of AI in securing APIs and essential resources to enhance your cybersecurity skills. Plus, explore the dynamic world of freelance ethical hacking, the role of a technical marketer and the significance of resonant content creation. Stay tuned for a comprehensive guide to elevating your API security know-how and cybersecurity career!View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcast00:00 - Introduction to Katie Paxton-Fear01:48 - Katie's journey into tech and cybersecurity05:23 - Combining tech and language15:34 - From academia to YouTube21:30 - API security: challenges and insights26:38 - The role of AI in API security30:28 - API key management and security31:08 - Common API key breaches32:15 - Preventing API key leaks33:39 - The importance of key rotation34:31 - Getting started in API security35:36 - Recommended resources for API security37:32 - Hands-on API hacking45:28 - The bug bounty community50:32 - Role of a technical marketing manager53:45 - Career advice and final thoughtsAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Navigating cybersecurity careers: Non-traditional roles to consider | Guest Paige Hanson

    Play Episode Listen Later Oct 14, 2024 42:40 Transcription Available


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=audio&utm_campaign=podcastPaige Hanson from SecureLabs discusses identity theft management and her extensive experience as a security communicator. With nearly 20 years in consumer and digital safety, Paige shares insights on pursuing a cybersecurity career and offers guidance for those interested in non-traditional security roles. Join us to learn about the current IT job market, key certifications and strategies for entering the industry. Discover how Paige transitioned from tech interests to a leading role in cybersecurity education, and explore job opportunities beyond traditional paths.View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast00:00 Intro to today's episode00:34 Free cybersecurity salary guide01:28 Welcome Paige Hanson01:46 Paige's background and career journey03:23 Early interests in technology05:02 Career at Norton LifeLock06:52 Educating law enforcement on identity theft10:15 Cybersecurity career opportunities beyond traditional roles12:10 Identity theft risk management certification17:23 Communicating cybersecurity concepts effectively22:02 Recognizing and adapting to audience feedback22:41 Effective communication strategies23:42 Advice for seniors and law enforcement25:35 Challenges and solutions in cybersecurity education26:41 Career opportunities and getting started35:40 Building a strong support system39:33 Starting and growing SecureLabs40:55 Wrap up and final thoughtsAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    AI in GRC: Dr. Shayla Treadwell on balancing innovation and risk | Cyber Work Podcast

    Play Episode Listen Later Oct 7, 2024 59:02


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast Today on CyberWork, Dr. Shayla Treadwell, vice president of governance, risk, and compliance (GRC) at ECS, discusses the role of AI in the GRC space. She breaks down AI applications for GRC, the importance of AI governance and the significant roles in performing compliance on AI tools and software. Dr. Treadwell also shares her unorthodox journey into cybersecurity, emphasizes the importance of critical thinking, and offers career advice for aspiring professionals. Additionally, the episode highlights the impact of AI on the cybersecurity landscape and strategies for effectively integrating AI while mitigating risks.00:00 - Introduction 00:33 - Cybersecurity salary ebook01:27 - Welcome to the Cyber Work Podcast01:45 - Meet Dr. Shayla Treadwell03:36 - Shayla's journey into cybersecurity07:24 - The role of governance, risk and compliance13:15 - Daily responsibilities of a GRC professional15:40 - Challenges and skills in GRC23:10 - AI in governance, risk and compliance31:11 - Leveraging AI for efficiency31:46 - Balancing compliance and innovation32:44 - Understanding compliance beyond regulations34:00 - The VUCA concept and its relevance35:22 - AI's humanistic and ethical considerations40:10 - Skills for AI governance careers43:49 - Global AI governance community47:24 - Opportunities and challenges in AI49:07 - Optimism in AI's future53:05 - Career advice and ECS overview57:29 - AI and GRC– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast  About InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cybersecurity in the AI era: Busting myths and practical advice | Guest Alex Sharpe

    Play Episode Listen Later Sep 30, 2024 58:44 Transcription Available


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcastAlex Sharpe, a cybersecurity expert with over 30 years of experience, joins the Cyber Work Podcast to discuss the realistic promises and limitations of AI and machine learning in cybersecurity — and pragmatic advice on their responsible use. From debunking myths to sharing insights from his excellent presentation at ISACA Digital Trust World 2024, Alex covers how AI can be integrated into cybersecurity practices and its impact on the workforce. Plus, explore how to stay ahead in the evolving cybersecurity job market. Don't miss out on this illuminating conversation!View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcast00:00 Introduction to today's episode00:33 Free Cybersecurity Salary Guide01:27 Guest introduction: Alex Sharpe01:45 Alex Sharpe's background and experience02:39 AI in cybersecurity: opportunities and limitations04:41 The evolution of technology and human productivity13:13 AI misconceptions and realities29:42 AI's real-world impact30:27 Challenges in autonomous vehicles31:39 Data poisoning and steganography33:04 AI in security and data science34:36 AI proficiency and career advice35:23 AI's integration in daily life36:08 Innovation and guardrails47:05 Future of AI and career skills50:57 Guardrails and public-private partnerships54:38 Career advice and final thoughtsAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cybersecurity's future: Preparing the next gen of professionals | Guest Tia Hopkins

    Play Episode Listen Later Sep 23, 2024 59:43 Transcription Available


    Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/ In this episode of Cyber Work Podcast, Tia Hopkins, Chief Cybersecurity Resilience Officer at eSentire, returns to discuss her journey into tech and cybersecurity. She reflects on her early fascination with technology her impactful externship experiences, and the importance of cyber resilience. Tia discusses her roles in making the cybersecurity industry more equitable and her passion for integrating real-world scenarios into education. We also discuss bridging communication gaps between security leaders and business executives, her work with non-profits — aimed at empowering women of color in cybersecurity — advice for hiring diverse talent, and her latest books designed to inspire and guide future cybersecurity professionals. Don't miss this insightful conversation about building a more inclusive and resilient cybersecurity landscape.View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast00:00 Welcome back Tia Hopkins!00:41 Cybersecurity salary ebook01:35 Introducing Tia Hopkins03:45 Tia's early tech fascination06:04 Navigating setbacks and finding passion12:43 The importance of higher education in cybersecurity15:39 The role of cybersecurity leadership18:44 From solutions engineer to chief cyber resilience officer22:46 Understanding cyber resilience30:59 The importance of treat intelligence31:13 Cyber resilience: Testing and maturity31:35 Operational integration and prioritization33:03 Leadership and organizational structure35:01 Diversity and inclusion in cybersecurity37:08 Lowering barriers to entry44:48 Career mapping strategies for 202448:08 Insights from "Hack the Cybersecurity Interview"49:25 Securing our future: Embracing diversity50:56 The joy of problem solving in cybersecurity52:16 Best career advice and leadership transition56:36 About eSentire and final thoughtsAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    What you will learn about cybersecurity soft skills | Guest Cicero Chimbanda

    Play Episode Listen Later Sep 16, 2024 11:58 Transcription Available


    Today on Cyber Work Hacks, my guest, Infosec Skills author Cicero Chimbanda, gives us another Hack for our Cybersecurity Managers. If you want to know more about Cicero's Security Manager learning path for Infosec Skills, this is the episode for you, as we break down everything you'll learn and how to apply it to your career!0:00 - Infosec's security manager soft skills course2:39 - Infosec Skills soft skills learning modules5:30 - Why cybersecurity management soft skills are important7:30 - Benefits from learning cybersecurity soft skills10:52 - Outro– Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=buzzsprout&utm_medium=podcast&utm_campaign=podcast About InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Honing your security manager soft skills on the job | Guest Cicero Chimbanda

    Play Episode Listen Later Sep 9, 2024 16:31 Transcription Available


    Today, on Cyber Work Hacks, my guest, Infosec Skills author Cicero Chimbanda, gave us a Hack involving the role of Cybersecurity Manager. Studying security management techniques academically is one thing, but how do you develop your security manager skills ON THE JOB? Cicero has many insights, and we talk a bit about the importance of rapport and understanding between different generations of security professionals.0:00 - Cybersecurity manager soft skills2:30 - Most important cybersecurity manager soft skills7:02 - Infosec's soft skills platform8:45 - Continous learning advice for security managers 12:12 - Security manager soft skill mistakes14:12 - Outro– Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/  – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=buzzsprout&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    One thing a cybersecurity manager should know | Guest Cicero Chimbanda

    Play Episode Listen Later Sep 2, 2024 13:48 Transcription Available


    Infosec Skills author Cicero Chimbanda discusses the role of the cybersecurity manager. Our focus is the one thing Chimbanda wishes he had known before he became one! I'll leave it at that and let him tell his story because it's a good one.0:00 - What to know as a cybersecurity manager3:26 - One thing to know about being a security manager7:00 - Craft your cybersecurity manager role9:09 - Cybersecurity management advice10:45 - What is Infosec Skills12:21 - Outro – Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    One tip for security managers to keep teams fulfilled | Guest Cicero Chimbanda

    Play Episode Listen Later Aug 26, 2024 12:25 Transcription Available


    Today on Cyber Work Hacks, my guest is Infosec Skills author and teacher Cicero Chimbanda. Chimbanda's Skills path concerns building the soft skills needed to succeed as a Cybersecurity Manager. For today's Hack, Chimbanda tells us his best tip for Security Managers to keep their security teams fulfilled and connected. As we speak, many companies are entering their Q2, and Chimbanda has great advice for taking Q1's successes (or not) and using the framework to reinforce the connection between the team and leadership, as well as being a conduit moving between each.Here is some excellent advice for today's cybersecurity managers and those yet to come in today's Cyber Work Hack. 0:00 - Succeeding as a cybersecurity manager2:48 - One great tip for cybersecurity managers6:14 - Implementing change as a cybersecurity manager8:56 - Meeting calendars and managing cybersecurity roles11:05 - Outro – Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cybersecurity projects to demonstrate your skills

    Play Episode Listen Later Aug 19, 2024 19:07 Transcription Available


    We've all been there — 200 pages into your Security+ study guide reading, and your eyes are crossing from exhaustion. Does any of this even connect with the real world? One of the best ways to apply your learning is to try it out for yourself, and my guest today, Infosec Skills author professor Robert McMillen, has a host of suggestions for low-cost, low-danger security tasks that you can try for yourself and determine whether you have what it takes to keep it going in cybersecurity. As a bonus, McMillen gives some pretty outstanding advice for taking these hands-on experiences and interjecting them into your first job interviews! 0:00 - Cybersecurity projects and tasks1:53 - Beginner cybersecurity projects7:49 - Elevating your cybersecurity projects11:38 - Document cybersecurity projects16:31 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cybersecurity jobs — where to begin | Guest Professor Robert McMillen

    Play Episode Listen Later Aug 12, 2024 16:33 Transcription Available


    Get a job! No, seriously, get a job. Cyber Work Hacks wants to help you find the job of your dreams, and your guide to learning how to search for Cybersecurity jobs is Professor Robert McMillen, one of Infosec's Skills authors. McMillen knows that there's a disconnect between the skills gap that guests espouse and the commenters who are still looking. But McMillen has some actionable advice for you, and you absolutely do not want to miss this, no matter what level of job you're looking for. Please take copious notes and enjoy this week's Cyber Work Hack. 0:00 - Beginning your cybersecurity career1:36 - Why you can't get a cybersecurity job8:50 - Common mistakes young pros make11:50 - What to learn from Infosec Skills13:42 - Outro – Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/  – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    How to begin cybersecurity training | Guest Professor Robert McMillen

    Play Episode Listen Later Aug 5, 2024 16:32 Transcription Available


    Cyber Work Hacks is dedicated to furthering and strengthening your cybersecurity education and learning, but today's episode is specifically focused on learning. Professor Robert McMillen guides you through all of the different ways you can learn, both in certification training and education options, and helps you understand which learning method is going to mesh with you and also which ones will attract your future employers. Put a bookmark in your cert study guide and lend us your attention for this week's Cyber Work Hack! 0:00 - Start your cybersecurity career2:11 - Where to begin cybersecurity education8:09 - Acquiring beginner cybersecurity skills13:00 - Learn cybersecurity through Infosec Skills15:09 - Outro– Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    How to get started in cybersecurity: Beginner steps you can take now | Cyber Work Live

    Play Episode Listen Later Jul 29, 2024 61:23 Transcription Available


    Join us for the June 2024 edition of Cyber Work Live! This episode is dedicated to answering questions about cybersecurity certifications, training, and careers. Our expert panel, including Confidence Stavely, Akyl Phillips, and Robert McMillen, share invaluable insights for newcomers and career changers in cybersecurity. Topics covered include navigating the certification landscape, overcoming imposter syndrome, transitioning from other careers, and the importance of networking. Tune in for actionable advice and strategies to kickstart your cybersecurity career!00:00 - Welcome to Cyber Work Live: June 2024 Edition00:40 - Meet the panel: Confidence Stavely01:48 - Meet the panel: Akyl Phillips02:37 - Meet the panel: Robert McMillen03:31 - Advice for cybersecurity newcomers03:53 - Common questions from cybersecurity students05:13 - Guidance for women in cybersecurity10:11 - Early career mapping in cybersecurity11:54 - Certifications and entry-level jobs17:07 - Physical requirements in cybersecurity18:37 - Learning how you learn: Education paths22:01 - Cyber girls program: Structure and insights28:38 - Self-paced learning options30:05 - Live boot camps overview31:42 - Immersive boot camps32:31 - The importance of continuous learning33:46 - Staying updated in cybersecurity40:30 - Networking and community building49:23 - Transitioning to cybersecurity careers59:19 - Final thoughts and resources– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Creating a career roadmap for the cybersecurity beginner

    Play Episode Listen Later Jul 25, 2024 19:40 Transcription Available


    Today's Cyber Work Hacks is for security novices, people just getting started in learning cybersecurity and looking for their career path. Professor Robert McMillen is an Infosec Skills path author, and he gives you some fantastic advice for making the decisions at the very beginning to help you steer your career to all the places you want to go! To get your cybersecurity career started, make sure to check out today's Cyber Work Hack. 0:00 - First starting out in cybersecurity1:28 - Cybersecurity career map5:41 - Advice for career road mapping9:11 - Leaning into your interests via education12:28 - Advancing your cybersecurity career15:56 - Cybersecurity skills to learn 17:21 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Why do C-suites instinctively fire the CISO when a breach happens? | Guest Jonathan Gill

    Play Episode Listen Later Jul 22, 2024 59:49 Transcription Available


    Today on Cyber Work, Jonathan Gill, CEO of Panaseer, joins me to talk about the stress-filled role of the Chief Information Security Officer. Jonathan notes that the most challenging part of a CISO's role, especially the CISO of a large, complex company, is the lack of full view of the organization's assets and points of vulnerability. Jonathan tells us how Panaseer is working to create a trusted and validated system of record to ensure accurate and good faith recording of actions, strategies, and decisions to accept or mitigate business risks. All this, and a discussion of the CISO as one of the story-makers in the C-suite, today on Cyber Work! 0:00 - Firing CISO's after cybersecurity breaches4:23 - First interest in cybersecurity and tech7:41 - Working with cybersecurity leaders across the world11:17 - International sales work19:12 - Stave off burnout as a CISO 28:20 - Notion of asset detection 32:06 - Culture of sacking CISOs 43:06 - Better CISO involvement 49:09 - Cybersecurity career mapping strategies57:13 - Learn more about Jonathan Gill and Panaseer59:09 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cyber resiliency and national defense | Guest Georgianna "George" Shea

    Play Episode Listen Later Jul 15, 2024 58:06 Transcription Available


    Today on Cyber Work, I'm introducing you to Dr. Georgianna, or “George” Shea, the chief technologist at the Foundation for Defense of Democracies' Center on Cyber and Technology Innovation. Shea finds new and developing technologies and develops pilot programs for implementation in a variety of locales, including DoD, the government sector and critical infrastructure. We talk about Shea's first taste of security, learn what it's like to be knowledgeable in several dozen connected security spaces rather than being the all-knowing authority in one (and the knowledge that outside of the dozens you know, there are hundreds more to learn) and we answer the burning question: “Why don't any of my interns know what NIST is?” All this, and some more talk about the security of the U.S. water supply (because you know I'm never going to stop asking about that), on today's episode of Cyber Work! 0:00 - Cyber resilience5:19 - George Shea's early cybersecurity interest6:41 - How has cybersecurity changed in two decades?8:53 - Learning cybersecurity in the early days14:22 - Chief engineer at MITRE21:00 - Work with the Foundation for Defensive Democracies28:48 - Technology's pace versus policy31:25 - Cyber-informed engineering34:02 - Cybersecurity on old systems35:29 - Cyber resilience and defense41:41 - Working in cyber resiliency 44:01 - Why do so few know what NIST is?48:36 - The current state of state security 54:33 - Best career advice56:11 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Using the CEH to create an ethical hacker career path

    Play Episode Listen Later Jul 11, 2024 17:48 Transcription Available


    Infosec and Cyber Work Hacks are helping train the red teamers and blue teamers of tomorrow with our boot camps and study materials for the CEH exam. But how does ethical hacking proficiency translate into a satisfying career? Infosec's CEH boot camp instructor Akyl Phillips has plenty of strategies to help you get focused and stay focused on your studies, some excellent tips for keeping on top of the latest security changes and innovations, and how you're going to push past uncertainty and into the work of putting one foot in front of another in your quest to become a bona-fide, in-demand ethical hacker! Keep the enthusiasm up when you check out today's Cyber Work Hack. 0:00 - Ethical hacker career1:57 - Testing for the CEH certification2:55 - Career paths to pursue with CEH certification5:08 - Working in pentesting or ethical hacking7:55 - Unglamours side of ethical hacking 9:49 - How to keep up with new tech11:39 - Switching careers to ethical hacking12:45 - Preparing for a CEH role interview13:23 - Don't fear a cybersecurity career15:03 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Why is Log4J still so successful? | Guest Etay Maor

    Play Episode Listen Later Jul 8, 2024 59:07 Transcription Available


    Today on Cyber Work, I talked with Etay Maor, Chief Security Strategist with Cato Networks. Etay is a founding member of the Cato Cyber Threats Research Lab, or CTRL — see what they did there? — and he joins me to talk about their first CTRL report on attack patterns and methods. We're going to talk about the most common attack vectors, why Log4J still rules the roost even against newer and flashier exploits, and we go deep into the many paths you can take to become a threat researcher, threat analyst, reverse engineer, and lots more. That's all on today's episode of Cyber Work! 0:00 - Intro4:10 - First interest in cybersecurity and tech5:15 - Becoming chief security strategist8:15 - Working in cybersecurity project management12:07 - Hacker targets and AI15:04 - The dark web and security access16:03 - The CTRL report in brief20:23 - Health care cybersecurity 22:49 - Different cyberattacks in different industries25:10 - Using security tools as a gateway27:03 - AI-enabled cyberattacks33:14 - Careers as a cybersecurity threat researcher36:09 - Figuring out where to specialize in cybersecurity41:31 - Important cybersecurity skills and experience45:58 - Hiring in cybersecurity49:30 - Future changes in AI and cyber tools55:38 - What is Cato Networks?57:13 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    All about identity access management with the Identity Jedi | Guest David Lee

    Play Episode Listen Later Jul 1, 2024 62:09 Transcription Available


    How does a childhood curiosity turn into a groundbreaking career in identity and access management? Join us for an engaging conversation with David Lee, the Identity Jedi, as he recounts his fascinating journey from tinkering with computers as a child to becoming a sought-after expert in IAM. Lee shares the pivotal moments and unexpected opportunities that transformed his career, providing invaluable insights for anyone looking to break into the cybersecurity field. We explore the essential technical and soft skills that have propelled Lee to the forefront of his industry, along with his unique strategies for navigating complex IAM landscapes.0:00 - Identity Access Management (IAM)3:04 - First interest in cybersecurity 8:32 - Identity and access management cybersecurity 13:38 - Computer science and higher education 18:00 - Necessary soft and hard skills for IAM22:16 - Larger organizations and IAM24:21 - Defining identity in cybersecurity29:18 - Variety of identity ideas33:03 - African American representation in cybersecurity 38:28 - Cybersecurity equity41:33 - Financial inequity and working in cybersecurity48:35 - Cybersecurity solutions for more equitable hiring53:22 - Less racism in the tech industry 57:51 - Best piece of cybersecurity career advice59:13 - What is identity Jedi?1:00:04 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Cybersecurity's role in U.S. foreign relations | Guest Tom Siu

    Play Episode Listen Later Jun 24, 2024 59:37 Transcription Available


    Today on Cyber Work, Tom Siu, CISO of Inversion6, joins the podcast to talk about cyber diplomacy! As Siu says at the start of the show, the internet has no borders. It's like water. There are pathways and choke points, but there is no ownership by any one country or entity. How does that influence international diplomacy? Siu discusses possible scenarios for the future of cyber diplomacy, and skills and backgrounds that make you a good fit for this work. This is a great episode for our job changers, especially as this work requires strong backgrounds from a variety of tech and non-tech careers, but as always, there's lots to learn, no matter your skill level or background, on today's episode of Cyber Work. 0:00 - Work in cyber diplomacy4:36 - First interest in cybersecurity7:01 - Learning by breaking8:58 - Working as a CISO17:44 - Reading and learning different job languages21:15 - Career and personal resiliency 25:42 - The impact of cyber on foreign policy35:14 - Working in cybersecurity foreign policy38:24 - The military and cyber diplomacy43:11 - Emerging trends in cyber diplomacy48:52 - Skills you need to work in cybersecurity54:20 - Best cybersecurity career advice56:12 - Learn more about Inversion659:25 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Breaking down CEH exam questions with an Infosec expert

    Play Episode Listen Later Jun 20, 2024 16:37 Transcription Available


    Infosec and Cyber Work Hacks are here to help you pass the CEH, or Certified Ethical Hacker exam. For today's Hack, Akyl Phillips, Infosec bootcamp instructor in charge of the CEH/Pentest+ dual-cert bootcamp, walks us through four sample CEH questions, explaining the logic behind each answer and discounting the wrong ones with explanations, allowing you to reach the right answer in a logical and stress-free way. This episode is a real eye-opener for aspiring red teamers, so keep it here for this Cyber Work Hack! 0:00 - Mastering the CEH exam2:42 - Types of CEH exam questions3:32 - CEH exam question examples12:08 - Why a CEH boot camp is helpful 13:44 - How long is the CEH exam?14:37 - Best CEH exam advice15:18 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Roku's hacked data breach – will we never learn our lesson? | Guest Zarik Megerdichian

    Play Episode Listen Later Jun 17, 2024 47:06 Transcription Available


    Zarik Megerdichian, the co-founder of personal privacy controller company Loop8, joins me in breaking down the recent Roku breach, which landed hackers a whopping 15,000 users' worth of vital data. Megerdichian and I discuss the failings of the current data collection and storage model while moving to a model in which biometrics is the primary identification method, coupled with a system of contacts who can vouch for you in the event that your device is lost or stolen. It's another interesting approach to privacy and online identity in the age of the never-ending breach announcement parade.– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Roku's data breach1:54 - First, getting into computers5:45 - Megerdichian's company goals9:29 - What happened during the Roku data breach?11:20 - The state of data collection14:16 - Uneccesary online data collection16:26 - Best data storage protection17:56 - A change in data collection20:49 - What does Loop8 do?24:09 - Deincetivizing hackers25:21 - Biometric account recovery30:09 - How to work in the biometric data field33:10 - Challenges of biometric data recovery work34:46 - Skills gaps in biometric data field36:59 - Megerdichian's favorite part of the work day37:46 - Importance of cybersecurity mentorship41:03 - Best cybersecurity career advice43:33 - Learn more about Loop8 and Megerdichian44:34 - OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Unlocking data privacy: Insights from the data diva | Guest Debbie Reynolds

    Play Episode Listen Later Jun 10, 2024 53:14 Transcription Available


    Today on Cyber Work, I'm very excited to welcome Debbie Reynolds, the Data Diva herself, to discuss data privacy. Reynolds developed a love of learning about data privacy since working in library science, and she took it through to legal technologies. She now runs her own data privacy consultancy and hosts the long-running podcast “The Data Diva Talks Privacy Podcast.” We talk about data privacy in all its complex, nerdy, and sometimes frustrating permutations, how GDPR helped bring Reynolds to even greater attention, how AI has added even more layers of complexity and some great advice for listeners ready to dip their toes into the waters of a data privacy practitioner career.– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Data privacy3:29 - First, getting into computers7:46 - Inspired by GDPR9:00 - Pivoting to a new cybersecurity career12:01 - Learning different privacy regulation structures15:17 - Process of building data systems 17:41 - Worst current data privacy issue20:57 - The best in AI and data privacy22:15 - The Data Diva Podcast25:24 - The role of data privacy officer30:36 - Cybersecurity consulting36:21 - Positives and negatives of data security careers39:34 - Reynolds' typical day41:11 - How to get hired in data privacy48:38 - The best piece of cybersecurity career advice50:25 - Learn more about the Data Diva51:14 - OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Inside a CEH boot camp: Advice from an Infosec instructor

    Play Episode Listen Later Jun 6, 2024 14:23 Transcription Available


    Infosec and the Cyber Work Hacks podcast are here to help you pass the Certified Ethical Hacker (CEH) exam! So for today's hack, we're talking about bootcamps. The CEH exam, no matter how you slice it, is an exam that is the definition of the phrase, “It's a marathon, not a sprint.” With 125 questions and four hours to answer them, there's as much of a mental game at work here that's much more than rote memorization of terms and tools. That's why I wanted to get an insider's look from Infosec boot camp instructor Akyl Phillips! Phillips will explain what the Infosec five-day CEH boot camp is like, the learning and retention strategies you'll employ, and all the ways that bootcamp training can help you pass on the first try. Phillips has taught pentesters and red teamers at all levels from sheer beginners to people already in the field, and this episode is a look into how it works. Book yourself a front-row seat for another Cyber Work Hack. 0:00 - How to pass the CEH exam3:17 - What is a CEH boot camp? 4:02 - Things to know before the CEH exam5:30 - How does the CEH exam test practical skills?6:46 - The day-to-day of an Infosec boot camp11:08 - What is CEH exam day like?12:14 - Is a cybersecurity boot camp right for me?13:12 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Revolutionizing digital identity, data privacy and data security | Guest Raj Ananthanpillai

    Play Episode Listen Later Jun 4, 2024 41:55 Transcription Available


    Today on Cyber Work, my guest is Raj Ananthanpillai, CEO of Trua, a company that is steeped in the current issues around digital credentials and data privacy. As you've no doubt heard, AT&T reported a data breach that compromised the personal information of approximately 7.6 million users! Ananthanpillai discusses Trua's mission to leave data thieves holding an empty treasure chest, discusses his past work in creating TSA PreCheck and gives a bunch of great ideas and advice for making sure that you're always thinking beyond your current position by learning and creating your way upward! All that, and a WHOLE bunch of vitriol at the industry-standard collecting of social security numbers, today on Cyber Work! 0:00 - Revolutionizing data privacy4:20 - How Ananthanpillai got into cybersecurity6:11 - Work as a cybersecurity CEO9:25 - Fast tracking in cybersecurity roles11:08 - Take your first steps in cybersecurity work13:01 - Founding Trua17:50 - New digital security protocols 21:10 - AT&T data breach27:03 - How to stay safe from data breaches29:58 - How to work in data privacy35:14 - Skill gaps in data privacy work37:05 - Best cybersecurity career advice38:26 - Learn more about Trua41:00 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    OT cybersecurity jobs are everywhere, so why is nobody taking them? | Guest Mark Toussaint

    Play Episode Listen Later May 20, 2024 27:26 Transcription Available


    Mark Toussaint of OPSWAT joins to talk about his work in securing operational technology, and specifically about his role as product manager. This is an under-discussed job role within security, and requires great technical expertise, intercommunication skills and the ability to carry out long term campaigns on a product from, as he put it, initial brainstorming scribblings on a cocktail napkin through the creation of the product, all the way to its eventual retirement. Learn what it takes to connect security engineering, solutions experts, project management, and more in the role of security product manager, and how OT security connects fast, flexible IT and cybersecurity with systems that, as Toussaint put it, might be put in place and unmodified for 15 or 20 years. It's not that hard to connect the worlds, but it takes a specific skill set.0:00 - Working in operational technology 1:49 - First getting into cybersecurity and tech3:14 - Mark Toussaint's career trajectory5:15 - Average day as a senior product manager in OPSWAT7:40 - Challenges in operational technology 9:11 - Effective strategist for securing OT systems11:18 - Common attack vectors in OT security 13:41 - Skills needed to work in OT security 16:37 - Backgrounds people in OT have17:28 - Favorite parts of OT work 19:47 - How to get OT experience as a new industry worker21:58 - Best cybersecurity career advice22:56 - What is OPSWAT25:29 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.  

    Mastering the certified ethical hacker exam: Strategies and insights with Akyl Phillips

    Play Episode Listen Later May 16, 2024 11:17 Transcription Available


    Cyber Work Hacks knows that you have what it takes to pass the Certified Ethical Hacker (CEH) exam! And you don't have to do it alone! Infosec's CEH boot camp instructor Akyl Phillips gives you his top tips and tricks for taking the exam! Phillips breaks down the common formats for CEH questions, talks common mistakes people make while taking the exam and why it's not the end of the world if you fail the CEH on the first time (especially if you do it with an Infosec CEH/Pentest+ dual-cert boot camp). As Phillips puts it, first you have to get to know the beast, and that will allow you to slay the beast! Sharpen your tools and get down to business with this Cyber Work Hack.0:00 - Certified ethical hacker exam1:42 - What is ethical hacking and the roles using it?2:46 - Tips and tricks for taking the CEH exam3:32 - Tools to have before the CEH exam5:09 - Common mistakes people make with the CEH exam6:11 - What if I fail the CEH exam? 7:02 - Will I get CEH exam feedback?7:49 - Best piece of advice for CEH exam day8:55 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    MGM Grand breach: How attackers got in and what it means for security | Guest Aaron Painter

    Play Episode Listen Later May 13, 2024 52:06 Transcription Available


    Today on Cyber Work, we're talking about last September's breach of the MGM Grand Casino chain, an attack that lead to a week of tech failure, downtime and over a hundred million dollars in lost revenue. The attackers were able to get in via a point that my guest, Aaron Painter of Nametag Inc, said is a common point of failure: the request for a password and credential reset from the helpdesk, and the ever-frustrating “security questions” approach to making sure you are who you are. Nametag is built to create an alternative to security questions and go beyond MFA to create a method of verification that is even resistant to AI Deepfake attempts! This conversation goes into lots of interesting spaces, including career mapping, the importance of diverse design teams and the benefits of security awareness training, plus you get to learn about an amazing piece of emergent tech!0:00 - A new method of online verification3:15 - First getting into cybersecurity and computers7:03 - Aaron Painter's work experiences 10:37 - Learning cybersecurity around the world11:32 - Starting Nametag16:25 - Average work week as Nametag CEO19:10 - Cybersecurity learning methods21:15 - The MGM cyberattack explained26:07 - MGM fail safes bad actors surpassed 29:26 - Security awareness training 31:35 - Are data breaches the new normal34:05 - How Nametag safeguards online data37:59 - AI deepfakes 40:19 - Using Nametag42:20 - How to learn AI deep fake defense44:14 - Design choices in digital identity 45:54 - Different backgrounds in cybersecurity 46:59 - Aaron Painter's favorite part of his work48:01 - Best cybersecurity career advice49:00 - Learn more about Nametag50:06 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Jumping into the CCNA with both feet | Cyber Work Hacks

    Play Episode Listen Later May 8, 2024 14:13 Transcription Available


    Infosec and Cyber Work hacks can help you pass Cisco's CCNA certification exam! But what if you think you're not ready to make that jump? What would it take for you to jump into the study of the CCNA with both feet? Infosec's CCNA boot camp instructor Wilfredo Lanz wants you to know that you can be ready to start the big learning a lot faster than you think, and tells us why some of his most entry-level students often do better on the test than their more established classmates. If the prospect of passing the CCNA on the first try got you fired up, well, that's the point! Keep the excitement coming, and check out today's Cyber Work Hack. 0:00 - Cisco's CCNA certification exam0:57 - Who enrolls in an Infosec CCNA boot camp2:50 - What should you know before studying for the CCNA?3:50 - What does a CCNA certified IT network professional do?6:42 - Ensuring you're ready to take on CCNA9:59 - How to gain networking experience11:39 - Become an IT and networking professional 12:50 - OutroLearn more about the CCNA: https://www.infosecinstitute.com/training/ccna/About InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    What's it like to be the CISO for the state of Connecticut? | Guest Jeffrey Brown

    Play Episode Listen Later May 6, 2024 51:36 Transcription Available


    Today on Cyber Work, I've got a big guest for you. Jeffrey Brown is the chief information security officer for, not a company, not for a healthcare organization, but for the entire state of Connecticut! Brown walks me through the scope and reach of a state-wide CISO, a country-wide move toward a “whole of state” strategy and, frankly, I spend an awful lot of time talking to Brown about where he finds the time to do all the things he does.0:00 - Being CISO of an entire state1:50 - Early interest in computer, tech and security5:17 - A communication background in cybersecurity7:31 - Cybersecurity career time management13:59 - Working as a CISO of a state15:45 - How to prepare for a CISO role at the state level18:51 - What does a CISO do for a U.S. state?25:50 - State cybersecurity approach27:41 - Cyber attacks and challenges states face32:00 - Is cybersecurity awareness a waste of time? 37:31 - Skills needed to work in cybersecurity for the state40:11 - Learning how to lead in cybersecurity43:20 - Favorite parts of state cybersecurity44:19 - Resources to improve cyber hygiene 46:14 - Best piece of cybersecurity career advice48:47 - Learn more about Jeffrey Brown49:33 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastThis is a very wide-ranging and inspiring episode – whether you're slogging through cert study or hitting a wall trying to figure out your next career pivot, my talk with Jeff will absolutely give you a new perspective. Keep it right here for Cyber Work! About InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

    Claim Cyber Work

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel