eXecutive Security

Colin Domoney, CTO and co-founder of Thinking of U, shares his career journey in cybersecurity and his expertise in API security. He started as a kid building electronics and crypto systems, which led him to develop battle-hardened defense systems. He gravitated towards software and eventually got into AppSec, diving into the deep end and fixing a million AppSec vulnerabilities. Colin emphasizes the importance of developers having security skills and offers advice on how to build something cool that is also secure. He discusses the unique challenges and opportunities in API security and the role of AI in the industry.TakeawaysDevelopers with security skills are highly sought after in the industry.API security requires a different approach compared to standard web app security.API security encompasses a wide range of tools and techniques, from shift left to runtime protection.Colin's book, Defending APIs, is aimed at anyone tasked with defending APIs, with a focus on developers.AI is a powerful tool that accelerates learning and problem-solving in various areas, including cybersecurity.AI creates both opportunities and challenges in the industry, and it is important to stay informed and adapt to its impact.

Summary:In this episode, Gene discusses management principles and leadership strategies for senior leaders and aspiring entrepreneurs with Tom Heiser, previously CEO of ClickSoftware, EVP at EMC, and President at RSA the cyber division of EMC. They cover topics such as opening the aperture, balancing strategy and tactics, embracing change, connecting the dots, and more. The conversation emphasizes the importance of learning from tough times, setting a clear vision, and problem-solving with a positive mindset.TakeawaysBalancing strategy and tactics is crucial for success in leadership roles.Embracing change and learning from tough times are essential for personal and professional growth.The rule of 15 degrees emphasizes the importance of iteration and continuous improvement in business strategies.Asking 'why' five times to find the root cause is a valuable problem-solving technique.Maintaining a positive mindset and focusing on the achievable is key to overcoming challenges in leadership and business.Setting a clear vision and connecting the dots between current state and desired state is essential for success in business and leadership.

Jim Alkove, CEO and co-founder of Olaria, shares his career journey and insights on cybersecurity training and becoming a board advisor. He emphasizes the importance of starting at the beginning and gaining experience in software engineering during his time at Microsoft. Alkove highlights the need for a more diverse pool of candidates and situational training to meet the workforce demands of the cybersecurity industry. He also discusses the significance of company culture and values in building successful teams. Alkove provides advice on moving laterally to gain broader skills and transitioning to advisory roles in early-stage companies.Key TakeawaysMove laterally to gain broader skillsets while in early-stage of careers.Training needs to be more accessible to a diverse pool of candidates in order to meet the demands of the cybersecurity industry.Company culture and values are crucial in building successful teams.Write down your goals, be humble, and be open to learning and criticism.

In this episode, Gene Fay interviews Ed Adams, President and CEO at Security Innovation, about his journey into cybersecurity and his work in advancing software security practices. Ed shares his story of transitioning from quality assurance in software at Rational Software to founding Security Innovation, a company focused on application security and training. Ed also dives into his book, See Yourself in Cybersecurity Careers Beyond Hacking, which highlights the many career paths available in the cybersecurity industry beyond hands-on keyboard roles. He discusses the cybersecurity talent shortage, particularly how it affects underrepresented groups, and the need for organizations to rethink how they hire and retain talent.Takeaways:There are many ways to start a career in cybersecurity, even from non-technical backgrounds.Security is an integral part of software quality can help developers and organizations create more secure, reliable applications.The book, See Yourself in Cybersecurity Careers Beyond Hacking, focuses on educating the next generation of cybersecurity professionals and promoting diversity in the field.The cybersecurity talent shortage is not about the lack of skilled individuals, but about outdated hiring practices and insufficient investment in talent development.

In this episode, Gene Fay interviews Sammy Migues, Principal at Imbricate Security, about his journey into cybersecurity and his work on the Building Security in Maturity Model (BSIMM). Sammy shares his experience starting in computer science in the late 1970s and how he became a computer security professional. He explains the motivation behind creating the BSIMM and how it helps organizations measure and improve their software security practices. Sammy also discusses the trifecta for career success, which includes setting a strategy, translating business objectives into actionable steps, and contextualizing skills within the organization. Finally, Sammy shares his thoughts on the cybersecurity shortage and the challenges in hiring and retaining skilled professionals.TakeawaysStarting a career in cybersecurity can begin with a degree in computer science and a willingness to adapt and learn as the industry evolves.The Building Security in Maturity Model (BSIM) is a framework that helps organizations measure and improve their software security practices.The trifecta for career success in management includes setting a strategy, translating business objectives into actionable steps, and contextualizing skills within the organization.The cybersecurity shortage is not just a lack of professionals, but also a result of challenging hiring processes and unrealistic job requirements.

Summary:In this episode, Gene Fay interviews Jeff Hudesman, CISO at Pinwheel, about his career in cybersecurity. Jeff shares his journey from starting as an intern at Memorial Sloan Kettering Cancer Center to working at Sony and eventually joining Pinwheel. He discusses the differences between working in large companies like Sony and startups, highlighting the ability to be impactful and the agility of startups. Jeff also shares an anecdote about a security incident at a water treatment facility and emphasizes the importance of planning in cybersecurity.Takeaways:Working in both large companies and startups can provide valuable experiences in cybersecurity.Startups offer the opportunity to be impactful and make a significant difference.Cybersecurity incidents can occur even in critical infrastructure facilities like water treatment plants.Planning is indispensable in cybersecurity, as threats are dynamic and constantly changing.

Omer Cohen CISO of Descope shares his career story, highlights include:Joy in the constant variety of work in incident responseBenefits of a mature approach to cybersecurity as a start-upSeeing his work in cybersecurity result in a real-world impact and the arrest and prosecution of cybercriminalsB-Sides and the fun of small in person meet-ups

Cybersecurity recruiter Kyle McIntyre offers unique guidance based on his work as a retained search specialist working with hiring managers (VPs & C-Levels) in the cybersecurity industry in this episode. He and Gene discuss: How to conduct preliminary research on potential employers and career pathsHow to reverse engineer desirable backgrounds to demystify potential career pathsTips on crafting effective & thoughtful outreach to hiring managersAdvice on optimizing your resume & profile for breaking into cyber with no prior industry experienceHow to manage imposter syndrome, anxiety and self-doubt during a job searchMoreKyle McIntyre on LinkedIn: https://www.linkedin.com/in/thekylemcintyre/

In this episode, Gene Fay interviews Tom Heiser about his journey and shares tenets for managing oneself. The conversation covers topics such as execution, accountability, expressing passion, doing the best job possible, getting outside one's comfort zone, and focusing on what one can control.TakeawaysExecution is key to success. Just do it.Accountability is important in personal and professional growth.Expressing passion and committing to one's work leads to fulfillment and success.Doing the best job possible is a pathway to career advancement.Getting outside one's comfort zone fosters personal and professional growth.Focus on what you can control and be present in the current situation.

Neil Bahadur, Head of Product in Cybersecurity at Wells Fargo, developed a unique and valuable perspective by switching from security to business development and back to security. In this episode, he and Gene discuss that transition and what he learned from it. They also discuss cybersecurity trends those new to the industry should be aware of, and more.Neil Bahadur on LinkedIn: https://www.linkedin.com/in/neilbahadur/

One of the most important parts of being a cybersecurity professional is knowing how to ask the right questions, says CISO Aaron Katz. Aaron started his career as a consultant, and says that's where he honed his question skills. He thinks all aspiring cybersecurity pros should start out with consulting gigs – you learn the business side and what questions to ask, plus get a feel for cybersecurity as a whole, rather than just one tool or product.He and Gene talk about this career path, plus his journey to CISO, why hiring managers are not good at finding cybersecurity candidates, and more.Aaron Katz on LinkedIn: https://www.linkedin.com/in/pendraggon87/

Ed Giles runs cybersecurity seminars for seniors, and wants to spread the word that it's a great way to both get your CPEs and give back to your community. Ed and Gene talk about those seminars, plus Ed's journey from English major to cybersecurity professional, the importance of thinking about security as a business enabler, and more.Ed Giles on LinkedIn: https://www.linkedin.com/in/evgiles/

How is AI going to change entry-level cybersecurity jobs? Gene and AgileBlue president Tony Pietrocola discuss in this episode.They also talk about:Tony's career and what AgileBlue doesHow AI will affect both cybersecurity and cybercrimeWhat he's looking for in interns Tony Pietrocola on LinkedIn: https://www.linkedin.com/in/tonypietrocola/AgileBlue: https://agileblue.com/

Want to start a career as a pen tester? Phillip Wylie literally wrote the book on the topic. Gene and Phillip, co-author of The Pentester Blueprint: Starting a Career as an Ethical Hacker and host of the Phillip Wylie Show, have a wide-ranging and advice-filled conversation on:His career journey and his podcastStarting a pen testing careerCollegiate Cyber Defense CompetitionsHow to leverage B-SidesMorePhillip Wylie on LinkedIn: https://www.linkedin.com/in/phillipwylie/The Pentester Blueprint: https://www.amazon.com/Pentester-BluePrint-Your-Guide-Being/dp/1119684307

Kimberly Anstett has had a C-level cybersecurity position for about a decade. She's seen the CIO role transform, and shares her thoughts on that transformation in this episode. She and Gene discuss her journey to CIO, how to inspire the next generation to embrace STEM careers, what she's looking for when hiring, and more. Kimberly Anstett on LinkedIn: https://www.linkedin.com/in/kimberly-anstett-6b3a259/

Why should you work in cybersecurity? Because two things that aren't going away are tech and crime, says BlackBerry VP of Product Security Operations Christine Gadsby. Christine and Gene talk about her journey from working in IT out of necessity to cybersecurity VP, how to reskill into cybersecurity, the Leadership Bench Program she developed at BlackBerry, her advice to those discouraged by the job hunt, and more.Christine Gadsby on LinkedIn: https://www.linkedin.com/in/christinegadsby/Three Reasons Women Should Reskill to Work in Cybersecurity: https://blogs.blackberry.com/en/2023/03/3-reasons-women-should-reskill-to-work-in-cybersecurity 

Jim Moran has had a long and varied cybersecurity career, and offers some fantastic advice for those just starting out. He and Gene talk about cybersecurity careers, what he's looking for in entry-level candidates, how to find the best career path for you, and more.Jim Moran on LinkedIn: https://www.linkedin.com/in/jim-moran-0b112925/

Diana Kelley feels strongly that community plays a critical role in all careers, but especially cybersecurity. She explains why in this episode.She and Gene also talk about increasing the number of females in cybersecurity, what she looks for in entry level candidates, and more. Diana Kelley on LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/Executive Women's Forum: https://www.ewf-usa.com/WICYS: https://www.wicys.org/

We talk a lot on this podcast about how to advance to the executive level within the cybersecurity field. But what if the C-level is not for you? John Hammond is a security practitioner at heart and wants to stay that way. He shares his thoughts on building a practitioner career in this episode. He and Gene also talk about his experience working for the Department of Defense and about John's prolific side job as a content creator. John Hammond on LinkedIn: https://www.linkedin.com/in/johnhammond010/John Hammond on YouTube: https://www.youtube.com/johnhammond010

Want to make the transition from help desk to cybersecurity? Jeff Farinich has helped others make that transition and he shares his advice in this episode.He and Gene also talk about the types of cybersecurity roles, what he looks for in entry level candidates, and more.Jeff Farinich on LinkedIn: https://www.linkedin.com/in/jefffarinich/

MK Palmore has had a long and fascinating career -- from the military to the FBI to cybersecurity executive at Google. Don't miss his story.He's also a Vice President of Cyversity and has great insights and ideas about bringing more diversity to the cybersecurity field.  This is an important and valuable conversation for anyone looking to get into cybersecurity, especially those without technical skills, those with military backgrounds, or those from under-represented populations.MK Palmore on LinkedIn: https://www.linkedin.com/in/mkpalmore/Cyversity: https://www.cyversity.org/

Interested in behavioral science? The training and awareness side of cybersecurity might be for you – and you should hear Masha Sedova's story. She offers a fascinating look at the human attack surface – which presents a whole new set of challenges – and they aren't all technical. She has built a career on solving these challenges, and she sheds light on this lesser-known side of the cybersecurity world.

In this special episode, Gene encourages listeners to spread the word about the so-called "Phantom Hacker" scams targeting the elderly. The FBI recently published an alert about these popular scams that attempt to convince senior citizens that their money is unsafe and they need to move it.Gene outlines how the scam works, and how to protect the elderly in your life.

Cybersecurity is intimidating says Check Point CISO Cindi Carter. But she also says it shouldn't be. Cindi and Gene talk about how to make cybersecurity more accessible in this episode of the eXecutive Security podcast. They also talk about community involvement, networking, and the advice she gives her mentees. Cindi Carter on LinkedIn: https://www.linkedin.com/in/cindibcarter/ Check Point Software: https://www.linkedin.com/company/check-point-software-technologies/

Most of us don't approach mentoring with the right mindset, says Amanda Fennell of Prove. Thinking of it as "sponsoring" rather than "mentoring" would be a step in the right direction. Gene and Amanda talk about this mindset shift, plus her work at Prove, her work teaching cybersecurity at Tulane, why one of her best security analysts picked up valuable skills from her time as a bartender, and more.Amanda Fennell on LinkedIn: https://www.linkedin.com/in/afennell/Prove on LinkedIn: https://www.linkedin.com/company/proveidentity/Ron Gula "How to Conference": https://www.youtube.com/watch?v=NRLcBPW12bc

Haris Pylarinos found cybersecurity training subpar, and too expensive, so he started a company to do better. Hack The Box is now a leading gamified cybersecurity upskilling, certification, and talent assessment platform with more than 2 million platform members. In this episode, Haris and Gene talk about Hack The Box, its origins and goals; why training plays a key role in addressing the cybersecurity skills gap; why cybersecurity hiring practices need to change, and more.

The author of "Building a Career in Cybersecurity," Yuri Diogenes offers a wealth of knowledge, advice, and tips on entering this field in this episode. He and Gene discuss: Yuri's career journey His take on cybersecurity certifications  Why building a lab is important for those looking for entry-level roles How to be intentional in your attendance at cybersecurity conferences  Why often the best technical person doesn't get the job Yuri Diogenes on LinkedIn: https://www.linkedin.com/in/yuridiogenes/Building a Career in Cybersecurity: https://a.co/d/ivHxIVL

You don't need a tech background to work in cybersecurity, says Lance Hayden, Chief Information Security Strategist at Vericast, and former English major. What skills and abilities do you need? Get Lance's perspective in this episode. He and Gene also talk about his experience teaching cybersecurity at the Univeristy of Texas, and what he looks for in entry level candidates.

Eric Jacobsen, Asst. VP and CISO at Boston University, is our first guest from the higher education space, and he offers a unique look at what it's like to work in cybersecurity at a university. He and Gene talk about the benefits of working at an institution of higher learning, his path from a chemistry degree to cybersecurity leader, what he looks for when hiring for entry-level positions, and more.

Burnout is real and rampant among C-level cybersecurity professionals. How can you avoid it? Zscaler CISO Sam Curry shares his thoughts.Gene and Sam also talk about making the path from secondary school to entry-level cybersecurity job easier, why collegiate cybersecurity competitions are important, and what's GOOD about cybersecurity careers (it's not all stress and burnout!). Sam Curry on LinkedIn: https://www.linkedin.com/in/currysam/Zscaler: https://www.zscaler.com/Northeast Collegiate Cyber Defense League: https://neccdl.org/

ThreatX surveyed 2,000 consumers in the US and UK about the cybersecurity skills gap – to get their thoughts on its causes and effects.In this episode, Gene and ThreatX Field CISO Jeremy Ventura analyze the results, including:62% reported that if they or their child had more education around cybersecurity in school, they would have considered entering the field. 90% reported that they are concerned about the future of cybersecurity if more isn't done at an earlier stage to expose students to the field.78% are under the impression that a college degree is necessary to pursue a career in cybersecurity, and 67% thought a career in cybersecurity should be achievable through certifications or apprenticeships versus a 4-year+ college degree.52% say engaging students of all backgrounds earlier in STEM/cybersecurity courses it will help minimize the talent shortage among the cybersecurity industry.Full survey results: https://info.threatx.com/hubfs/ug/ThreatX-global-2023-survey-cyber-talent-shortage.pdfJeremy Ventura on LinkedIn: linkedin.com/in/jeremy-ventura-36204676

What's the difference between working in fraud and working in cybersecurity? Nancy Schuehler, Director of Cyber Strategy and Program Execution at Verizon, has worked in both and breaks it down for our listeners.She and Gene also dig into the pros and cons of working for a large enterprise, and of staying with one company for many years. Nancy Schuehler on LinkedIn: https://www.linkedin.com/in/nancy-schuehler-87311610/Verizon cyber recruiting: https://verizon.com/cybersecurity

No experience? No problem. In this episode, CISO Dane Jones explains how to build a resume that highlights a passion and aptitude for cybersecurity without any work experience in the field. Dane Jones is CISO at HighRadius. He has been a security leader for many years, including at Lowe's.Dane Jones on LinkedIn: https://www.linkedin.com/in/daneejones/Is a career in cybersecurity right for me? https://www.isc2.org/thank-you/is-a-career-in-cybersecurity-right-for-me (ISC)² Cybersecurity Workforce Study: https://www.isc2.org/Research/Workforce-Study#  

Cybersecurity is a great field because of the all the change, says Ted Julian. But to succeed, you have to be proactive about that change. Ted and Gene talk about how to keep up with the change, plus about his experience in the early days of cybersecurity, what it's like to work in product management, and why joining an early-stage company is so beneficial.Ted Julian has held leadership positions in several security companies, including Devo and Resilient. He is currently a Venture Partner at Glasswing Ventures. Ted Julian on LinkedIn: https://www.linkedin.com/in/tedjulian/

Gene sits down with Stratejm CEO John Menezes to talk about working for an MSSP, plus gets John's thoughts on hiring and nurturing the next generation of cybersecurity talent.Stratejm: https://stratejm.com/

Success in cybersecurity is not about your technical skills, but your emotional intelligence, according to CISO Randy Raw. Randy and Gene talk about why he thinks this, plus his approach to hiring, why leaders need to be proactive in asking their reports how they want to be managed, why everyone needs both a coach and a sponsor, and more.Randy Raw is the CISO at Veterans United Home Loans, where he has worked for almost 12 years. He is also a leadership coach at SABERS Coaching. Randy Raw on LinkedIn: https://www.linkedin.com/in/randyraw/ Randy Raw's blog: https://randyraw.com 

Lowe's CISO Marc Varner has had a long career in cybersecurity, including CISO roles at Yum Brands and McDonald's. Why does he think cybersecurity is a good career choice? Because there is always a new challenge. “What was the last really cool discovery or change in math?” he jokes. There's something new in cybersecurity just about every day. Tune in to his podcast episode with Gene to hear more. They discuss his journey, keys to success in the field, skills from other experiences that are transferable to cyber, and what he is looking for in entry level candidates.

Why is the geopolitical landscape critical to cybersecurity strategy? CISO Mark Houpt breaks it down in this episode. Mark also shares his advice to the college and high school students he mentors, how to approach the ever-changing nature of cybersecurity, and how to think about a college education.Mark Houpt is the CISO at DataBank. Previously he held senior security roles at organizations including State Farm, Lincoln Christian University, and Sallie Mae. Mark served in the US Navy from 1991 to 1999. Mark Houpt on LinkedIn: https://www.linkedin.com/in/mark-houpt/ Mark's recommended list of classes:-        Microsoft CISO Workshop: https://learn.microsoft.com/en-us/security/ciso-workshop/ciso-workshop -        Ascend Education: https://ascendeducation.com/monthly-subscription/ -        Amazon Cybersecurity Awareness Training: https://learnsecurity.amazon.com/en/index.html -        Center for Development of Security Excellence: https://www.cdse.edu -        ISC2 -Certified in Cybersecurity: https://www.isc2.org/1mcc -        Cisco Networking Academy: https://skillsforall.com/course/introduction-to-cybersecurity -        Cyberbit Remote Training: https://go.cyberbit.com/100k-worth-of-free-remote-cyber-range-training/?utm_source=nist_website&utm_medium=list&utm_campaign=free-remote-soc-team-training-nam -        StationX - 12 Month Trial: https://www.cybersecurityjobs.com/csj-training-fund/ -        Cyber Training 365: https://www.cybertraining365.com/cybertraining/FreeClasses -        Cyber Skyline Professional: https://cyberskyline.com/professional/purchase -        Cybrary: https://www.cybrary.it -        EC.Council: https://www.eccouncil.org/cybersecurity-exchange/free-cybersecurity-resources-2022/ -        Elastic: https://www.elastic.co/training/free -        Evolve Academy: https://www.academy.evolvesecurity.com/cybersecurity-fundamentals -        Federal Virtual Training: https://fedvte.usalearning.gov 

How do you make the jump from ER nurse to SOC analyst? Alex Gatz did it, and he's sharing his insights and tips with the eXecutive Security podcast audience. Don't miss this fascinating discussion about making a bold career change, the power of LinkedIn, what a security researcher does, the benefits of working for a startup, and more.Alex Gatz is a senior security researcher at ThreatX. Previously, he worked as a data analyst and ER nurse at MidMichigan Health. Alex Gatz on LinkedIn: https://www.linkedin.com/in/alexgatz/ Stephen Semmelroth: https://www.linkedin.com/in/semmelroth/ We Hack Purple: https://www.linkedin.com/company/wehackpurple/ 

The job market has shifted dramatically in the past two years, and Mike Privette shares his thoughts on navigating it in this episode. He and Gene discuss things you can do TODAY to get your foot in the cybersecurity door. Mike Privette is the CISO, VP of Information & Cyber Security at Passport. He is also the founder of Return on Security, which publishes the Security, Funded newsletter. Previously, he held cybersecurity leadership roles at various organizations, including Defiance Digital, Truist, MetLife, and Ally Financial. Mike Privette on LinkedIn: https://www.linkedin.com/in/mikeprivette/ 

Key to a successful tech career? Re-inventing yourself every three years, says Faisal Bhutto, SVP of Cloud and Cybersecurity at Calian. Don't go into tech if you're not ready to be constantly learning and re-inventing yourself, he says. Hear more tips and advice from Faisal in his episode, including why money and promotions can't be your only motivation, why you shouldn't network only to look for a job, and how to get into cybersecurity without a tech background.Faisal Bhutto is SVP of Cloud and Cybersecurity at Calian IT & Cyber Solutions. Previously, he was the co-founder of and COO at ENETsolutions. Faisal Bhutto on LinkedIn: https://www.linkedin.com/in/fbhutto/ 

Corey Nenno (aka That Cyber Guy) just transitioned out of the military and into the cybersecurity industry in 2021 – so this is an ideal episode for those currently in the military looking to soon enter the cybersecurity field. It's also one of our most practical episodes, whether you're in the military or not – it's filled with tips and advice on what to put on your resume, how to pass the CISSP, how to find a mentor, and more.Corey Nenno is a Senior Cyber Intelligence Analyst at Cargill. Previously, he spent 12 years in the US Army in Cyber and Information Technology fields. VetSec: www.veteransec.org Corey Nenno on LinkedIn: https://www.linkedin.com/in/coreynenno/ Cyber Mentor Dojo: https://cybermentordojo.com 

Alfredo Hickman fought the war on terror in the early 2000s in the Marine Corps infantry in Iraq. He shares some intense stories from his military experiences overseas with Gene, as well as how he transitioned from the front lines to a cybersecurity executive. Alfredo is passionate about helping veterans and giving back, and this episode is valuable for anyone looking to enter this industry, military or not. He shares details about his life and journey, his thoughts on cybersecurity trends in 2023, how the SANS Institute has been a resource for him and can be for others, his thoughts on mentoring, and more.Alfredo Hickman is Head of Information Security at Obsidian Security. He previously held security leadership positions at Rackspace. Alfredo served in the US Marine Corps from 2003 to 2011. Alfredo Hickman on LinkedIn: https://www.linkedin.com/in/alfredohickman/ Obsidian Security: https://www.obsidiansecurity.com SANS Institute: https://www.sans.org #CyberMentoringMonday on Twitter and LinkedIn 

David Cross' advice for breaking into cybersecurity? Strategic use of gift cards. Get details on his networking through social media ideas in this episode. David transitioned out of the military into the world of high tech, where he has held numerous cybersecurity leadership roles. This episode is filled with practical tips and advice on demonstrating your skills to prospective employers, deciding what type of company to work for, transitioning military skills to the corporate world, networking, and more.David Cross is the Senior Vice President, Chief Information Security Officer (CISO) of Oracle SaaS Cloud. Previously, he held senior leadership positions at numerous companies, including Google and Microsoft. David also served in the US Navy from 1991 to 1996.David Cross on LinkedIn: linkedin.com/in/☢️-david-b-cross-b856657  

Parham Eftekhari is a nationally recognized leader in cybersecurity, national security, and critical infrastructure. He currently serves as an Executive Vice President at CyberRisk Alliance, setting the vision and operating priorities for its executive development, CISO, and community solutions. Parham also serves as the chairman of the Institute for Critical Infrastructure Technology (ICIT), the nation's leading cybersecurity think tank which he founded in 2014, and advisory board member at MazeBolt Technologies and the Ready Rock Institute. Other leadership roles during his 15-year career include co-founder and V.P of research at the Government Technology Research Alliance and founder of the world's first webcam cover manufacturer CamPatch.com. Parham Eftekhari LinkedIn: https://www.linkedin.com/in/parhamtech/ Institute for Critical Infrastructure Technology (ICIT): https://icitech.org CyberRisk Alliance: https://www.cyberriskalliance.com ISACA: https://www.isaca.org/why-isaca ISSA: https://www.issa.org (ISC)2:https://www.isc2.org 

Rick Doten is VP, Information Security at Centene Corporation. He has over 30 years of experience in the IT industry, the last 23 focused specifically on cyber security. He has worked as both CISO of multinational company, and a management consultant performing risk management and risk engineering to mature customer security and privacy programs. Rick Doten on LinkedIn: https://www.linkedin.com/in/rick-doten-633470177/ Rick Doten YouTube channel: https://www.youtube.com/channel/UCSePMfJMI2PJ2qMrQrX9vIQ 

Carol Meyers is a partner at Glasswing Ventures, and independent board member, and an executive coach. She was formerly the CMO at Rapid7.Carol Meyers on LinkedIn: https://www.linkedin.com/in/caroljmeyers/ 

At the recent RSA Conference in San Francisco, we decided to take advantage of all the cybersecurity professionals gathered in one place to get some advice for those looking to enter the industry. We asked attendees who visited the ThreatX booth, What's the No. 1 piece of advice you'd offer to someone trying to break into cybersecurity? We recorded more than 20 answers, and collected a few here for this podcast episode.

It's rough to start your career in an economic downturn, as many of our listeners are now finding out. Alyssa Robinson started her career in a down economy, but she found opportunity amidst the challenges. Listen to her episode to find out the silver linings of kicking off a career in uncertain times.Alyssa Robinson is Deputy CISO at HubSpot and has had security leadership roles at several organizations, including Compete, Inc. and the Broad Institute. HubSpot: https://www.linkedin.com/company/hubspot/ Alyssa Robinson on LinkedIn: https://www.linkedin.com/in/alyssa-robinson-0a83231/  

We recently received more than 4,000 resumes for a job listing for an entry-level security position. How does this number make sense considering the cybersecurity skills gap? Gene shares his thoughts in this short episode.

Etan Basseri is a product manager on Microsoft's Identity Security team, working to prevent and detect identity compromise. During the course of his career, he's held a range of roles across law, business development, consulting and product, so he frequently advises and mentors others on their career development. LinkedIn: https://www.linkedin.com/in/basseri/ Career Walking Decks 101: https://kkarenism.com/career-walking-decks-101/ Microsoft Software & Systems Academy (MSSA) – Microsoft Military Affairs: https://military.microsoft.com/mssa/ Cybrary: https://www.cybrary.it/info/homepaged/ SANS Institute: https://www.sans.org/mlp/2/ (ISC)2: https://www.isc2.org Pluralsight: https://www.pluralsight.com