Podcasts about hvs

On this episode we hear from Hala. We immediately start the conversation around 'who we are' and we agree that who we are does not drastically change after a certain point, but our perspective changes. She had to hide from her parents that she as working in hotel operations when she chose to follow hospitality instead of choosing to be a lawyer, but happy to share that they eventually came around. After completing an MBA where could focus more on strategy and finance, she went into consulting, advisory and now has had a 21-year career with HVS which start in London and now past 15 years based in Dubai. We shared our experiences of being the only woman in the room or having no female role models to look up to. How it is encouraging that things have certainly changed during our careers, but still a lot more to be done. More than being a woman in the workforce, what Hala has found working in hospitality and in a global environment is embracing the cultural diversity and being sensitive to it. When it comes to attracting talent, it is the employers that have to do more to communicate their values that align with the applicants they want to employ.

Sat, 01 Mar 2025 18:03:00 +0000 https://jungeanleger.podigee.io/2050-kapitalmarkt-stimme-at-daily-voice-60-365-iva-verfuhrt-analysten-anleger-und-borsenotierte-zum-streiten-aber-das-mit-guter-laune f470300debf24575bf7b5283ef371c60 Episode 60/365 der kapitalmarkt-stimme.at daily voice auf audio-cd.at. IVA-Vorstand Florian Beckermann lud Ende Februar zu einem Austausch zwischen Analysten und Investoren in die Wiener Börse. Am Podium waren der Aktionär Rupert Heinrich Staller, Erste Research-Chef Fritz Mostböck sowie der frühere Analyst und jetzige Flughafen Wien-IR Manager Bernd Maurer. Staller stellte in den Raum, dass die großen heimischen Banken das Research für heimische Unternehmen in den vergangenen Jahren stark zurückgefahren haben und man schwer an das Research herankommt. Überhaupt sieht der den Beruf des Analysten in den nächsten Jahren von der KI abgelöst. Dem widerspricht Mostböck, denn im Falle von Analysen durch KI würden diese immer zur selben Meinung kommen, während bei einem Research von einem Analysten neben den Zahlen auch das Gefühl für das Unternehmen und den Markt, das Timing sowie Softfacts, wie etwa Governance eine wesentliche Rolle spielen. Mostböck sieht in der Analysten-Tätigkeit sogar eine Form von Kunst. Aber einig ist man sich, dass die Coverage von heimischen Unternehmen immer weniger wird. Mostböck sieht diesen Umstand eher als marktorientiert an. Beispielsweise sieht er ein Unternehmen mit 100 Mio. Market Cap, zehn Prozent Free Float und mangelnder IR-Arbeit als wenig sinnvoll für eine Coverage an. Eine proaktive IR-Arbeit sei sehr wichtig, so Mostböck. Kritisiert wurde seitens Staller auch, dass man kaum mehr Zugang zu Research habe, nicht einmal als großer Private Banking-Kunde. Was Mostböck vor allem auf MiFID zurückführt. Er sieht die MiFID-Einführung aber nicht nur negativ, denn dadurch könnten jetzt nicht mehr so viele Privatanleger die Zeit der Analysten in Anspruch nehmen. Privatanleger seien bei den Anlageberatern der Banken bestens aufgehoben und mit der wöchentlichen Publikation „Equity Weekly“ auch gut mit Informationen versorgt, so Mostböck. Für Bernd Maurer ist Research vor allem ein Multiplikator für Nachrichten vom Unternehmen, zudem seien Research-Reports für die Konsensus-Schätzung wichtig. Bei den Hauptversammlungen, die Staller bekanntlich gerne besucht, sei vor allem interessant, das Management der Unternehmen kennenzulernen und zu sehen, wie auf herausfordernde und oft auch schwierige Frage reagiert wird. Laut Mostböck sind HVs für Analysten eher weniger interessant, wichtiger sind hier mehr die Conference Calls nach den Quartalszahlen. Um mehr Private für den Kapitalmarkt zu begeistern, braucht es laut Staller vor allem eine steuerliche Entlastung, denn alle entwickelten Kapitalmärkte sind deshalb entwickelt, weil steuerliche Begünstigungen eingeführt wurden. Mostböck ortet derzeit auch einen neuen Willen seitens der EU den Kapitalmarkt aufzurütteln. Zudem ist Mostböck fest der Überzeugung, dass man in Österreich bei der Frage der Pensionsfinanzierung um den Kapitalmarkt nicht mehr herumkommen wird (Zusammenfassung von Christine Petzwinkler), http://www.iva.or.at Unser Ziel: Kapitalmarkt is coming home. Täglich zwischen 19 und 20 Uhr. kapitalmarkt-stimme.at daily voice Playlist auf spotify: http://www.kapitalmarkt-stimme.at/spotify http://www.kapitalmarkt-stimme.at Musik: Steve Kalen: https://open.spotify.com/artist/6uemLvflstP1ZerGCdJ7YU Playlist 30x30 (min.) Finanzwissen pur: http://www.audio-cd.at/30x30 Bewertungen bei Apple (oder auch Spotify) machen mir Freude: http://www.audio-cd.at/apple http://www.audio-cd.at/spotify 2050 full no Christian Drastil Comm.

Professional real estate investor, author and host of “The Real Estate Guys” Radio Show, Robert Helms joins us to discuss the nuances of mid-term, short-term rentals, and hotel real estate investing.  They highlight the impact of interest rates on single-family home affordability and the role of institutional investors.  Mid-term rentals cater to travelers like traveling nurses and digital nomads, offering higher monthly rents. Short-term rentals face challenges due to oversupply, but can be profitable with strategic planning. Hotels offer consistent experiences, with key metrics like occupancy and ADR.  Resources: Join Keith and other faculty experts at the Investor Summit at Sea, a unique networking and learning event for real estate investors. Let the event organizers know if you want to have dinner with Keith during the event. Show Notes: GetRichEducation.com/539 GRE Free Investment Coaching:GREmarketplace.com/Coach For access to properties or free help with a GRE Investment Coach, start here: GREmarketplace.com Get mortgage loans for investment property: RidgeLendingGroup.com or call 855-74-RIDGE  or e-mail: info@RidgeLendingGroup.com Invest with Freedom Family Investments.  You get paid first: Text FAMILY to 66866 Will you please leave a review for the show? I'd be grateful. Search “how to leave an Apple Podcasts review”  For advertising inquiries, visit: GetRichEducation.com/ad Best Financial Education: GetRichEducation.com Get our wealth-building newsletter free— text ‘GRE' to 66866 Our YouTube Channel: www.youtube.com/c/GetRichEducation Follow us on Instagram: @getricheducation Complete episode transcript:   Automatically Transcribed With Otter.ai    Keith Weinhold  0:01   welcome to GRE I'm your host, Keith Weinhold, surprising facts about the institutional ownership share of the rental market. Then learn from a great guest tonight about how the midterm and short term rental models work and hotel real estate investing. Then you are invited to join us both on the most special real estate event that I've ever been a part of, and I'm going to return to it today on get rich education.   Since 2014 the powerful get rich education podcast has created more passive income for people than nearly any other show in the world. This show teaches you how to earn strong returns from passive real estate investing in the best markets without losing your time being the flipper or landlord. Show Host Keith Weinhold writes for both Forbes and Rich Dad advisors, and delivers a new show every week since 2014 there's been millions of listener downloads of 188 world nations. He has a list show guests include top selling personal finance author Robert Kiyosaki. Get rich education can be heard on every podcast platform, plus it has its own dedicated Apple and Android listener phone apps build wealth on the go with the get rich education podcast. Sign up now for the get rich education podcast or visit get rich education.com   Corey Coates  1:17   You're listening to the show that has created more financial freedom than nearly any show in the world. This is get rich education.   Keith Weinhold  1:33   Welcome to GRE from London, UK to London, Ontario and across 188 nations worldwide. I'm Keith weinholden, you are inside this week's episode of Get rich education, where we aren't day trading, we are decade trading with gradual patient wealth accumulation through income properties, yet with a path that lets you live the good life of options and freedom when you're still young enough to enjoy it. Now, the shorter the period of time that your guest or your tenant stays at your place, the more that the word hospitality gets involved. Hospitality, that word has little to do with hospitals. It almost means the opposite. Hospitality means that you're now giving a warm reception to or entertaining guests or tenants. Well, that's something that you rarely do at a long term rental, but you do if you're a hotel real estate investor for sure, or maybe even a little in a short term rental, then you're in hospitality like valet parking, having a restaurant, a pool with a swim up bar, a gym, a concierge desk, or even having a lobby with travel desks of various tour companies. Right there. That's hospitality, and today as we discuss mid term rentals, then short term rentals, then hotel real estate investing, think about how the level of hospitality that you give increases as the duration of a guest or tenant stay decreases. Hospitality is one reason that long term rental rates for durations of, say, a year or more, well, they had the lowest daily rates and the least hospitality. And hotels with, say, a two night stay, have the highest daily rates and the most hospitality.    This week's show is presented by ridge lending group and freedom family investments. I mean Ridge is where I get all of my investment property loans, and where I do all of my refinancings. And perhaps you should, too, because they specialize in working with investor borrowers there, so they know just what you need and what you don't Ridge lending group.com, and then freedom family investments, that's where you can make a private money loan and get a higher yield than you can with a high yield savings account. That's where I invest a share of my own liquid funds for a passive 8% return, 10% return. And now this is new. They've got offerings at 12% or more. You can learn more by texting family to 66866, next, we discuss mid term rentals, short term rentals and hotel real estate investing.   This week, I'd like to welcome in a good long time real estate friend. He's been on the show here with you and I before. Besides being a deeply experienced real estate investor, he also hosts the terrific real estate guys radio show, which was a substantial influence on the launch of GRE more than 10 years ago. I mean, how many times have I suggested to you over the years that you give his show a listen? He also speaks with some of the best pipes in the industry. Hey, it's great to have back on the show this week, the incomparable Robert Helms.   Robert Helms  5:07   Hey, Keith, so good to see you. Thanks for having me back.   Keith Weinhold  5:11   Let me share with you. Robert is on a very short exclusive list of people that I credit for being where I am today, from how to host a professional show to being a Go Giver and Robert before we discuss mid and short term rentals in the long term rental world generally, just what's important to know in today's residential real estate market, you can take that anywhere you like.   Robert Helms  5:38   Well, I think the big picture has been all about the loans and the interest rates, right? We saw rates go up, not only a lot, but quickly, and then kind of come back down a bit. Now they're headed back up, and that just has a big effect on single family homes, primarily to folks who are living in the homes, because they'll make that decision based on the affordability of their mortgage payment and the rest of the costs investors Well, you know, we think a little differently. We're not limited by a specific interest rate will pay? If I can make 9% would I pay 6% sure, if I can make 9% would I pay 7% well, I might, and so on. So I think that that's something to watch this year. For sure. There's lots of reasons to expect that we're not going to see interest rates get back down into the twos and threes and fours like we wish they would stay. Probably shouldn't happen in the first place, but you and I took advantage of it, and lots of your listeners did as well. But I think that's kind of a big picture thing. And then the other part of it is, you know, the inventory. So when people have this locked in effect, which really doesn't have anything to do with their needs or wants, they have a new job or they have another child and they want to move to a couple of notches up in a neighborhood, they don't want to get rid of their 3.12% loan and have to buy another property with 7% so we see less people moving, therefore less inventory, total inventory now somewhere just around 700,000 or below, and that's lower than it's been for the average of the last 10 years. For sure, I think that has an effect, less people are moving because of the interest rates. But at the same time, you know, there are houses that trade every single day. People do have to move. They have life situations and so forth. And then real estate investors, of course, we just look for opportunity. If we can make a spread and we can be in a property long term where the tenant pays down our mortgage and not us, well, then we're interested at almost any interest rate.   Keith Weinhold  7:44    Yes, that interest rate lock in effect will persist another year. That continues to get diluted over time. Of course, though you and I both know that mortgage rates are still below their historic rate, but because of the recency bias, no one's really acting that way. By the way, the first ever rental property I bought had a six in three eights percent mortgage rate 20 years ago, and people were raving about what an incredibly low rate that was back then. But this constrains supply. And another thing that constrains available supply in today's market is more institutional players own rental property today we're talking about outfits like invitation homes and even the California State Teachers Retirement System. But one thing a lot of people don't seem to realize is that institutions like this own less than 1% of single family homes in the United States, and that's all institutions combined. And now if you just isolate that to single family rental properties, they still only own two to 3% so where we have this period of low supply and low affordability, you know, Robert, I think institutions, in a lot of these media headlines, they tend to get scapegoated or being a boogeyman. Oh, all these big players are buying up the homes, and that's why you can't buy one. But really, that's pretty overblown. So can you talk to us more about what the institutional entry into the real estate investing space has been like, which really picked up steam after the GFC about 15 years ago?    Robert Helms  9:16   Yeah, it sure did. I think that folks who were managing big sums of money, and the institutional money comes from all kinds of places, real estate, Investment Trusts, insurance, pensions, funds, and then just big old companies that decide to raise money to go do something, and that money saw opportunity said, hey, you know what? This is a short term anomaly, all these prices that went down after 2008 and 2009 and when a lot of mom and pop investors were very hesitant to touch the third rail of buying more property after what they had just been through, these institutions are like that. Institutional money is not very emotional, right? It's just looking at the numbers at the same time where the nuances of institutional funds is that they also didn't have a ton of real estate experience, and so it was quite common for a couple of years that an institution would come in, and they would typically work through local brokers, and those brokers would know the market a bit. But if you could generalize, you would say that a lot of institutions overpaid. But here's the thing, when you overpay in the moment, you don't really notice that in the long term real estate investment that these guys did, it's interesting. I've been to a couple of conferences I go to almost every year that 10 years ago was mom and pop investors. And today it's a lot of suits, not too many ties. They don't send. Tend to wear ties, but a lot of suits, a lot of folks working for various levels of these funds, and they're looking at real estate as an asset class. Now I'm going to argue their real estate's not an asset class like any other, because every share of stock, every ounce of gold, every barrel of oil that anybody buys, is discretionary. You never have to invest in the stock market, in the bond market and cryptocurrency, but you cannot sit out the real estate market. From an economic perspective, I don't have to own real estate, but I'm going to have to interact financially. And so it really doesn't operate like other quote, unquote, asset classes, but I think the big folks did figure out is that there is stability in real estate. There's not the efficiency they would like, and that's a good thing for us. We like inefficiencies in the real estate market, but more and more we are seeing funds being put together, even today, to acquire property. But to your point, and it's an excellent one, you see the headlines and you see the name calling of these big, faceless, nameless corporations. They're buying up all the inventory. They're not it is a drop in the bucket compared to what mom and pops own and will continue to own   Keith Weinhold  11:53    yes, and of course, I'm talking nationally. When I bring up those one two and 3% institutional share numbers, it's going to be lower in some areas, it tends to be a higher proportion of buying that the institutions do in Texas and also in a lot of southeastern markets, like Atlanta, Jacksonville, Charlotte and Tampa. Robert you have a good bit of knowledge and some involvement in the mid term rental market. We're talking about rentals of one to six months in duration. Here, can you talk to us about trends in the midterm rental market?   Robert Helms  12:25    Yeah, it's a fascinating area. You know, back in the day, these would be referred to as corporate rentals, so a corporation might lease an apartment and furnish it, and then they would have different people stay there over the years, so the corporation would be responsible for the lease. I had some tenants like this many, many years ago, and it wouldn't be up to me. It'd be up to them who had the keys at the time. And a tenant might stay six or seven months. A tenant might make four or five weeks their stay. And so the idea was they needed a place for these contractors who would come in and work for a period of time to stay. But hotels were a lot more expensive. Well today you see even the folks who got involved in short term rentals making a decision to invest in people like traveling nurses who come and stay for four to six weeks, or these clients who will come in and work for two months in this location, two months in this location, two months in another location. And so they will simply stay in a short term rental type of property for a longer term. And you know, the most expensive things when it comes to real estate or turnover in vacancy. So if we can get the tenant to stay longer and pay a bit of a premium, these are often furnished units, and they don't have to worry about much. And we've had a few opportunities where what started out as a three week rental turned into a six month rental, because sometimes when they bring these folks on these companies, don't know exactly how long they're going to stay, and it's been a great kind of marketplace. There's a few folks that specialize in it. But my experience is that a lot of the people that have gravitated towards midterm rentals used to be in the short term rental business, thinking they'd rent for one or two nights, and lo and behold, they get a client that would stay for a month, and they'd say, Hey, this is pretty cool.   Keith Weinhold  14:13   Some conversion rate there from short term rentals to these midterm rentals here, as Robert touched on, you do tend to get more monthly rent for a midterm rental than you do a conventional long term rental. You're going to have some experience for furnishing there. But Robert, you bring up a great point. You mentioned traveling nurses. And of course, here as real estate investors, we're often interested in who we're serving and what that demographic looks like. I also think of midterm rental clients or tenants as students in digital nomads, and oftentimes it's a person relocating where they just want to check out a place for a few months before they consider setting down roots in an area with a long term rental or buying their own place. So can you talk? More about the demographic that we're serving there, because oftentimes you want to follow their trends.   Robert Helms  15:04   Yeah, very much. So, you know, today, I think there's a lot of folks that can work from a variety of locations. They do need some things, they need quiet they need a good internet connection, but they will come and go for weeks at a time. And I also think that you see more and more employers looking to contract labor. They have a job to get done. They're not sure they want to bring on a full time employee with all the cost of benefits and onboarding and all that. So they find somebody in the niche that comes in for six or eight or 12 weeks at a time, and they're the perfect candidate for short term rental. But we also see folks that are between gigs. So I might have a six week gig, and three weeks later I have another six week gig, and the three weeks in the middle, I want to go somewhere that's kind of fun to hang out. And so you do see those kind of rentals as well.   Keith Weinhold  15:55   Are most long term property management companies open to managing midterm rentals?   Robert Helms  16:02   Yeah, good question. There are certainly those that are, but I think we're starting to see a specialty on the aggregator side, folks that are reaching out specifically to the kinds of people who are candidates for midterm rentals from the tenant side and looking to accumulate inventory. So that's been kind of a neat thing to watch. So the focus of most property managers, they're hired by the owner of the property. Well, these groups are really their their salary gets paid for by the tenant, and they're able to negotiate on the behalf of some of these groups, you know, a better rate, better terms. They may negotiate some flexibility and the time for these folks that don't know exactly how long they're going to stay, it's an interesting new area of management, for sure.   Keith Weinhold  16:52   Now, of course, we're concerned about a high occupancy rate in midterm rentals, just like we are any type of rental. What does one look for when it comes to advertising platforms. And this could be, you know, going beyond just a well known website. It might be, hey, if you have inroads with the local hospital system, oh, well, can you then funnel some of the traveling nurses, for example, into your midterm rental?   Robert Helms  17:15   Yeah, most definitely, it is a specialty niche, for sure, if you're after a robust rental solution. You know, many people in midterm rentals, like in short term rentals, the vast majority of short term rental owners are not making a killing. They are. They're liquidating some cost of what they consider their second home. So the average short term rental landlord has just one property, and that's a property they bought, probably not as a rental. They brought it as a second home, and they're discovering that when they're not there, they can lease it out, and that pays for some of the costs. But there are obviously a few folks who have cracked the code and figured out which markets and where the best opportunity is, and what size units it takes to maintain a really healthy occupancy, and it's the same for this midterm rental. It's a different kind of tenant. It's mostly not families, so it's not larger units with lots of bedrooms. It's also mostly not your higher end rentals with views of the water or up near ski resorts, it's in the bigger towns where there is employment, and that employment triggers most of the midterm rental business.   Keith Weinhold  18:29   You, as an investor owner, maybe your cash flow negative on your midterm rental or short term rental, however, you might be using it for a few weeks or months yourself and getting back more of the benefit that way you're listening to get rich education. We're talking with the host of the real estate guys radio show, Robert Helms, more when we come back, we discuss short term rentals, including, is there an air be in bust? I'm your host. Keith Weinhold,    hey, you can get your mortgage loans at the same place where I get mine at Ridge lending group NMLS, 42056, they provided our listeners with more loans than any provider in the entire nation because they specialize in income properties. They help you build a long term plan for growing your real estate empire with leverage. You can start your pre qualification and chat with President Caeli Ridge personally, start now while it's on your mind at Ridge lendinggroup.com That's ridgelendinggroup.com.   Oh geez, the initial average bank account pays less than 1% on your savings, so your bank is getting rich off of you. You've got to earn way more, or else you're losing your hard earned cash to inflation. Let the liquidity fund help you put your money to work. With minimum risk, your cash generates up to a 10% return and compounds year in and year out. Instead of earning less than 1% in your bank account, the minimum investment is. 25k you keep getting paid until you decide you want your money back. Their decade plus track record proves they've always paid their investors 100% in full and on time. And you know how I'd know, because I'm an investor in this myself, earn 10% like me and GRE listeners are text family to 66866, to learn about freedom. Family investments, liquidity fund on your journey to financial freedom through passive income. Text family to 66866   Kristen Tate  20:39   this is author, Kristen Tate, listen to get rich education with Keith Weinhold, and don't quit your Daydream.   Keith Weinhold  20:54   Welcome back to get rich education. We're talking about midterm short term rentals and hotels and hospitality with a long time friend of the show here, Robert Helms and Robert a few years ago, there seemed to be this word airbn bust that was beginning to be associated with Airbnbs. A lot of the difficulty in that market. So tell us, what was that all about, and where are we now with industry trends in the short term rental market?   Speaker 1  21:21    Yeah, great question, Keith. What I think happened is the allure of a short term rental, having a beautiful property that people would pay a premium on a nightly rate, sounded wonderful, and it was, and it worked for a lot of folks. But then what happened is, what happens people got the word, they got excited about it, and a lot of people started holding webinars, teaching classes, doing boot camps, and before you knew it, there was way more supply than there was demand. See, the hospitality industry is amazing. The hospitality industry employs 9% of all people in the world and accounts for nearly 9% of the GDP of our planet. Travel is a gigantic industry, and it's led by smart, big, storied institutions. So for folks to come and figure I'll just compete with them with my little apartment didn't necessarily turn out so well. So there was an airbn bust, and it is still lingering today. If you want to make a profit in short term rentals, you absolutely can, but you need to be super strategic. You need to think long and hard about where and what and why and how, because it's very specific. There are certain markets that short term rentals do very, very well, and there's a lot of markets, the majority of markets, where they don't. So as long as you're willing to study and take a look and be realistic and go kick the dirt a little bit, you certainly can get the upper hand. And the reason it's exciting is the average person who owns a short term rental is not professional in any way. They probably don't have too many other rental properties. It's not a big part of what they're paying attention to in their life. And they're simply trying to liquidate some of the costs of ownership. You know, I might rental here or rental there. And the way you can tell Home Away, VRBO, Airbnb, most of the hosts, the owners, make their calendars public, and so it's easy to tell how busy they are. It's amazing to me. I'll look at a marketplace and look at a property and see that month after month after month they're at a six to 8% occupancy, which I wouldn't be excited about myself, but for someone who's got a second home and they don't mind having people stay there for a few nights, they'll pay a premium for that. They legitimately can carve down a lot of their expenses just by renting six or eight or 10% of the time.    Keith Weinhold  23:58   Of course, the conventional guidance is before you buy a short term rental, you're really helping yourself out. If you have to fall back on turning that into a long term rental, it would cash flow. But of course, now you're really narrowing your criteria in what is going to work there. And Robert, when we talk about that demographic that we're serving, we touched on that in the midterm rentals. Who are we serving in short term rentals? I think conventionally, we think about vacationers and business travelers   Robert Helms  24:24   it's both of those things. I think that originally, people were certainly inspired by the vacation traveler who wanted to have a little more privacy, maybe their own kitchen, maybe a little more space for the dollar. And we still see that for a family, especially a family with small kids, staying at a hotel, ordering room service, eating in the restaurant, all that adds up. And if instead you can go to the grocery store and make breakfast at home, right, you can save the costs. And so there is definitely that clientele, but you also have people in short term rental that are visiting family. They're not really on vacation. In there, just going to an area for a short period of time. We see people that criss cross the country staying in short term rentals, two nights here, three nights there. And so it does have kind of a wide variety. A lot of the markets are very seasonal. Though. There are markets like Branson, Missouri that does really good at some parts of the year and not as well as other parts of the year. Then, of course, there's year round markets. So back to if I'm thinking about it with an investor's hat on, I want to be a little more specific, in particular about what and where I buy. But if I have single family house as my second home, maybe it's in a ski area, maybe it's in a beach area, and it's fairly expensive to maintain. Well, then considering renting it out on a short term basis might help the overall cost of maintaining that property.    Keith Weinhold  25:52   You know, my own personal experiences really started to get bad in short term rentals, when I would go stay in a place. And I think we've all seen those memes out there about, my gosh, I had to wash all the dishes and walk the owner's dog and still play some exorbitant cleaning fee. I think we've all kind of grappled with that at some point, but STRS are still a really viable investment for the majority of the operators. But yeah, Robert, most of my experiences in short term rentals recently, including showing up at a place where they had not done the turn. The cleaning person did not stop by. And, yeah, okay, they came over there properly. But it's like, you cannot unsee the mess that was left there before you were there. So I had a series of experiences lately that have actually steered me into staying in hotels more often. And hotels really fit my lifestyle pretty well. I like to work out at a gym. I like to have a gym on site. It's convenient to have a restaurant on site and so on. And you've been in the hospitality and hotel space serving that for a while. Why don't you talk to us about industry trends in hotels.    Robert Helms  27:03   Yeah. So travelers, to a great degree, love consistency. They want to be able to rely on cleanliness, on amenities, the very things you mentioned for sure. And so hospitality has a wide range, right? There's the lower end airport hotel where nobody stays more than a night, and it doesn't have a lot of amenities, and then there's the beautiful resort properties and everything in between. But what the hotel industry has done a good job of is providing a consistent experience, and that's what people crave more than anything else. You know, we would call a short term rental more of a unique or boutique or co chair kind of experience, and you don't know what you're going to get. You don't have that consistency. Some folks don't mind that, but for the majority, especially of business travelers, they want to know what they're getting. I can remember years ago, my sister wanted to take us on a family vacation to Maui. It sounded like a good idea. And then she was the one tasked with finding us a place, and decided we would stay at the Ritz Carlton and I looked at the Ritz Carlton website and said, Ah, you know, this is not exactly where I would probably stay in a she's a chiropractor. She says, in order for me to take a week off work, I'm losing $10,000 of the business. I'm not staying in some cheap hotel. I want to stay in a luxury hotel. And we did it, and it was fabulous, and I would stay again. So the point is, if you want to be able to work out, if you want to be able to have 24 hour room service, if you want grab and go that you don't have to walk outside in the cold or the heat, then hotels make a lot of sense, and it's not an either or. They're just both elements in hospitality. I would consider a short term rental property, a hospitality property, and I would consider a 1200 room, four and a half star hotel hospitality property as well.   Keith Weinhold  28:58   Sure. Of course, hotels aren't monolithic. There are so many different types. You might have a boutique hotel with a few dozen rooms to a large scale, something like you've been involved in. You've been in a large scale, ground up development for a hotel. And I don't know if you had a hope when you built your large hotel that a big chain like a Hilton or Marriott would buy it from you, or would brand it along with you. But that branding and that consistency of experience can be really important. That's something we especially associate with those larger hotels. So we have some of these things in mind. I mean, where does a new prospective hotel investor begin?   Robert Helms  29:40   Yeah, it's pretty difficult to get started, because the properties are big and expensive and risky upfront. So there's a terminology we use the hotel business, which is stabilization. And stabilization is when a hotel gets to the point where it's doing about the occupancy and rate that you would expect. Respect it too long term, and that might be anywhere from two to four years. Well, in the first year, boy, there's hardly anybody there. We have a 300 plus room hotel, and the first night we were open, we had two guests and 160 employees. So you don't have to be a rocket surgeon to figure out that that math doesn't work very well. Nor did it for the first month or the first year. Today, I'm happy to say it works a lot better, but you have to have patience. Now, there's a couple of ways you can get involved. Certainly, a smaller a boutique hotel. I stayed in a hotel a couple months ago that only had eight rooms. It was marvelous. And I thought, boy, you know, probably an individual owns this, but most of the hotel properties are owned by groups or syndications, and so that's another way to get exposure to hospitality. There's some things to love about hospitality, and to me, one of the same things I love about single families is you can find professional management, like folks that really know what they're doing, and create that guest experience that was perfectly possible for someone to buy a single family home as a rental. Maybe it's in their own town, and they want to manage it themselves. And you know, maybe at first that's a good idea, so you can figure out the game you've chosen, but ultimately, you want to hand that off to a professional, in my opinion. And in hospitality, like in multifamily, you have to, you have to have somebody come in with chops to be able to take care of it. And then there's the nuance of franchise which there are hotels that are just independently owned and operated. And then there's franchise hotels. And just like buying a franchise business, you pay a little more, but you get a lot. You get all the systems and the service and the training and the marks, and many cases, you get a big, dynamic engine that brings leads and fills your heads in your beds, which is what the metric we're interested in, in hospitality. And so when we started with thinking about it might make sense, the market we were in had no branded hotels, and we thought, Well, should we be the first? And after doing a bunch of research, I came to the conclusion that, well, it's going to cost something, and there's going to be a benefit, but I don't see it the benefit outweighing the cost. And we decided not to and then, lo and behold, through a strange set of circumstances, today, we are a branded hotel, and I'm thrilled about it. In hindsight, it was the right thing to do, but do understand that most real estate investors that I know are not going to qualify. It's pretty difficult to get a franchisee agreement with one of these hotel brands. You have to have some wherewithal, some experience. They're going to look at your assets and your balance sheet. They're going to look at more than you can imagine to make sure that you're worth betting on, that they'll put their story name on the outside of your hotel. But it does bring up another point in hospitality, which is there's just multiple streams of income in hospitality. I saw a study last year that showed that in the upper resort markets, the fancier hotels and markets you might go to that the average person whatever they spend on their nightly rate in the hotel, they spend 80 to 85% of that per day on all the other things associated with their stay. Now, some of those are going to be off campus, but the more that you can provide to the guests you've already brought onto the property, the more profitable it can be,   Keith Weinhold  33:25   from resort fees to valets and more. Yes, there certainly is plenty to add on there. Maybe the last thing in hotel investing is, if someone wants to get started, what should they even be looking at, as far as say, understanding some of the metrics, like rev Park. Can you give us a quick walk around that?   Robert Helms  33:45    Yeah, so  if you're used to investing in apartment buildings or single family houses, you've probably seen the basic income formula. You know how to calculate for loss to lease and maybe vacancy and those things. Well, there's just a few more intricacies when it comes to hospitality, but it's not that difficult if you just think that you're renting every night instead of every month or every year, and instead of having my turnover be one tenant every two years, it's one tenant every four days. There's just a lot more to pay attention to. And so the most important metrics in the hospitality industry are obviously occupancy, how many nights our rooms are occupied? And then ADR, which is average daily rate, and that is the rate for a particular unit type on average over some period of time, typically a year. And if you were to multiply occupancy times average daily rate, that gives you a revenue per available room or RevPAR. RevPAR can be affected, and it's the primary metric that we drive to in the two ways, you can increase occupancy to increase your RevPAR, but in many cases, you don't need to increase occupancy if. The market will allow you to raise your average daily rent. We've just gone through in the last year that our occupancy is down about 2% for the year, and our average daily rate is up more than 16% so the math works that follow me on this with slightly less wear and tear on the units our owners are making more money. So it is a balance. It's not like I want maximum occupancy. Well, not necessarily. Hardest thing to manage for any hotel is a sold out night. Sounds like a good idea, but you have no wiggle room, whereas when you've got even 3% vacancy and something goes wrong in the middle of the night with somebody's unit, you can get them moved somewhere down the hall, not somewhere across town. So I would say there are some really great resources. If someone's interested in hospitality. There's a big company called the hotel valuation systems, HVs, and they have a lot of great tutorial information available if you're really interested. Go to a conference, a hotel conference, and you'll pick up the lingo pretty quick and meet some of the folks that are in the business. It is, historically, one of the highest return properties, but also a lot of high costs, and again, expect some negative cash flow at the beginning.   Keith Weinhold  36:18   Yeah. Well, it was great. And you brought up something that I had not thought about before, about how 100% occupancy could actually introduce problems in the hotel space. And of course, there are a number of other things to consider, surge pricing, high seasons, low seasons, an awful lot that we don't think about when we're renting out single family homes one year at a time. Well, Robert, that's been a great walk around talking about the institutional space, midterm rentals, short term rentals and hotels, and you and I have a great collaboration coming up together. Why don't you tell our audience about it?   Robert Helms  36:55   Oh my gosh. I am so thrilled that you'll be joining us again for our 23rd annual Investor Summit at sea. This event we do once a year, and by its name, you can probably tell that the majority of it happens on a cruise ship. We spend two days in beautiful Miami at a great hotel, then we jump on a luxury cruise ship for seven days. On the days that we're at sea, it's workshops and seminars and panel discussions and round table lunch discussions and all kinds of fun. And on the sea day, on the land days, we go have a good time together. It's extraordinary. You've been with us before, and I'm super excited to have you back with us on faculty, and excited that we're going to get to brainstorm a little bit with a couple other podcasters. So some of the OGS are going to be on this particular summit.    Keith Weinhold  37:43   Yes, it is June 20 to 29th this year, where we spend the first two days on land in Miami, and then we spend a week cruising to the Bahamas, St Thomas in St Martin. We're doing it on a beautiful ship, the celebrity beyond. So as one of the faculty members, you'll get to see me do a 50 to 60 minute presentation, a couple of lunch, round table discussions. I might be on a panel or two, and also host a table for dinner each night where participants like you rotate around at the tables, and that way you get to chat directly with most or all of the faculty members. That way. Yes, Robert, I was there in 2016 as an attendee. It's great to finally come back as a faculty member. I will be putting the second pepper on the necklace.   Robert Helms  38:29   All right. Well, it's gonna be a ton of fun. And the great thing about it is we have people from all over the world that come and you get in these awesome conversations. You know, you go to a one day or two days seminar, and you get to connect with some people, but boy, and this week, you're going to have a chance to meet all kinds of folks. And the faculty is amazing. Our mutual friend Ken McElroy will be back with us for his 12th year. Peter Schiff's going to be back with us again. We've got the George gammon coming. Brian London, who runs the New Orleans investment conference that you and I usually rub shoulders at, and ton more, just a really great time. And if you're serious about collapsing time frames, you can get more done in nine days on the Investor Summit that you can probably get of two years of just haphazardly going to conferences and watching webinars and listening to podcasts   Keith Weinhold  39:18   you will see what we mean if you attend, about putting a pepper on the necklace and what that is all about. I can tell you from attending in 2016 just one previous appearance there. It is the greatest real estate event that I have ever attended. It's really immersive. It's really fun. Of course, you get off on these ports, and there's a beach component to it as well. It's not a low cost event, but as I like to say, it's not cheap, but neither are you.   Robert Helms  39:50   It is an investment, that's for sure. I think it's important that you approach it that way, right? As investors, we demand a return. On our investment, and you should do that on the summit. Don't just show up and have a party time. That'll be great. It'll be fun. But be strategic about who you want to meet, who you want to hang out with, and who you want to learn from. The faculty is like no other. We'll have at least 15 faculty members. There's a couple more that we're working on, whose names you would know, but we are not ready to announce yet, but it's going to be so much fun. Oftentimes, the best people you meet, you meet at dinner, or you meet at the beach, or you meet out on deck. So we'd love to have you join us and tell you what, if someone is listening to your show, Keith, and they would love to have dinner with you. All they have to do is let us know that when they register say, you know, I want a chance to have meal with Keith, and I think we can make that happen.    Keith Weinhold  40:45   Oh, that's great. And, you know, Robert, it's rare. It's the type of event where, even though it's been nine years since I was there, you developed such a close kinship with the like minded attendees that, you know, I might see a some of it's a Facebook friend now, you know, Steve or Dave or something. And I'll always remember, oh yeah, I met Steve on real estate guys Investor Summit to see it's almost like a relationship you would have with, like, a long ago high school classmate, to be around each other for nine days and all these places. It just kind of brings this different element to it. You can learn more at Investorsummitatsea.com, and get registered there. You can see my smiling face in the faculty section along with the other faculty members. Remember, it's really about all the other people that you meet. You have any last thoughts about the terrific Investor Summit at Sea Robert?   Robert Helms  41:36    I would just say that in life, we tend to regret the things that we don't do a lot more than the things that we do. So get on board. You'll have an amazing time. No matter how great we say it is. It's better than that. It's like summer camp for the affluent, summer camp. As a kid, you didn't want to go, you weren't sure, and by the end, you were lifelong buddies. It's like that. It's investing on steroids. The photo ops are amazing, and you'll meet super cool people, plus you'll get the hangout with Keith and I. So I would say join us for the 23rd annual investors Summit.   Keith Weinhold  42:14   There's wisdom out there that says you should say no to more things in life, and in one tranche, that makes sense, and you also need to say yes to more things in life that fits the category. Here with the Great Investor Summit at Sea I really anticipated. It's one of my biggest events of the year. And Robert, it's been great having you back on the show.   Robert Helms  42:35   Thanks so much, Keith, and appreciate your listeners. Listening in today. Don't quit your Daydream    Keith Weinhold  42:42   Well, said.   Next week on the show, we talk about how to streamline the operations at your rental properties. Is it better to own rental property with, say, two bathrooms rather than one, or is that just another faucet that can leak and shower that can leak and toilet that can clog, and the pros and cons of allowing your tenant to have a pet in your rental unit, it's those sort of operational things and more that we help you improve next week right here on The GRE podcast, it's interesting about investing in a hotel to such a large scale that you can court major franchise branding, like with Hilton, Marriott Wyndham or Hyatt, which Robert has successfully done. And I have visited that property of his with him in person, and it's amazing what he's done there. And you know something, I have rarely met an American, or any global resident that is averse to staying at a branded hotel. I mean, that only seems to be an attractant. Now in the US, some people, they used to dislike franchise restaurants. I even remember people saying, Hey, we don't need another chain restaurant in my town. But I've never seen people scorn chain hotels and today, I mean, in the here and now, people seem to want both franchise restaurants and hotels. I mean today, you're more likely to hear something like hey. When is our town getting a Chick fil A? Why don't we have one yet? And of course, there is plenty of opportunities in these shorter term stay spaces without ever attracting a branding deal, major thanks to the terrific Robert helms today for his keen insight on shorter term rental real estate. This event, June's investor summon at sea is such a good time, and Robert really knows how to host it and make sure you have a good time. After doing it for more than 20 years, it is a rich, immersive experience with people, places, learning and. And relationship building. It's the type of experience that you just can't get from an Instagram reel. It does draw attendees worldwide, although most attendees were from the US when I was there that one previous time. When you register, if you want to make sure that you get dinner with me, let them know, and we'll make it happen, because we know that you haven't heard enough of my voice every single week for more than a decade now, right? In my opinion, it is the crown jewel of world real estate investing events start at Investorsummitatsea.com until next week. I'm your host. Keith Weinhold, don't quit your Daydream.   Speaker  45:46   Nothing on this show should be considered specific, personal or professional advice. Please consult an appropriate tax, legal, real estate, financial or business professional for individualized advice. Opinions of guests are their own. Information is not guaranteed. All investment strategies have the potential for profit or loss. The host is operating on behalf of get rich Education LLC, exclusively.   Keith Weinhold  46:14   The preceding program was brought to you by your home for wealth building. Get rich education.com  

Project entails 32 units for performers Hudson Valley Shakespeare on Jan. 16 received approval to construct a residential compound for performers and guests that it says will eliminate the expense of housing actors at Fishkill hotels. After a three-month review, the Philipstown Planning Board approved five buildings that will form an L-shaped compound on the 98-acre property off Route 9. HVS anticipates the 32 units will be ready by the summer of 2026, about six months after the anticipated completion of Shakespeare's new open-air theater. Four buildings - two-story cottages totaling 1,000 square feet each - will have two separate bedrooms with a private bath on each floor, a kitchen and living area off the entrance and 100-square-foot porches. An additional 16 one-bedroom units with kitchens and bathrooms will be contained in a "barn" building with a 1,300-square-foot porch and a common kitchen, dining area and laundry. Under town law, performers cannot occupy the units for more than nine consecutive months. They will also be subject to quiet hours between 10 p.m. and 8 a.m., a restriction included in the Planning Board's approval in July of the organization's master plan for the property. During its offseason, HVS can rent the units to guests for stays capped at one month. Adam Stolorow, a representative for the project, said those lodgers would likely be guests attending weddings at Shakespeare's property, which includes a banquet hall, restaurant and eight-room inn. Hudson Valley Shakespeare held a groundbreaking in September for Phase 1 of its master plan, the hub of which is the hilltop Samuel H. Scripps Theater Center that honors the former lighting designer and performing arts patron. That 13,850-square-foot structure will seat 500 and be the first purpose-built theater in the U.S. with platinum certification by Leadership in Energy and Environmental Design (LEED). It will have a green roof, solar panels and rainwater capture and be constructed of low-carbon materials. Since 2022, the festival has been staging its plays in a seasonal tent elsewhere on the site. Phase I also includes a back-of-house facility for actors and technicians, and concessions and bathroom pavilions. The plan allows for 12 additional housing units in a northeast section of the property. During the September groundbreaking, HVS said $50 million in private and public funding had been raised for the theater, ecological restoration at the property and financial reserves, with an additional $8 million needed for the lodging. A month later, Davis McCallum, HVS's artistic director, said a $10 million state grant for the theater and other funding had closed that gap.

Would house costumes, sets and theater classes The Philipstown Depot Theatre has proposed building a two-story facility on town-owned property on Route 403 for costumes and prop storage, set construction, rehearsals and theater classes for high school students. The project, introduced to the Planning Board on Dec. 19, would include public restrooms, and the theater would donate the 3,675-square-foot building to Philipstown and lease it for 40 years. Its classes would cover stage direction, costume, lighting and set design. Stephen Ives, the Depot board president, said the structure would consolidate "scattered" operations. Its costumes are "wedged into a room" at the Philipstown Recreation Department on Route 9D; props are kept in "moldy, mildew-infested" outdoor containers; and the scene shop is "jammed into a garage" at Winter Hill, he said. Larger props are stored at the town dump on Lane Gate Road. "That's been a huge handicap for the theater to try and operate efficiently," said Ives. He said the theater hadn't found a suitable building to renovate. Because the property is within the Scenic Protection Overlay District, evergreens would be planted as screening along Route 403, said Margaret McManus, an engineer with Badey & Watson. Six parking spaces would be created in front of the building, she said. Water would be supplied from a well the town dug for the Garrison Landing Water District before determining it was inadequate. The theater would install a septic system. The Open Space Institute donated the property, which has frontage along Route 9D, to the town for recreational use. A conservation easement allows for a storage structure of up to 4,000 square feet and 25 feet high. The nonprofit "has some issues" with the project because it is "slightly too high, slightly too long and the use is not purely storage," said Ives. "We are in conversations with them about trying to align with their easement." Ives said the Philipstown Town Board has endorsed the project for fundraising purposes. The Planning Board scheduled a site visit for 10:30 a.m. on Jan. 5. Shakespeare housing The Planning Board closed a public hearing on Hudson Valley Shakespeare's application to build a 32-bed residential compound for its performers and will consider a resolution granting conditional approval at its Jan. 16 meeting. HVS wants to construct five residential buildings forming an L-shaped compound in the northwest section of its 97-acre property at the former Garrison golf course. Four of the buildings - two-story cottages totaling 1,000 square feet each - would have two separate bedrooms with a private bath on each floor and a kitchen and living area off the entrance. Joe Regele, a Philipstown resident who was one of several people who spoke during the hearing, asked how the housing would be used when not occupied by artists. Town law would prohibit artists from occupying the housing for more than nine consecutive months, and during its offseason, HVS would be allowed to rent the units for stays of less than a month. Any offseason lodgers would probably be guests attending weddings at the property, said Adam Stolorow, a representative for the project. In its application, Hudson Valley Shakespeare said it wants to build the residences at the same time it is constructing a theater complex so they would be ready for the 2026 summer season. With 12 fewer units than the 44 approved in the master plan, the impacts will be "either the same or less as what was previously studied," Stolorow told the Planning Board at its October meeting.

Nach einer Woche Unterbrechung hat die Bundesliga am letzten Wochenende wieder Fahrt aufgenommen. In dieser Folge widmen wir uns jedoch vornehmlich dem Geschehen im Unterhaus. Die 2. Liga ist momentan um ein Vielfaches spannender, die Beletage. Nur 6 Punkte trennen Platz 12. vom Tabellenführer und somit gibt es in fast jedem Match ein Duell auf Augenhöhe. Unterdessen hat der HVS mal wieder den Trainer getausch. Auch mit Steffen Baumgart läuft es nicht rund und die Verantwortlichen haben offensichtlich den Glauben an den Aufstieg mit dem (Ex) Übungsleiter, im 8. Anlauf, verloren. Während der Spielpause fand auch die Mitgliederversammlung bei der Hertha statt. Was sich dort für ein Spektakel abspielte, wird in dieser Folge besprochen. Nur so viel: Der Quatsch Comedy Club kann einpacken! Über die 1. Bundesliga ist im Grunde alles gesagt, wenn das "El Plastico" das beste Spiel des Spieltages war. Leider haben wir dieses Jahr mal wieder eine Saison die an Höhepunkten vermissen lässt. Nur gut das der "Meister der Moral" der FC St. Pauli von sich reden macht...

Hopes to build 32 residences for seasonal performers Hudson Valley Shakespeare has applied to the Philipstown Planning Board to begin building a 32-bed residential compound for its performers, who have been housed at a hotel in Fishkill. Adam Stolorow, an attorney for HVS, and architect Susan Rodriguez introduced the project to the board on Oct. 17, years earlier than anticipated in the master plan approved for the theater organization in July. HVS, known until a rebranding this year as the Hudson Valley Shakespeare Festival, broke ground last month on the first phase of its new home at the former Garrison Golf Course, an open-air theater with concessions, bathroom and back-of-house buildings. The nonprofit had said that actor lodging would follow in five to 15 years. Instead, HVS would like to begin construction in 2025. Davis McCallum, HVS's artistic director, said on Tuesday (Oct. 22) that a $10 million state grant for the theater, along with other funding awards, has helped the organization close the gap in a fundraising campaign for actor lodging. During a groundbreaking ceremony in September, HVS said $50 million in private and public funding had been raised for the theater, ecological restoration at the property and financial reserves, with an additional $8 million needed for the lodging. "We're still diligently raising money to make the artist lodging possible, and won't be in a position to proceed until that effort is successful," he said. In its application, HVS wants to start building the residences as the theater complex is being constructed and have performers occupy the units for the 2026 season. With 12 fewer units than the 44 approved in the master plan, the impacts will be "either the same or less as what was previously studied," said Stolorow. In place of hotel rooms, actors would spend the festival's season living in one of five residential buildings forming an L-shaped compound in the northwest section of HVS's 97-acre property. Four of the buildings - two-story cottages totaling 1,000 square feet each - would have two separate bedrooms with a private bath on each floor, and a kitchen and living area off the entrance. An additional 16 one-bedroom units with kitchens and bathrooms would be contained in a fifth "barn" building totaling 2,500 square feet. Attached to the building is a common kitchen and dining area, along with a laundry room. Set among existing and newly planted trees, the buildings would have gray metal roofs and natural wood siding, said Rodriguez. "They all have porches and a connection to the natural environment," she said. Philipstown law would prohibit artists from occupying the housing for more than nine consecutive months. During its offseason, HVS would be allowed to rent the units to guests for stays of less than a month. Sen. Charles Schumer visited Philipstown in August to announce a $1.5 million federal grant for the outdoor theater, which will be the first purpose-built theater in the nation certified LEED Platinum, the highest rating for sustainable design. It will have solar panels, a green roof, natural ventilation and rainwater-capture systems.

Roninbasics.com | Protect yourself from the harmful effects of modern technology.  Welcome to The Adams Archive, where we uncover the hidden truths that shape the world you live in. Hosted by Austin Adams, this podcast digs into real government documents, directives, and secretive policies that influence your life in ways most people don't realize. From domestic surveillance to military power, we expose how these institutions quietly expand their control under the guise of "national security" and "public safety."   Summary: At The Adams Archive, we break down complex issues and provide you with the facts that the mainstream avoids. Each episode analyzes real documents and events that expose how governments and corporations work behind the scenes to control narratives and limit your freedoms. With a focus on newly released government directives, we help you understand how these policies affect your everyday life—and what you can do to stay informed. Government Surveillance Explore how government surveillance, particularly through the Patriot Act, has expanded its reach to monitor average citizens. We break down how AI-driven technology and new legislative tactics allow institutions to categorize dissent as "extremism." Learn how speaking your mind could land you on a domestic watchlist. Election 2024: DOD Directive 5240.01 & DHS Homeland Threat Assessment This episode takes an alarming look at the DOD Directive 5240.01, which authorizes the US military to use lethal force on civilians during times of unrest. Alongside the DHS Homeland Threat Assessment 2025, we reveal how these new policies target domestic threats and set the stage for unprecedented government control as the 2024 election approaches. Weaponized Policies We expose how policies designed to protect have been twisted to suppress rights and civil liberties. Learn how new directives allow for military intervention during civil unrest, and how these powers could be used against citizens. This isn't just about national security—it's about control. Tech & Disinformation Discover how AI is used to manipulate information, control global narratives, and spread disinformation. Governments and corporations use these tools to shape public opinion and stifle dissent. We break down the role of emerging technologies in this dangerous new frontier. Call to Action: Don't miss out—subscribe to The Adams Archive today to stay informed on the topics that really matter. Follow us on YouTube, Substack, and social media to dive deeper into each episode. Your support means everything—together, we can uncover the truth behind government policies and safeguard our freedoms. All the Links: Access all our platforms here: https://linktr.ee/theaustinjadams ----more---- Full Transcription   All right, so if we go down to 3. 4e in this document, it talks about the use of deadly force. And it's essentially what you would expect. If there's an imminent danger, or if he or she is not for a moment pointing a weapon at a person, for example. So even if you're not pointing a weapon at them, he or she has a weapon within reach, or is running for cover carrying a weapon,  they can shoot you.  Civilians. So if you're, I don't know,  open carrying,  and they think that you pose any type of threat, they can just shoot you.  Civilians, the military,  during civil unrest, right?  DoD recognizes and respects paramount value of all human life if less than valuable or less than deadly force can be reasonably expected to accomplish the same result without reasonably increasing the danger to armed DoD personnel.  Deadly force is justified when there is a reasonable belief  that the person,  the subject of such force, poses an imminent threat of death or serious bodily harm to a person Or under the circumstances described in the 3. 4e. So essentially what it's saying is  any and all circumstances, if you have a weapon, if you're open carrying, which you have the right to do,  or even if you're concealed carrying and somehow they know that you're holding that weapon or have that weapon in the vicinity of you, they could shoot you if they think that you pose any type of threat,  you know, the laws that were designed to  be weaponized against our enemies.  is now being weaponized against us. So if we go to the document that I'm talking about now, right? So we have those two DoD directives. We understand that. But this is also something I want to point and draw your attention to is, and this is the last thing of this document, then we'll move to the actual National Terrorist Advisory document,  which is the USD and I and S approval. So it says, so this is how they actually get the soldiers. This is the approval process. Um,  if the requested personnel exceeds 20 people,  then you have to But if it's less than 20 armed military soldiers authorized to use deadly force, you don't.  You don't.  Within the United States of America.  Or, if the duration of the requested  assistance exceeds 30 days, so you don't even need approval. If you get 20 soldiers for 29 days,  You don't even need a DOD approval. You don't need to have the Secretary of Defense  approve the request. You can just go right around them. Go to the military. They'll send you 20 soldiers for 29 days. And then you can request it again for another 29 days that are authorized to use lethal force on civilians.  Now let's see who they're concerned about, because that's what the DECCS document talks about, or Concerned about, but who, who they're going to start to say poses a risk, right? Now, this document isn't just about that. This talks about foreign foreign enemies as well, and some election interference from Russia and China and what these people are trying to, this isn't just about American citizens, but a large portion of it is  a large portion of it is.  All right,  let me go ahead and switch this here. So you guys can watch  what I'm looking at.  Not that.  All right. So  here we go. Here's your document.  Now, if you're on YouTube, you can follow along and actually look at this with us.  Uh, let's make that a little bit bigger for you.  Okay,  here we go.  Here is the document office of intelligence  and analysis,  Homeland threat assessment, Homeland security 2025. All right. So here is your table of contents talks about the border talks. There's the executive summary.  Um, but let's go down and look  at some of the stuff that I have outlined here. Um, now if you want this document, I'll send it to you. Uh, head over to my Instagram, I'll be posting some videos of this.  And there'll be a keyword that you can comment that I'll send you both of these.  You can also just look up the name of the document on Google and find it yourself, but yeah.  Alright, so it says public safety and security. Alright, this is page one.  It says over the next year, domestic and foreign violent extremists, the harmful effects of illegal drugs in adversarial states, seek to exacerbate our divisions, as well as silence criticism for diaspora communities, will pose a threat to public safety and security on the homeland. Specifically, we expect the threat of, threat environment in the United States over the next year will remain high due to a confluence of factors. These factors include violent extremist responses to domestic, socio political developments, and the 2024 election cycle.  Concurrently, adversarial states are Intent on sowing distrust in our institutions, as well as confusion and division in our communities through their maligned influence campaigns, with some actors seeking to boost these efforts during the 2024 election cycle.  These state actors will violate our rule of law and undermine freedom of speech in their efforts to suppress dissidents living in the United States.  So what, what it's, What the conversation is that they're having there is like, Oh, it's these violent extremists. It's these foreign adversaries. It's these terrorists out there. And over here,  terrorists that are sowing dis sowing, uh, distrust in our institutions. No.  No, you know, what's sowing distrust in our institutions, the lying  that's happened over the last four years, you know, what's sowing distrust in our institutions, the continued corruption, and the continued crossover between corporatism and politics, you know, you know, what's sowing distrust in our system, how almost every single one of the high level people in our our government right now are going to find themselves a high level executive position at the organizations that funded them, whether they're foreign or international. Or domestic to use their terms,  right? They're going to, their son's going to be on the Chinese energy board or Ukrainian oil board. Oh yeah. Look at Biden and Pelosi and all of these, these individuals who are powerful, powerful people in our government who have their children on the boards of foreign companies that are state run companies.  By our adversaries. Maybe that's what's destroying this, this, this sowing distrust in the institutions. Maybe it's your lack of response to the  terrible situations that it happened in Lahaina or in North Carolina or in Florida.  Maybe it's your lack of care surrounding the inflation that's happening. Maybe it's one of those things. Maybe that's what's sowing distrust is that you're distrustful.  Not the fact that foreign and domestic violent extremists have thoughts on political ideologies.  So  there's that summary. Let's move on.  Um, so it says that, uh, and actually we should probably go to the bottom here because what, one thing that I found to be unique in this document is that they, in the national advisory, the national terrorist advisory bulletins, they used to say the full words.  What you'll find in this document is they use all of these acronyms to try and make it so that you can't screenshot this and post it without context. So, So what you'll see is there's these DVE, the HVEs, the FTOs, the,  all of these specific  acronyms. So I'm going to show you first what those acronyms mean, and then we'll go back to the portion that I just had up there for you.  And here they are. Okay. Definitions and contextual notes. An FTO is a forest, uh, forest, is a foreign terrorist or terrorist organization. So FTO, foreign terrorists.  DVE.  Domestic violent extremist. Okay. So let's look at the definition of that, which it says is an individual. So a domestic violent extremist, a DVE is an individual based and operating primarily within the United States or its territories without direction or inspiration  from a foreign domestic or foreign terrorist group or other foreign power who seeks to further political or social goals wholly, or in part through unethical law or unethical acts, unlawful acts. Oh my gosh. I'm sorry. Early in the morning, unlawful acts of force or violence, the mere advocacy of political and social positions, political activism, or use of strong language and rhetoric or generalized philosophic embrace of violent tactics alone does not constitute violent extremism. It may be constitutionally productive, maybe. Oh, you don't you think that the advocacy of political and social positions or political activism or use of strong rhetoric.  Yeah, that is absolutely protected under the Constitution.  Maybe constitutionally protected. DVEs can fit within one or multiple categories of ideological motivation and can span a broad range of groups or movements.  INA.  Utilizes this term synonymously with domestic terrorist.  So your, the mere advocacy may be constitutionally protected, but we're still going to label you as a violent extremist, and they may still use the word domestic terrorist.  So, this is important when we go back and we look at the conversations that we're having. Now, when we look at HVE, HVE is homegrown violent extremist. It's a person with, of any citizenship who has lived or operated primarily in the United States or its territories who advocates, is engaged in, or is preparing to engage in ideologically motivated terrorist activities, including providing support to terrorism. In furtherance, Of political or social objectives promoted by a foreign terrorist organization. Um,  but is acting independently of direction by a foreign terrorist organization.  HVS are distinct from traditional domestic terrorists who engage in unlawful acts of violence to intimidate civilian populations or attempt to influence domestic policy without direction or influence from a foreign act.  Okay. So they're saying these people have opinions, right? They haven't the word violent violence. is not in any of these things. Like there's, um, who engage in unlawful acts of violence to intimidate civilian populations. Okay. So there's one mention of violence  throughout that entire definition. You do not have to be violent. You do not have to be extremist. You have to hold an ideology that they don't like, which may be constitutionally protected to fall into one of these two categories.  Now it also defines, it also defines conspiracy theorist.  Or a conspiracy theory.  So Homeland Security defines a conspiracy theory, which is defined as a subset of narratives in which the ultimate cause of an event is believed to be due to a malevolent plot by multiple actors working together or as an effort  to explain some event or practice by reference to the event. To the mechanizations of powerful people who attempt to conceal their role, or at least until their aims are accomplished as per the national counterterrorism innovation technology and education center, a DHS center of excellence. DHS does not hold a position on the veracity of the claims associated with these theories.  So what they're saying is if you believe. There's any number of group of people who is trying to conceal their identity  that has worked together to cause an event that is a conspiracy theory.  And we can write you off and we can put you into a document where we can now put you on a list.  Crazy. This is their definition of a conspiracy theory. So if you hold the belief that any number of people, three, four, five powerful people  did anything to cause an event  and then tried to conceal their position during that event, which has happened multiple  Always, forever, in history, in every event,  then you are now considered a citizen. A conspiracy theorist.  And now that becomes important, right? This isn't just conspiracy theory in your bio, right?  Uh, this is important because then they can utilize this document and say, here's how we're going to weaponize the department of justice against you.  So now that we have that background, let's go back up to the document.  All right. So.  Terrorism.  So it says that foreign, so there's some foreign stuff or some domestic stuff. I'm just going to walk you through line by line in the document. Um, some of the foreign stuff, it says foreign terrorist organization inspired homegrown violent extremists. So inspired by terrorists, but homegrown will remain high,  right? So homegrown violent extremists. The threat will continue to be characterized primarily by lone offenders or small cells motivated to violence by a combination of racial, religious, gender,  or anti government grievances, conspiracy theorists, and personalized factors. We are particularly concerned about the likelihood of violent motivation by developing domestic and global events,  including the 2024 election cycle and the ongoing Israel Hamas conflict. So what you have to notice there is when they say conspiracy theorists. And then they say the election cycle, right? If you say anything about the election, not being fair.  not being right, not being accurate,  you can now be a labeled a homegrown violent extremist, because that can be tied to some bigger plot, even if you have no violent actions,  because what you have to understand about the document and why this document is important is because what they're essentially establishing is the ground rules for their organization,  the ground rules for if you say this, right, if you say this thing,  if you say this,  We think you're going to this. So we're going to do this, right? If you do, if you think they're say this,  we think that you're going to do this. And so we can do all of this to stop you, even though you didn't do any of it yet,  preemptively or reasonable belief, right?  Words are important.  So when you understand that they're, they can use any, anything within their power, if they can  Label you as this DVE or HVE, the Domestic Violent Extremist, or Homegrown Violent Extremist. The second that you say anything about one of these things, right? Global events, like the election cycle, right? Talking about things like conspiracy theorists, where people plot to do bad things, like they always have.  gender ideology, racial,  political, right? I like how they include gender in there. Like, oh, okay, let's use the Department of Justice and lethal force to protect the trans people because their sexual kinks want them to dress up.  All right.  Moving on, a number of violent extremists embrace multiple, sometimes competing motivations, challenging our ability to identify their political, their potential targets in advance because their pre attack statements online are often unrelated or only loosely related to the targets they ultimately choose. So what they're saying there is  If you're say anything about anything that we don't like, we can then correlate it back to this entire list of things and say that, oh, because you say you don't agree with women in men's sports, you're now going to enact in a terrorist attack on Jewish populations,  right? So if this, then this, so we can this. Right? If you say something about gender ideology, we believe that you fall into this potential category to do some Jewish violent, or attack on, violent attack on Jewish groups. So we can then do all of this in between to surveil you.  It says, Between September 23 and September 24, or July 2024, DVEs driven by anti government, racial, or gender related motivations have conducted at least four attacks in the homeland, one of which resulted in a death. Like, do you know how much government overreach we're getting for one death here?  Between September and July  one death, and they're going to weaponize.  The Department of Defense,  U. S. law enforcement at least disrupted seven additional DVE plots, two HVE plots, and again, I'm not saying that this stuff doesn't happen, I'm not saying that they shouldn't exist, I'm not saying that they shouldn't be able to  maybe not even surveil people domestically, right, that wasn't what was supposed to be allowed until the Patriot Act, I'm not saying that they shouldn't  be able to do their job though, and their job is to figure out where is a terrorist attack going to come from, and there has been domestic terrorist attacks. I'm  Most of the domestic terrorist attacks have been against Donald Trump.  not against  literally any other government official.  So unless they're speaking about, Oh, if you know, I highly doubt they're using this to surveil liberals with blue hair at, you know, some furry event. No, it's, it's being weaponized against the right.  But again, they have to be able to do their job. I'm sure there are, you know, there's been like the Boston bombing and there's been other historical events that I would love for these people to stop and and nothing against these people if they're surveilling me right now for talking about furries,  but like I know you got to do your job. I know people who have been in positions in these organizations,  and I appreciate what you do,  but when it's weaponized against the American people  for nothing other than posing a political posting a political opinion online.  So that you can utilize these overreaching government tools  to then surveil their private life that is not constitutional,  right? The Patriot Act is not constitutional.  And now this type of document allows you to overreach beyond what should be allowed  for, for a complete Orwellian government. State of government.  So if you say anything about this category of things, a list of probably 100 words that they have in the Department of Defense and Homeland Security, if you say any word like this, it triggers AI to pick up your profile. And now they have you on a list somewhere. And now they can use the Patriot Act to listen into your phone microphone and use AI to scrape your conversations and search your conversations for any of the jokes that you make with your wife in private.  It shouldn't be a lot,  right? You should still be able to do your job. And I think you can still do your job by monitoring it. with a sniper rifle and not an RPG, right? Or a nuke, essentially, right? You don't need to monitor millions and millions and millions of Americans to find the one that's sitting there posting online talking about how they want to  enact some violent act on a school or shoot up some mosque, right? Like, You don't need all of that. You don't need that power to do that.  Now, let's look at some other portions here.  As we move down this document.  The next portion I'd like to point out is biological. So this is just interesting to me over the last year foreign and domestic extremists online expressed interest in using DNA modification. So okay, so so I've heard this one several times recently, this is a very recent event. And this is something that I've talked about before, when you've used 23 and me,  you are giving your DNA to a entity that will then sell that data to foreign and domestic.  Governments  or companies like BlackRock, right? Now what they can do with that DNA, the technology has been devised. Iran has tried this. China has tried this. There's evidence there. There's been, uh, I was listening to a Senator yesterday talk about on the Sean Ryan podcast, how China has been trying to develop a biological weapon that only attacks  childbearing age individuals.  So here's another example of that in this document where it says, We expect threat actors to continue to explore emerging and advanced technologies to aid their efforts in developing and carrying out chemical and biological attacks. Over the last year, this document says, Foreign and domestic extremists online expressed interest in using DNA modification to develop biological weapons to target specific individuals.  So if you want women between the age of this and this, if you want certain ethnic minorities, if you want certain or majorities, you want a certain gender, you want a certain age group, you want a certain background, whatever it is, you can splice DNA down and see, Hey, I want this new COVID quote unquote, but much more deadly to attack men who are fighting age between the ages of 18 and 45  decimate the men between 15 to 45.  They can do that. And that's what this document is outlining here. So when you're giving your DNA to these organizations, they can even target it down to the individual,  right? They could release some massive flu virus,  and they want to target 15 DNA strands  and have it be lethal against, A hundred people, 150 people, they can manipulate that  virus to do that.  It also says, we also remain concerned about the potential for threat actors to use unmanned aircraft systems in chemical and biological attacks due to the continued advancement of UAS technology and the growing availability of UAS. So saying that people are going to use drones to drop these types of things.  All right, now it moves into influence operations and transnational repression.  All right, so Russia will likely continue to use traditional state sponsored media. For example, over the past year, Russian influence actors have amplified stories regarding U. S. migration flows to stoke discord in the United States. Like no,  that wasn't Russia, that was you. Like maybe this should be talking about how the Harris and Biden campaign let in 22 million illegals.  Maybe we should be talking about that being the reason that these stories are amplified, not Russia.  We should be having that conversation. You shouldn't be mad at the messenger, right? Even if they're amplifying those conversations, be like, Hey, look at how  ridiculous the United States is for letting in all of these terrorists. We're not going to do that.  It's just funny that to me that they want to point out these foreign countries acting like, Oh, we didn't do anything wrong. It's because they, they said it. They're mad. They're just trying to make you mad at us. It's like playing the, the, you know, your parents are divorced, right? Your parents are divorced. And one parent's like, Hey,  you know, like mom, mom won't let me, you know, I don't know where I'm going with that, but you see the point  you get the idea. It's not Russia's fault that you let in 22 million illegals. It's your fault,  and they just pointed it out, so maybe, just don't do that.  This is over the last year, Iranian information operations have focused on weakening U. S. public support of Israel and Israel's response to Iranian information operations have focused on weakening U. S. public support of Israel and Israel's response to October 7, 2023 Hamas attacks. These efforts have included leveraging ongoing protests regarding the conflict, posing as online protests.  And encouraging protests prior to the 2020 U. S. presidential election, Iran attempted to amplify divisive narratives to incite violence, influence the U. S. electorate and degrade trust in electoral processes. And like, yeah, for sure. They're probably doing that. And so is Israel,  right? Go check out AIPAC. Maybe we should be talking about AIPAC in here and their influence on, on domestic senators and congressmen and.  Presidents, dare I say.  Uh, another one that I found to be interesting here was that they talk about the People's Republic of China and their disinformation campaigns. Hmm. And it says that they seek to exploit U. S. disasters. So the U. S. Homeland Security is saying that China's the reason  China is exploiting U. S. disasters just as it did when it blamed Hawaii wildfires on U. S. military activity and may also reduce trust in the U. S. institutions and officials and dissuade survivors to pursue legal recovery or federal recovery response and support. Yeah. I don't think that it was  just China. China. Pointing out that direct energy weapons are real and could have been the result of, or could have resulted in Lahaina.  I don't think it's just China pointing out that we have weather modification, that there's literal patents on Google that you can search on all of this technology. Like,  again, stop trying to blame the foreign entity for something that isn't real.  is very real and a possibility.  It also says the Department of Justice indicted seven Chinese based Chinese nationals for their involvement in a PRC backed criminal hacking group targeting U. S. based critics, businesses, and political officials in malicious cyber operations intended to intimidate and silence dissidents and steal from their businesses.  All right, uh, moving on.  Okay, so this is probably the most interesting part of this here. And this talks about threat is likely to focus on the election cycle, right? This is all about the election.  Now, some of the most interesting parts of this, I'll read through for you that I highlighted. Again, if you want this document, as I highlighted it and all of my annotations, you can just head over to my Instagram. Once this is posted, you'll be able to request it from my comment section. All right. So one of the first things here is that, uh, let's just read it from the top so we can get into this better. Part of the paragraph, our electoral processes are an attractive target for threat actors, and we expect many will seek to influence the 2024 election cycle. While some others may seek to access or interfere with election systems, while law enforcement is still investigating their motives behind the apparent assassination attempts on a former US president. These incidents highlight the magnitude of the threat surrounding the election cycle.  Now, here we go. Some Domestic violence, some domestic violent extremists, particularly those voted motivated by anti government or partisan issues will likely view a wide range of targets  indirectly and directly associated with elections as viable targets for violence with the intent of instilling fear among voters, candidates, and election workers. What would be the means to that? Like what would be the end there? Why would they do that? Why, if you're an anti government or  if you're motivated by partisan issues. Well, that's the more important one, right? Anti government or partisan issues, right? If you're anti government, we can now  say that, Oh, you're probably going to attack polling areas, right? You're probably going to go to the local  polling area and, and bomb them or whatever, right? You're probably going to do that if you're anti government.  Like,  no.  No, I think you're just bad at your job, in that  federalism is generally not helpful, and all it's done is caused a bloated taxation system and leached from American citizens and given all of our money to foreign entities to fight wars that we shouldn't be in.  That's why I'm anti government, and I'm not going to attack anybody as a result. But just because I state that opinion, they can now put me on a list to then say that, oh, I'm going to go attack a polling area. Like,  so stupid. Uh, some DVEs, particularly those motivated by anti government or partisan issues, will likely view a wide, okay, we just said that, um,  instilling fear among voters, candidates, and election workers, as well as disrupting election processes leading up to or after the November election. So leading up to, And after like, we're not putting any end to this, right? There's no cycle here. We're like, maybe for the next three to four months, we should be highly focusing on people who say that the government's bad at their job,  or doesn't have the right motivations.  Nope,  door after  foreign state affiliated cyber to actors and cyber criminals, almost certainly. So this is this one I found really interesting too, because they point out the fact that people are going to try to, like state affiliated cyber actors and cyber criminals, and they're  are most likely going to try to change votes using technology, hack into the voting systems, and change votes. But then they say something which I find to be hilarious here too. So foreign state affiliated cyber actors and cyber criminals almost certainly will view network infrastructure that supports US elections as attractive targets. However,  there was no reporting to suggest that foreign adversary targets of such systems have ever prevented any eligible voter from casting a ballot.  Compromise the integrity of any ballots, cast or disrupted the ability to tabulate votes or transmit election results in a timely manner,  right? So they're definitely going to target.  These polling stations. They're definitely going to try to hack in and change votes, but there's no evidence ever that that's ever occurred ever to anyone ever. We promise,  right?  So what they're stating there is like, again, laying the groundwork. They're saying that  almost certainly,  almost certainly  will target  the network infrastructure that supports elections to try and change votes, but then they follow that up with There was no reporting, however, to suggest that foreign adversary targeting of such systems has ever prevented any eligible voter ever from casting a ballot, or compromise the integrity of the, because if they say, this has happened, we know what's happened, they've changed votes, we know they've changed votes,  then what? Right? Like, then what? Then we know the election system is compromised, and they can't say that, but what they can say is that we know for certain  They're going to target this and try to hack into it and try to change votes.  But there's no evidence ever that it's ever happened ever, right? But almost certainly they're going to try to do it.  Found that one to be interesting.  All right, moving on. It says, in particular, anti government, anti authority DVEs, many of whom likely will be inspired by partisan policy grievances or conspiracy theories will pose the most significant threat. So this is under the guise. So it says we expect the DVEs to post the most significant threat to government officials, voters, elections related personnel and infrastructure, including polling places. So ballot dropbox locations, voter registration sites, campaign events, political party offices, and vote counting sites in particular anti government. Like if you're anti government, you're not trying to stop people from voting. You're not trying to  blow up a,  a dropbox for voted, you know, like for votes.  You're not.  You're just not participating. I'm not playing this game. The game's stupid. It's, it's all rigged, right?  But again, they have to throw that in there. So if you believe that people conspire, right, conspiracy theories, or you believe that the government's not good at what they do, and this may be too large,  Any one of those things, you pose the most significant threat.  We have also recently observed a rise in disruptive tactics, targeting election officials, like those observed in past election cycles, including hoax, bomb threats, swatting, doxing, and mailing  white powder letters, intended to instill fear. Like I'm not saying that doesn't happen. I'm sure that does happen. I'm sure there's some pieces of shit that will try to, I don't know, intimidate voters not to vote,  whatever.  But the fact that they're calling out anybody who believes that a small or large group will conspire and conceal their identity. To do something that you wouldn't want them to do as the American public.  Now you're a conspiracy theorist. And if you believe the government is bad at what they do. If you've heard my bowling alley story when I was in the military, they are generally bad at what they do. Uh, you know, and I've heard this too, do you know who's not bad at what they do? The intelligence agencies. They're the ones who hire the Harvard graduates and Oxford alumni and MIT this and all those are, they come off as very stupid when they put out those secret service agents that looked like they did when Trump was there. But that was on purpose.  Right, the people that are actually in the Department of Defense, at the highest levels of these three letter agencies, they're not unintelligent. They're not ignorant. They're not stupid.  Right?  But,  most of the government is. Right. It's not all the DMV, but a lot of it's the DMV,  uh, online users and forms frequently frequented by some DVS have increasingly called for violence linked to the 2024 election cycle and seek to promote violence  in response to politically and socially disruptive topics like immigration, abortion rights, and LGBTQIA issues or significant current events.  Let's talk about that one.    

Martin Spackman is an accomplished Quality Manager with over 16 years of experience in the automotive sector, six of which have been dedicated to leading quality management initiatives for companies such as BMW, Vauxhall, and Faurecia. Previously, Martin held logistics and quality roles for BMW Mini, and Supplier Quality roles at Vauxhall, overseeing quality operations at key facilities in Ellesmere Port and Luton. As Quality Manager for Tevva, Martin's career focus shifted toward the hydrogen and electric vehicle sectors, as he oversaw the production of 7.5-tonne electric trucks. As Quality Manager at Hydrogen Vehicle Systems (HVS), Martin maintains high-quality standards, as well as identifying high-value supply chain strengths. His expertise in this area helps to unlock opportunities that align with HVS' mission to decarbonise the Heavy Goods transport industry. Martin is an active member of the Chartered Quality Institute (Practitioner Level) and the SMMT Quality Network Group.

In this episode of Quality Impact, we explore quality within the automotive industry, challenges faced by women in quality 30 years ago, and also learn about the efforts to bring the first hydrogen truck to the UK market.Joining us is Jillian Jarvie, Head of Quality and Business Improvement at Raytheon, and Martin Spackman, Quality Manager at HVS, who collectively have more than 43 years' experience in quality.

This is a bonus episode of the "Linus på Baslinjen" podcast, recorded as a video. You can choose to listen to it as an audio-only experience or watch it as a video at: https://baslinjen.com/2024/07/30/video-and-podcast-boris-chernov-member-of-team-helliovaara-about-the-wimbledon-title/ A few weeks have passed since Harri Heliövaara's almost unbelievable success at Wimbledon, where he and Henry Patten won the Wimbledon title in London. One of the coaches who has worked with Heliövaara over the last few years, and was present at the final, is Boris Chernov, a coach at HVS in Finland. We spoke with Boris a week after the Wimbledon final to hear his thoughts and to ask him the key question: what are the secrets behind Heliövaara's amazing comeback in tennis over the past few years? Tack till alla partners: * Zenniz – The Smart Tennis Solution: ⁠⁠⁠⁠⁠⁠http://www.zenniz.com⁠⁠⁠⁠⁠⁠ * * BROTHY - http://www.originalbrothy.com. Kod "BASLINJEN10" för 10% rabatt och koden "BASLINJENBOOST" för ett 6-pack "The Deer" vid tecknande av prenumeration. * TennisXAnalysis: ⁠⁠http://www.tennisxanalysis.com⁠⁠ * House of Bontin – Smarta destinationen för tennis och padel: ⁠http://⁠⁠⁠⁠⁠www.houseofbontin.se⁠⁠⁠⁠⁠⁠ (Använd koden ”Baslinjen” för 10% på hela sortimentet förutom på Slinger Bag eller redan nedsatta priser.) * Wilson Tennis Camp: http://⁠⁠www.tenniscamp.se/⁠⁠ http://www.baslinjen.com⁠⁠⁠⁠⁠ ⁠är platsen för fler reportage, videos, intervjuer och krönikor om tennis. Vill ni kontakta mig gör ni det bäst på mailto:linus@baslinjen.com Intromusik: Mr Smith, Cool Running (Free Music Archive) (CC BY) Outromusik: Mr Smith, The New West (Free Music Archive) (CC BY)

Anlegerinnen und Anleger vergessen häufig, dass sie durch den Aktienbesitz Eigentümer des Unternehmens sind und wichtige Entscheidungen mit allen anderen zusammen fällen. Und das in der Regel auf der Hauptversammlung. Wer spottet, es ginge nur um die Brezel, übersieht, welch wichtiges Kontrollinstrument eine HV darstellt. Wir sprechen mit einem, der auf vielen HVs dabei ist, sei es als Aktionär oder Vertreter einer Interessengemeinschaft der Aktionäre wie der DSW. Wie laufen diese Aktionärstreffen heute ab, welche Entwicklungen sind zu beobachten und wie können Sie als Anteilseignerin bzw. -eigner das Beste aus Ihren Rechten machen. Damit Sie Ihre Stimme in Zukunft nicht mehr so einfach verfallen lassen. Börse@home ist Ihre Lunch-Break für alle Börsenthemen: 30 Minuten konzentrierte Information von wechselnden Börsenkennerinnen und -kennern mit viel Zeit für Ihre Fragen im Anschluss. Jeden Montag um 12 Uhr.

Part 2 - Neville James is joined by Parris Jordan, managing director, and Nicole Roantree, of HVS as they discuss the upcoming Caribbean Hotel Investment Conference & Operations Summit (CHICOS) happening on St. Thomas. 

Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Why we may expect our successors not to care about suffering, published by Jim Buhler on July 11, 2023 on The Effective Altruism Forum. (Probably the most important post of this sequence.)Summary: Some values are less adapted to the “biggest potential futures” than others (see my previous post), in the sense that they may constrain how one should go about colonizing space, making them less competitive in a space-expansion race. The preference for reducing suffering is one example of a preference that seems particularly likely to be unadapted and selected against. It forces the suffering-concerned agents to make trade-offs between preventing suffering and increasing their ability to create more of what they value. Meanwhile, those who don't care about suffering don't face this trade-off and can focus on optimizing for what they value without worrying about the suffering they might (in)directly cause. Therefore, we should - all else equal - expect the “grabbiest” civilizations/agents to have relatively low levels of concern for suffering, including humanity (if it becomes grabby). Call this the Upside-focused Colonist Curse (UCC). In this post, I explain this UCC dynamic in more detail using an example. Then, I argue that the more significant this dynamic is (relative to competing others), the more we should prioritize s-risks over other long-term risks, and soon. The humane values, the positive utilitarians, and the disvalue penalty Consider the concept of disvalue penalty: the (subjective) amount of disvalue a given agent would have to be responsible for in order to bring about the highest (subjective) amount of value they can. The story below should make what it means more intuitive. Say they are only two types of agents: those endorsing “humane values” (the HVs) who disvalue suffering and value things like pleasure; the “positive utilitarians” (the PUs) who value things like pleasure but disvalue nothing. These two groups are in competition to control their shared planet, or solar system, or light cone, or whatever. The HVs estimate that they could colonize a maximum of [some high number] of stars and fill those with a maximum of [some high number] units of value. However, they also know that increasing their civilization's ability to create value also increases s-risks (in absolute). They, therefore, face a trade-off between maximizing value and preventing suffering which incentivizes them to be cautious with regard to how they colonize space. If they were to purely optimize for more value without watching for the suffering they might (directly or indirectly) become responsible for, they'd predict they would cause x unit of suffering for every 10 units of value they create. This is the HVs' disvalue penalty: x/10 (which is a ratio; a high ratio means a heavy penalty). The PUs, however, do not care about the suffering they might be responsible for. They don't face the trade-off the HVs face and have no incentive to be cautious like them. They can - right away - start colonizing as many stars as possible to eventually fill them with value, without worrying about anything else. The PU's disvalue penalty is 0. Image 1: Niander Wallace, a character from Blade Runner 2049 who can be thought of as a particularly baddy PU. Because they have a higher disvalue penalty (incentivizing them to be more cautious), the humane values are less “grabby” than those of the PUs. While the PUs can happily spread without fearing any downside, the HVs would want to spend some time and resources thinking about how to avoid causing too much suffering while colonizing space (and about whether it's worth colonizing at all), since suffering would hurt their total utility. This means, according to the Grabby Values Selection Thesis, that we should - all else equal - expect PU-ish values to be s...

Jesse grew up the son of a handmaid and a head coordinator in Ann Arbor, contracting a nasty case of Word-of-God-itis in households and clusters and at HVS, Pine Hills Camp, & more. He feels much better now, though, and is hard at work on a vaccine, which is currently being tested by his three kids.

Special Thanks to our sponsor NetSPI NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM   This Hacker Valley Studio episode features Jake Reynolds, Head of Emerging Technology @ NetSPI. We chat with Jake about: 0:00 - Welcome Jake Reynolds 2:30 - What is a full stack engineer? 4:39 - Having a large cybersecurity attack surface 6:00 - Attack surface trends 8:29 - Do cloud engineers need to know networking? 10:12 - Levels of abstraction in the cloud and making sense of it 12:13 - Does bug bounty help you with your job? 15:49 - Will we see network exploits again? 16:53 - Special question from NetSPI 17:31 - Which emerging technologies are you watching? 20:30 - Have we really reached the max of ChatGPT hypes? 24:33 - What AI/ML capability does cybersecurity need? 27:28 - How do we stack the deck against the hackers? Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals. ........................... Links: Connect with Jake Reynolds on LinkedIn Purchase an HVS t-shirt at our shop Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Continue the conversation by joining our Discord

In this episode of the podcast, Ron Eddings and Chris Cochran share insights and tips on how to navigate a career in cybersecurity. They discuss the importance of having the right mindset, finding the right career path, building a network, and negotiating a salary. Ron and Chris emphasize the value of having a positive attitude and being open to learning and growth. They suggest exploring different areas within cybersecurity to find the best fit for your interests and skills. Additionally, they stress the importance of building a strong network, both online and in-person, to connect with industry professionals and stay up to date on the latest trends and technologies. Ron offers advice on negotiating a salary and knowing your worth. Ron and Chris also encourage listeners to do their research and interview for multiple jobs to get a sense of market rates for different roles. They also discuss the taboo around discussing salaries in cybersecurity and offer suggestions on how to navigate this sensitive topic. Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals. NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM ........................... Links: Purchase an HVS t-shirt at our shop Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Continue the conversation by joining our Discord

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris tackle arguably one of the most difficult roles in cybersecurity: Incident Response. Drawing on his years of experience at organizations such as US Cyber Command, NSA, and Netflix, Chris shares his knowledge on what it takes to properly handle Severity 1, 2, and 3 level incidents. Together, Ron and Chris cover everything from the roles and responsibilities of an incident commander to the steps of bringing an incident to a close. Lastly, the two share their tips for improving incident response and steps that individuals and organizations can take to integrate incident command and communication efforts.  Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals. NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM ........................... Links: Purchase an HVS t-shirt at our shop Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Continue the conversation by joining our Discord

In this episode, Chris and Ron are joined by author, TED Talk presenter, and Chief Research Officer at WithSecure, Mikko Hyppönen, to discuss the past, present, and future of cybersecurity. With over 30 years of experience in cybersecurity, Mikko shares his insights on everything from the importance of knowing and understanding the enemy to the security implications of smart devices. Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM ........................... Links: Connect with our guest Mikko Hyppönen on LinkedIn Check out Mikko's book If It's Smart, It's Vulnerable Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, Chris Cochran and Ron Eddings discuss cybersecurity resources for learning and standing out in the field. In the episode, the two discuss SANS Institute posters for pentesting, purple teaming, and incident response. The two also showcase Google Hacking resources for finding domains of interest for cybersecurity. Ron and Chris highlight how podcasts can be a great way to try out a book before buying it, as authors often share the best parts of their work when interviewed. Chris notes that the cybersecurity field is constantly evolving and that staying up-to-date is crucial. They emphasize that resources like books and podcasts can help professionals develop new skills and stay current with industry trends. Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals. ........................... Links: Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Welcome to the Hacker Valley Studio podcast, Ron Eddings and Chris Cochran reflect on their most pivotal moments in the industry. The two share personal stories that shaped their careers, from Chris' journey to landing his dream role at Netflix to Ron's early years in cybersecurity and hitting his career goal of earning $100k. But it's not all about the money – Ron and Chris delve into the importance of money management and the harsh realities of poor spending habits. They also discuss the philosophy of staying present, having gratitude, and being available for life-changing opportunities, especially in the ever-evolving world of cybersecurity. You'll also hear Ron's tips for success, including the power of breathwork, consistent self-development routines, and reading. And, surprisingly, how these practices even helped him meet his wife! Whether you're just starting out in cybersecurity or looking to take your career to the next level, this cybersecurity podcast episode is perfect for anyone interested in learning from two experienced professionals who have been there, done that, and are still going strong. ........................... Links: Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, hosts Ron Eddings and Chris Cochran explore the power of ChatGPT and attempt to build a Python script that scrapes BleepingComputer for the latest headlines. Chris also takes a moment to reflect on the rise of the ‘Industry Creative'- a term he coined for individuals that leverage their practical industry experience into creating content for their community. The two share their predictions on the future of cybersecurity content creation, why the demand for content is higher than ever, and why they believe industry creatives are the most valuable practitioners in cybersecurity. This cybersecurity podcast episode is perfect for anyone interested in advancing their understanding of the intersection between AI and cybersecurity. Enjoy! ........................... Links: Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

In this episode of the Hacker Valley Studio, hosts Ron and Chris are joined by McKenna Yeakey to talk about her experience with being laid off in cybersecurity and finding a new job. Mckenna shares her journey through the emotional and psychological struggles she faced during her layoff, and how she overcame feelings of self-doubt and worthiness. She also highlights the role her professional network and the cybersecurity community played in supporting her during this difficult time and how she ultimately landed her next gig. McKenna also shares her insights on diversity and leadership in the cybersecurity industry, as a black woman in tech. She offers her perspective on what true inclusivity should look like, and how to identify companies that are actively promoting it. From her favorite leadership questions to ask during job interviews to tips on how to support others in the industry, McKenna shares it all. This cybersecurity podcast episode is a must-listen for anyone looking to grow their cybersecurity career. This promises to be an inspiring and empowering resource for anyone facing job loss or seeking to improve their professional prospects in the cybersecurity field.   Links: Stay up to date with McKenna Yeakey on LinkedIn Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

In this episode of the podcast, Maril Vernon joins Ron and Chris and discusses the importance of breaking down silos between cyber teams and inspiring individuals to drive their own careers in cybersecurity. Maril has been a key player in promoting the concept of purple teaming - the combination of red teaming and blue teaming to improve an organization's overall security posture. She discusses the importance of hands-on experience and practical knowledge over just having certifications. Maril's approach to her career has been driven by her passion for the work and her desire to break down silos between different cybersecurity teams. She emphasizes that individuals can drive their own success in the field and take control of their careers, regardless of the limitations their organizations or the industry may impose. Through her collaborations with organizations such as Cyber Queens and nonprofit foundations, she hopes to provide more educational material to high school and college students to inspire the next generation of cybersecurity professionals. Maril has big plans for the future, including starting a doctorate program in cybersecurity and working on several undisclosed projects that she promises to share in future podcasts. She hopes to leave a legacy of empowering individuals in the cybersecurity field and inspiring them to love their work and take control of their careers.  This cybersecurity podcast episode is a must-listen for anyone looking to pursue a career in cybersecurity and gain insight into the field from a successful professional.   -------------- Links: Stay up to date with Maril Vernon on LinkedIn Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

In this episode of Hacker Valley Studio, Rob Wood, Chief Information Security Officer (CISO) at CMS, discusses the challenges of data silos within organizations. Rob explains that security teams often operate in silos, with different departments focusing on various aspects of security, such as incident management, compliance, and penetration testing. One way to improve this is by flattening the organizational structure and finding ways to work together in the same data environments, using the same data tools. This would allow teams to collaborate better and share information, improving overall security. In the episode, Rob also highlights the importance of supportive leadership and culture in driving change and the impact of the mission in his work. Ron picks up on two key elements - people and communication - as important in cybersecurity and business, as breakdowns often happen due to lack of communication. Chris mentions how he is hard on leaders who create toxic environments or use fear and intimidation to lead their teams. He also notes that he is starting to see a different kind of leader in the technical space, one that knows a lot, and is intelligent but also knows how to talk to people and make them feel seen. The conversation then shifts to where this change in leadership is coming from. Rob Wood suggests that it is the next wave of leaders coming in, as there are more leadership opportunities available. He also notes that there are many people moving into security from diverse fields, creating a polymath effect of blended disciplines. This helps humble people and allows them to be more human. He also mentions that his own career path was not traditional, as he studied sports management in college and transitioned into an internship in cybersecurity. -------------- Links: Stay up to date with Rob Wood on LinkedIn Join our Patreon monthly creative mastermind Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Taylor Lehmann, Director of Office of the CISO at Google Cloud, has made it his mission to make healthcare and life sciences more secure and strategic for everyone. Joining the pod this week, Taylor talks about how security and strategy have to start with people— from properly managing them to realistically motivating them. Healthcare is in need of some serious security TLC and Taylor is ready to tackle the difficult questions about how personal medical data can stay safe in a constantly evolving environment.   Timecoded Guide: [01:47] Motivating your team & understanding your real cyber constraints [06:19] Creating a shared, measurable goal for every team [14:26] The haves and have-nots of healthcare security [22:08] Revolutionizing the security standard of healthcare [25:16] How to not fail your future self   You're frequently brought into situations that are hard for security teams. Could you walk us through your process of dealing with interpersonal conflicts at work?  Rarely is a conflict amongst team members about the technology itself, but is instead about how a team is working together. To combat team conflicts at work, Taylor first focuses on kindness and thankfulness. When a team can create a kind environment, trust flows much easier and the team can focus more on what the real constraints of their situation are (i.e. time and deadlines) vs their perceived constraints and tension points (i.e. assumptions around budget). “What I end up finding out in more cases than not is it's not about a tool, it's not about a security control you don't understand, it's usually not a technical issue, it's almost always getting teams aligned to working together towards a shared outcome.”   What is the common slowdown or hiccup when it comes to security practitioners working together?  The biggest and most detrimental slowdown amongst team members in cybersecurity is the lack of a shared goal. Without a united effort towards security and a measurable outcome to achieve, team members throughout your organization won't work effectively or efficiently together. When the goal to be more secure can be understood by everyone within the organization, team members won't get stuck on the whys or hows of the work they're doing. “Is the security department the only one who wants to be secure, or does everybody? The second you create a goal where teams are effectively working together to get that outcome, that's when you know you're there.”   When you look at the maturity of health organizations in being more security-minded, what are some of the things that you're seeing in the industry? Like many industries, security in healthcare is divided into “have”s and “have not”s. Large, sophisticated, extensive, public health organizations have a high level of security maturity, while smaller organizations fall behind in technology and cybersecurity. While organizations like the FDA are working hard to make the medical field a more secure place, modern tech platforms need to be integrated at every level to keep patients and practitioners safe. “It's tough to tell as a patient if a health system invests in security or not. No one is yet making decisions on where they go to get healthcare based on security. I think if they knew they would suffer something negative due to an under-invested system, that would change things.”   Was there a turning point in your life that made you the leader that you are today? After an extensive shoulder surgery left Taylor laid up in a hospital bed, he realized that some of the equipment being used on his own body couldn't be trusted to keep information secure. Having such an eye-opening patient experience after working in security in the medical field, Taylor realized that other patients wouldn't know how to verify or protect themselves from these issues. Something had to change, and Taylor understood that he had to become a leader and advocate in this space to make a difference in our current reality.  “This cannot be the standard of care. My life, in effect, depended on medical equipment that couldn't be trusted. I needed to do something about it, not just for myself, but for the next person who's gonna lie in a hospital bed.” -------------- Links: Keep up with our guest Taylor Lehmann on LinkedIn and Twitter Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Maxime “Max” Lamothe-Brassard, Founder of LimaCharlie, brings a tech-focused community perspective and a history of working at Google to Hacker Valley this week. Inspired by the internal motivation to empower others and build what didn't exist, Maxime created LimaCharlie to help security teams automate and manage security operations. In this episode, Max walks through his founder's journey and points out the problems that are begging for innovative solutions from the brightest minds in cyber.   Timecoded Guide: [01:59] Improving community & empowering practitioners [06:04] Leaving Google for LimaCharlie [10:55] Unpacking the incentivization problem of cyber  [16:21] Targeted products vs massive suites of problem solvers [21:29] Looking at a red team-less future   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human-delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   Where would you say your passion for improving our community comes from?  From the moment Max opens his mouth to talk about cybersecurity, his passion for the global community of cyber practitioners is clear. It turns out, the community is Max's passion because he's been in so many cybersecurity roles and has experienced so many of the same issues in each position. Suffering pain and fatigue no matter the role shouldn't be the reality for today's practitioners, and Max wants to empower them to do their best, most enjoyable work.  “When I started, the goal wasn't to make the silver bullet that somehow was going to automatically save everybody, but really to just help people that were working and doing their jobs and empower them.”    How was your experience going from Google to having your own thing with LimaCharlie?  Taking the red pill of entrepreneurship wasn't as scary of an experience for Max as one might think. Instead, the product idea behind LimaCharlie existed for years before Max left Google, and everything Max has done in his career prepared him to take that risky step into doing his own thing. When push came to shove, Max was comfortable taking the risk because he knew he would always have opportunities to support the industry, even if he failed. “Really, throughout my whole career, without necessarily knowing at the time, [creating LimaCharlie] was where I was heading. Looking back, I've always been trying to build the thing that didn't exist where I was and push those limits.”    What are there problems in the community or in the industry that you don't see anyone solving yet?  A major opportunity for growth and improvement in cybersecurity is incentivization, according to Max. The debate of what's worth fixing and who should decide on prioritizing vulnerabilities leads to tension and confusion amongst practitioners. The key to this problem might just be finding that special someone to somehow access the information with the right types of models and protocols around risk evaluation. Insurance might be the easiest answer, but Max wants practitioners to explore their potential to solve these problems, too.  “The problem is that, as an industry, for us to make a risk-reward call on security vulnerabilities— it's incredibly difficult for us that are in security every day. Fundamentally, we can't even make that call ourselves.”   What is one topic of division in cyber that you wish we could all come together on?  Division is inevitable in a field that grows as fast as cybersecurity. However, if Max could dream big about a major division to solve himself, it would be that of a red team's purpose. In an ideal security world, people don't need the red team to buy them into cybersecurity. Max hopes that, over time, the industry shifts more towards the blue team, where vulnerabilities are understood as important and worth protecting against without red team demonstrations.  “I hope that, over time, we're able to move away from having to drive this idea that these things are real and they're important because people are already bought into this idea that, yes, we need to defend everything.” --------------- Links: Keep up with our guest Maxime Lamothe-Brassard on LinkedIn Learn more about LimaCharlie on LinkedIn and the LimaCharlie website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Brian Haugli, Founder and CEO of SideChannel, brings his CISO expertise to the pod this week for a discussion about strategy and leadership in cybersecurity. Working alongside CISOs and fractional VCISOs, Brian has seen his share of leadership mistakes and has learned about the purposeful approach that security needs along the way. In this episode, Brian revises the mantra of “people, process, and technology,” to include the first and most important element in your security success: purposeful strategy.   Timecoded Guide: [02:01] People, process, and technology in your leadership strategy [05:12] Tenants of a strong security strategy [13:11] Setting up new fractional CISOs for success [18:29] Creating SideChannel & walking the line between CISO vs consultant [27:44] Thriving professionally by thriving personally   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human-delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   What has been your philosophy throughout the years when it comes to leadership versus technology?  The security adage of “people, process, technology” isn't one combined concept. That is, in Brian's opinion, why so many leaders make the mistake of prioritizing technology as a central part of their strategy. Strategy is not what technology you use, and you can't buy your way out of every security conflict with a shiny new product. Ask yourself what problem you're supposed to solve, not which tech is going to solve your problems.  “Strategy is not technology, it's figuring out what you want to look like when you grow up, in a sense. Everyone jumps to the shiny object. What can I buy to go solve this problem? You never stop and question: Was that the first problem I was supposed to solve?”   What are the tenants of making sure that you've done the work of creating a strong security strategy? The North Star of your security strategy should be the identity and purpose of your business, according to Brian. If you don't have a current assessment of your current capabilities, assets, resources, and objectives, you aren't positioning yourself for success. Strategy comes from a knowledge and understanding of where you are now, and where you need to be. When your company “grows up,” what do you want security to look like for you? Understanding that guides you towards your target state without wasting your time on the wrong problems or objectives.  “I think a lot of people throw strategy around as a grander concept and don't actually think about the elements that need to go into building one. You need to align to a definition that supports your business and outcomes, and that's what is strategic. The idea is not strategic.”   Let's say I'm a brand new fractional CISO and I have my first client. What are the top three questions I'm going to ask of this organization to set me on the right path? When dealing with a new client, fractional CISOs have to understand why they're involved with this client in the first place. Why are you here? Who brought you here? And, most importantly, what is the reason security is being addressed now? A fractional CISO can't defend what they don't know exists, and they can't meet a deadline without first understanding what this company's unique security environment needs are.  “You don't jump into, ‘Okay, well, what's the budget?' No, I like to understand what I have to actually defend and build to, how fast I have to actually make that happen, that then informs and sets up the much better discussion around, realistically, what you should be considering.”   What advice do you have for our audience that is interested in becoming a CISO? Although Brian jokes that he would advise anyone against taking on a CISO role due to the workload, he understands and loves the grind of cybersecurity leadership. To not only survive but thrive as a CISO, Brian believes a practitioner has to keep their love for problem-solving and protecting organizations at the forefront. Still, as passionate as someone might be, Brian also advises knowing when to unplug and unwind to avoid burning out fast in such a strenuous role.  “Look, just take care of yourself. I think exercising is huge. Eat right, sleep right. You've got to take care of your mental health, take care of physical health, you've got to take care of your spiritual health. You've got to do all that, or you're never going to be good professionally.” --------------- Links: Keep up with our guest Brian Haugli on LinkedIn and Twitter Learn more about SideChannel on LinkedIn and the SideChannel website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Allison Minutillo, President of Rebel Interactive Group and Host of the Rebel Leadership podcast, joins the Hacker Valley team this week to talk about her journey from individual contributor to company leader. With a leader's mind and a rebel's heart, Allison wants Rebel Interactive Group to break down barriers and say what needs to be said. In this episode, Allison talks about intuition vs insecurity, practitioners vs leaders, and burning out vs staying invested and engaged in the world around you.    Timecoded Guide: [00:00] Shifting from an employee to a leadership mindset  [07:44] Getting real about leadership struggles on the Rebel Leadership podcast [13:24] Rebelling for the great good of your company & yourself [19:40] Finding career inspiration as a business owner & company president [25:41] Struggling to realize your full leadership potential as an individual   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!  Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   What went into that mindset shift from individual contributor to leader for you?  Leadership was an appealing concept to Allison, but stepping into the role of President at a company was beyond her wildest dreams. Being close with Bryn, the former President of Rebel, opened her eyes to the qualities of leadership she wanted in herself. However, the true mindset shift from contributor to leader came from Bryn's understanding of Allison's skills. It wasn't until he brought up her being his successor that Allison saw the leader she knew she could be.  “I set my sights on what I thought was high. I started over-talking to [Bryn, at Rebel] because I was so nervous, and he said, ‘No, I'm talking about you being my successor, about you being president of Rebel.' I instantly stopped everything I was saying and it became crystal clear.”   What exactly is Rebel Leadership and how does it relate back to your philosophies? The term “rebel leadership” is a concept that existed before Allison's Rebel Leadership podcast began, but it embodies what Allison hopes Rebel Interactive Group represents for all of their clients. Being a rebel isn't just about breaking the rules or telling it like it is, it's about making a difference. Being a rebel leader is about challenging the status quo for the greater good of your clients, your employees, and your industry. “It's not rebelling for rebels' sake, it's that we're not good with the status quo. We're not okay with it, but we're not careless. We rebel with purpose. It's informed. It's data backed, it's compelling, it's precise, it's meaningful. We are not afraid to state what needs to be said.”    What do you say to those leaders that approach leadership almost like being a martyr?  The hustle and grind of being a leader can feel like endless amounts of hard work. However, in Allison's experience, overworking yourself and refusing to disconnect maximizes the pain, but minimizes what you gain. Burnout is real, and cybersecurity practitioners definitely know burnout can be fatal for your career. Allison advises resting and giving yourself the time to reflect at the end of a long day, instead of forcing yourself to be a martyr.  “Doing that next ‘to-do' list on your couch at 10:30pm when you're spent and you're drained is not going to make you the leader you want to be tomorrow. It's going to make you frustrated and tired and not able to perform at a high level the next day.”   How do you differentiate the good advice of intuition from your inner echo chamber of not-so-good advice? It's easy to get caught up in the eternal inner echo chamber when you're trying hard to learn and reflect on your experiences. Allison has had this happen to her, too; getting caught up reading online comments and letting self-doubt control her thoughts. However, Allison explains that the grit of a true leader can drive you through the setbacks of criticism, whether that criticism comes from outside or within. What matters most is choosing to believe in yourself as a leader.  “That's when grit and will come in, in those moments where you're at the bottom of the barrel. Do you believe in yourself? Are you going to choose to believe in yourself, or are you going to choose to believe the comments?”  --------------- Links: Keep up with our guest Allison Minutillo on LinkedIn Learn more about Rebel Interactive Group on LinkedIn and the Rebel website Listen to the Rebel Leadership podcast Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Cody Wass, VP of Services at NetSPI, brings his near-decade of experience to the pod to talk about longevity, development, and leadership. It's no secret that cybersecurity is in need of people. Cody's journey from intern to VP at NetSPI has shown him the importance of training employees, creating opportunities for new graduates, and engaging teams effectively, both virtually and in-person. In this episode, Cody provides the roadmap towards intentional employee investment in the ever-changing cyber industry.   Timecoded Guide: [00:00] Cyber career longevity from NetSPI intern to VP  [07:51] Putting people before process & technology at NetSPI [15:33] Collaboration as the foundation of the cybersecurity industry [18:13] Understanding cyber's entry level position problem [24:12] Investing intentionally in employee development     Sponsor Links: Thank you to our sponsor NetSPI for bringing this episode to life! For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   You've been at NetSPI for 9 years. When you think about a rewarding feeling in your journey at the company, what comes to mind? Starting his journey at NetSPI as an intern, Cody has had the rare but impactful opportunity to grow alongside the company. Now, as VP of Services, looks back at the lives he's impacted himself and the opportunities he's had to see others grow. Employee development is a huge part of NetSPI's success. Cody is proud to have seen newcomers join his team and become amazing practitioners over the years.   “It's really rewarding seeing people come into this industry as a fresh face with a specific skill set, to watch them grow over and see them really spread their wings, and come out the other side stronger, better, and having a skill set that you never would have imagined day one.”   NetSPI has a very unique culture and philosophy about balancing that duality between technology and people. Could you tell us a little bit about that?  People come first, before process and technology, at NetSPI. While all three elements of this sacred cyber trifecta are important, Cody and his team believe that the balance should focus on making the lives, skills, and experiences of the people at NetSPI better. Process should be taught to the people, with a focus on prosperity and consistency. Technology should be implemented intelligently, with proper training and time given to the people for the best results.  “NetSPI's differentiator is our people, first and foremost, and then, our process and our technology. We have a ton of really cool things we're doing with tech, but the focus is always on: How can you use that tech to make a person more efficient at their job?”   How important is collaboration for you and your team at NetSPI? Collaboration is built into the DNA of NetSPI, from how employees are trained to how NetSPI interacts with the industry around them. Cybersecurity thrives when teams, practitioners, and organizations work together for the sake of the greater good. Even though COVID and remote workers have increased the virtual footprint of NetSPI, Cody still emphasizes the importance of communication and collaboration to his team and to practitioners around the world.  “This industry we work in is super interesting. It'll never be finished; you're never going to learn everything there is about security and be able to call it done. We're far past the point where one person is going to be the expert of everything in cybersecurity.”   For anyone in a cybersecurity leadership position who wants to start to really invest in their people, what would be your recommendation on where to start? Intentionality is vital for the success of any leader trying to invest in their employees. Cody explains that it's one thing for leaders to want to invest in training and professional development opportunities for their team, but another thing entirely when it comes to implementation. If a leader isn't intentional, they won't have clear goals for investment and will risk letting implementation fall to the wayside for the sake of a budgetary line.  “Yes, we are going to be making this investment. It is going to cost us. It will cost us time, it will cost us money, but we are committed to making that investment because we know the payoff in 12 months or 18 months or 24 months is going to ultimately be worth it.” --------------- Links: Keep up with our guest Cody Wass on LinkedIn Learn more about NetSPI on LinkedIn and the NetSPI website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Brad Liggett, CTI Intel Engineer Manager at Cybersixgill, puts on his improv hat and joins the pod ready for anything. After COVID pressed pause on daily life, Brad kept himself sane and gained some new skills by returning to his improv roots (a hobby he had in the ‘90s) and taking up Dungeons & Dragons. In this episode, Brad covers the importance of improv skills in the professional world, the opportunities to add elements of gaming into cyber, and advice for practitioners looking to be more agile.   Timecoded Guide: [00:00] Introducing the unique combination of improv & cybersecurity [05:57] Being a life-long learner in cybersecurity & in improv groups [13:20] Practicing improvisational skills for cybersecurity customer conversations   [18:17] Bringing in games & elements of play into cybersecurity environments [24:38] Advice for a more agile, improvisational tomorrow   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   Is there a skill that you called upon during an interaction with a customer where you really leaned on your improv muscle?  Improv often involves one phrase that Brad believes other industries should incorporate, too: “Yes, and.” In cybersecurity, Brad leans heavily on the “Yes, and,” phrase because it encourages conversations to move forward authentically. Meetings aren't successful when customers and clients feel uncomfortable and unengaged. Being able to think on his feet and prepare for changes makes Brad a stronger, more agile practitioner and communicator. “The whole concept of moving the meeting forward and making sure that there's no uncomfortable silences. Be prepared, have an idea of what you want to talk about, but inevitably, the client you're talking to, everyone's going to be unique.”   What do you think is the glue that holds your interests in cyber and improv together? Being a life-long learner is something extremely important and valuable for Brad. For improv, research on the latest media, memes, and movies influences his work and motivates him to stay up-to-date and involved in some fun research. Cybersecurity is the same way. Brad believes to be the best practitioner and leader for his team, he needs to be knowledgeable about vendors, threats, products, and all things new in the industry. “You always have to be reading, you always have to be aware of what's going on in the environment out there in the world, so that as those things come up, at least you can somewhat talk to them and start to put those pieces together.”   What has been your experience with bringing an element of play into cyber? Cybersecurity can't be all work and no play. Instead, Brad believes that cybersecurity teams should continue to prioritize the gamification of training processes, as well as just letting their teams have a little fun. Sometimes, to build a strong, trusting team, there needs to be an outside outlet for problem solving, puzzling, and creativity. Brad even brought his team at Cybersixgill to a Meow Wolf exhibition this year for that same team building reason.  “We work hard, but we also should make sure that we play, and not only just do that individually, but even as teams, especially now. It's not always going to be about the training aspect, you also have to take that time to bring that team together.”   What is a piece of wisdom that people could take with them into work tomorrow to make them more agile and improvisational? When it comes to agility and improvisational skills, you have to have a strong foundation to build off of. For Brad, taking time for himself and understanding when and how he learns best has been vital to his success. Listening to podcasts at the gym, reading something new at hotels, and getting a good night's sleep are all little things that help Brad consistently become more agile and improvisational at work.  “For me, it's always having some sacred time at the end of the day. There's no TV in my bedroom, and my phone is telling me around 8:30, ‘Hey, it's wind down time,' and that's when I'm getting in the mode for sleep, and then making sure I've got a good night's sleep.” --------------- Links: Keep up with our guest Brad Liggett on LinkedIn and Twitter Learn more about Cybersixgill on LinkedIn and the Cybersixgill website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Richard Rushing, CISO at Motorola Mobility, brings his decades of experience to the show this week to talk about leadership, communication, and perhaps most importantly of all: prioritization. After joining Motorola through a startup acquisition, Richard has been a leader in the company and a defining example of what a CISO should be doing: simplifying the complicated. Richard talks about how his role has changed over the last 10 years and what's next for him and for cybersecurity.   Timecoded Guide: [00:00] Ascending into a leadership role in cybersecurity & joining the Motorola team [06:28] Defining CSO & CISO at a time when no one understood cybersecurity [13:01] Communicating with the C-suite about cyber: best practices & tenants [24:37] Harnessing a proactive cybersecurity mindset with prioritization [32:13] Extending your cybersecurity career for decades   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   What was your experience of being a Chief Security Officer in the early 2000s? Richard jokes that he became a part of the cyber industry before the industry was even called cybersecurity, but behind the joke lies the truth that cyber looked extremely different back then. However, no matter how much time passes, Richard is still used to the odd confused looks that come from saying he's a CISO. People misunderstand the role, Richard explains, but at least more people than ever before understand the importance of cybersecurity. “There were a lot of other things that you had to talk about, you had to evangelize a lot coming into this [industry] because a lot of the cybersecurity industry was brand new. People were moving around and trying to figure these things out and everybody struggled.”   How many times would you say you feel like you've had a new job or a new role being in the same role for over 10 years?  Being a CISO has had its ups and downs during the 10 years Richard has spent in that role at Motorola, but the changes have been welcome and interesting. Every few years, the technology landscape changes, and with those changes in tech come massive changes in company ownership, leadership, and security. However, Richard is thankful that through these changes, his core team has stayed the same, giving him a trustworthy group to learn from. “It's always changing, but at the same time, there's some static components. When I came on to Motorola 15 years ago and established teams, most of my team, except for a very small portion of people that retired or left, are still with me today.”   What are your thoughts and best practices for proactive cybersecurity? Although “proactive cybersecurity” has become a buzzword we're all paying attention to, Richard warns that most companies aren't really being proactive with cybersecurity just yet. Instead, what the industry has shifted towards is prioritization. Understanding what's important, prioritizing those aspects of a business, and knowing what you don't have the resources to handle can make the security work you're doing feel more proactive.  “Why do I need to prioritize? Because you're getting more alerts than you have people to be able to handle it, or technologies to be able to handle it in an automated way. So, you have to prioritize what's important.”    What would you recommend people consider to extend their cybersecurity career life as long as you have? After nearly four decades in the industry and over ten years at Motorola, Richard has been in cybersecurity longer than most modern-day practitioners. When asked about his secrets for an extended cybersecurity career, Richard reflects back on his advice around prioritization over “proactive cybersecurity”, and emphasizes the importance of community. Cybersecurity is a collaborative field, and practitioners have to stay open to learning together to succeed.  “In the cybersecurity world, we will talk to our competitors and share what we're seeing. I think that community effort is one of the key things. You have to enjoy what you're doing, reach out and be collaborative with people. Don't be the security guy that people are scared of.” --------------- Links: Keep up with our guest Richard Rushing on LinkedIn and Twitter Learn more about Motorola Mobility on LinkedIn and the Motorola website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase an HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Kenneth Ellington, Senior Cybersecurity Consultant at EY and Founder of the Ellington Cyber Academy, achieves his goal of being on the Hacker Valley Studio this week. From working at Publix in college to becoming an online course instructor, Kenneth's journey into the cyber industry has been heavily influenced by online educators like Chris and Ron. Kenneth covers barriers to entry for cyber, SOAR vs SIM, and how much further we need to go for representation in the industry.   Timecoded Guide: [00:00] Starting a cyber career at the Publix deli counter [05:16] Fighting through introversion to become an online instructor [11:02] Setting equitable & understandable prices for cyber courses [15:54] Looking into the future of SOAR vs SIM to see what's next [19:27] Taking the chance on content creation as a new cyber professional   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   What areas do you feel confident in as a new teacher, and what do you still struggle to get your footing on?  As someone newer to online teaching, having only done it for 2 years, Kenneth is confident in his communication skills, but still struggles with fully grasping new technology. On the bright side, Kenneth believes those technical skills come with time and practice, something he's 100% willing to do. What helps him stand out as a strong teacher is something harder to learn— communication with others and de-escalating stressful situations for students.  “I worked at Publix for four years in the deli, dealing with customers, and that forced me to develop those soft skills about how to talk to people and how to communicate and how to de-escalate situations. That's how I set myself apart.”   What are some of the things that you're thinking about when it comes to setting the pricing for your course content?  No matter how his prices change or how skilled he becomes, Kenneth still believes in fair and equitable pricing for his course content. Considering his experience and expertise, Kenneth charges at least half of what I vendor might charge for similar content and knowledge. However, Kenneth doesn't believe in thousands of dollars being spent on his courses, because he wants entry level students like himself to be able to afford to learn. “I'm very honest with myself, what my skill level is, and the value I bring towards it. Because I've been doing this for over two years, technically, I've gotten a pretty good gauge as to what people are willing to pay for and the value that I can bring.”   Do you have anything you're looking to expand into with Ellington Academy?  While SOAR and SIM are Ellington Academy's bread and butter, Kenneth is looking forward to continuing to expand his expertise and scale his content. A future upcoming goal Kenneth has is giving back to the country of Jamaica, where his family is originally from. Through providing courses or recruitment opportunities, he wants to bring cyber skills to everyone. “From a legacy perspective, I want to leave a positive mark on this world, just to make it better than when I got here. One of my big goals, I don't know if it's gonna happen, but my family is from Jamaica, so I'm hoping I can maybe put ECA there someday.”   What advice would you give to a newbie in cybersecurity looking to start making content?  Kenneth got his start at the Publix deli counter, and he understands that the beginning of someone's cyber journey can look just like his— inexperienced but hungry for knowledge. For newcomers to the industry, Kenneth wants to reassure that you're never too young to teach or too old to learn. Take courses, expand your knowledge, and give back to the people with less knowledge than you through accessible learning content of your own.   “Take the opportunity to try to do something new because your knowledge is valuable, no matter how much or how little that you have. Everybody can learn something from everyone. I always try to help out however I can.” --------------- Links: Keep up with our guest Kenneth Ellington on LinkedIn Check out the Ellington Cyber Academy Learn more about EY on LinkedIn and the EY website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Brian Kime, VP of Intelligence Strategy and Advisory at ZeroFox, talks about all things threat intelligence this week. Brian explains why he chose threat intelligence as his focus, where he's seen opportunities for growth in recent years, and what challenges for cyber threat intelligence lie ahead. Using his intelligence experience developed first in the US Army Special Forces, Brian delivers his argument for intelligence-driven security, instead of the marketing-driven security industry we have today.   Timecoded Guide: [00:00] Diving into the VP of Intelligence Strategy role [05:25] Learning intelligence in the Army Special Forces [10:09] Seeing the past, present, & future of threat intelligence [19:31] Measuring efficacy & ROI of cyber threat data [25:18] Building your own cyber threat intelligence capabilities   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley   A lot of folks shift from intelligence into other areas of cyber, what inspired you to continue down the intelligence route? After Brian graduated from Georgia Tech and the nation experienced the tragedy of 9/11, Brian felt called to enlist in the US Army Reserve. While the war in Afghanistan was not as short-lived as anyone expected, Brian found his calling in military intelligence, where he was inspired to put his experiences in IT and intelligence together. It turns out that fusion already existed in the form of cyber threat intelligence, and Brian wanted to focus on that completely. “I want to bring all these things together and really start pushing our customers and pushing the security community in general towards more intelligence-driven security. Mostly, what I see even today still just feels like marketing-driven security.”   Where are we today with threat intelligence technology, in terms of challenges and opportunities? Brian believes we're already in a really exciting place today in terms of threat intelligence technology. What feels especially opportune for him at the moment includes opportunities and technology that involve internal data from previous threats, freely available external data from sources like blogs, and third-party vendors. However, the challenges facing threat intelligence now involve how to make that technology available for small and medium businesses. “That's what I would love to see become the standard, that big corporations incorporate threat intelligence to the level that they can start to actually extend that value into their supply chain. That way, the whole system becomes more resilient, more secure.”   How does a security team measure the efficacy and ROI of intelligence? In Brian's opinion, most cybersecurity practitioners don't track the ROI of their intelligence vendors, or they fail to measure intelligence for effectiveness. The metrics cyber teams should focus on include number of new detections created, incidents discovered, adversary dwell time, and improved security decision making. Unfortunately, improved decision making is the hardest to measure because it requires practitioner feedback. “At the end of the day, if stakeholders are making security decisions based on intelligence that I'm providing, that's a really good measure of effectiveness. All the security decisions that were influenced by threat intelligence, that's what we're going for.”    When you don't have an intelligence capability and you want to create one, what is typically the first thing that an intelligence team member does? If you're intending to collect data from your customers (which almost every company out there is trying to do), then Brian believes that privacy and security need to be considered from the start. Critical security controls and a solid framework are key to early success for even the smallest security team. The best place to start? Software and hardware inventory. If you don't know what you have, you won't be able to secure your technology properly.  “At the beginning of the critical security controls, it's always software and hardware inventory. If I don't know what I have, then I really can't do anything well in security. I can't do incident response because I don't know where my data is.” --------------- Links: Keep up with our guest Brian Kime on LinkedIn and Twitter Learn more about ZeroFox on LinkedIn and the ZeroFox website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Michael Piacente, Managing Partner & Cofounder at Hitch Partners, answers the essential question on many cybersecurity professionals' minds: Where do CISOs find CISO jobs? As it turns out, Michael helps many cybersecurity teams find their perfect CISO match with the assistance of his own team at Hitch Partners. In this episode, Michael clarifies what the role of a CISO really is, explains the compensation and benefits, and reveals the many responsibilities a CISO may take on during their team in the role.   Timecoded Guide: [00:00] Defining the role of CISO & finding the right homes for each CISO [05:21] VCISO & fractional CISO as an alternative to a full-time CISO [11:49] CISO annual income, benefits, & non-monetary incentives [16:37] Explaining additional responsibilities & tasks taken on by the CISO [25:11] Giving advice to future CISOs looking for the next cyber executive opportunity   Sponsor Links: Thank you to our sponsor Axonius and NetSPIfor bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley In your own definition and experience, what is a CISO? Although there's many definitions of the role, Michael clarifies that defining CISO should always include being an executive. To have a CISO who makes a positive impact and fulfills an organization's needs, that CISO has to be properly placed, properly sponsored, and be in an environment where they have the proper reporting processes. Michael also believes the CISO should always be looking over their shoulder to be diligent of the next threat. “In my version of it, a CISO is the executive— and that's the key term here— that has been properly placed, properly sponsored to handle all of the business information and data risk policy execution and operations in the company.”   What is the difference between a fractional CISO and a VCISO? In Michael's opinion, a VCISO (virtual CISO) and fractional CISO can be used interchangeably in a situation where a company does not need a full-time CISO executive. Unless they're looking to support a strong security program, Michael understands that many companies don't need a full-time CISO in order to be successful. A VCISO makes an impact on an organization's security without being an overwhelming role in a smaller organization. “Bringing in your starter package to implement the baseline or foundational building blocks of what will become a security program, in the form of a consultant or consulting firm, is often a wiser choice than going in building a security program around a full-time CISO role.”   Are there different types of CISOs, and have those types changed over time? Previously, Michael defined 3 different types of CISOs in his search for CISOs with Hitch Partners. However, a fourth type has emerged in recent years: the BISO, or Field CISO. This fourth type joins the ranks alongside other impactful CISO types, including the client (or governance) facing CISO, highly technical CISO, the IT-focused CISO, and now, our fourth type, the BISO, who focuses on the business side of the risk. “It's amazing that all of our CISO searches contain all these different types of CISOs. The fun part of that we get to figure out is: What's the priority [for the role]? What's the order? What does everyone in the organization think the priority should be?”    How would you direct someone to take that first step after realizing they want to be a CISO? Discovering the CISO role exists and being the right person for the role is an important distinction, and Michael encourages potential CISOs to take some time to research the job before getting involved in a job search. However, once someone knows they want to be a CISO, Michael advises finding a CISO mentor and diving into a passion. Each type of CISO needs an expertise and passion to propel them into the superpower status needed to be a CISO.  “I think it's about finding a passion. I'm a big believer that you just have to know where your superpower is, or what your superpower wants to be. In other words, that thing that's passionate to you, that you probably know better than 99% of the population out there.” --------------- Links: Keep up with our guest Michael Piacente on LinkedIn Learn more about Hitch Partners on their website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Hacker Valley: On the Road is a curated collection of conversations that Chris and Ron have had during conferences and events around the globe. In this episode, NTT's Dirk Hodgson, Director of Cybersecurity, and Adam Green, Senior Cybersecurity Executive, speak with the Hacker Valley team at CyberCon in Melbourne, Australia. Dirk and Adam cover the intersection of their roles at NTT, their experiences at conferences like RSA, their country's cybersecurity industry, and their team's cultivated trust with clients.    Timecoded Guide: [00:00] Reuniting at CyberCon after years of COVID limiting security conferences [06:30] Differentiating Australia's cybersecurity industry from the rest of the world [10:48] Watching current cyber trends with CMMC & the Essential 8 frameworks [25:41] Creating interpersonal communication in a technology-driven industry [34:58] Building trust by knowing your clients & your adversaries equally   Sponsor Links: Thank you to our sponsor Axonius for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   How are Australian cybersecurity practitioners different from the rest of the world? According to Adam, the past 3 years have led to a massive shift in maturity for Australia's cybersecurity industry. Previously, Australia relied on its physical isolation as a country as a means of security, but breaches have become more high profile and more impactful for Australian businesses in recent years. Now, Adam is pleased to see there be a greater understanding beyond the 101 of cybersecurity and more collaboration with security teams. “Three years ago, we used to say Australia was 5 years behind the rest of the world [in cybersecurity]. We used to think, because of proximity to the rest of the world, we were pretty safe, but it's definitely become more of a professional approach to security now.” — Adam   How do your roles as Director and Executive work together at NTT?  For Dirk, cybersecurity is the ultimate team sport— and Adam is an impactful element to his cybersecurity team. While Adam often focuses on strategic planning through his background as a practitioner, Dirk enjoys how his business-driven perspective contrasts with Adam and with other members of the team. With a variety of experiences and perspectives in the room, NTT can cover issues from all sides, instead of falling victim to tunnel vision. “Adam is the person on the team, who's great at that scenario planning piece. ‘Here are the things that are gonna go wrong.' Whereas myself and a couple of the other people on the team, look at that go, ‘What's that going to cost the organization?'” —Dirk   Where are the strengths and weaknesses in communication in cybersecurity? Just like Dirk's thoughts about cybersecurity being a team sport, Adam believes that you have to cultivate a team member-like trust with your clients. The client in an initial conversation might seem defensive of your advice or critical of your actions. However, Adam explains that establishing credibility, especially in the business-focused cyber industry in Australia, goes a long way to creating the opportunity for more casual conversations down the line.  “What we find is, in Australia in particular, it's about not just the company, but you as an individual. Do you have my back? Can I trust you? If I don't like you, will you at least mitigate my risk for me? You have to establish credibility real fast.” —Adam   What advice would you give to someone interested in cultivating more trust between clients and their team? Dirk loves a good James Bond villain, but the average hacker attacking the average business is nothing like the movies. Establishing trust with clients starts with not only understanding what they need, Dirk explains, but also knowing the most likely threats beyond the showstopping Blackhats of media fame. Being able to explain to and protect clients from the most common threats keeps their data safest and strengthens their trust in your team. “I think it's about making sure that you know what the worst case scenario is, what the most dangerous course of action that the attacker or a potential attacker could follow, but also, being able to talk credibly about what's the most likely threat.” —Dirk --------------- Links: Keep up with our guest Dirk Hodgson on LinkedIn Keep up with our guest Adam Green on LinkedIn Learn more about NTT on LinkedIn and the NTT website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Hacker Valley: On the Road is a curated collection of conversations that Chris and Ron have had during conferences and events around the globe. In this episode, Cloud Security Podcast's Ashish Rajan and Shilpi Bhattacharjee speak with the Hacker Valley team at AISA CyberCon in Melbourne, Australia. Ashish and Shilpi discuss their respective talks on supply chain security and zero trust technology, SBOMs, and keynote speakers at this year's Cybercon worth noting for the audience at home.   Timecoded Guide: [00:00] Connecting & conversing at a cyber conference post-COVID [06:50] Breaking down Shilpi's presentation on supply chain threats & attacks [11:45] Understanding the paradoxes & limitations of zero trust with Ashish's talk [26:13] Defining & explaining SBOM, or Software Bill of Materials  [33:16] Noticing key conversations & trends for those who didn't attend AISA Cybercon   Sponsor Links: Thank you to our sponsor Axonius for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley Shilpi, can you talk about the idea behind the talk you had at CyberCon?  The inspiration behind Shilpi's conference talk was supply chain issues. Titling her talk, “Who's Protecting Your Software in Supply Chain,” Shilpi hoped to further educate and advocate for security in the supply chain process. An estimated one in two companies will experience a supply chain attack in the coming years. Instead of fearing such a statistic, Shilpi hopes her talk inspired further security action to protect our supply chains.  “One staggering fact that I read is that one in every two companies is going to have some sort of a supply chain attack in the next three years. So, who's going to look after the supply chain? Is it going to be the organization? Is it going to be your third-party vendors?” —Shilpi   Ashish, what about your talk at Cybercon? In contrast, Ashish's talk was about the triple paradox of zero trust. When talking about and implementing zero trust, Ashish realized many companies don't implement the cultural changes needed for zero trust and/or only talk about zero trust as a technology process. Zero trust has numerous layers beyond technology, and requires time and major changes in culture and technology to implement in most companies.  “I feel bad for bashing on finance, marketing, and HR teams. They're all smart people, but if you're going to add four or five layers of security for them, they almost always say, ‘I just want to do my job. I don't really care about this. It's your job to do security.'” —Ashish   Where would you recommend starting when it comes to trying to implement the ideas in your respective talks? When push comes to shove about where cyber companies can start first with supply chain and zero trust, Ashish and Shilpi agree that companies have to discuss business priorities. When company leaders can take the opportunity to look at and understand their cyber hygiene, the next steps might look very different from another company's tactics. Knowing what a business has is the foundational piece that impacts any new process in cyber.  “If I were to go back to the first principle of what we do with cybersecurity professionals, one of the biggest assets that we're all trying to protect is data. You can't protect what you can't see, that's the foundational piece.” —Ashish   For anyone that wasn't able to make the conference, what is one thing that you would want to share with the audience at home?  There were a lot of conversations taking place at Cybercon this year. Ashish wants the audience at home to know that cloud native, zero trust, supply chain, and leadership positions like CISOs were the main themes in many talks, panels, and conversations. Shilpi wants those who couldn't attend to watch out for more talks and conversations about cyber from those outside of the industry to understand that the issues impacting cyber influence the world.  “I think there's that interest about cybersecurity being more than just a cybersecurity problem. Cybersecurity is not just a technical problem, it's a societal problem, a cultural problem. I very much agree, because a lot of the things that we're dealing with impacts everyone.” —Shilpi --------------- Links: Keep up with our guest Ashish Rajan on LinkedIn Keep up with our guest Shilpi Bhattacharjee on LinkedIn Listen to Ashish and Shilpi's Cloud Security Podcast Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Alton Johnson, Founder and Principal Security Consultant at Vonahi Security, automates his way out of his pen testing job in this week's episode. An AOl hacking gone wild got Alton into defensive cybersecurity years ago, and now, as the Founder of Vonahi, Alton advocates for automation and efficiency in the pen testing process. Alton talks about his connection to defensive over offensive, customizing a pen test report to your audience, and finding that sweet spot between practitioner and entrepreneur.    Timecoded Guide: [00:00] Learning the importance of automation in defensive cyber [07:48] Connecting with automation & defensive cybersecurity over offensive [12:01] Showing the results that matter to the right people in a pen test report [15:27] Prioritizing exploitations in the world of vulnerability assessments [21:59] Maintaining the cyber practitioner & the entrepreneurial side of Vonahi   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.   How have you seen automation change yourself and your role?  As a penetration tester, Alton explains that time is often not on his side. There's a limited amount of time to do an assessment, and the measure of a good pen tester is often determined by fast, high quality reporting. Automating the repetitive tasks of pen testing not only saves time, but Alton believes it genuinely changes the role into something much more efficient, high value, and successful.  “Automation obviously plays a huge part in growing in the career too, because the more you can do, the more value you can provide, and the faster you can provide that value makes you a better pentester.”    How do you convey the story of a red team engagement in different ways so that message is received by everyone in the company?  At Vonahi Security, Alton's team separates pen testing reports into an executive summary and a technical report. The executive summary is high level, demonstrating the impact and severity of what was discovered from a business point of view. Many business executives don't need the technical play by play, which is why that is saved for the technical report. The technical report acts as a scene by scene story of what was done and how to technically fix it. “We separate the two conversations. Here's what we did at a high level to anyone that doesn't really care about the technical stuff, but only cares about how it impacts the business, and then, for the person that has to fix the issues, here's everything that they would need.”   What would you tell the newer generation of cybersecurity practitioners about the offensive side?  When Alton first started his cybersecurity journey, he was very into hacking and coding. That passion for code has served him well, allowing him to become successful enough to start his own business with Vonahi. For the younger generation of cyber practitioners, Alton recommends not skipping that coding education. As technically advanced and automated as cybersecurity tools are, practitioners should be prepared to code when something breaks or doesn't work as intended. “I think coding is extremely valuable, because there's going to be many times that tools that you use don't work and you have to have the experience and knowledge to basically fix those problems with coding.”   What have you learned over the past few years that has helped you to maintain both the technical and business side of Vonahi? 21 Efficiency is the name of the game for Vonahi— and it's the one thing that has allowed Alton to remain in a hands-on pen testing role while still being a business owner. Keeping it efficient is more than just technology and automation. Alton believes his success is a direct result of the efficient technology around him and the hardworking, intelligent, efficient team members working with him at Vonahi. “It is really just about efficiency. We look to all these other leaders, but for me, I like to learn from other people's failures. I don't want to take the same growth processes as the person who failed and didn't do well.” --------------- Links: Keep up with our guest Alton Johnson on LinkedIn and his personal website Learn more about Vonahi Security on LinkedIn and the Vonahi Security website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

John Hubbard, SOC consultant, SANS Sr. Instructor and host of the Blueprint Podcast, joins the Hacker Valley team this week to discuss SANS, SOCs, and seeking new hobbies. As the curriculum lead for cyber defense, John breaks down what makes a good SANS instructor and how to inspire passion in students when teaching for long hours. Additionally, John gives away his life hacks for pursuing passions outside of the cybersecurity industry, including podcasting, video editing, music creation, and nutrition.    Time Coded Guide: [00:00] Instructing for SANS & what it takes to be a good instructor [07:33] Exploring the potential of a SOC-less cyber industry [13:38] Teaching complicated topics with clear visuals & simple comparisons  [19:37] Podcasting his way to better SOC consulting skills  [26:12] Finding a balance between jack of all trades & single skill master   Sponsor Links: Thank you to our sponsor Axonius for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley   What do you think are the makings of a good instructor, especially for SANS?  Transitioning from the world of electrical and computer engineering, John's journey to becoming a SANS instructor took over 3 years of study. Although he jokes that training to be a SANS instructor was the longest job interview ever, John is thankful for the mentorship and inspiration his training gave him. SANS courses require long hours and hard work, but John believes the best instructors bring a real love for what they do to each class.  “The technical aspect has to be there in a very strong way. Beyond that, you have to deliver this message not only with razor sharp clarity, but also with passion and energy. People are sitting there watching you talk for hours. If you aren't excited, they're not going to be excited.”   Cyber defense is a pretty broad topic. What makes you feel comfortable teaching a course on cyber defense? Cyber defense can be a topic that's both broad and confusing for students, but John has been dedicated to building a curriculum that cuts through the confusion and inspires innovation. Teaching his students to focus on priorities, John wants to bring clarity to complex topics like SOCs, Kerberos, and related security issues. While the topics can be broad and debatable, John wants to equip his students with real world examples and simple comparable concepts. “If there was one word I was going to summarize both of the classes I teach with, it's ‘priorities.' It's getting the right stuff there first, and not getting distracted by all the other details that are potentially trying to pull you in the wrong direction.”   Have there been unintended benefits to being a podcast host, that either helps you as an instructor, or even someone that does consulting in the SOC space? Taking the chance to start the Blueprint podcast was inspired partly by John's previous interest in podcasts like Security Now, but also by his pursuit of learning content creation. Starting a podcast, for John, was an exercise in testing his comfort zone. Learning the technical aspects as well as the creative aspects of content creation and podcast hosting continues to build John's confidence in his storytelling and teaching skills.  “For me, a lot of things have come out of podcasting. Probably one of the biggest things is just flexing that muscle of doing things that are slightly uncomfortable and scary. Any time you think, ‘I don't know if I can pull this off. Should I do it?' The answer should always be yes.”   What is one piece of advice or philosophy that enables you to do more and squeeze as much as you can out of life?  In the same way that he teaches his SANS students about priorities, John focuses on his personal priorities often in order to accomplish his well-rounded, jack of all trades lifestyle. Building new skills and cataloging new experiences feels vital for John. Taking full advantage of the time he's been given and getting curious about expanding his comfort zone is an essential philosophy that has taught John not only about cyber defense, but about every hobby he enjoys as well. “I try to get up as early as I can manage to get up every day, well before I start getting emails and meeting requests and all sorts of stuff like that, and try to plan out my day and ask myself, ‘How am I going to actually approach doing the things that matter the most to me?'” --------------- Links: Keep up with our guest John Hubbard on LinkedIn, Twitter, and YouTube Listen to John's podcast on the Blueprint Blog Learn more about John's work on the SANS Institute website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Larci Robertson, Sales Engineer at Cyberreason and Board President of Women of Security, brings her expertise and experience in cyber threat analysis, community building, and networking to the pod this week. Larci talks about her time in the Navy, her desire for female friends, and how the combination of those two things led to her joining Women of Security (WoSec). In this episode, Larci walks through the importance of women-led cyber spaces and how mentoring gives back to the community in a ripple effect.    Timecoded Guide:  [00:00] Searching for friendship in Women of Security spaces  [06:56] Diving into the Dallas cyber community with WoSec  [14:00] Finding mission-focused purpose in threat intelligence analysis  [17:57] Transitioning from the military into security and technology  [24:10] Encouraging women to stay motivated in the cyber industry     Sponsor Links:  Thank you to our sponsor Axonius for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone    How did you get introduced to Women of Security?  After leaving the Navy and moving to Dallas, Larci struggled to find community amongst other women in tech. She worried the women she knew outside of the industry wouldn't understand her unique struggles, but the women she was meeting in cyber felt few and far between. Reaching out to Women of Security felt like an encounter with destiny, which inspired Larci to start her own WoSec chapter in Plano and find her voice as a community leader.  “I wanted to find those women and get more women into security, but also have somebody to hang out with that was in the same industry, same page, we're all kind of going at the same pulse of what we've got going on in our lives.”    What are the challenges for women transitioning into the technology field, whether they're coming from the military or from another industry?  As a woman in threat defense analysis, Larci understands the hurdles and complications that come with transitioning into the field. Originally gaining her security experience in the Navy, Larci explains that she, along with many women she meets in the industry, undermine their past experiences and doubt their full potential. This often leads to less job applications from women when positions open up, perpetuating the gap for women in tech.  “I want to tell women, and I do tell them all the time, don't look at that job title. Read through the actual like, what they want you to do, and maybe you understand it in a different way. Don't worry about that stuff. Let them tell you you're not qualified, don't do it to yourself.”    What comes to the top of your mind about the power of community when thinking about WoSec?  Community inspired Larci to be a part of WoSec, but it also left a lasting impact on her friends and her family. Not only has Larci witnessed many female friends achieve career heights they never dreamed possible, she's also seen Women of Security inspire her own daughter. Initially believing her job was “too technical,” Larci's daughter now better understands her own potential to succeed in cyber and tech, which has given her so much confidence in her future.  “I'm seeing people get their first jobs in cybersecurity, and it's really exciting. And then, they'll turn around and help somebody else. I feel like that's happening a lot more. I see it because my group is doing it, I think we're all emulating each other in that way.”    For any women listening right now, what would be that piece of advice that you have for them to keep them energized while they're in the field?  Money is a motivator for many individuals transitioning into the cyber industry. While Larci understands why she meets many women looking to make more money in cyber, she also encourages those women— and anyone else listening to this week's show— to find a purpose and passion for their work. Money motivation doesn't last forever, and Larci wants to build a community of women who understand and enjoy their purpose in tech.   “I feel like no matter what you do, if you have purpose in what you're doing, you're going to stay and you're going to have that drive. On top of that, you gotta have fun with this. If you're not having fun at what you're doing every day, I think you're doing it wrong.”  ---------------  Links:  Keep up with our guest Larci Robertson on LinkedIn and Twitter  Learn more about Cyberreason on LinkedIn and the Cyberreason website  Connect with Ron Eddings on LinkedIn and Twitter  Connect with Chris Cochran on LinkedIn and Twitter  Purchase a HVS t-shirt at our shop  Continue the conversation by joining our Discord  Check out Hacker Valley Media and Hacker Valley Studio 

Marrelle Bailey, Community Manager, Content Curator, and DEI Advocate, brings her multifaceted career experiences down to Hacker Valley Studio this week. Tapping into her past lives in yoga, bodybuilding, community managing, and cybersecurity, Marrelle explains the silo her career has taken into helping others find ease and peace of mind in their work. Marrelle also walks Chris and Ron through an exercise designed to help anyone feel more worthy, valuable, and like they belong.   Timecoded Guide: [00:00] Taking on career pivots with excitement & curiosity [06:23] Bodybuilding & yoga's surprising presence in her cyber career [09:28] Finding black women in predominantly white tech communities [14:07] Being a jack of all trades, but a master of self worth & reflection [20:54] One key practice for feeling worthy, valuable, & like you belong   Sponsor Links: Thank you to our sponsor Axonius for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone   What from your past in yoga and bodybuilding has stuck with you today? As someone who grew up feeling traumatized and uncertain, Marrelle believes that yoga genuinely saved her life. Yoga helped Marrelle feel confident and empowered, and also taught her the importance of self-reflection. Additionally, Marrelle's continued health and wellness journey inspired her to take up bodybuilding, which has motivated Marrelle to work hard, to motivate others to engage in their health, and to recognize when she's holding herself back. “My clients know I'm fixated on pushing them as much as I push myself, because I know we have greatness. I know for myself, I can be the best self-sabotager in the world when it comes to pushing myself professionally. I know what it feels like sometimes to hold yourself back.”   What has it been like doing all these different roles and how do they stack together? Marrelle is a true example of a jack of all trades, with experience in personal training, cybersecurity, content creation, and community management. Despite the differences, each role Marrelle has taken on has ultimately focused on compassion, authenticity, and perseverance. Marrelle never saw black women succeed in the areas she wanted to succeed, but now, she can set an example and show that she belongs in each opportunity she takes. “I feel like each job taught me, even though they were all so different, they all taught me about gaining compassion for people. Am I being authentic to the people around me? Am I giving people the ability to be themselves and for me to be myself, to grow, to persevere, to push?”   How would you describe yourself, being so multifaceted and dimensioned? Marrelle believes she is someone that just wants to help other people and support other people in their healing process and in knowing their importance. Many people, regardless of their profession, struggle with difficult feelings of unworthiness and exclusion, fearing that they won't be taken seriously for who they are. Marrelle has struggled with these same feelings, and wants to create safe spaces for people to grow and nurture their confidence. “I just want to bring people's lives ease and peace and remind them how valuable they are, because I think all of us at some point struggle to know our worthiness and our value, and that we belong in the spaces that we're in, because sometimes we can really feel left out.”   What would you recommend for anyone who wanted to start feeling worthy, valuable, and like they belong a little bit more today? While anyone can struggle with feeling a lack of worth, value, and belonging, Marrelle wants to reassure listeners that these exist in abundance and can be built up with mindfulness exercises. An easy way to start practicing a better and more positive mindset is through inhaling the good and exhaling the bad. As you inhale deeply, think positively about who you are and who you want to be. As you exhale, get rid of negative and unfair thoughts about what makes you “not good enough” to feel worthy, valuable, and like you belong. “You are worthy, you are valuable, and you belong where you are. No one can question it, you are where you are because you got there. No one knows your backstory, no one knows your journey, no one can walk in your shoes, but you deserve to be where you are.” --------------- Links: Keep up with our guest Marrelle Bailey on LinkedIn, Twitter, and website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Sheryl Anjanette, Author, Speaker, and CEO & Founder of Anjanette Wellness Academy, comes down to Hacker Valley to discuss and promote her new book. The Imposter Lies Within covers Sheryl's work with the intersection between business and mindset, and invites professionals to reconsider and reprogram their brains away from imposter syndrome. Using her findings personally and professionally, Sheryl walks through the origins, explanations, and potential remedies for imposter syndrome in this episode.   Timecoded Guide: [00:00] Discovering imposter syndrome's origin story  [05:04] External triggers vs the inner critic [13:59] Imposter syndrome & Neuro Linguistic Programming (NLP) [21:11] Reprogramming your brain to heal from the imposter phenomenon [27:34] Fearing firing as an unrealistic response to the inner critic   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com   What is the origin of imposter syndrome?  Defined and named in the early 1970s, imposter syndrome impacts each person in different ways depending on a variety of personal experiences, including gender, upbringing, and income status. Despite the experience varying from person to person, Sheryl explains the set of symptoms still remains strikingly similar, no matter who is suffering from imposter syndrome. This has made the phenomenon relatively easy to identify with, as many struggle with a lack of belonging, self worth, and self confidence. “In the early ‘70s…researchers called it the imposter phenomenon, but they had only studied women. For quite a long time, people thought only women experienced feeling like an imposter, but recent studies have shown that men and women experience this almost equally, just differently.”   Do you see imposter syndrome as a negative construct of Neuro Linguistic Programming (NLP)? Outside of the office, Sheryl incorporates Integrated Hypnotherapy in a large majority of her coaching work and explains that a large majority of that has involved delving into NLP, or Neuro Linguistic Programming. NLP emphasizes the importance of what people tell themselves. What someone actively lets themselves think has the power to become true to their brain. When someone thinks they are an imposter at work, they end up accidentally using aspects of NLP, which causes their brain to believe they are an imposter.  “Our conscious mind is only 10% of our reality, 90% is below the surface. When we can start to make the unconscious conscious, when we can do the deep dive and go back in and look at our programming, we can see where the code went bad and change that.”   What are the steps of reprogramming your mind away from these imposter thoughts? Reprogramming someone to actively deny and work against imposter syndrome thoughts requires a deep dive into emotions and an understanding of an internalized past. Sheryl explains that being present, taking deep breaths, and allowing your perspective to shift out of your head and into your body are all steps that need to be taken in this reprogramming process. This process is powerful and new, but Sheryl promises it doesn't have to be difficult or uncomfortable.  “Get very, very present in the moment and then, just feel yourself drop into your heart. Feel yourself drop into your heart, it's only an 18-inch journey, but it's something we generally don't do very often. Get out of our head and into your heart.”   For anyone that's dealing with imposter syndrome, is there anything that you would want to tell them to help them understand the power within? Sheryl sees a large majority of professionals struggle specifically around the idea of not being good enough at work and being an imposter at risk of being fired. Imposter syndrome can convince anyone of this idea because it doesn't rely on experience as evidence, according to Sheryl. Instead, someone suffering from imposter syndrome has to acknowledge that the idea of not being good enough and being fired is just an idea, not reality.  “As you go into your heart and into your observer role, ask yourself: Is this real? Where's this coming from? And then, tell yourself a different story. ‘I'm good. Everything will work out. I think that's just a pattern that I've had for a long time. I'm going to assume the best.'” --------------- Links: Keep up with our guest Sheryl Anjanette on her website, LinkedIn, or via email: hello@sherylanjanette.com Purchase Sheryl Anjanette's book, The Imposter Lies Within, on Amazon and Barnes & Noble Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Autism is a real challenge for a lot of families. Hoteliers, however, can help yet also be rewarded with higher profitability. Watch this short video with Alan Day at Autism Double Checked and Rod Clough, MAI (He/Him) of HVS and learn how!

In this special episode, Hacker Valley community members and hosts of the Breaking Through in Cybersecurity Marketing podcast, Gianna Whitver and Maria Velasquez, tell all about the ups and downs of cyber marketing. As podcast hosts and founders of the Cybersecurity Marketing Society, Gianna and Maria eat, sleep, and breathe cybersecurity marketing. This week, Gianna and Maria share the history behind the Society and explain why they decided to host their CyberMarketingCon2022 conference in person.   Timecoded Guide: [02:41] Creating the Cybersecurity Marketing Society [06:29] Transitioning CyberMarketingCon2022 from virtual to in-person [10:50] Combating the difficulty of growth marketing to cybersecurity practitioners [18:34] Examining ROIs for attendees of conferences like Black Hat and RSA [28:15] Finding the one thing they would instantly change about cyber marketing   Sponsor Links: Thank you to our sponsor Axonius for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone   How did the Cybersecurity Marketing Society come to exist? Gianna and Maria initially met and bonded over how the cybersecurity marketing world is constantly changing and evolving, for better or worse. They would get together to chat, as well as share strategies and insights. They quickly realized, through their friendship, that there was potential for a solid community in cybersecurity marketing. They started a Slack channel, just to put something out there. The channel grew from 10 participants into a bustling community of over 1500 people. Now, the Society is growing every day and hosting online events. “It's always really nice to look back at the start, and it humbles you, right? As you continue this hustle of just growth and ongoing things happening, it's nice to take a step back and say, ‘Wow, look at where it all started.' It seemed like just a crazy idea then.” –Maria Velasquez What inspired the leap to host an in-person conference for CyberMarketingCon? Back in 2020, while everyone was experiencing the height of the pandemic, members of the Cybersecurity Marketing Society were still interested in making connections with other professionals in the industry. Gianna and Maria decided the best option available was hosting virtual conferences in 2020 and 2021. Later, they branched into in-person chapter meetups in cities around the world. An in-person CyberMarketingCon2022 seemed like the next natural step in the process to cement those community connections. “We started planning on a spreadsheet, basically. What's the theme? What do we want to cover in terms of topics? We looked to our members within the Society to hear what they'd like to learn at the conference and the speakers they'd like to see.” –Maria Velasquez   What makes it so difficult to market to cybersecurity practitioners? Cybersecurity practitioners are notoriously skeptical. Their purview is full of phishing links and threat actors, and their guards are always up. Practitioners also often have a revolving door of folks wanting them to try demos, which makes it harder for someone to stand out. Maria and Gianna explain that you have to create a different kind of connection to build a relationship with practitioners, and advise marketers to avoid the cringeworthy commercial buzzwords. “We're here to make sure that together, as an industry, cybersecurity marketers default to the best practices in marketing to practitioners, and that we're not bothering our target audience. We're doing great marketing, so that we can help everyone be more safe.” –Gianna Whitver   What did the ROIs look like for attendees of Black Hat and RSA? In general, according to Gianna and Maria, the return on investment seemed higher for attendees at Black Hat, rather than at RSA. For marketers, RSA is less about selling and more about brand awareness and meeting with investors. In contrast, those who attended Black Hat reported that, even though the quantity of traffic at their booths was lower, the quality of the connections was higher, and there is a lot of optimism about opportunities to connect next year becoming more frequent. “We're going to keep doing this every year. We're going to keep expanding the survey, we're going to have better data. I'm really looking forward to next year's debrief on Black Hat and RSA, seeing how things changed and how companies perceive their ROI.” –Gianna Whitver ----------  Links:  Grab your ticket to the CyberMarketingCon2022 Follow Gianna on LinkedIn Catch up with Maria on LinkedIn Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Dani Woolf, Director of Demand Generation at Cybersixgill and Host of the Audience First podcast, brings her marketing expertise to Hacker Valley to talk about what's broken in the marketer-buyer relationship. Dani's tried and true methods of cybersecurity marketing involve clear messaging, authentic communication, and building trust in an industry where not trusting anyone is the norm. How can cyber marketers break through the negative stereotypes and show cybersecurity buyers that they're authentic?   Timecoded Guide: [00:00] Fixing the broken relationship between cyber marketers, sellers, & buyers [04:58] Unrealistic marketing goals vs incorrect marketer perspectives [10:23] Better conversations between marketers & practitioners with Audience First [15:12] Connecting with curious cyber practitioners instead of dismissing them [23:37] Advice for cyber marketers looking to start fresh with content   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com   What messages are practitioners receiving (or not receiving) from cybersecurity marketers?  One of the domains Dani actively uses is hilariously titled, “WTF Did I Just Read?” This project, inspired by the contextless and confusing messaging cyber practitioners receive everyday, aims to show marketers how to adopt better tactics and more authentic communication with potential buyers. Truth be told, Dani has seen the worst of cyber marketing, and she understands why many marketing teams get a bad rap in the industry. “Frankly, [marketers] are just sending messages that have absolutely no context or need to the buyer, which is just lazy. You have to identify the problem, do a little bit of legwork to see what the buyer is interested in. Who are they really? What are they trying to solve?”   Where do you think we all went wrong, from a cyber marketing perspective? Two factors have contributed to incorrect and inauthentic marketing tactics in cybersecurity, according to Dani. The first is pressure to achieve stressful goals and unrealistic KPIs on marketing teams that should be focusing on quality of communication over quantity of calls or outreach methods. The second is marketers coming into the cyber industry with the false mindset that cyber marketing is just like any other marketing, when in reality, the methods of communication and the relationship with buyers is completely different.  “A lot of professionals coming into cybersecurity think that what they've done in other verticals works in cybersecurity, when in fact it doesn't. I know for a fact it doesn't, because that's how I made mistakes in the security space and that's how [my podcast] Audience First was born.”   Is there a lot of conversation and communication happening between marketers and cybersecurity practitioners? Marketers and practitioners are not communicating in a trustworthy and authentic way, in Dani's opinion. Many marketers fall into the mindset trap of letting the “smart people” in the room talk during meetings and calls, instead of engaging in the conversation. Dani explains that when cyber marketers shut themselves out, they don't learn anything about cybersecurity or about their clients. Not knowing creates a lack of trust and confidence for both sides.  “If we continue to just click on buttons and look at numbers, we're not going to do our jobs any better. I urge anybody listening to foster that bidirectional relationship, to be open to marketers speaking to you, and to be open to speaking to practitioners and asking for feedback.”   How would you compare the average cybersecurity buyer to, for example, other buyers in the technology space?  Despite the stereotypes of cybersecurity buyers being tough or unapproachable, Dani admits that many of her cybersecurity clients are kinder and more empathetic than in other tech industries. However, this kindness and empathy has to be earned, and security professionals aren't always the easiest people to gain the trust of. Dani explains that credibility and authenticity reign supreme in messaging to cyber buyers, because that is the only way to break through the caution many practitioners are trained to have. “Why would I scratch your back? Or, why would you scratch mine if I don't even know who you are? Like, the whole point of security is not to trust everything that you see. So, trust and credibility is a huge part of that, and establishing authentic relationships is a huge part, too.” --------------- Links: Keep up with our guest Dani Woolf on LinkedIn and Twitter Listen to Dani's podcast, Audience First, and learn more about “WTF Did I Just Read?” Check out the Cybersixgill website Learn more about Dani's work on her other Hacker Valley podcast appearances: Breaking Through in Cybersecurity Marketing, Breaking Into Cyber  Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Ben Opel, Senior Director of Professional Services at Attack IQ and former Marine, joins Chris and Ron to talk about the essentials of purple teaming. Combining the essentials of the red team and the blue team, a purple team offers cybersecurity companies a unique opportunity to create a threat informed security process. Using his time in the Marines and his experience at Attack IQ, Ben walks through purple team philosophy, breach and attack simulations, and shifting from a reactive to a proactive mindset.   Timecoded Guide: [00:00] Past experiences with cybersecurity in the Marine Corp [04:28] Exposure to purple teaming in defensive cyber ops [10:26] Implementing breach and attack simulations in defense strategy [14:38] Threat informed defense and the aftermath of breach simulations [23:36] Communicating and approaching risk-related decisions    Sponsor Links: Thank you to our sponsor AttackIQ for bringing this episode to life!  AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com   How did you first get exposed to purple teaming and what are some of the tenants that you hold today? Ben's experience in cybersecurity and his journey into purple teaming occurred during his time with the Marine Corps, performing defensive cyber ops. Originally, Ben didn't even know the term purple team existed when he first encountered it, but his team was already approaching their work that way. Ben explains a core tenant of purple teaming is getting people in the same room and showing them the value their work brings to one another. “We started building our teams around this multifunctional purple concept of having threat hunters, threat intelligence, red cell, support and mitigation, and forensic cell all in one. All of these capabilities in one team, where they could work synergistically.”    What are the shortcomings and advantages of the purple team philosophy? Like any philosophy, Ben explains that the hardest part of incorporating a purple team mindset is including it in everything your team does. To aid in this shortcoming, Ben keeps one question in mind: “What can someone do for me, and what can I do for them?” When involved in a purple team, everyone is putting their heads together. Ben explains there's much less confusion between offensive and defensive professionals in that purple collaborative setting. “Pure red team ops can be super fun, but you leave every job not sure they're going to actually make something with what you did. I've worked with blue teams who are like, ‘Hey, this was a great report, red, but we made some fixes, but we don't know if these are good.'”   How do we get more people into being proactive and adopting the purple team perspective? A large majority of cybersecurity teams and processes involve reacting to potential threats and incidents. In contrast, purple teaming and threat informed defense strategies emphasize a more proactive mindset. Ben explains that working with a capability like Attack IQ helps teams build confidence in what they can prepare for and prevent. Building confidence in infrastructure and resilience in your team helps a proactive mindset thrive.  “It's about giving folks the ability to parse out and understand what's important to them, and to boil that down into, ‘Okay, now, what does that mean when hands on keyboard?' Making that available, making that easily digestible. It's an education problem in this realm.”   What would be your first piece of advice for the person about to embark on discovering or explaining breaches and attacks in relation to their organization? Ben explains that explaining breaches and helping others in your organization understand attack risks starts with showing. He explains that revealing how easily these things can happen and in what situation certain events could be particularly harmful opens the eyes of members of your team to what their threats look like. Instead of catering to doom and gloom, analyze your cyber threat risk with practicality and literal examples.  “If I had to say that I had a specialty forced upon me by the Marine Corps, it was that. It was going over to peers and telling them that this is something that's good, bringing my red team in and letting them poke around, letting my blue team plug in to their network from some strange IP that they've never seen before.” --------------- Links: Keep up with our guest Ben Opel on LinkedIn Learn more about Attack IQ on LinkedIn and the Attack IQ website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Mimi Gross, Founder and Cybersecurity Matchmaker at People By Mimi, connects early stage through Series C cybersecurity startups with sales and marketing talent. As a recruiter and headhunter with over 5 years of experience, Mimi refers to the process of recruiting and hiring as “cybersecurity matchmaking.” Mimi joins Hacker Valley Studio this week to talk about what recruiting and dating have in common (including marriage!), and the ways to deal with rejection during the hiring process.    Timecoded Guide: [00:00] Defining the term “cybersecurity matchmaking” as a recruiter [04:00] Commonalities between recruiting and dating advice  [07:55] Dealing with job rejection like a bad breakup [15:17] Balancing hiring manager wants and needs in the recruitment process [20:11] Emphasizing chemistry between the ideal candidate and their future employer   Sponsor Links:  Thank you to our sponsors Axonius and Uptycs for bringing this episode to life!  The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley  With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.    Where did the term “cybersecurity matchmaking” come from? There's a huge element of matchmaking in recruiting. That's essentially what you're doing — you're matching a potential candidate with a potential new position. Certain recruiters and companies instead treat the act of recruiting candidates and hiring new employees like a sales transaction. This feels impersonal for everyone involved. Referring to recruiting as “matchmaking” reminds everyone involved that there are humans in the process at every stage, from application to references, interviews to onboarding. “Early on, I was disillusioned with recruiting, because I realized that people don't treat it like finding the perfect match. It's like sales for some people. I quickly said, ‘I can't do this thing unless I can call it matchmaking.' That's where the term came in.” What does dating advice have to do with recruiting? In both recruiting and dating, you're trying to find the “right” fit. In dating, both people in a relationship are looking for “the one”; someone to grow with long term and to build a mutually beneficial relationship with. In recruiting, the founder or hiring manager is looking for the right candidate for the role, while the job searcher is looking for the right job for their career. In both dating and recruiting, when you find the right one, it won't be a huge compromise or a challenging fit; the relationship will feel authentic and natural. “I find that the best matches I make — and I love to call them matches, because they really are — I look back at them, like, ‘You know, that was a good match.' In those great matches, the chemistry was there right away.”   How do you help candidates deal with rejection? Rejection is part of the recruiting process, just like how breaking up is part of the dating cycle. There are going to be times when the fit isn't right and the job you want goes to a different candidate. The trick is to not take it personally. Instead, take a learning approach to the situation. The company might need to go in a different direction, or someone else in the organization may be taking over the position. Unlike dating, the hiring process is unrelated to who you are as a person. Focus on learning and applying your experience elsewhere. “It's not just about not taking rejection personally. You have to see that there will be the right fit for you, and that also, the person who is rejecting you now could be a valuable person to know in the future. Never burn bridges.”   What is one of the most important aspects in recruiting? Chemistry is key in the recruiting process. You may have a company executive or a hiring manager who wants a specific trait from their applicants, like an Ivy League education. As a recruiter, you have to dig beneath the surface to discover the “why” behind a job qualification or educational requirement. Perhaps the employer actually wants someone organized or detail-oriented. Getting to know the “why” means that you can find the actual right fit, while the chemistry between the job seeker and the hiring executive will take care of the rest. “In the beginning, if you find the right match, the dating metaphor here is that nobody's perfect. You have to figure out what kind of imperfect you can handle and you can love, and that's the right match.” ----------  Links:  Spend some time with our guest Mimi Gross on LinkedIn Learn more about cybersecurity matchmaking on the People By Mimi website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Renee Small, Cybersecurity Super Recruiter, content creator, and host of the Breaking into Cybersecurity podcast, joins the Hacker Valley team to clear the misconceptions around recruiting and discuss cybersecurity's open positions. Taking labor shortages and skills gaps into consideration, Renee explains how she's helped others start strong in the industry and hone their skills. Additionally, Renee covers her journey into content creation and podcasting, and how that's impacted her recruiting work.    Timecoded Guide: [00:00] Understanding a recruiter's role in big and small cybersecurity orgs [06:37] Diving into content creation with the Breaking into Cybersecurity podcast [12:13] Challenges and rewards of helping entry level cybersecurity professionals [16:02] Rewarding cyber recruitment stories and tech mentorship opportunities [22:39] Advising job seekers looking for entry level positions in cybersecurity   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution: uptycs.com.   What is the role of a recruiter in cybersecurity?  Renee knows the idea of a recruiter can be a confusing one, and the role of a recruiter can be radically different depending on the size of an organization or the type of recruitment they focus on. Overall, however, Renee believes that the role of a recruiter is to be a matchmaker for a position within a company. Cybersecurity recruiters have to understand the technical needs of a position and the cultural needs of a cybersecurity company to find the perfect practitioner fit. “The role really is to be like a matchmaker. You're seeing who out there is a great fit for which roles, which companies, and which culture, or which company culture, and that's what makes it, for me, a lot of fun.”   How has being a content creator impacted your work as a recruiter?  Although Renee doesn't always identify as a content creator, her work with Chris Foulon on the Breaking into Cybersecurity podcast speaks volumes about the type of creator she really is. Renee always focuses on giving back with the work she produces, whether that work involves career coaching, recruitment advice, or cybersecurity education. Becoming a podcaster and content creator has allowed Renee to answer questions and provide information that helps the entire online cyber community.  “I experienced all the positions that were open as a recruiter, but I had no idea that there was this group of folks who were entry level, or transitioning into their first cybersecurity position, and they needed my help [in order to break into cyber].”   What are some of the most fulfilling moments that a recruiter can have?  Being a recruiter gives Renee the opportunity to help cybersecurity practitioners discover their dream job and navigate the industry intelligently. Her fulfilling moments actually center around those she's helped along the way, including a former mentee and a former helpdesk employee looking for upward mobility. Finding the perfect match isn't just about satisfying the company needs, Renee explains, but is also about connecting someone to an opportunity for success and growth. “I get a kick out of people getting a job, it's almost like a little high for me. Every time I'm the person who connects people and it works out and they get paid well, I have a little party in my head. It's just so rewarding. I love that matchmaking process so much.”   What advice do you have for professionals struggling with their job search in the cybersecurity industry?  Cybersecurity's labor shortage and staff burnout issues threaten even the most air-tight of security teams. Unfortunately, Renee explains that even with so many job openings, entry-level employees or professionals transitioning industries still can't break into cyber. Her best advice for those struggling to take the first step is to connect with successful practitioners in the field already through nonprofit organizations and network events. Focus on a network that will expand your knowledge of cyber and the state of the industry. “If you're a college student, if you are someone out there looking to understand what's happening in the field, join one of the myriad of cybersecurity nonprofit organizations and learn about what security really is.” --------------- Links: Keep up with Renee Small on LinkedIn  Listen to Renee's podcast Breaking into Cybersecurity Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Caitlin Sarian, known on TikTok as Cybersecurity Girl, comes to Hacker Valley to talk about the endless possibilities for cybersecurity on social media. Walking through her journey of becoming cyber's biggest TikTok star, Caitlin covers every aspect of internet fame and online presence, including facing criticism, gaining and losing viewers, and trying to make an impact on women in STEM. Alongside her work on social media, Caitlin also walks through the development of her new online cybersecurity course.   Timecoded Guide: [00:00] Introducing Caitlin & her work on TikTok with Cybersecurity Girl [06:45] Building a cyber platform on TikTok & dealing with imposter syndrome [11:21] Keeping women in STEM, instead of just getting women into STEM fields [15:56] Dismissing the idea of the diversity hire in tech & cyber [24:43] Working with Girls Who Code & building her own low-cost cyber school   Sponsor Links: Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley   Uptycs, analytics for the modern attack surface, observability for the modern defender. Check out Uptycs by visiting them at uptycs.com   How do you feel about going viral, or not going viral, on TikTok?  Although social media, especially TikTok, relies on an algorithm to push content to different viewers, Caitlin admits that viral content creation is more about luck than about methods. Since becoming involved in TikTok as a cybersecurity influencer, Caitlin has developed tricks of her own to elevate her content and interact with her audience, including going live on the app. However, she still explains that going viral is still random, with lower quality quick content sometimes hitting a larger audience than her higher value creations.  “Videos that you spend the least time on get the most views and the videos that you spend the most time on, get the least views. I've stopped looking at the views and just started trying to produce content that either makes people smile, or adds value to people's lives.”   What is that value that you're getting from making cybersecurity content for TikTok?  While creating podcasts at Hacker Valley allows for Chris and Ron to give back to their community and meet incredible cybersecurity content creators, a similar idea guides Caitlin's work on TikTok. Considering that content creation can sometimes feel thankless and frustrating, Caitlin motivates herself by focusing on the people she helps. Through making cybersecurity more accessible online, she hopes to inspire other women to get involved and stay involved in cyber, tech, and STEM fields. “It adds value to my life, knowing that I'm not just going day-by day-doing my job and that's it. I like bringing awareness and being that light for people that need it, especially in the tech world. I think for me, this is what I'm hoping for, I'm hoping to get more women in STEM.”   Can you tell us a little bit about your online cybersecurity school?  Caitlin isn't only working on her cybersecurity platform on TikTok, she's also expanding into online education with her course, Become a Cyber Analyst. Focusing on cybersecurity accessibility and affordable education, Caitlin's course is a six-month boot camp that teaches students the ropes of the cyber industry. The best part? Students don't pay until they're employed in cyber, and Caitlin's course guarantees a job within 3 months of graduation. “I partnered up with a school called Master School, and it's basically a six-month boot camp. And then, after the boot camp, we have HR specialists that help students get a job after. You don't have to pay for it until you get a job, and it's a lump sum.”   What is your perspective on the struggles women face breaking into cybersecurity and staying in tech careers? As a woman in cybersecurity, Caitlin has witnessed alarming levels of sexism in the industry and has seen fellow women experience tech burnout. With her content on TikTok and her new cybersecurity school, Caitlin hopes to solve the problem of not just inviting women into the cyber industry, but retaining female employees in cyber as well. Through supportive content creation and her own influence, she hopes other woman see that the possibilities in their careers are endless. “I think the issue that I always used to deal with is a lot of men think I got the job from just being a woman. That also goes to my imposter syndrome, because I'm like, ‘Maybe I did just get this job because I'm a woman and they want to work with me. Maybe I'm a diversity hire.'” --------------- Links: Keep up with our guest Caitlin/Cybersecurity Girl on TikTok and Instagram Learn more about Caitlin's incredible Masterschool course, Become a Cyber Analyst Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

We're joined again by the hacker's hacker, Tommy DeVoss, aka dawgyg. Bug bounty hunter and reformed black hat, Tommy dives back into a great conversation with us about his journey in hacking and his advice to future red team offensive hackers. We cover everything we couldn't get to from part 1 of our interview, including his struggles with burnout, his past hacking foreign countries on a bold quest to stop terrorism, and his future in Twitch streaming to teach you how to be a better bug bounty hunter. Timecoded Guide: [02:57] Fixating on hacking because of the endless possibilities and iterations to learn [09:54] Giving advice to the next generation of hackers [17:17] Contacting Tommy and keeping up with him on Twitter [21:43] Planning a Twitch course to teach hackers about bug bounties using real bugs and real-world examples  [24:57] Hacking in the early 2000s and understanding the freedom Tommy has to talk about any and all illegal hacking he's done now that he's gone to prison   Sponsor Links: Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone PlexTrac is pleased to offer an exclusivecRed Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!   Do you ever struggle with burnout when it comes to hacking? Hacking has maintained Tommy's interest longer than anything else because of the constant changes in technology and the ever-evolving issues in the online world. However, just because hacking is his passion, doesn't mean that burnout or frustration never happens. Currently, Tommy is taking more of a break with hacking, letting his current day job and his passion for gaming have a front seat. However, he's still firmly in the industry, passionately developing learning opportunities for future hackers and answering questions from cyber professionals of all backgrounds. “I do get burned out sometimes…When it comes to bug bounty hunting, I try and make it so it averages out to where I make at least $1,000 an hour for my effort. It doesn't always work. Sometimes I'm more, sometimes I'm less, but I try and get it so it averages out to about that.”   What hacking advice would you give the younger version of yourself? Although his black hat ways resulted in prison time for Tommy, he doesn't regret his past and instead seeks to teach others the lessons he's learned. When we asked Tommy for advice for new hackers, he was clear that success is a longer journey than people assume it is. Tommy's success was not a fluke, it took years of hands-on learning and patience with failures in order to develop his bug bounty skills. Nothing is actually automatic or easy with hacking, especially as the technology continues to change and evolve. Tommy wants hackers to take every opportunity to try out their skills, even if it's a complete failure. “Don't expect success overnight. Also, don't let failure discourage you. When it comes to hacking, you're going to fail significantly more than you're going to succeed. And the people that are successful in bug bounties are the ones that don't let those failures discourage them.”   What do you think about the “media obsessed” stereotype many people have about black hat hackers? Wrapping up today, Tommy tells us that he'd be happy to be back in the Hacker Valley Studio again some time. Although the stereotype of a black hat hacker wanting attention from the media is disproven, Tommy believes that he definitely has craved that media attention for a large majority of his hacking career. Starting in the early 2000s, after 9/11, Tommy had one of his first brushes with fame in an interview with CNN about hacking Middle Eastern companies. Although his hacking and his politics have changed since then, Tommy enjoys having in-depth conversations about hacking and explaining the intricacies of what he does. “We loved the attention back then, and I still love the attention now, it's nice. The good thing about now is, because I already got in trouble for everything that I've done, I've done my prison time, I don't have anything that I did illegally on the computer anymore that I can't talk about, because I've already paid my debt to society.”   What are the best ways for people to keep up with what you're doing? Considering Tommy's success, it's understandable that a lot of cyber professionals and amateurs have tons of questions for him. When it comes to getting in contact with Tommy, he recommends tweeting him on Twitter publicly so that he can not only answer your question, but help others with the exact same questions. Education is key, and Tommy is so dedicated to teaching other hackers that he's currently developing a recurring Twitch stream centered around helping others learn about bug bounty hunting. “I don't know how successful we're going to be in finding the bugs, but I think it'll be fun to teach people [on Twitch] and do it that way, so that they can actually spend some time learning it. The best way to actually learn this stuff is to actually try and do the hacking.” ----------- Links: Stay in touch with Thomas DeVoss on LinkedIn and Twitter. Check out the Bug Bounty Hunter website. Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Ron Eddings on Twitter and LinkedIn Catch up with Chris Cochran on Twitter and LinkedIn Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord