Cyber Work

Justin Pelletier is the director of the cyber range program at the ESL Global Cybersecurity Institute at the Rochester Institute of Technology. Infosec Skills has some great cyber ranges, but Pelletier shows the organization’s massive, immersive simulations. Because they’ve also included cyber range technology for beginning cybersecurity pros transitioning from other jobs, we cover what’s involved in making a good cyber range, how to break down those early barriers of fear and self-doubt and how quickly you can move into a cyber career after hands-on training. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Immersive cyber ranges3:13 - Getting into cybersecurity5:06 - Studying data breaches11:03 - Cybersecurity at the Department of Defense14:02 - Cyber range education at the RIT16:20 - Work of the Global Cyber Range24:20 - Cyber range scenarios 38:30 - What makes a good cyber range? 42:00 - Successfully getting into cybersecurity45:33 - Cyber range upskilling 48:47 - Cybersecurity hiring changes51:30 - Learn more about the cyber range center52:30 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Today's podcast highlights implementation privacy, policy privacy and all things privacy with privacy expert and Infosec Skills author and instructor Chris Stevens. From his years in the government’s office of national intelligence to his multiple IAPP certifications, Stevens is happy to tell you everything you ever wanted to know about careers in privacy, around privacy and careers that would be better with a helping of privacy skills on top! – Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Cybersecurity privacy 3:30 - Getting interested in cybersecurity4:40 - Cybersecurity in the Department of Defense6:00 - Computer science studies 8:50 - Cybersecurity research11:05 - Information privacy and privacy professionals14:48 - What does U.S. privacy cover?19:10 - Privacy certifications and more21:36 - Privacy differences across countries24:50 - Difference in privacy certifications27:16 - Learning about privacy30:16 - Positions available for information privacy 33:50 - Educational steps to work in privacy36:00 - Getting a job in privacy37:57 - Entry-level work in privacy roles42:44 - How to stay on track in lifelong learning46:37 - Cybersecurity education in the future48:19 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Steve Pereira of Visible Value Stream Consulting discusses DevOps, SecOps, DevSecOps and his own lifelong love of streamlining projects. You’ll hear how his dad’s job with Bell Telephone facilitated his early explorations, the intersections of DevOps and Agile, the ever-important security component of it all and why following your interests and not the big money payouts might not work in the short run, but ultimately will get you where you want to go in the end.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 2:35 - Cybersecurity origin story6:02 - Build and release engineering9:27 - Tech and business11:20 - DevOps projects12:10 - Automating yourself out of your job13:44 - What is DevOps?23:45 - Method for DevOps success31:47 - Development team vs security team36:03 - DevOps history and Agile44:50 - How do I work in DevOps?  52:09 - Visible Value Stream Consulting 54:42 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Digital forensics analysts collect, analyze and interpret digital evidence to reconstruct potential criminal events and/or aid in preventing unauthorized actions from threat actors. They help recover data like documents, photos and emails from computer or mobile device hard drives and other data storage devices, such as zip folders and flash drives, that have been deleted, damaged or otherwise manipulated. Digital forensic analysts carefully follow chain of custody rules for digital evidence and provide evidence in acceptable formats for legal proceedings.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– Learn more about forensics: https://www.infosecinstitute.com/skills/train-for-your-role/digital-forensics-analyst/0:00 - Intro 0:26 - What is a digital forensics analyst? 0:57 - Digital forensics specialties1:24 - How to become a digital forensics analyst2:17 - Skills needed to be a digital forensics analyst 3:34 - Common tools for a digital forensics analyst 4:42 - Using digital forensics tools 5:17 - Digital forensics analyst jobs6:30 - Moving from digital forensics to new roles7:17 - Get started in digital forensics8:18 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Infosec Skills author Mike Meyers of Total Seminars joins me to discuss three foundational certifications that will start you on just about any path you want to go. Specifically, the CompTIA A+, Network+ and Security+ certifications. Meyers dispenses tough love for people who want someone else to map their career for them, talks up the benefits of vendor-neutral certs and blows my mind by comparing certs with car windshield wipers. Intrigued? You should be! That’s all today, on Cyber Work! – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 3:00 - Beginning in cybersecurity 3:23 - Why teach cybersecurity? 5:54 - Why CompTIA?6:57 - Start vendor neutral with cybersecurity certification 12:10 - Being diverse in cybersecurity is essential 13:35 - Why A+, Network+ and Security+?25:53 - Guiding your cybersecurity career30:05 - Where to learn cybersecurity skills42:02 - Cybersecurity job dilution 44:20 -  Where do I begin my cybersecurity career?48:32 - Using the Infosec Skills platform49:38 - Mike Meyers' next projects51:30 - What is Total Seminars?52:12 - Learn more about Meyers and Total Seminars53:23 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Security Architects are responsible for planning, designing, testing, implementing and maintaining an organization's computer and network security infrastructure. Security Architects develop information technology rules and requirements that describe baseline and target architectures and support enterprise mission needs. Advanced technical knowledge of network/web protocols, infrastructure, authentication, enterprise risk management, security engineering, communications and network security, identity and access management, and incident response, is critical to success in this role.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– Learn more about the role of security architect: https://www.infosecinstitute.com/skills/train-for-your-role/security-architect/0:00 - Intro 0:31 - What is a security architect? 1:07 - How to become a security architect2:15 - What certifications should a security architect get? 3:07 - Skills a security architect needs4:07 - Learning as a security architect7:06 - Security architect tools7:58 - Where do security architects work 9:28 - Private vs federal security architects11:09 - Related roles to security architect12:12 - Start working toward security architect13:23 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Curtis Preston, aka “Mr. Backup,” has been in the backup and recovery space since 1993. He’s written four books, hosts a podcast called “Restore it all,” founded backupcentral.com and is a tech evangelist for SaaS data protection company Druva. We talk about disaster recovery, the role of good backup in ransomware situations and why the data recovery person and the information security person in your company need to become fast friends and start sharing notes. Also, why we’ve all been completely wrong about tape backup systems. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Cyber Work intro 2:40 - Mr. Backup origin story4:01 - How backup and recovery has changed7:44 - Data duplication during a disaster9:45 - Speed of data recovery changes12:47 - Benefit to physical data backups15:37 - Common long-term data backup mistakes19:04 - Other issues with data recovery23:22 - Limits of disaster recovery34:16 - Encryption options 39:44 - Jobs in data backup and recovery44:54 - Benefit to learning data backup and recovery46:53 - Data backup and recovery outlook52:52 - What is the Restore It All podcast?56:15 - What is Druva? 59:45 - Where can I learn more about Mr. Backup? 1:00:32 - Cyber Work outro About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Maxime Lamothe-Brassard, founder of LimaCharlie, has worked for Crowdstrike, Google X and Chronicle Security before starting his own company. This episode goes deep into thinking about your long-term career strategies, so don’t miss this one if you’re thinking about where you want to go in cybersecurity in two, five or even 10 years from now. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 2:56 - First getting into cybersecurity 6:46 - Working in Canada's national defense9:33 - Learning on the job10:39 - Security practices in government versus private sector13:50 - Average day at LimaCharlie16:40 - Career journey19:25 - Skills picked up at each position 23:57 - How is time length changing? 27:53 - Security tools and how they could be31:34 - Where do security tool kits fail? 34:04 - Current state of practice and study37:10 - Advice for cybersecurity students in 202238:21 - More about LimaCharlie39:50 - Learn more about LImaCharlie or Maxime40:08 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Jessica Amado, head of cyber research at Sepio Systems, discusses hardware-based cybersecurity threats. We’ve all heard the USB in the parking lot trick, but Amado tells us about the increasingly complex ways cybercriminals bypass hardware safeguards, and lets you know how to make sure that the keyboard or mouse you’re plugging in isn’t carrying a dangerous passenger.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 2:30 - Initial cybersecurity draw6:30 - Day-to-day work as head of cybersecurity research8:44 - How Amado does research9:37 - Amado's routine 10:35 - Hardware-based ransomware13:00 - Other hardware threat factors17:54 - Security practices with USBs20:10 - How to check hardware21:52 - Recommendations on security protocols23:57 - The future of ransomware and malware27:20 - How to work in hardware security 31:35 - Cybersecurity in other industries32:33 - Advice for cybersecurity students 34:11 - Sepio Systems 35:58 - Learn more about Sepio or Amado36:23 - Outro About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Cloud security engineers design, develop, manage and maintain a secure infrastructure leveraging cloud platform security technologies. They use technical guidance and engineering best practices to securely build and scale cloud-native applications and configure network security defenses within the cloud environment. These individuals are proficient in identity and access management (IAM), using cloud technology to provide data protection, container security, networking, system administration and zero-trust architecture.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– Learn more about the role of cloud security engineer: https://www.infosecinstitute.com/skills/train-for-your-role/cloud-security-engineer/0:00 - Intro 0:25 - What does a cloud security engineer do? 1:55 - How to become a cloud security engineer? 2:55 - How to gain knowledge for the role4:43 - Skills needed for cloud security engineers6:00 - Common tools cloud security engineers use7:43 - Job options available for this work8:35 - Types of jobs9:16 - Can you pivot into other roles? 11:03 - What can I do right now?12:33 - Outro About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.