Cyber Work

Let’s talk about the practice of finding vulnerabilities! For Ted Harrington, Executive Partner of ISE, it’s much more than a job, it’s a life mission. Ted joins the Cyber Work Podcast to discuss being part of the first team to hack the iPhone, as well as thinking like a hacker to avoid being hacked yourself. He also gives advice for people who would rather sell their wares online this holiday season than spend all day thinking about security. The world has been moving in the direction of holiday shopping online for quite some time now, but with things being what they are in 2020, that trend is likely to grow exponentially upward as stores become either closed to the public or only open to a few people at a time for safety. Either way, that means a lot of online transactions, and a lot of juicy targets for cybercriminals.– Get Ted's book, "Hackable: How to do application security right": https://hackablebook.com – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastTed Harrington, Executive Partner at ISE is finding new ways to protect digital assets. He's helped companies like Disney, Amazon, Google, Netflix and Adobe fix tens of thousands of security vulnerabilities. His team at ISE is composed of ethical hackers known for being the first to hack the iPhone, where he applies his think-like-a-hacker mentality to constantly adapt to fresh security and software development challenges.About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Dive into all things Apple security with today’s guest, Kelli Conlin, Security Solutions Specialist at Jamf. Learn about securing devices across multiple operating systems, the hidden-in-plain-sight Apple security Bible, and why Kelli’s mom isn’t allowed to use the 15-year-old Mac laptop Kelli is still hanging on to after all these years.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastKelli Conlin is a Security Solutions Specialist at Jamf focused on helping organizations be more secure with Apple. Prior to joining Jamf, Kelli was an Intelligence Analyst in the U.S. Air Force supporting special operations before starting an IT career path. Kelli currently lives in Tampa, FL with her husband, son, two cats and a miserable husky.About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Today we’re talking cloud security and work-from-home. If you’ve ever checked your work email on your personal phone – I know you have, because we’ve all done it! – or touched up some time-sensitive spreadsheets on the same ipad your kids use to play Animal Crossing, Terence Jackson, Chief Information Security & Privacy Officer of Thycotic, is going to tell you how to tighten up your security protocols to ensure that work-from-home doesn’t become breach-from-home!– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastWith more than 17 years of public and private sector IT and security experience, Terence Jackson is responsible for protecting the company’s information assets. In his role, he currently leads a corporate-wide information risk management program. He identifies, evaluates and reports on information security practices, controls and risks in order to comply with regulatory requirements and to align with the risk posture of the enterprise. Prior to joining Thycotic, Terence was the Director of Cybersecurity and Professional Services for TSI, a Virginia based Inc. 5000 company. He has also worked as a Senior Security Consultant for Clango, Inc., a top Identity and Access Management (IAM) consultancy. He was featured in and also was a contributor to the book “Tribe of Hackers.”About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

The final episode in our two-week long daily series includes four guests from the past two podcasts: David Hansen, Senior Analyst, Corporate IT Security & Compliance for Brookfield Renewable; Dan Teitsma, Information Security Specialist/Program Manager for Amway; Donna Gomez, Security Risk & Compliance Analyst for Johnson County Government in the State of Kansas; and Tomm Larson, Cyber Security Awareness Lead at Idaho National Laboratory. Our guests, along with moderator Tyler Schultz, answered questions that were sent in live during our virtual Infosec Inspire conference in September, including topics like the changes in awareness strategies in the face of mass work-from-home scenarios due to COVID, key traits to look for when hiring security awareness storytellers, and more. Thanks for joining us for this 12-episode series. We’ll return on Monday with our normal weekly episodes.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

The old saying goes, it takes a village to raise a child. In the case of Brookfield Renewable’s Senior Analyst David Hansen and Amway’s Information Security Specialist Dan Teitsma, their village is global. It takes a collaborative network of peers to plan and manage a worldwide security awareness and training program. If that sounds daunting, let Dan and David walk you through their blueprints for getting buy-in from stakeholders and designing feedback loops that allow them to tailor their programs to be culturally relevant and appropriate to employees.For twelve days in November, Cyber Work will be releasing a new episode every single day. In these dozen episodes, we’ll discuss career strategies, hiring best practices, team development, security awareness essentials, the importance of storytelling in cybersecurity, and answer some questions from real cybersecurity professionals and newcomers. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Communication, creativity and empathy are crucial in shifting from what we call a “have-to” security mindset (i.e., “I have to take this precaution because IT said so”) to a “want-to” mindset, which suggests employee buy-in to a company’s security policy beyond simply ticking off a to-do box or watching a training video. In today’s episode, Donna Gomez, Security Risk and Compliance Analyst for Johnson County Government in the State of Kansas, and Tomm Larson, Cyber Security Awareness Lead at Idaho National Laboratory, share security awareness and training strategies for putting learner experiences first, engaging employees and building your team with the right blend of talents to foster a strong security culture.For twelve days in November, Cyber Work will be releasing a new episode every single day. In these dozen episodes, we’ll discuss career strategies, hiring best practices, team development, security awareness essentials, the importance of storytelling in cybersecurity, and answer some questions from real cybersecurity professionals and newcomers. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

In today’s episode, two guests from our September Infosec Inspire event answer all questions related to security awareness. Keynote speaker Jinan Budge, Principal Security and Risk Analyst at Forrester, and Bruce Hallas of the “Rethinking the Human Factor” podcast took questions from our virtual audience, including where to focus your time and budget in educating your staff at times other than Security Awareness Month, picking employees to be security champions, and maturing your organization’s security culture. For twelve days in November, Cyber Work will be releasing a new episode every single day. In these dozen episodes, we’ll discuss career strategies, hiring best practices, team development, security awareness essentials, the importance of storytelling in cybersecurity, and answer some questions from real cybersecurity professionals and newcomers.– Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Back in October, Cyber Work featured Bruce Hallas, author, speaker and host of the “Rethinking the Human Factor” podcast, to talk about his security awareness journey and strategies. In today’s episode, taken from the Infosec Inspire virtual conference, Bruce joins host Kristin Zurovich to talk about the ways that companies can move their security awareness strategies from a “have to” mindset, as in “I have to remember to do this because IT will yell at me if I don’t” to a “want to” mindset, in which security becomes not just a check-mark on a to-do list, but something that everyone in your company takes personal ownership of after the security training modules have been finished.For twelve days in November, Cyber Work will be releasing a new episode every single day. In these dozen episodes, we’ll discuss career strategies, hiring best practices, team development, security awareness essentials, the importance of storytelling in cybersecurity, and answer some questions from real cybersecurity professionals and newcomers. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Steve Jobs once said, "The most powerful person in the world is the storyteller. The storyteller sets the vision, values and agenda of an entire generation that is to come." But it’s not just the C-suite who has this power – everyone has access to the powers of storytelling to enhance security awareness. Today’s episode features Sarah Moffatt, a talent development expert, leader, coach and speaker. Her passion in life is working to empower and excite people about the practice of security, and if you stick around for today’s episode, you’ll find out how!For twelve days in November, Cyber Work will be releasing a new episode every single day. In these dozen episodes, we’ll discuss career strategies, hiring best practices, team development, security awareness essentials, the importance of storytelling in cybersecurity, and answer some questions from real cybersecurity professionals and newcomers. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with  skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

In the last two episodes, we talked about the importance of upskilling in employee engagement and retention and building stronger security teams by training for career progression, not just immediate tasks. Today, the guests of those two episodes, Jessica Amato of Raytheon Technologies, Romy Ricafort of Comcast Business, Katie Boswell of KPMG Cyber and Jason Jury of Booz Allen Hamilton answer some questions related to those discussions. They explore finding and recruiting new and novice cyber talent, methods of making diversity a robust part of your hiring strategy, best practices for the always scary process of moving between different career tracks, and a lot more.For twelve days in November, Cyber Work will be releasing a new episode every single day. In these dozen episodes, we’ll discuss career strategies, hiring best practices, team development, security awareness essentials, the importance of storytelling in cybersecurity, and answer some questions from real cybersecurity professionals and newcomers. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with  skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.