Cyber Work

Leslie Lynn Smith is the National Executive Director for GET Cities. GET stands for Gender Equality in Tech. Today’s episode will move away from standard cybersecurity and IT insights in favor of a larger look at investment opportunities for tech startups, and where and on who we spend investment capital. Smith is a multi-decade authority on state- and city-wide community investment initiatives with a lifelong passion for bringing people of marginalized races and genders to the table in fulfilling their tech business dreams. Smith talks about bridging the gap from angel investor money to initial seed, and why the space between the two can sink new startups, the slow, patient process of affecting equitable change at the legislative level, and offers an accelerated way to make IT and cyber teams more inclusive and equitable. If you’ve wanted to get involved with angel investing and helping young companies get off the ground, Smith talks you through the process with no steps missed. 0:00 - Gender equity in tech3:35 - Leslie Smith's journey in tech9:40 - Equity in cybersecurity at GET Cities15:03 - How does GET Cities work? 21:20 - Concrete ways to work towards gender equity in tech30:30 - Imposter syndrome revised35:00 - Where does equity work need to be done in tech?40:30 - How to invest in tech and cybersecurity43:33 - GET Cities upcoming initiatives46:00 - Learn more about GET Cities and Smith46:40 - OutroAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Brianne Caplan is the founder and executive director of Code Your Dreams, a non-profit that brings knowledge, accessibility and excitement about programming and tech to learners from age 5 to adulthood in underserved communities. Caplan tells some incredible stories, like the women’s coding and data analysis group in Burundi, exciting coding projects for students interested in art, music and dance and why her experience inadvertently creating a non-profit company that was incorporated as a for-profit was a learning experience that helped kickstart Code Your Dreams! This one’s inspiring, so I hope you’ll keep it here for Cyber Work.– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Coding for underserved communities 3:11 - Brianne Caplan's start in cybersecurity8:04 - Cash for Schools10:50 - What is Code Your Dreams?14:40 - How Code Your Dreams works17:52 - Gaps in cybersecurity school education21:00 - Baseline tech literacy for grade school23:30 - Popular Code Your Dreams activities27:08 - After Code Your Dreams35:11 - Volunteer for Code Your Dreams37:00 - Bring Code Your Dreams to your school39:40 - Get in touch with Brianne Caplan40:15 - OutroAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Limor Bergman-Gross, founder of LBG Consulting, a results-oriented executive coaching service for women in tech, discusses her early programming experience, including Pascal instruction in high school, her move from software engineering manager to career coach and corporate mentorship instructor and why mentors can and should come at any level on the career ladder, not just management or executive. As Limor puts it, “all you need in a mentor is that they be a few steps further down the path than you are.” Lots of gems like that to be found today on Cyber Work. – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Career coach for women in tech 2:55 - Getting into cybersecurity 5:50 - Pursuing cybersecurity consulting6:54 - How to get into consulting 8:15 - First steps with cybersecurity coaching10:02 - How to help someone find their role14:20 - Executive-level consulting 16:00 - A mentor versus an advocate17:45 - Mentoring and training 20:00 - Speaking at an ISACA conference22:28 - Achieving gender parity quickly24:55 - Supporting underrepresented talent in cybersecurity32:05 - Making a difference in diversity35:00 - Women mentoring women37:10 - Making yourself available as a mentor 40:37 - Learn more about LBG Consulting42:20 - OutroAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Lesley Carhart of Dragos, also known as Hack4Pancakes on social media, is a lifelong breaker and builder of things, and their insights on the deep mechanics of Industrial Control Systems are an absolute must-hear for any of you even considering this space. Carhart also talks about their keynote at this year’s Blue Team Con, the differences between incident response in the military vs. the private sector, and why standard cybersecurity studies won’t take you as far in ICS as it will to learn how train track switchers work. Seriously, this is one of the best episodes I’ve ever been a part of, and I can’t wait for you to hear it! – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - ICS security 3:40 - Getting started in cybersecurity 9:13 - The early days of the internet11:05 - Air Force cybersecurity 12:50 - Military cybersecurity training 15:00 - Incident response work at Motorolla18:40 - Technical director of incident response23:30 - State of ICS39:13 - Starting work in ICS41:57 - Keynote speaker at Blue Team Con46:46 - Bringing diversity into ICS53:46 - Outro About InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Forget what the crime scene TV shows have told you — digital forensics is not done on an overhead projector while the whole department watches! Learn about the day-to-day work of a digital forensics professional from a team of experts who have been putting in the work for decades!In this episode of Cyber Work Live, you will learn:- The types of tools you’ll use to help bring criminals to justice- Why a lack of technical experience isn’t a barrier to entry- How to get real-world forensics practice in your own home- Where a career in digital forensics can take you  – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Digital forensics careers 4:28 - Limits of going off the grid 12:28 - What do SIM cards actually do? 33:12 - Gathering evidence in digital forensics44:08 - Digital forensics and the cloud51:44 - Working as a digital forensics professional 54:42 - Digital forensics certifications 59:50 - How to pursue a digital forensics career1:02:24 - Outro About InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

We met Katie O’Malley, founder of (en)Courage Coaching and Counseling, at this year’s Women Impact Tech conference, and she gave a great talk about effective networking and giving confidence to tech professionals at all levels of the career ladder. Katie and I discussed finding your adjectives and using them to center your interactions, creating courageous workplace culture, and why women only being mentored by women turns into the new unpaid labor. Let’s all step up and make the workplace better! – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Coaching women in cybersecurity 3:10 - How Katie O'Malley got into coaching4:57 - O'Malley's start in cybersecurity and coaching8:51- The evolution of leadership 12:00 - How career coaching works18:00 - Importance of networking and branding24:20 - How to achieve gender parity in cybersecurity 29:30 - Courageous workplace culture 33:21 - Pitfalls in new cybersecurity jobs36:40 - Lead change at your cybersecurity company38:55 - What is (en)Courage Consulting and Coaching?39:33 - OutroAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

We're talking about chief information security officers CISOs, one of the top-dog roles in cybersecurity, and for many professionals, it’s the brass ring they spend their careers trying to reach. The expectations of a CISO are changing, too, and requirements are growing in many different ways. Mike Scott, CISO of data security provider Immuta, has seen the role change a lot in the past 15 years, and he’s seen the role of CISO move from out of the shadows and into the spotlight for the C-suite, but at a price: when a breach happens, the CISO is often the one who takes a fall. Is this a reasonable expectation? Will the role of CISO change even more? I talked to Mike about all this and the eight years he spent as the CISO of the Wendy’s fast-food chain! We won’t judge you if you want to bite the corners off first, but I’ll be crying in my chili if you don’t keep it here for today’s episode of Cyber Work.0:00 - Responsibilities of CISOs 3:15 - How Mike Scott of Immuta got into cybersecurity 6:55 - Leading Wendy's fast food restaurant as CISO 13:30 - Data security problems right now18:40 - Shift left strategy24:10 - How the CISO role is changing31:00 - Increased CISO oversight38:06 - The CISO's responsibility 48:30 - How to work as a CISO51:50 - Cybersecurity in the federal government54:48 - Learn more about Immuta56:53 - Learn more about Mike Scott57:35 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Preparing for the worst is a drag. Nobody likes to think about it, and if you don’t watch out, inaction means that when you do get ransomed or breached, your first thought is not “let’s get the disaster manual and see what it says.” It’s panic. Today, ProServeIT’s Eric Sugar walks you through a crash course in developing a disaster recovery plan for your small business! Don’t panic! Help is on the way.0:00 - Create a disaster recovery plan1:15 - What is a disaster recovery plan? 2:35 - Beginning a disaster recovery plan3:24 - How to work in disaster recovery5:04 - Write a hypothetical disaster recovery plan6:04 - A disaster recovery plan resume7:08 - Futureproof your cybersecurity skills8:01 - Learn about ProServeIT– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Leigh Honeywell, CEO and founder of Tall Poppy, a security company that is building tools and services to help companies protect their employees from online harassment and abuse, talks about her career running security incident response at Slack, protecting infrastructure running a million apps at Salesforce.com, shipping patches for billions of computers on the Patch Tuesday team at Microsoft and analyzing malware at Symantec. We talk about how all of these demanding jobs prepared her for her work at Tall Poppy, get into what she learned about the intersection of First Amendment speech protections vs. online safety from working at the ACLU, why changing the culture of online harassment will probably have to be a marathon, not a sprint, and Leigh shares her experiences with several accelerator startup organizations.0:00 - Equity in cybersecurity 3:10 - Getting into cybersecurity7:15 - From physics to computer science12:30 - How Tall Poppy came to be19:26 - Technology fellow at the ACLU26:26 - What is Tall Poppy?31:20 - Social platforms and change39:53 - How to work toward equity in cybersecurity43:02 - Y combinator startup accelerator in cybersecurity 50:07 - LGBTQ+ inclusion in cybersecurity 54:27 - Learn more about Tall Poppy56:06 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

ProServeIT President Eric Sugar discusses disaster recovery planning for small and medium businesses. This is an excellent add-on episode to our third episode from way back in 2018 when Keatron Evans discussed the work of an incident responder. If your small- or medium-sized company suffers an incident, whether a breach or a ransom or just a power failure, the first thing you’re going to hope is that you have a disaster recovery plan already written and sitting in the CEO’s locked desk drawer. If not, it’s time for you to prepare and breathe easier.0:00 - Disaster recovery planning for small businesses3:12 - Eric Sugar’s start in cybersecurity 4:40 - Working at ProServeIT6:40 - Working as president of ProServeIT9:07 - What is a small or medium cybersecurity business?10:50 - How to have a disaster recovery plan14:05 - Customize your disaster recovery plan16:40 - Prioritized your disaster recovery plan18:10 - How to choose potential disasters21:28 - Examples of disaster recovery plans26:20 - Education and skills needed to work in disaster recovery31:40 - A good resume for disaster recovery35:10 - Getting promoted in discovery recovery  37:33 - What is ProServeIT?41:16 - Learn more about Eric Sugar and ProServeIT41:34 - Outro– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.