eXecutive Security

Mastering API Security and the Power of AI with Colin Domoney, CTO of Thinking of U

Gene Fay — Fri, 15 Nov 2024 07:37:05 -0800

Colin Domoney, CTO and co-founder of Thinking of U, shares his career journey in cybersecurity and his expertise in API security. He started as a kid building electronics and crypto systems, which led him to develop battle-hardened defense systems. He gravitated towards software and eventually got into AppSec, diving into the deep end and fixing a million AppSec vulnerabilities. Colin emphasizes the importance of developers having security skills and offers advice on how to build something cool that is also secure. He discusses the unique challenges and opportunities in API security and the role of AI in the industry.

Takeaways

Developers with security skills are highly sought after in the industry.
API security requires a different approach compared to standard web app security.
API security encompasses a wide range of tools and techniques, from shift left to runtime protection.
Colin's book, Defending APIs, is aimed at anyone tasked with defending APIs, with a focus on developers.
AI is a powerful tool that accelerates learning and problem-solving in various areas, including cybersecurity.
AI creates both opportunities and challenges in the industry, and it is important to stay informed and adapt to its impact.

How to Master Leadership Roles leveraging Strategic Insights and Business Tenets with Tom Heiser

Gene Fay — Wed, 25 Sep 2024 09:56:43 -0700

Summary:
In this episode, Gene discusses management principles and leadership strategies for senior leaders and aspiring entrepreneurs with Tom Heiser, previously CEO of ClickSoftware, EVP at EMC, and President at RSA the cyber division of EMC. They cover topics such as opening the aperture, balancing strategy and tactics, embracing change, connecting the dots, and more. The conversation emphasizes the importance of learning from tough times, setting a clear vision, and problem-solving with a positive mindset.

Takeaways

Balancing strategy and tactics is crucial for success in leadership roles.
Embracing change and learning from tough times are essential for personal and professional growth.
The rule of 15 degrees emphasizes the importance of iteration and continuous improvement in business strategies.
Asking 'why' five times to find the root cause is a valuable problem-solving technique.
Maintaining a positive mindset and focusing on the achievable is key to overcoming challenges in leadership and business.
Setting a clear vision and connecting the dots between current state and desired state is essential for success in business and leadership.

Building Culture, Navigating Careers, and Securing the Future with Jim Alkove, CEO of Oleria

Gene Fay — Wed, 18 Sep 2024 09:28:57 -0700

Jim Alkove, CEO and co-founder of Olaria, shares his career journey and insights on cybersecurity training and becoming a board advisor. He emphasizes the importance of starting at the beginning and gaining experience in software engineering during his time at Microsoft. Alkove highlights the need for a more diverse pool of candidates and situational training to meet the workforce demands of the cybersecurity industry. He also discusses the significance of company culture and values in building successful teams. Alkove provides advice on moving laterally to gain broader skills and transitioning to advisory roles in early-stage companies.

Key Takeaways

Move laterally to gain broader skillsets while in early-stage of careers.
Training needs to be more accessible to a diverse pool of candidates in order to meet the demands of the cybersecurity industry.
Company culture and values are crucial in building successful teams.
Write down your goals, be humble, and be open to learning and criticism.

Expanding Cybersecurity Careers Beyond Hacking with Ed Adams, CEO of Security Innovation

Gene Fay — Wed, 11 Sep 2024 06:41:39 -0700

In this episode, Gene Fay interviews Ed Adams, President and CEO at Security Innovation, about his journey into cybersecurity and his work in advancing software security practices. Ed shares his story of transitioning from quality assurance in software at Rational Software to founding Security Innovation, a company focused on application security and training. Ed also dives into his book, See Yourself in Cybersecurity Careers Beyond Hacking, which highlights the many career paths available in the cybersecurity industry beyond hands-on keyboard roles. He discusses the cybersecurity talent shortage, particularly how it affects underrepresented groups, and the need for organizations to rethink how they hire and retain talent.

Takeaways:

There are many ways to start a career in cybersecurity, even from non-technical backgrounds.
Security is an integral part of software quality can help developers and organizations create more secure, reliable applications.
The book, See Yourself in Cybersecurity Careers Beyond Hacking, focuses on educating the next generation of cybersecurity professionals and promoting diversity in the field.
The cybersecurity talent shortage is not about the lack of skilled individuals, but about outdated hiring practices and insufficient investment in talent development.

Maturing Building Security in with Sammy Migues of Imbricate Security

Gene Fay — Wed, 31 Jul 2024 10:30:35 -0700

In this episode, Gene Fay interviews Sammy Migues, Principal at Imbricate Security, about his journey into cybersecurity and his work on the Building Security in Maturity Model (BSIMM). Sammy shares his experience starting in computer science in the late 1970s and how he became a computer security professional. He explains the motivation behind creating the BSIMM and how it helps organizations measure and improve their software security practices. Sammy also discusses the trifecta for career success, which includes setting a strategy, translating business objectives into actionable steps, and contextualizing skills within the organization. Finally, Sammy shares his thoughts on the cybersecurity shortage and the challenges in hiring and retaining skilled professionals.

Takeaways

Starting a career in cybersecurity can begin with a degree in computer science and a willingness to adapt and learn as the industry evolves.
The Building Security in Maturity Model (BSIM) is a framework that helps organizations measure and improve their software security practices.
The trifecta for career success in management includes setting a strategy, translating business objectives into actionable steps, and contextualizing skills within the organization.
The cybersecurity shortage is not just a lack of professionals, but also a result of challenging hiring processes and unrealistic job requirements.

Pros & Cons of Experience at Large Corporations vs Start-Ups with Jeff Hudesman, CISO of Pinwheel

Gene Fay — Fri, 21 Jun 2024 08:10:12 -0700

Summary:
In this episode, Gene Fay interviews Jeff Hudesman, CISO at Pinwheel, about his career in cybersecurity. Jeff shares his journey from starting as an intern at Memorial Sloan Kettering Cancer Center to working at Sony and eventually joining Pinwheel. He discusses the differences between working in large companies like Sony and startups, highlighting the ability to be impactful and the agility of startups. Jeff also shares an anecdote about a security incident at a water treatment facility and emphasizes the importance of planning in cybersecurity.

Takeaways:

Working in both large companies and startups can provide valuable experiences in cybersecurity.
Startups offer the opportunity to be impactful and make a significant difference.
Cybersecurity incidents can occur even in critical infrastructure facilities like water treatment plants.
Planning is indispensable in cybersecurity, as threats are dynamic and constantly changing.

From Gaming to Cybersecurity with Omer Cohen, CISO of Descope

Gene Fay — Thu, 16 May 2024 09:04:33 -0700

Omer Cohen CISO of Descope shares his career story, highlights include:

Joy in the constant variety of work in incident response
Benefits of a mature approach to cybersecurity as a start-up
Seeing his work in cybersecurity result in a real-world impact and the arrest and prosecution of cybercriminals
B-Sides and the fun of small in person meet-ups

Advice From a Cybersecurity Recruiter With Kyle McIntyre of McIntyre Assoc.

Gene Fay — Thu, 11 Apr 2024 07:54:05 -0700

Cybersecurity recruiter Kyle McIntyre offers unique guidance based on his work as a retained search specialist working with hiring managers (VPs & C-Levels) in the cybersecurity industry in this episode. He and Gene discuss:

How to conduct preliminary research on potential employers and career paths
How to reverse engineer desirable backgrounds to demystify potential career paths
Tips on crafting effective & thoughtful outreach to hiring managers
Advice on optimizing your resume & profile for breaking into cyber with no prior industry experience
How to manage imposter syndrome, anxiety and self-doubt during a job search
More

Kyle McIntyre on LinkedIn: https://www.linkedin.com/in/thekylemcintyre/

Tenets For Managing Yourself with Tom Heiser

Gene Fay — Thu, 14 Mar 2024 11:10:03 -0700

In this episode, Gene Fay interviews Tom Heiser about his journey and shares tenets for managing oneself. The conversation covers topics such as execution, accountability, expressing passion, doing the best job possible, getting outside one's comfort zone, and focusing on what one can control.

Takeaways

Execution is key to success. Just do it.
Accountability is important in personal and professional growth.
Expressing passion and committing to one's work leads to fulfillment and success.
Doing the best job possible is a pathway to career advancement.
Getting outside one's comfort zone fosters personal and professional growth.
Focus on what you can control and be present in the current situation.

The Power of a Business Perspective With Neil Bahadur of Wells Fargo

Gene Fay — Tue, 27 Feb 2024 06:47:17 -0800

Neil Bahadur, Head of Product in Cybersecurity at Wells Fargo, developed a unique and valuable perspective by switching from security to business development and back to security.

In this episode, he and Gene discuss that transition and what he learned from it. They also discuss cybersecurity trends those new to the industry should be aware of, and more.

Neil Bahadur on LinkedIn: https://www.linkedin.com/in/neilbahadur/

Are You Asking the Right Questions? With CISO Aaron Katz

Gene Fay — Wed, 14 Feb 2024 06:24:39 -0800

One of the most important parts of being a cybersecurity professional is knowing how to ask the right questions, says CISO Aaron Katz.

Aaron started his career as a consultant, and says that's where he honed his question skills. He thinks all aspiring cybersecurity pros should start out with consulting gigs – you learn the business side and what questions to ask, plus get a feel for cybersecurity as a whole, rather than just one tool or product.

He and Gene talk about this career path, plus his journey to CISO, why hiring managers are not good at finding cybersecurity candidates, and more.

Aaron Katz on LinkedIn: https://www.linkedin.com/in/pendraggon87/

How to Combine Giving Back With CPE Credits With Ed Giles of Erus Consulting

Gene Fay — Wed, 31 Jan 2024 10:34:48 -0800

Ed Giles runs cybersecurity seminars for seniors, and wants to spread the word that it's a great way to both get your CPEs and give back to your community.

Ed and Gene talk about those seminars, plus Ed's journey from English major to cybersecurity professional, the importance of thinking about security as a business enabler, and more.

Ed Giles on LinkedIn: https://www.linkedin.com/in/evgiles/

How AI Will Change Cybersecurity Jobs With Tony Pietrocola of AgileBlue

Gene Fay — Wed, 31 Jan 2024 10:07:15 -0800

How is AI going to change entry-level cybersecurity jobs? Gene and AgileBlue president Tony Pietrocola discuss in this episode.

They also talk about:

Tony's career and what AgileBlue does
How AI will affect both cybersecurity and cybercrime
What he's looking for in interns

Tony Pietrocola on LinkedIn: https://www.linkedin.com/in/tonypietrocola/
AgileBlue: https://agileblue.com/

How to Get Started as a Pen Tester With Phillip Wylie

Gene Fay — Thu, 25 Jan 2024 06:21:05 -0800

Want to start a career as a pen tester? Phillip Wylie literally wrote the book on the topic.

Gene and Phillip, co-author of The Pentester Blueprint: Starting a Career as an Ethical Hacker and host of the Phillip Wylie Show, have a wide-ranging and advice-filled conversation on:

His career journey and his podcast
Starting a pen testing career
Collegiate Cyber Defense Competitions
How to leverage B-Sides
More

Phillip Wylie on LinkedIn: https://www.linkedin.com/in/phillipwylie/
The Pentester Blueprint: https://www.amazon.com/Pentester-BluePrint-Your-Guide-Being/dp/1119684307

The Changing CIO Role With Kimberly Anstett of Trellix

Gene Fay — Thu, 18 Jan 2024 10:37:39 -0800

Kimberly Anstett has had a C-level cybersecurity position for about a decade. She's seen the CIO role transform, and shares her thoughts on that transformation in this episode.

She and Gene discuss her journey to CIO, how to inspire the next generation to embrace STEM careers, what she's looking for when hiring, and more.

Kimberly Anstett on LinkedIn: https://www.linkedin.com/in/kimberly-anstett-6b3a259/

How to Reskill to Work in Cybersecurity With Christine Gadsby of BlackBerry

Gene Fay — Fri, 29 Dec 2023 09:52:13 -0800

Why should you work in cybersecurity? Because two things that aren't going away are tech and crime, says BlackBerry VP of Product Security Operations Christine Gadsby.

Christine and Gene talk about her journey from working in IT out of necessity to cybersecurity VP, how to reskill into cybersecurity, the Leadership Bench Program she developed at BlackBerry, her advice to those discouraged by the job hunt, and more.

Christine Gadsby on LinkedIn: https://www.linkedin.com/in/christinegadsby/

Three Reasons Women Should Reskill to Work in Cybersecurity: https://blogs.blackberry.com/en/2023/03/3-reasons-women-should-reskill-to-work-in-cybersecurity

Advice for Entry-Level Candidates With Jim Moran of Lifelong Learner Holdings

Gene Fay — Thu, 07 Dec 2023 10:54:46 -0800

Jim Moran has had a long and varied cybersecurity career, and offers some fantastic advice for those just starting out.

He and Gene talk about cybersecurity careers, what he's looking for in entry-level candidates, how to find the best career path for you, and more.

Jim Moran on LinkedIn: https://www.linkedin.com/in/jim-moran-0b112925/

The Critical Role of Community in Cybersecurity With Diana Kelley of Protect AI

Gene Fay — Tue, 21 Nov 2023 07:13:56 -0800

Diana Kelley feels strongly that community plays a critical role in all careers, but especially cybersecurity. She explains why in this episode.

She and Gene also talk about increasing the number of females in cybersecurity, what she looks for in entry level candidates, and more.

Diana Kelley on LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/
Executive Women's Forum: https://www.ewf-usa.com/
WICYS: https://www.wicys.org/

Pursuing the Cybersecurity Practitioner Path With John Hammond of Huntress

Gene Fay — Wed, 08 Nov 2023 13:53:56 -0800

We talk a lot on this podcast about how to advance to the executive level within the cybersecurity field. But what if the C-level is not for you?

John Hammond is a security practitioner at heart and wants to stay that way. He shares his thoughts on building a practitioner career in this episode.

He and Gene also talk about his experience working for the Department of Defense and about John's prolific side job as a content creator.

John Hammond on LinkedIn: https://www.linkedin.com/in/johnhammond010/

John Hammond on YouTube: https://www.youtube.com/johnhammond010

From Help Desk to Cybersecurity With Jeff Farinich of New American Funding

Gene Fay — Thu, 02 Nov 2023 07:47:08 -0700

Want to make the transition from help desk to cybersecurity? Jeff Farinich has helped others make that transition and he shares his advice in this episode.

He and Gene also talk about the types of cybersecurity roles, what he looks for in entry level candidates, and more.

Jeff Farinich on LinkedIn: https://www.linkedin.com/in/jefffarinich/

Military to FBI to Cybersecurity Executive With MK Palmore of Google

Gene Fay — Thu, 26 Oct 2023 11:17:57 -0700

MK Palmore has had a long and fascinating career -- from the military to the FBI to cybersecurity executive at Google. Don't miss his story.

He's also a Vice President of Cyversity and has great insights and ideas about bringing more diversity to the cybersecurity field.

This is an important and valuable conversation for anyone looking to get into cybersecurity, especially those without technical skills, those with military backgrounds, or those from under-represented populations.

MK Palmore on LinkedIn: https://www.linkedin.com/in/mkpalmore/

Cyversity: https://www.cyversity.org/

The Role of Behavioral Science in Cybersecurity With Masha Sedova of Elevate Security

Gene Fay — Thu, 19 Oct 2023 13:57:27 -0700

Interested in behavioral science? The training and awareness side of cybersecurity might be for you – and you should hear Masha Sedova’s story. She offers a fascinating look at the human attack surface – which presents a whole new set of challenges – and they aren’t all technical. She has built a career on solving these challenges, and she sheds light on this lesser-known side of the cybersecurity world.

Avoiding the 'Phantom Hacker' Scam

Gene Fay — Mon, 16 Oct 2023 14:19:21 -0700

In this special episode, Gene encourages listeners to spread the word about the so-called "Phantom Hacker" scams targeting the elderly.

The FBI recently published an alert about these popular scams that attempt to convince senior citizens that their money is unsafe and they need to move it.

Gene outlines how the scam works, and how to protect the elderly in your life.

Battling the Cybersecurity Intimidation Factor With Cindi Carter of Check Point

Gene Fay — Wed, 11 Oct 2023 12:08:35 -0700

Cybersecurity is intimidating says Check Point CISO Cindi Carter. But she also says it shouldn’t be. Cindi and Gene talk about how to make cybersecurity more accessible in this episode of the eXecutive Security podcast. They also talk about community involvement, networking, and the advice she gives her mentees.

Cindi Carter on LinkedIn: https://www.linkedin.com/in/cindibcarter/

Check Point Software: https://www.linkedin.com/company/check-point-software-technologies/

We're Thinking About Mentoring Wrong With Amanda Fennell of Prove

Gene Fay — Fri, 06 Oct 2023 08:43:16 -0700

Most of us don't approach mentoring with the right mindset, says Amanda Fennell of Prove. Thinking of it as "sponsoring" rather than "mentoring" would be a step in the right direction. Gene and Amanda talk about this mindset shift, plus her work at Prove, her work teaching cybersecurity at Tulane, why one of her best security analysts picked up valuable skills from her time as a bartender, and more.

Amanda Fennell on LinkedIn: https://www.linkedin.com/in/afennell/
Prove on LinkedIn: https://www.linkedin.com/company/proveidentity/
Ron Gula "How to Conference": https://www.youtube.com/watch?v=NRLcBPW12bc

Changing Cybersecurity Hiring With Haris Pylarinos of Hack The Box

Gene Fay — Thu, 28 Sep 2023 13:20:18 -0700

Haris Pylarinos found cybersecurity training subpar, and too expensive, so he started a company to do better. Hack The Box is now a leading gamified cybersecurity upskilling, certification, and talent assessment platform with more than 2 million platform members.

In this episode, Haris and Gene talk about Hack The Box, its origins and goals; why training plays a key role in addressing the cybersecurity skills gap; why cybersecurity hiring practices need to change, and more.

Building a Career in Cybersecurity With Yuri Diogenes of Microsoft

Gene Fay — Mon, 25 Sep 2023 09:31:34 -0700

The author of "Building a Career in Cybersecurity," Yuri Diogenes offers a wealth of knowledge, advice, and tips on entering this field in this episode.

He and Gene discuss:

Yuri's career journey
His take on cybersecurity certifications
Why building a lab is important for those looking for entry-level roles
How to be intentional in your attendance at cybersecurity conferences
Why often the best technical person doesn’t get the job

Yuri Diogenes on LinkedIn: https://www.linkedin.com/in/yuridiogenes/
Building a Career in Cybersecurity: https://a.co/d/ivHxIVL

From English Major to C-Level Security Executive With Lance Hayden of Vericast

Gene Fay — Thu, 14 Sep 2023 10:47:49 -0700

You don’t need a tech background to work in cybersecurity, says Lance Hayden, Chief Information Security Strategist at Vericast, and former English major.

What skills and abilities do you need? Get Lance’s perspective in this episode. He and Gene also talk about his experience teaching cybersecurity at the Univeristy of Texas, and what he looks for in entry level candidates.

Working in Cybersecurity at a University With Eric Jacobsen of BU

Gene Fay — Thu, 07 Sep 2023 11:13:36 -0700

Eric Jacobsen, Asst. VP and CISO at Boston University, is our first guest from the higher education space, and he offers a unique look at what it’s like to work in cybersecurity at a university. He and Gene talk about the benefits of working at an institution of higher learning, his path from a chemistry degree to cybersecurity leader, what he looks for when hiring for entry-level positions, and more.

Avoiding Cybersecurity Burnout With Sam Curry of Zscaler

Gene Fay — Thu, 31 Aug 2023 06:33:49 -0700

Burnout is real and rampant among C-level cybersecurity professionals. How can you avoid it? Zscaler CISO Sam Curry shares his thoughts.

Gene and Sam also talk about making the path from secondary school to entry-level cybersecurity job easier, why collegiate cybersecurity competitions are important, and what's GOOD about cybersecurity careers (it's not all stress and burnout!).

Sam Curry on LinkedIn: https://www.linkedin.com/in/currysam/

Zscaler: https://www.zscaler.com/

Northeast Collegiate Cyber Defense League: https://neccdl.org/

Analyzing Results of Survey on Cybersecurity Skills Gap With Jeremy Ventura of ThreatX

Gene Fay — Fri, 25 Aug 2023 12:15:40 -0700

ThreatX surveyed 2,000 consumers in the US and UK about the cybersecurity skills gap – to get their thoughts on its causes and effects.

In this episode, Gene and ThreatX Field CISO Jeremy Ventura analyze the results, including:

62% reported that if they or their child had more education around cybersecurity in school, they would have considered entering the field.

90% reported that they are concerned about the future of cybersecurity if more isn’t done at an earlier stage to expose students to the field.

78% are under the impression that a college degree is necessary to pursue a career in cybersecurity, and 67% thought a career in cybersecurity should be achievable through certifications or apprenticeships versus a 4-year+ college degree.

52% say engaging students of all backgrounds earlier in STEM/cybersecurity courses it will help minimize the talent shortage among the cybersecurity industry.

Full survey results: https://info.threatx.com/hubfs/ug/ThreatX-global-2023-survey-cyber-talent-shortage.pdf

Jeremy Ventura on LinkedIn: linkedin.com/in/jeremy-ventura-36204676

Fraud vs. Cybersecurity With Nancy Schuehler of Verizon

Gene Fay — Thu, 24 Aug 2023 06:38:47 -0700

What's the difference between working in fraud and working in cybersecurity? Nancy Schuehler, Director of Cyber Strategy and Program Execution at Verizon, has worked in both and breaks it down for our listeners.

She and Gene also dig into the pros and cons of working for a large enterprise, and of staying with one company for many years.

Nancy Schuehler on LinkedIn: https://www.linkedin.com/in/nancy-schuehler-87311610/

Verizon cyber recruiting: https://verizon.com/cybersecurity

Building a No-Experience Resume With Dane Jones of HighRadius

Gene Fay — Mon, 21 Aug 2023 12:45:17 -0700

No experience? No problem. In this episode, CISO Dane Jones explains how to build a resume that highlights a passion and aptitude for cybersecurity without any work experience in the field.

Dane Jones is CISO at HighRadius. He has been a security leader for many years, including at Lowe’s.

Dane Jones on LinkedIn: https://www.linkedin.com/in/daneejones/

Is a career in cybersecurity right for me? https://www.isc2.org/thank-you/is-a-career-in-cybersecurity-right-for-me

(ISC)² Cybersecurity Workforce Study: https://www.isc2.org/Research/Workforce-Study#

Make Yourself an Expert in the New Thing With Ted Julian of Glasswing Ventures

Gene Fay — Thu, 10 Aug 2023 07:31:57 -0700

Cybersecurity is a great field because of the all the change, says Ted Julian. But to succeed, you have to be proactive about that change. Ted and Gene talk about how to keep up with the change, plus about his experience in the early days of cybersecurity, what it’s like to work in product management, and why joining an early-stage company is so beneficial.

Ted Julian has held leadership positions in several security companies, including Devo and Resilient. He is currently a Venture Partner at Glasswing Ventures.

Ted Julian on LinkedIn: https://www.linkedin.com/in/tedjulian/

Exploring the MSSP Space With John Menezes of Stratejm

Gene Fay — Mon, 31 Jul 2023 06:29:31 -0700

Gene sits down with Stratejm CEO John Menezes to talk about working for an MSSP, plus gets John’s thoughts on hiring and nurturing the next generation of cybersecurity talent.

Stratejm: https://stratejm.com/

The Role of Empathy in Cybersecurity With Randy Raw of Veterans United Home Loans

Gene Fay — Thu, 27 Jul 2023 12:57:31 -0700

Success in cybersecurity is not about your technical skills, but your emotional intelligence, according to CISO Randy Raw. Randy and Gene talk about why he thinks this, plus his approach to hiring, why leaders need to be proactive in asking their reports how they want to be managed, why everyone needs both a coach and a sponsor, and more.

Randy Raw is the CISO at Veterans United Home Loans, where he has worked for almost 12 years. He is also a leadership coach at SABERS Coaching.

Randy Raw on LinkedIn: https://www.linkedin.com/in/randyraw/

Randy Raw’s blog: https://randyraw.com

Why Cybersecurity Success Means Putting Why Before What With Lowe's CISO Marc Varner

Gene Fay — Thu, 20 Jul 2023 13:23:57 -0700

Lowe’s CISO Marc Varner has had a long career in cybersecurity, including CISO roles at Yum Brands and McDonald’s. Why does he think cybersecurity is a good career choice? Because there is always a new challenge. “What was the last really cool discovery or change in math?” he jokes. There’s something new in cybersecurity just about every day.

Tune in to his podcast episode with Gene to hear more. They discuss his journey, keys to success in the field, skills from other experiences that are transferable to cyber, and what he is looking for in entry level candidates.

Cybersecurity Ignores the Geopolitical at Its Own Peril With Mark Houpt of DataBank

Gene Fay — Thu, 13 Jul 2023 12:21:39 -0700

Why is the geopolitical landscape critical to cybersecurity strategy? CISO Mark Houpt breaks it down in this episode. Mark also shares his advice to the college and high school students he mentors, how to approach the ever-changing nature of cybersecurity, and how to think about a college education.

Mark Houpt is the CISO at DataBank. Previously he held senior security roles at organizations including State Farm, Lincoln Christian University, and Sallie Mae. Mark served in the US Navy from 1991 to 1999.

Mark Houpt on LinkedIn: https://www.linkedin.com/in/mark-houpt/

Mark’s recommended list of classes:

- Microsoft CISO Workshop: https://learn.microsoft.com/en-us/security/ciso-workshop/ciso-workshop

- Ascend Education: https://ascendeducation.com/monthly-subscription/

- Amazon Cybersecurity Awareness Training: https://learnsecurity.amazon.com/en/index.html

- Center for Development of Security Excellence: https://www.cdse.edu

- ISC2 -Certified in Cybersecurity: https://www.isc2.org/1mcc

- Cisco Networking Academy: https://skillsforall.com/course/introduction-to-cybersecurity

- Cyberbit Remote Training: https://go.cyberbit.com/100k-worth-of-free-remote-cyber-range-training/?utm_source=nist_website&utm_medium=list&utm_campaign=free-remote-soc-team-training-nam

- StationX - 12 Month Trial: https://www.cybersecurityjobs.com/csj-training-fund/

- Cyber Training 365: https://www.cybertraining365.com/cybertraining/FreeClasses

- Cyber Skyline Professional: https://cyberskyline.com/professional/purchase

- Cybrary: https://www.cybrary.it

- EC.Council: https://www.eccouncil.org/cybersecurity-exchange/free-cybersecurity-resources-2022/

- Elastic: https://www.elastic.co/training/free

- Evolve Academy: https://www.academy.evolvesecurity.com/cybersecurity-fundamentals

- Federal Virtual Training: https://fedvte.usalearning.gov

From Construction to ER Nurse to Security Researcher With Alex Gatz of ThreatX

Gene Fay — Fri, 30 Jun 2023 07:08:26 -0700

How do you make the jump from ER nurse to SOC analyst? Alex Gatz did it, and he’s sharing his insights and tips with the eXecutive Security podcast audience. Don’t miss this fascinating discussion about making a bold career change, the power of LinkedIn, what a security researcher does, the benefits of working for a startup, and more.

Alex Gatz is a senior security researcher at ThreatX. Previously, he worked as a data analyst and ER nurse at MidMichigan Health.

Alex Gatz on LinkedIn: https://www.linkedin.com/in/alexgatz/

Stephen Semmelroth: https://www.linkedin.com/in/semmelroth/

We Hack Purple: https://www.linkedin.com/company/wehackpurple/

Your Network Matters More Than Your Resume With Mike Privette of Passport

Gene Fay — Wed, 28 Jun 2023 14:06:21 -0700

The job market has shifted dramatically in the past two years, and Mike Privette shares his thoughts on navigating it in this episode. He and Gene discuss things you can do TODAY to get your foot in the cybersecurity door.

Mike Privette is the CISO, VP of Information & Cyber Security at Passport. He is also the founder of Return on Security, which publishes the Security, Funded newsletter. Previously, he held cybersecurity leadership roles at various organizations, including Defiance Digital, Truist, MetLife, and Ally Financial.

Mike Privette on LinkedIn: https://www.linkedin.com/in/mikeprivette/

Why You Need to Re-invent Yourself Every 3 Years With Faisal Bhutto of Calian

Gene Fay — Thu, 22 Jun 2023 12:32:55 -0700

Key to a successful tech career? Re-inventing yourself every three years, says Faisal Bhutto, SVP of Cloud and Cybersecurity at Calian. Don’t go into tech if you’re not ready to be constantly learning and re-inventing yourself, he says. Hear more tips and advice from Faisal in his episode, including why money and promotions can’t be your only motivation, why you shouldn’t network only to look for a job, and how to get into cybersecurity without a tech background.

Faisal Bhutto is SVP of Cloud and Cybersecurity at Calian IT & Cyber Solutions. Previously, he was the co-founder of and COO at ENETsolutions.

Faisal Bhutto on LinkedIn: https://www.linkedin.com/in/fbhutto/

My First 2 Years in Cybersecurity After the Military With Corey Nenno of Cargill

Gene Fay — Thu, 15 Jun 2023 05:41:46 -0700

Corey Nenno (aka That Cyber Guy) just transitioned out of the military and into the cybersecurity industry in 2021 – so this is an ideal episode for those currently in the military looking to soon enter the cybersecurity field. It’s also one of our most practical episodes, whether you’re in the military or not – it’s filled with tips and advice on what to put on your resume, how to pass the CISSP, how to find a mentor, and more.

Corey Nenno is a Senior Cyber Intelligence Analyst at Cargill. Previously, he spent 12 years in the US Army in Cyber and Information Technology fields.

VetSec: www.veteransec.org

Corey Nenno on LinkedIn: https://www.linkedin.com/in/coreynenno/

Cyber Mentor Dojo: https://cybermentordojo.com

From the Front Lines in Iraq to the Boardroom With Alfredo Hickman of Obsidian Security

Gene Fay — Fri, 09 Jun 2023 11:26:56 -0700

Alfredo Hickman fought the war on terror in the early 2000s in the Marine Corps infantry in Iraq. He shares some intense stories from his military experiences overseas with Gene, as well as how he transitioned from the front lines to a cybersecurity executive. Alfredo is passionate about helping veterans and giving back, and this episode is valuable for anyone looking to enter this industry, military or not. He shares details about his life and journey, his thoughts on cybersecurity trends in 2023, how the SANS Institute has been a resource for him and can be for others, his thoughts on mentoring, and more.

Alfredo Hickman is Head of Information Security at Obsidian Security. He previously held security leadership positions at Rackspace. Alfredo served in the US Marine Corps from 2003 to 2011.

Alfredo Hickman on LinkedIn: https://www.linkedin.com/in/alfredohickman/

Obsidian Security: https://www.obsidiansecurity.com

SANS Institute: https://www.sans.org

#CyberMentoringMonday on Twitter and LinkedIn

Using Social Media to Your Advantage With David Cross of Oracle

Gene Fay — Thu, 01 Jun 2023 08:21:19 -0700

David Cross’ advice for breaking into cybersecurity? Strategic use of gift cards. Get details on his networking through social media ideas in this episode. David transitioned out of the military into the world of high tech, where he has held numerous cybersecurity leadership roles. This episode is filled with practical tips and advice on demonstrating your skills to prospective employers, deciding what type of company to work for, transitioning military skills to the corporate world, networking, and more.

David Cross is the Senior Vice President, Chief Information Security Officer (CISO) of Oracle SaaS Cloud. Previously, he held senior leadership positions at numerous companies, including Google and Microsoft. David also served in the US Navy from 1991 to 1996.

David Cross on LinkedIn: linkedin.com/in/☢️-david-b-cross-b856657

The Power of Advocating for Yourself With Parham Eftekhari of CyberRisk Alliance

Gene Fay — Wed, 24 May 2023 07:15:41 -0700

Parham Eftekhari is a nationally recognized leader in cybersecurity, national security, and critical infrastructure. He currently serves as an Executive Vice President at CyberRisk Alliance, setting the vision and operating priorities for its executive development, CISO, and community solutions. Parham also serves as the chairman of the Institute for Critical Infrastructure Technology (ICIT), the nation's leading cybersecurity think tank which he founded in 2014, and advisory board member at MazeBolt Technologies and the Ready Rock Institute. Other leadership roles during his 15-year career include co-founder and V.P of research at the Government Technology Research Alliance and founder of the world’s first webcam cover manufacturer CamPatch.com.

Parham Eftekhari LinkedIn: https://www.linkedin.com/in/parhamtech/

Institute for Critical Infrastructure Technology (ICIT): https://icitech.org

CyberRisk Alliance: https://www.cyberriskalliance.com

ISACA: https://www.isaca.org/why-isaca

ISSA: https://www.issa.org

(ISC)2:https://www.isc2.org

Debunking Myths About Cybersecurity Careers With Rick Doten of Centene

Gene Fay — Thu, 18 May 2023 11:17:07 -0700

Rick Doten is VP, Information Security at Centene Corporation. He has over 30 years of experience in the IT industry, the last 23 focused specifically on cyber security. He has worked as both CISO of multinational company, and a management consultant performing risk management and risk engineering to mature customer security and privacy programs.

Rick Doten on LinkedIn: https://www.linkedin.com/in/rick-doten-633470177/

Rick Doten YouTube channel: https://www.youtube.com/channel/UCSePMfJMI2PJ2qMrQrX9vIQ

The Truth About Cybersecurity Marketing With Carol Meyers of Glasswing Ventures

Gene Fay — Fri, 12 May 2023 10:11:01 -0700

Carol Meyers is a partner at Glasswing Ventures, and independent board member, and an executive coach. She was formerly the CMO at Rapid7.

Carol Meyers on LinkedIn: https://www.linkedin.com/in/caroljmeyers/

RSA Attendee Question: What's the No. 1 piece of advice you'd offer to someone trying to break into security?

Gene Fay — Fri, 12 May 2023 08:58:30 -0700

At the recent RSA Conference in San Francisco, we decided to take advantage of all the cybersecurity professionals gathered in one place to get some advice for those looking to enter the industry. We asked attendees who visited the ThreatX booth, What's the No. 1 piece of advice you'd offer to someone trying to break into cybersecurity? We recorded more than 20 answers, and collected a few here for this podcast episode.

Finding Opportunity in an Economic Downturn With Alyssa Robinson of HubSpot

Gene Fay — Mon, 08 May 2023 07:20:48 -0700

It’s rough to start your career in an economic downturn, as many of our listeners are now finding out. Alyssa Robinson started her career in a down economy, but she found opportunity amidst the challenges. Listen to her episode to find out the silver linings of kicking off a career in uncertain times.

Alyssa Robinson is Deputy CISO at HubSpot and has had security leadership roles at several organizations, including Compete, Inc. and the Broad Institute.

HubSpot: https://www.linkedin.com/company/hubspot/

Alyssa Robinson on LinkedIn: https://www.linkedin.com/in/alyssa-robinson-0a83231/

Tips and Techniques: Lessons Learned From ThreatX Hiring

Gene Fay — Thu, 04 May 2023 10:56:03 -0700

We recently received more than 4,000 resumes for a job listing for an entry-level security position. How does this number make sense considering the cybersecurity skills gap? Gene shares his thoughts in this short episode.

Building a Personal Brand With Etan Basseri of Microsoft

Gene Fay — Fri, 28 Apr 2023 07:11:35 -0700

Etan Basseri is a product manager on Microsoft's Identity Security team, working to prevent and detect identity compromise. During the course of his career, he’s held a range of roles across law, business development, consulting and product, so he frequently advises and mentors others on their career development.

LinkedIn: https://www.linkedin.com/in/basseri/
Career Walking Decks 101: https://kkarenism.com/career-walking-decks-101/
Microsoft Software & Systems Academy (MSSA) – Microsoft Military Affairs: https://military.microsoft.com/mssa/
Cybrary: https://www.cybrary.it/info/homepaged/
SANS Institute: https://www.sans.org/mlp/2/
(ISC)2: https://www.isc2.org
Pluralsight: https://www.pluralsight.com

Tips and Techniques: RSA

Gene Fay — Fri, 21 Apr 2023 11:13:54 -0700

New to RSA? Gene offers a few quick tips and some advice on navigating this massive cybersecurity conference for the first time.

How to Stand Out as an Entry Level Candidate With Neil Weitzel of ThreatX

Gene Fay — Wed, 05 Apr 2023 14:05:21 -0700

Neil is currently ThreatX’s SOC manager and has 15 years of experience in roles from user support to leading security programs. He has expertise in security architecture and cybersecurity best practices and is an active member of the security community. He has delivered lectures at DEF CON, OWASP, and local security meetups. Neil also acts as an adjunct lecturer on Software Engineering at Indiana University.

Defcon: https://defcon.org

BSides: http://www.securitybsides.com/w/page/12194156/FrontPage

Neil Weitzel LinkedIn: https://www.linkedin.com/in/neilweitzel/

Keys to Thriving as a Cybersecurity Executive With Ed Amoroso

Gene Fay — Fri, 24 Mar 2023 06:48:39 -0700

Edward Amoroso is the founder and CEO of Tag InfoSphere. He also teaches courses on cybersecurity at NYU and the Stevens Institute of Technology. Previously, he was the CISO of AT&T for many years.

Tag Cyber: https://www.tag-cyber.com

Cybrary: https://www.cybrary.it

SANS: https://www.sans.org

Coursera: https://www.coursera.org

Edward Amoroso LinkedIn: https://www.linkedin.com/in/edward-amoroso/

Increasing the Awareness of Cybersecurity Careers With Julian Waits

Gene Fay — Fri, 10 Mar 2023 05:51:32 -0800

The SVP of Business Development and Strategic Alliances at Rapid7, Julian Waits has had a long and impressive career in the cybersecurity industry. He has held positions from software developer to field systems engineer, M&A director, Sales VP, and CEO.

Cyversity: https://www.cyversity.or

ISAC: https://www.it-isac.org
SANS: https://www.sans.org
Julian Waits LinkedIn: https://www.linkedin.com/in/julianwaits/

Preparing for the Executive Level With David Craigen of TK Elevator

Gene Fay — Thu, 23 Feb 2023 12:48:26 -0800

David Craigen is the BU Information Security Officer, North America and Canada at TK Elevator. Previously, he held senior security leadership positions at several organizations, including Quikrete, BioIQ, and MiMedx.

LinkedIn: https://www.linkedin.com/in/davidcraigen/

How Hacking Benefits the Rich and Powerful With Bruce Schneier

Gene Fay — Mon, 13 Feb 2023 09:23:58 -0800

Bruce Schneier is an internationally renowned security technologist, called a “security guru” by the Economist. He is the New York Times best-selling author of 14 books -- including A Hacker’s Mind -- as well as hundreds of articles, essays, and academic papers. His influential newsletter Crypto-Gram and blog Schneier on Security are read by over 250,000 people. Schneier is a fellow at the Berkman-Klein Center for Internet and Society at Harvard University, a Lecturer in Public Policy at the Harvard Kennedy School, a board member of the Electronic Frontier Foundation and AccessNow, and an advisory board member of EPIC and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.

Schneier on Security blog: https://www.schneier.com

Cryto-Gram newsletter: https://www.schneier.com/crypto-gram/

About A Hacker’s Mind: https://www.schneier.com/books/a-hackers-mind/

Tips and Techniques: Goal Setting

Gene Fay — Thu, 02 Feb 2023 14:13:18 -0800

Having clear goals and a way to keep yourself accountable is often the key to success. Gene Fay has developed a system to keep himself focused on his yearly goals, and it involves a sticky note. Get his tips on goal setting in this Tips and Techniques episode.

Strengthening the Cybersecurity Industry With Connie Matthews Reynolds of ReynCon

Gene Fay — Fri, 27 Jan 2023 08:30:21 -0800

Connie Matthews Reynolds is the founder and CEO of ReynCon Educational Services and Training, which brings together security practitioners and individuals who want to build their skills, whether new to our field, or building skills for growth or a more cross-functional skill set. She is also a founding member of EmpoWE-R Women of Information Security and the president of the Central Ohio ISSA.

Information Systems Security Association (ISSA): https://www.issa.org

EmpoWE-R Women of Infosec: https://www.empower-infosec.org

ReynCon Education Services & Training: https://www.reynconsecurity.com

LinkedIn: https://www.linkedin.com/in/conniematthews/

Tips and Techniques: Avoid This Phone Scam

Gene Fay — Mon, 23 Jan 2023 11:53:37 -0800

Phone scam recording: https://www.youtube.com/@CPHarding

Why Moving Beyond Transactional Behavior Is Key to Cybersecurity Success With Robert Rodriguez of SINET

Gene Fay — Fri, 13 Jan 2023 06:37:06 -0800

Robert D. Rodriguez is the Chairman & Founder of SINET and a Venture Partner at SineWave Ventures. Previously, Robert advised and coordinated the public - private sector outreach for The Department of Homeland Security and other institutions, and served 22 years as a Special Agent with the United States Secret Service.

https://www.linkedin.com/in/rdrod/

https://www.security-innovation.org

Developing the Next Generation of Cybersecurity Professionals With Hayley Roberts of Distology

Gene Fay — Thu, 29 Dec 2022 08:31:35 -0800

Hayley Roberts has been a tech executive for many years, and has been the CEO of Distology, an IT security distributor based in the UK, since 2015.

LinkedIn: https://www.linkedin.com/in/hayley-roberts-69b5562/

Distology: https://www.distology.com

Amplifying Diverse Thought in Cybersecurity With Akira Brand

Gene Fay — Fri, 09 Dec 2022 07:43:27 -0800

Akira Brand is an experienced developer who has worked in Developer Relations for the past several years, most recently with Bright Security.

LinkedIn: https://www.linkedin.com/in/akirabrand/

Artists Who Code: https://www.linkedin.com/company/artistswhocode/

Bright Security: https://brightsec.com

Tips and Techniques: Networking

Gene Fay — Thu, 01 Dec 2022 11:55:00 -0800

In this Tips and Techniques episode, eXecutive Security podcast host Gene Fay shares his advice and best practices for networking. Learning how to make the best of networking events is a powerful life skill that plays a big role in career success. With in-person events making a strong comeback post-pandemic, those early and not-so-early in their careers will find Gene’s practical tips valuable.

Empowering Women in Cybersecurity With Zenobia Godschalk

Gene Fay — Tue, 22 Nov 2022 10:37:23 -0800

Zenobia Godschalk has worked closely with many cybersecurity companies over the years as the founder of ZAG Communications, a PR and marketing firm serving technology companies, and is now SVP of Communications for Hedera. She also does a lot of philanthropic work in the technology space.

LinkedIn: https://www.linkedin.com/in/zenobiaaustingodschalk/

Dark Reading Article: https://www.darkreading.com/remote-workforce/senior-level-women-leaders-cybersecurity-nonprofit

Forte Group: https://forte-group.org/home-our-mission

Andreessen Horowitz: https://a16z.com

The Value of the Enlisted Mindset in Cybersecurity With Jennifer Reed of AWS

Gene Fay — Sun, 13 Nov 2022 11:22:08 -0800

Jenn Reed has more than 25 years of product management and engineering experience in cloud networking infrastructure, security, governance, risk, and compliance across both the private and public sectors. She is currently Principal Partner SA, SPE at AWS and was formerly CISO at Aviatrix. Jenn served her country in the U.S. Marine Corps from 1995-2000 and again in 2003 during the Iraq war.

LinkedIn: https://www.linkedin.com/in/jennsreed/

Aligning Business and Security With Brian Castagna of Seven Bridges

Gene Fay — Mon, 31 Oct 2022 06:37:19 -0700

Brian Castagna is the CISO at Seven Bridges, a leading biomedical data company. He is an experienced and skilled information security leader who has held security leadership positions at several organizations including Acquia and Oracle.

LinkedIn: https://www.linkedin.com/in/brian-castagna-1890544/

Traits Needed to Succeed in Cybersecurity With Ramachandra Hegde of Genpact

Gene Fay — Fri, 14 Oct 2022 08:18:39 -0700

Ramachandra Hegde is a senior executive with over 24 years of experience, including 12 years in global CISO roles, including with a Fortune 300 manufacturing multinational and a global professional services firm. He is currently senior vice president and CISO at Genpact.

LinkedIn: https://www.linkedin.com/in/ramkhegde/

Looking for Cybersecurity Employees in New Ways With Dan Schiappa of Arctic Wolf

Gene Fay — Fri, 30 Sep 2022 06:39:26 -0700

Dan Schiappa, the chief product officer at Arctic Wolf, has been a technology leader for many years at organizations including Sophos, RSA Security, and Microsoft.

LinkedIn: https://www.linkedin.com/in/daniel-schiappa-bbb1062/

University of Central Florida News: https://www.ucf.edu/news/cybersecurity-team-wins-4th-national-championship/

Arctic Wolf: https://arcticwolf.com/company/careers/

How to Jumpstart a Cybersecurity Career With CTO Richard Ford

Gene Fay — Fri, 16 Sep 2022 06:29:47 -0700

Richard Ford is an experienced cybersecurity and technology leader. Currently the Chief Technology Officer at Praetorian, he has held leadership positions at many organizations, including Cyren, Forcepoint, and Raytheon. Richard also has a Ph.D. in Physics from the University of Oxford.

Personal LinkedIn: https://www.linkedin.com/in/dr-ford/

Praetorian LinkedIn: https://www.linkedin.com/company/praetorian/

ISC2: https://www.isc2.org

BSides: https://bsideslv.org

My Career Pivot to SOC Analyst With Lauren Campanara of ThreatX

Gene Fay — Fri, 02 Sep 2022 09:55:00 -0700

Lauren is just starting her career in cybersecurity. She has a bachelor’s degree in cybersecurity from Champlain College and is a SOC Analyst at ThreatX.

LinkedIn: https://www.linkedin.com/in/laurencampanara/

The Importance of Mentoring With Ray Espinoza of Inspectiv

Gene Fay — Fri, 26 Aug 2022 05:43:20 -0700

Ray has more than 15 years of experience in the information security space and is currently CISO at Inspectiv. He has held leadership positions at numerous organizations including, Cobalt.io, Amazon, Proofpoint, and Cisco.

LinkedIn: https://www.linkedin.com/in/ray-espinoza-b399821/

Black Girls in Cyber: https://www.blackgirlsincyber.com

The Importance of Storytelling in Cybersecurity with Maarten Van Horenbeeck

Gene Fay — Mon, 22 Aug 2022 10:27:53 -0700

Maarten Van Horenbeeck, who is the chief information security officer at Zendesk, has more than 15 years of experience managing security organizations, which includes building the cybersecurity-threat intelligence team at Amazon, and working on the security teams at Google and Microsoft. He is also a former board member and Chairman of the Forum of Incident Response and Security Teams (FIRST).

LinkedIn: https://www.linkedin.com/in/maartenv/

Chaos Computer Club: https://en.wikipedia.org/wiki/Chaos_Computer_Club

NIST: https://www.nist.gov

MITRE: https://www.mitre.org

Rand Institute: https://www.rand.org

FIRST: https://www.first.org

Cloud Security Alliance: https://cloudsecurityalliance.org

Tips and Techniques: Black Hat and Defcon

Gene Fay — Fri, 19 Aug 2022 04:03:07 -0700

Defcon: https://defcon.org
Black Hat: https://www.blackhat.com

Why a Commitment to Employee Growth Matters With Jim Routh

Gene Fay — Fri, 12 Aug 2022 07:19:26 -0700

Jim Routh has a long history in technology and cybersecurity as a leader and management consultant. He was formerly a cybersecurity leader for many large companies including MassMutual, CVS Health, Aetna, and JP Morgan Chase. He is also the former Board Chair for the Health Information Sharing & Analysis Center (H-ISAC) where he served for five years and former Board member for the Financial Services Information Sharing & Analysis Center (FS-ISAC). Jim currently sits on several Boards and acts as an advisor for several cybersecurity companies and venture funds. Jim brings to the boards a vast business and technology background and is considered a digital and cyber security industry expert and thought leader. Finally, Jim is an ICIT Fellow and an Adjunct Faculty member for NYU.

The Role of Cybersecurity Leaders as Educators: https://icitech.org/wp-content/uploads/2022/03/ICIT-Fellow-Perspective-The-Role-of-Cybersecurity-Leaders-as-Educators.pdf
LinkedIn: https://www.linkedin.com/in/jmrouth/

Jim Routh's Book List:
Cybersecurity and Cyberwar by Singer and Friedman

Dark Territory by Kaplan

The Perfect Weapon by Sanger

Sandworm by Greenberg

The Cuckoo’s Egg by Stoll

Spam Nation by Krebs

Future Crimes by Goodman

Data and Goliath by Schneier

Confront and Conceal by Sanger

The Fifth Domain by Clarke

America the Vulnerable by Brenner

The Code Book by Singh

Algorithms to Live By by Christian and Griffiths

Your Government Failed You by Clarke

Sting of the Drone by Clarke

Countdown to Zero Day by Zetter

Software Security: Building Security In by McGraw

@War by Harris

Fight Fire With Fire by Tarun

Kingpin by Poulsen

The Age of Surveillance Capitalism by Zuboff

The Internet in Everything by DeNardis

Senior Cyber by Schober

CISO Compass by Fitzgerald

This Is How They Tell Me the World Ends by Perlroth

Crimedotcom by White

Big Breaches by Daswani and Elbayadi

Innovating in a Secret World by Srivastava

Cyber Mayday by Lohrmann and Tan

Navigating the Cybersecurity Career Path by Patton

Tribe of Hackers by Carey and Jin

The PtaaS Book by Wong

CyberJutsu by McCarty

Cyber Defense Matrix by Yu

Shape by Ellenberg

So You Want to Talk About Race by Oluo

White Fragility by Diangelo

Hos to Be an Antiracist by Kendi

Lowering the Barrier to Entry in the Cybersecurity Field With Ron Gula of Gula Tech Adventures

Gene Fay — Mon, 08 Aug 2022 06:02:49 -0700

Ron is President at Gula Tech Adventures, which focuses on cyber technology, cyber policy and recruiting more people to the cyber workforce. Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. From 2002 to 2016, Ron was the co-founder and CEO of Tenable Network Security. He helped grow the company to 20,000 customers, raise $300m in venture capital and grow revenues to $100m, setting up the company for an IPO in 2018. Prior to Tenable, Ron was a cyber industry pioneer and developed one of the first commercial network intrusion detection systems called Dragon, ran risk mitigation for the first cloud company, was deploying network honeypots in the mid 90s for the DOD and was a penetration tester for the NSA and got to participate in some of the nation's first cyber exercises. Ron was also a captain in the Air Force.

LinkedIn: https://www.linkedin.com/in/rongula/

Gula Tech Adventures: https://www.gula.tech

Cybrary, Free Cybersecurity Training and Career Development: https://www.cybrary.it/

SANS Institute: https://www.sans.org

Balancing the Enforcer and Enabler Roles With Bill Brown of Abacus Insights

Gene Fay — Mon, 01 Aug 2022 06:34:45 -0700

Bill Brown is an accomplished information technology and information security leader with experience leading M&A Security Due Diligence Response and Remediation, and leading global teams in start-up, mid-size, and Fortune 1000 companies. Currently he is CISO and CIO at Abacus Insights and an advisory board member to ThreatWarrior. He has also held security leadership positions in ClickSoftware, Houghton Mifflin Harcourt, Veracode, and Iron Mountain.

LinkedIn: https://www.linkedin.com/in/billbrownusa/

HIPPA: https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act

Hiitrust: https://en.wikipedia.org/wiki/HITRUST

PII: https://www.techtarget.com/searchsecurity/definition/personally-identifiable-information-PII

Cyber Warrior: https://www.cyberwarrior.com/

Cloud Security Alliance: https://success.impartner.com/English/Customer/home.aspx

Debunking the Misconceptions of Entering the Cybersecurity Industry With James Carder of iOffce + SpaceIQ

Gene Fay — Mon, 25 Jul 2022 06:52:48 -0700

James Carder is an experienced Chief Security Officer, research and development leader, cyber security services expert, and go to market executive with over 26 years in both corporate security and consulting for public and private companies across various industries, the Fortune 500, and U.S. Government. Currently, he is the Chief Security Officer at iOffice + SpaceIQ. James also served in the Air Force.

LinkedIn: https://www.linkedin.com/in/carderj/

Twitter: https://twitter.com/carderjames

ISSA: https://www.issa.org/

OWASP: https://owasp.org/

Cloud Security Alliance: https://cloudsecurityalliance.org/

BSides: https://bsideslv.org/

U Minnesota Certificate Program: https://bootcamp.umn.edu/cybersecurity/

Why Having the Mindset of an “Eternal Student” Is the Key to Success With Ian Amit of Rapid7

Gene Fay — Mon, 18 Jul 2022 11:31:07 -0700

Ian Amit is an executive manager in the security and software industry with vast experience in multiple fields - from enterprise security, through retail, to end-user software, large back-end systems, corporate security policy, regulatory compliance, and strategy. He has spoken at various customer-focused seminars such as DEFCON, RSA, BlackHat, BSides, and many more.

LinkedIn: https://www.linkedin.com/in/iamit/

DEFCON: https://defcon.org

BSides: https://bsideslv.org

Turning Information Security Into an Inclusive Community With Tanya Janca of She Hacks Purple

Gene Fay — Tue, 12 Jul 2022 11:59:44 -0700

Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech. She values diversity, inclusion, and kindness.

LinkedIn: https://www.linkedin.com/in/tanya-janca/

Jobs in InfoSec: https://shehackspurple.ca/2022/01/01/jobs-in-information-security-infosec/

We Hack Purple Community: https://community.wehackpurple.com/

#CyberMentoringMonday: https://twitter.com/search?q=%23CyberMentoringMonday&src=typed_query&f=live

How Cybersecurity’s Origins Inform Its Future with Chris Wysopal of Veracode

Gene Fay — Wed, 29 Jun 2022 14:21:11 -0700

Chris Wysopal is Co-Founder and Chief Technology Officer at Veracode, which pioneered the concept of using automated static binary analysis to discover vulnerabilities in software. In the 1990’s, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. Chris started his career as software engineer that first built commercial software and then migrated to the specialty of testing software for vulnerabilities. He has led highly productive and innovative software development teams and has performed product strategy and product management roles.

Chris is a much sought-after expert on cybersecurity. He has been interviewed for most major technology and business publications, including New York Times, The Washington Post, WSJ, Forbes, Fortune, AP, Reuters, Newsweek, Dark Reading, MIT Tech Review, Wired, and many networks, including BBC, CNN, ABC, CBS, CNBC, PBS, Bloomberg, Fox News, and NPR. He has keynoted cybersecurity and technical conferences on 4 continents.

Link: Chris Wysopal LinkedIn
Link: Cult of the Dead Cow by Joseph Menn

Why Being Curious, Connected, and Collaborative Are Key to Success With David McLeod of Cox Enterprises

Gene Fay — Thu, 23 Jun 2022 11:27:38 -0700

David McLeod is the VP, Chief Information Security Officer at Cox Enterprises. He is an experienced Chief Information Security Officer who has demonstrated success across multiple industries. David has extensive skills in Privacy, Enterprise Risk Management, IT Strategy and Governance, and Information Risk Management.

David McLeod LinkedIn

In InfoSec Change is the Only Constant with Patricia Titus of Markel

Gene Fay — Wed, 18 May 2022 09:56:53 -0700

Patti Titus is the Chief Privacy and Information Security Officer at Markel Corporation. She also serves on the Board of Directors for Black Kite and the Girl Scouts of the Commonwealth of Virginia. She was recognized as a 'Woman of Influence' by the Executive Women’s Forum in 2009 and the Silicon Valley Business Journal in 2013.

Patti has held numerous leadership positions in the cybersecurity industry, including at Freddie Mac, Symantec, Unisys Corporation and the Transportation Security Administration within the Department of Homeland Security.

Patricia's Linkedin
SANS Institute

Building Autonomy and Diversity at Hubspot with Eric Richard

Gene Fay — Mon, 25 Apr 2022 07:07:44 -0700

Eric Richard, SVP Engineering and CISO, Hubspot
Linkedin

SANS Institute

Tips & Techniques: Writing Thank You Notes

Gene Fay — Tue, 29 Mar 2022 07:11:45 -0700

Tom Quinn, T. Rowe Price

Gene Fay — Tue, 15 Mar 2022 04:50:58 -0700

Special thanks to Tom Quinn for joining us in this episode:

Tom Quinn on Linkedin

MomentumCyber: https://momentumcyber.com/
Girl Security: https://www.girlsecurity.org/

Intro Trailer

Gene Fay — Wed, 02 Mar 2022 12:07:05 -0800

Hello and welcome to the eXecutive Security podcast where we talk to CISOs and other leaders in cybersecurity about a career in this industry, specifically how to get into it, and how to advance. My name is Gene Fay and I'm the CEO of ThreatX an API security company and the host of the eXecutive Security podcast.

I started this podcast because of my two passions, cybersecurity and helping people find jobs in cyber. Over the last 17 years, I've been blessed to meet so many amazing people within this industry. People who taught me not only about cybersecurity, but how to be a great leader. For a while I've been thinking about how I can give back to the cybersecurity industry, which has been so good to me.

Also, I've been thinking about what I've learned from great leaders in this space, and I can share this knowledge with a lot of people. So this [00:01:00] is how this podcast was started.

If you were just thinking about getting into cybersecurity and want to learn how to get started, or if you're in the field and aspire to be a manager, VP, or CISO, this podcast is for you.

I hope you enjoy it. If you have any suggestions on guests or topics you want us to cover in the future, please send me an email at genedotfayatthreatxdotcom. Thanks a lot and I hope you enjoy the podcast.