In this episode we explore supply-chain security with Manish Gupta. We’re going to learn about risks and cyberattacks related to the continuous integration/continuous deployment or CI/CD pipeline, which, given high-profile attacks like SolarWinds, will give us plenty to discuss this week!

0:00 - Intro
2:21 - Manish's origin story
4:58 - Major career stepping stones
8:45 - Lessons when ahead of the curve
11:21 - Average day as a servant leader CEO
14:54 - Concerns with supply chain security
21:22 - Federal supply chain action
26:20 - What supply chain policy should focus on
28:40 - Skills needed for supply chain jobs
32:48 - What should be on my resume?
34:03 - Showing supply chain aptitude
36:04 - Future projects
38:29 - Outro

Have you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You’ll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free!

Digital forensics professional Ondrej Krehel talks about the work of digital forensics in federal and government locations, the things he learned during a months-long attempt at decrypting a well-secured Swiss bank file and why finishing the research beats any degree you could ever have.

0:00 - Intro
2:11 - Ondrej's cybersecurity journal
5:33 - Career stepping stones
9:55 - The Swiss job
16:02 - Chasing the learning and experience
20:01 - Digital forensics on a government and federal scale
28:07 - Forensics collaboration on a case
30:46 - Favorite work stories
31:33 - How to improve infrastructure security
36:01 - Skills needed to enter digital forensics in government
41:31 - Unheard activities of digital forensics
43:48 - Where do I get work experience?
47:05 - Tips for digital forensic job hunters
52:19 - Work with LIFARS
57:50 - Outro

Have you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You’ll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free!

Whether you’re looking for first-time work in the cybersecurity field, still studying the basics or considering a career change, you might feel overwhelmed with choices. How do you know you have the right knowledge? How do you make yourself stand out in the resume pile? How do you get jobs that require experience without having any experience?

Join a panel of past Cyber Work Podcast guests including Gene Yoo, CEO of Resecurity, and the expert brought in by Sony to triage the 2014 hack; Mari Galloway, co-founder of Women’s Society of Cyberjutsu and Victor “Vic” Malloy, General Manager, CyberTexas.

They provide top-notch cybersecurity career advice for novices, including questions from Cyber Work Live viewers.

0:00 - Intro
3:38 - I'm tech-savvy. Where do I begin?
10:55 - Figuring out the field for you
19:16 - Returning to cybersecurity at 68
23:30 - Finding a cybersecurity mentor
29:39 - Non-technical roles in the industry
36:21 - Breaking into the industry
43:46 - Standout resume and interview
51:31 - Is a certification necessary?
56:50 - Related skills beginners should have
1:04:35 - Outro

This episode we welcome back Emily Miller of Mocana to discuss infrastructure security! We discuss the water supply hack in Oldsmar, Fla., the state of the nation’s cybersecurity infrastructure and brainstorm a TikTok musical that will make infrastructure security the next Hamilton!

0:00 - Intro
3:02 - The last two years
5:54 - The impact of COVID
10:10 The Florida hack
15:50 Scope and scale of safety systems
18:50 State and local government responses
23:20 Logistical issues of security for infrastructure
26:45 Ideal solutions to security
31:33 How to improve infrastructure security
39:42 Aiming toward state and local government
43:20 Skills to learn for this work
48:13 Future proofing this role
52:54 Work and upcoming projects
55:55 Outro

Have you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You’ll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free!

This episode we chat with Jackie Olshack, a project management professional, about the role of project management in cybersecurity. We break down the specific functions of some major project management certifications, discuss things you can do tonight to start your project management training and hear why every security breach story on CNN is a cause for reflection.

0:00 - Intro
3:09 - Getting into cybersecurity project management
4:30 - What does a cybersecurity project manager do?
5:56 - Identity access management
8:35 - Average day for a project manager
9:57 - Managing project resources
11:36 - Getting into project management
12:54 - What happens without a project manager?
14:30 - Highs and lows of the job
17:22 - Training needed for the role
20:18 - What is identity access management?
24:12 - Preferred job experiences
28:02 - Interests and skills to succeed
31:17 - Where do I begin with tech lingo?
33:18 - What can I do to change careers?
35:00 - Has remote work changed workflow?
35:55 - Outro

Have you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You’ll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free! Click the link below to get started.

Jackie Olshack worked almost 20 years as legal secretary/paralegal for multiple patent corporate law firms. In the late 1990s, she began to recognize it was becoming harder to break the ceiling on her $58,000 salary as more and more attorneys were typing their own documents, managing their own calendars and making their own travel arrangements, putting the future of her career in jeopardy. After some introspection, she decided to go back to college and pursue a science degree with plans to go to law school to become a patent attorney — but couldn’t get her LSAT higher to get into even a fourth-tier law school. She now proudly thanks all the law schools that turned her down, preventing the dreaded $150,000-$200,000 law school debt she would have incurred. She is now an analytical, top performing SAFe trained senior project management professional with 14+ years of experience managing and implementing IT programs and projects successfully.

Today we're talking about security awareness, specifically about the role of a security awareness manager, with Tiffany Franklin of Optiv. We talk about the importance of C-suite buy-in to a security awareness program, how to create challenging phishing simulators without making employees feel like victims of a gotcha attack and how being a fifth-grade math teacher can make you a better security awareness manager.

0:00 - Intro
2:13 - Getting into cybersecurity
3:57 - Instructional design and technology
4:58 - Primary responsibilities in her role
6:38 - Security awareness work
9:40 - What is the division of work?
11:55 - Skills needed for this role
15:04 - Helping people when they fail
17:12 - Daily tasks
18:15 - Highs and lows of the job
22:00 - COVID phishing emails
22:40 - GoDaddy phishing and ethics
26:20 - Creating security awareness campaigns
31:14 - Optimal combo of tech and savvy
34:20 - How to get into cybersecurity
37:10 - Outro