Security operations center (SOC) analysts are responsible for analyzing and monitoring network traffic, threats and vulnerabilities within an organization’s IT infrastructure. This includes monitoring, investigating and reporting security events and incidents from security information and event management (SIEM) systems. SOC analysts also monitor firewall, email, web and DNS logs to identify and mitigate intrusion attempts.

0:00 Intro
1:20 - What is a SOC analyst?
1:58 - Levels of SOC analyst
2:24 - How to become a SOC analyst
2:53 - Certification requirements
3:29 - Skills needed to succeed
4:38 - Tools SOC analysts use
5:32 - Open-source tool familiarity
6:05 - Pivoting from a SOC analyst
6:50 - What can I do right now?
7:32 - Experience for your resume
8:07 - Outro

Infosec’s Principal Security Researcher, instructor and cybersecurity renaissance man Keatron Evans returns to the show for the first in a series of once-quarterly episodes breaking down big stories in the news and cybersecurity trends for the future! We talk Solarwinds, Colonial Access Pipeline, Oldsmar, Keatron’s origin story and why, just like practicing your scales makes you a better musician, master pentesters and security pros got where they did by mastering the art of repetition in learning.

0:00 - Intro
2:30 - How did you get into cybersecurity?
4:00 - What skills did you have early on?
6:10 - First interaction with Infosec
10:34 - Work as a principal security researcher
13:20 - Machine learning in cybersecurity
14:14 - Infosec classes
17:28 - Equity in cybersecurity
20:25 - You don't need a technical background
21:36 - Major security breaches of 2021
22:15 - SolarWinds breach
24:56 - What job roles help stop these breaches?
27:50 - Water treatment plant breach
31:42 - Infrastructure security
34:30 - President Biden and cybersecurity
39:22 - Supply chain security
43:20 - Security trends for 2022
49:00 - Projects to keep an eye on
50:52 - Learn more about Evans
51:44 - Outro

Security managers develop security strategies that align with the organization's goals and objectives. In addition, they direct and monitor security policies, regulations and rules that the technical team implements. Knowledge in areas like information security governance, program development and management, incident response and risk management are important to success in any security management role.

0:00 - Intro
0:26 - What does a security manager do?
3:15 - How do you become a security manager?
4:54 - What education is required for security managers?
5:55 - What certificates are required for security managers?
7:23 - What skills does a security manager need to have?
9:58 - Common tools security managers use
11:48 - Where do security managers work?
13:45 - How well do security managers pivot into other roles?
15:36 - What step can someone take now to become a security manager?
17:27 - Outro

Andrew Howard, CEO of Kudelski Security, returns to give us his cybersecurity predictions for 2022! How will cybersecurity protect the supply chain, why is quantum computing on all of his clients' minds, and how would Andrew rewrite security from the ground up if a genie granted him three wishes?

0:00 - Intro
3:00 - Getting into cybersecurity
4:00 - How has the cloud evolved?
6:46 - The past year in cybersecurity
8:20 - The next cybersecurity innovation
8:57 - Where quantum computing is going
10:15 - Concerns about encryption data
10:54 - The state of ransomware
12:57 - Cybersecurity supply chain issues
16:18 - Hybrid work cybersecurity
18:42 - The year of cyber insurance
20:35 - DOD directive to close security gaps
22:15 - What would you change in cybersecurity?
25:45 - What would put phishing out of mind?
28:10 - Advice to 2022 cybersecurity students
29:37 - Kudelski Security
30:58 - Blockchain security in 2022
31:57 - Learn more about Kudelski
32:10 - Outro

Penetration testers, or ethical hackers, are responsible for planning and performing authorized, simulated attacks within an organization’s information systems, networks, applications and infrastructure to identify vulnerabilities and weaknesses. Findings are documented in reports to advise clients on how to lower or mitigate risk. Penetration testers often specialize in a number of areas such as networks and infrastructures, Windows, Linux and Mac operating systems, embedded computer systems, web/mobile applications, supervisory control data acquisition (SCADA) control systems, cloud systems and internet of things (IoT) devices.

https://www.infosecinstitute.com/role-penetration-tester/

0:00 - Intro
0:26 - What does a penetration tester do?
1:10 - Levels of penetration testers
1:50 - How to become a penetration tester
3:08 - Education needed to be a pentester
3:50 - Skills needed to pentest
4:24 - Common tools of the pentester
5:07 - Training with the tools
5:42 - Job options for pentesters
6:36 - Work duty expectations
7:45 - Can you move to a different role?
9:09 - What can I do to become a pentester?
9:54 - Outro

Roderick Jones of Concentric talks about security risks facing content creators, influencers, gamers and streamers on Twitch, YouTube and elsewhere. Online harassment is often seen as “part of the package” if you’re going to work in a public-facing streamer community, but Jones knows that this isn’t inevitable, and it is fixable. A future without a shrug-shoulders approach to online abuse?

0:00 - Intro
3:37 - How did you get into cybersecurity?
5:30 - Were you scouted for your role?
6:44 - How did the landscape change?
8:40 - Security intelligence to private sector
11:50 - Daily work at Concentric
13:25 - Staying up on trends
15:09 - Gaming, streaming and security issues
21:31 - Desentization and online personalities
25:42 - The future of online access
27:37 - How to protect streamers
31:40 - Censoring on streaming platforms with AI
35:06 - Safeguards streams should have in place
40:06 - Cybersecurity jobs related to streaming security
41:58 - Being courteous online
42:43 - More about Concentric
43:58 - Learn more about Jones
44:35 - Outro