#93 - How to Become a Cyber Security Expert
G Mark Hardy & Ross YoungEpisode Description
How do you become a Cyber Security Expert?
Hello and welcome to another episode of CISO Tradecraft, the podcast that provides you with the information, knowledge, and wisdom to be a more effective cybersecurity leader. My name is G. Mark Hardy, and today we're going to talk about how to provide advice and mentoring to help people understand how to become a cybersecurity expert. As always, please follow us on LinkedIn, and subscribe to our podcasts.
As a security leader, part of your role is to develop your people. That may not be written anywhere in your job description and will probably never be on a formal interview or evaluation, but after years of being entrusted with leadership positions, I have learned what differentiates true leaders from those who just accomplish a great deal is the making of the effort to develop your people.
Now, you may have heard the phrase, "take care of your people," but I'll take issue with that. I take care of my dog. I take care of a family member who is sick, injured, or incapacitated. Why? Because they are not capable of performing all of life's requirements on their own. For the most part, your people can do this. If you are constantly doing things for people who could have otherwise done it themselves, you run the risk of creating learned helplessness syndrome. People, and even animals, can become conditioned to not do what they otherwise could do out of a belief that someone else will do it for them. I am NOT going to get political here, so don't worry about that. Rather, I want to point out that effective leaders develop their people so that they may become independent actors and eventually become effective leaders themselves. In my opinion, you should measure your success by the promotion rate of the people entrusted to you, not by your own personal career advancement or financial success.
That brings me to the subject of today's podcast -- how do you counsel and mentor others on how to become a cyber security expert? If you are listening to this podcast, there's a very good chance that you already are an expert in our field, but if not, keep listening and imagine that you are mentoring yourself, because these lessons can apply to you without having seek out a mentor. Some people figure it out, and when asked their secret, they're like Bill Murray in the movie Stripes, "We trained ourselves, sir!" But most of the time, career mastery involves learning from a number of others.
Today on CISO Tradecraft we are going to analyze the question, " How do you become a Cyber Security Expert?" I'm going to address this topic as if I were addressing someone in search of an answer. Don't tune out early because you feel you've already accomplished this. Keep listening so you can get a sense of what more you could be doing for your direct reports and any proteges you may have.
Let’s start at the beginning. Imagine being a high school kid with absolutely zero work experience (other than maybe a paper route -- do kids still do that?) You see someone that tells you they have a cool job where they get paid to ethically hack into computers. Later on, you meet a second person that says they make really good money stopping bad actors from breaking into banks. Somehow these ideas stick into your brain, and you start to say to yourself, you know both of those jobs sound pretty cool. You begin to see yourself having a career in Cyber Security. You definitely prefer it to jobs that require a lot of manual labor and start at a low pay. So, you start thinking, "how I can gain the skills necessary to land a dream job in cyber security that also pays well?"
At CISO Tradecraft we believe that there are really four building blocks that create subject matter experts in most jobs. The four building blocks are:
- Getting an education
- Getting certifications
- More >>
More Episodes
-
0#179 - The 7 Broken Pillars of Cybersecurity
-
0#178 - Cyber Threat Intelligence (with Jeff Majka & Andrew Dutton)
-
0#177 - 2024 CISO Mindmap (with Rafeeq Rehman)
-
0#176 - Reality-Based Leadership (with Alex Dorr)
-
0#175 - Navigating NYDFS Cyber Regulation
-
0#174 - OWASP Top 10 Web Application Attacks
-
0#173 - Mastering Vulnerability Management
-
0#172 - Table Top Exercises
-
0#171 - Navigating Software Supply Chain Security (with Cassie Crossley)
-
0#170 - Responsibility, Accountability, and Authority
-
0#169 - MFA Mishaps
-
0#168 - Cybersecurity First Principles (with Rick Howard)
-
0#167 - Cybersecurity Apprenticeships (with Craig Barber)
-
0#166 - Cyber Acronyms You Should Know
-
0#165 - Modernizing Our SOC Ingest (with JP Bourget)
-
0#164 - The 7 Lies in Cyber
-
1#163 - Operational Resilience
-
0#162 - CISO Predictions for 2024
-
0#161 - Secure Developer Training Programs (with Scott Russo) Part 2
-
0#160 - Secure Developer Training Programs (with Scott Russo) Part 1
-
0#159 - Refreshing Your Cybersecurity Strategy
-
0#158 - Building a Data Security Lake (with Noam Brosh)
-
0#157 - SOC Skills (with Hasan Eksi) Part 2
-
0#156 - SMB CISO Challenges (with Kevin O’Connor)
-
0#155 - SOC Skills (with Hasan Eksi) Part 1
-
0#154 - Data Protection (with Amer Deeba)
-
0#153 - Game-Based Learning (with Andy Serwin & Eric Basu)
-
0#152 - Speak My Language (with Andrew Chrostowski)
-
0#151 - Cyber War
-
0#150 - Measuring Results
-
1#149 - Board Perspectives
-
0#148 - Threat Modeling (with Adam Shostack)
-
0#147 - Betting on MFA
-
0#146 - Living in a Materiality World
-
0#145 - The Cost of Cyber Defense
-
2#144 - Handling Regulatory Change
-
0#143 - Authentication, Rainbow Tables, and Password Managers
-
0#142 - Powerful Questions
-
0#141 - Emerging Risks (with The Chertoff Group)
-
0#140 - Bobby the Intern
-
0#139 - Insider Threat Operations (with Jim Lawler)
-
0#138 - Updating the Mindmap (with Rafeeq Rehman)
-
0#137 - 1% Better Leadership (with Andy Ellis)
-
0#136 - From Hacking to Hardcover (with Bill Pollock)
-
0#135 - Board Decks (with Demetrios Lazarikos)
-
0#134 - Ransomware Response (with Ricoh Danielson)
-
0#133 - The Seesaw of Cyber Recruiting (with Lee Kushner)
-
0#132 - Founding to Funding (with Cyndi and Ron Gula)
-
0#131 - Framing Executive Discussions
-
0#130 - Financial Planning (with Logan Jackson)
-
0#129 - Protecting Your Family
-
0#128 - How do CISOs spend their time?
-
0#127 - How to Stop Bad Guys from Staying on Your Network (with Kevin Fiscus)
-
0#126 - ChatGPT & Generative AI (with Konstantinos Sgantzos)
-
0#125 - Cyber Ranges (with Debbie Gordon)
-
0#124 - Simple, Easy, & Cheap Cybersecurity Measures (with Brent Deterding)
-
0#123 - Accepted Cyber Strategy (with Branden Newman)
-
0#122 - Methodologies for Analysis (with Christopher Crowley)
-
0#121 - Legal Questions (with Evan Wolff)
-
0#120 - Negotiating Your Best CISO Package (with Michael Piacente)
-
0#119 - Ethics (with Stephen Northcutt)
-
0#118 - Data Engineering (with Gal Shpantzer)
-
0#117 - Good Governance (with Sameer Sait)
-
0#116 - A European view of CISO responsibilities (with Michael Krausz)
-
0#115 - The Business Case for a Global Lead of Field Cybersecurity (with Joye Purser)
-
0#114 - One Vendor to Secure Them All
-
0#113 - SAST Security (with John Steven)
-
0#112 - Attack Surface Management (with Richard Ford)
-
0#111 - Leading with Style
-
0#110 - CISO Predictions for 2023
-
0#109 - The Right Stuff
-
0#108 - Show Me The Money (with Nick Vigier)
-
0#107 - Consolidating Vulnerability Management (with Jeff Gouge)
-
0#106 - How to Win Your First CISO Role
-
0#105 - Start Me Up (with Bob Cousins)
-
0#104 - Breach and Attack Simulation (with Dave Klein)
-
0#103 - Listening to the Wise (with Bill Cheswick)
-
0#102 - Mentorship, Sponsorship, and A Message to Garcia
-
0#101 - SaaS Security Posture Management (with Ben Johnson)
-
0#100 - 7 Ways CISOs Setup for Success
-
0#99 - Cyberwar and the Law of Armed Conflict (with Larry Dietz)
-
0#98 - Outrunning the Bear
-
0#97 - Mobile Application Security (with Brian Reed)
-
0#96 - The 9 Cs of Cyber
-
0#95 - Got any Data Security (with Brian Vecci)
-
0#94 - Easier, Better, Faster, & Cheaper Software
-
0#92 - Updating the Executive Leadership Team on Cyber
-
0#91 - Hacker Summer Camp
-
0#90 - A CISO’s Guide to Pentesting
-
0#89 - Connecting the Dots (with Sean Heritage)
-
0#88 - Tackling 3 Really Hard Problems in Cyber (with Andy Ellis)
-
0#87 - From Hunt Team to Hunter (with Bryce Kunz)
-
0#86 - The CISO MindMap (with Rafeeq Rehman)
-
0#85 - The Fab 5 Security Outcomes Study (with Helen Patton)
-
0#84 - Gaining Trust (with Robin Dreeke)
-
0#83 - Cyber Defense Matrix Reloaded (with Sounil Yu)
-
0#82 - Cyber Defense Matrix (with Sounil Yu)
-
0#81- Career Lessons from a CISO (with John Hellickson)
-
0#80 - Breaking Backbones (with Deb Radcliff)
-
0#79 - Addressing the Top CEO Concerns
-
0#78 - Business Objectives & 5 CISO Archetypes (with Christian Hyatt)
-
0#77 - Countering Corporate Espionage
-
0#76 - The Demise of the Cybersecurity Workforce
-
0#75 - Avoiding Death By PowerPoint
-
0#74 - Pass the Passwords
-
0#73 - Wonderful Winn Schwartau
-
0#72 - Logging In with SIEMs (with Anton Chuvakin)
-
0#71 - Lessons Learned as a CISO (with Gary Hayslip)
-
0#70 - Partnership is Key
-
0#69 - Aligning Security Initiatives with Business Objectives
-
0#68 - Thought Provoking Discussions (with Richard Thieme)
-
0#67 - Knock, Knock? Who’s There and Whatcha Want?
-
0#66 - Working On The Supply Chain Gang
-
0#65 - Shall We Play A Game?
-
0#64 - 3 Keys to Being a CISO (with Allan Alford)
-
0#63 - Flirting with Disaster
-
0#62 - Promotion Through Politics
-
0#61 - Presentation Skills
-
0#60 - CISO Knowledge Domains Part 2
-
0#59 - CISO Knowledge Domains Part 1
-
0#58 - Active Directory is Active with Attacks
-
0#57 - Brace for Audit
-
0#56 - Say Firewall One More Time
-
0#55 - I have more Agents than the FBI
-
0#54 - The Great Resignation
-
0#53 - Fun and Games to Stop Bad Actors (with Dr. Neal Krawetz)
-
0#52 - Welcome to the C-Level (with Nate Warfield)
-
0#51 - New Kid in Town (with Rebecca Mossman)
-
0#50 - Border Gateway Protocol (BGP)
-
0#49 - Cyberlaw Musings (with Mark Rasch)
-
0#48 - Effective Meetings
-
0#47 - More Risky Business with FAIR
-
0#46 - Crisis Leadership with G Mark Hardy‘s 9/11 Experience
-
0#45 - Protecting your Crown Jewels (with Roselle Safran)
-
0#44 - Intro to Docker Containers and Kubernetes (K8s)
-
0#43 - Cyber Deception (with Kevin Fiscus)
-
0#42 - Third Party Risk Management (with Scott Fairbrother)
-
0#41 - Got any Threat Intelligence?
-
0#40 - Risky Business
-
0#39 - Stressed Out? Find your Ikigai and 6 Invaluable Factors
-
0#38 - CMMC and Me
-
0#37 - Cyber Security Laws & Regulations
-
0#36 - IPv6 Your Competitive Advantage (with Joe Klein)
-
0#35 - Setting Up an Application Security Program
-
0#34 - Metrics that Matter
-
0#33 - 10 Steps to Cyber Incident Response Playbooks
-
0#32 - Brace for Incident (with Bryan Murphy)
-
0#31 - Executive Order on Improving the Nation’s Cybersecurity
-
0#30 - Cloud Drift (with Yoni Leitersdorf)
-
0#29 - Identity and Access Management is the New Perimeter
-
0#28 - AI and ML and How to Tell When Vendors Are Full of It
-
0#27 - Roses, Buds, & Thorns
-
0#26 - Blockchain for CISOs
-
0#25 - Slay the Dragon or Save the Princess?
-
0#24 - Everything you wanted to know about Ransomware
-
0#23 - NSA’s Top 10 Cybersecurity Mitigation Strategies
-
0#22 - Modern Software Development Practices
-
0#21 - Your First 90 Days as a CISO (with Mark Egan)
-
0#20 - Zero Trust
-
0#19 - Team Building
-
0#18 - Executive Presence
-
0#17 - Global War on Email
-
0#16 - The Essential Eight
-
0#15 - IT Governance
-
0#14 - How to Compare Software
-
0#13 - Executive Competencies
-
0#12 - The Three Ways of DevOps
-
0#11 - Cryptography
-
0#10 - Securing the Cloud
-
0#9 - Introduction to the Cloud
-
0#8 - Crucial Conversations
-
0#7 - DevOps
-
4#6 - Change Management
-
0#5 - Cyber Frameworks
-
0#4 - Asset Management
-
0#3 - How to Read Your Boss
-
0#2 - Principles of Persuasion
-
0#1 - What is a CISO?
Comments (0)
0/500New Comments(0)
What do you think of this episode? -
Please Select A Playlist
Add New Playlist
Share on
- Embed How to use?
- Copy Link
Embed: Love & Light EP
Custom Size :
- Default
- Desktop(300*600)
- Mobile(300*250)
Type :
- HTML/HTML5 (WordPress Supported)
Congratulations! You have successfully activated Boomplay 1 Month Premium.
Please check your balance and then try again.
Payment is being processed by . Please wait while the order is being comfirmed.
- Completed: Your order has been successfully paid.
- Cancelled: Your expired order will turn to "Cancelled".
- Failed: Your order was not successfully processed due to payment error.
- Processing: Your order is processing, and it may take a few days for the service provider to handle your payment. Once it notifies us the payment result, we will change the status of the order.