Episode Transcript
WEBVTT
1
00:00:02.319 --> 00:00:07.549
Welcome to the chief of Cyber Security
Podcast, where we discuss relevant information concerning
2
00:00:07.589 --> 00:00:12.869
the cyber security workforce, Business Development
and best practices, made possible by see
3
00:00:12.910 --> 00:00:17.469
miss learn more at seems done,
and for a list of authorized publications,
4
00:00:17.589 --> 00:00:24.140
visit Dwayne hardcom. And now here's
your host, Dwayne heart. Welcome.
5
00:00:24.620 --> 00:00:31.579
Welcome again, my listeners. We
have made it to episode fourteen, how
6
00:00:31.739 --> 00:00:39.450
to build a successful cyber security career. Now I realized that, since I'm
7
00:00:39.609 --> 00:00:42.490
only going to do this for about
a half an hour, I realized that
8
00:00:42.570 --> 00:00:45.130
I may give responses and saying,
you know, that should have been a
9
00:00:45.210 --> 00:00:49.090
whole hour, and you're right about
that, because what I am going to
10
00:00:49.170 --> 00:00:53.039
do with this podcast session it is
just the focus on the high level things
11
00:00:53.159 --> 00:00:58.600
that you, as a person who
is entering the Cyberg security workforce or someone
12
00:00:58.679 --> 00:01:03.120
that works in the Cyberg series cyber
security workforce, needs to know. And
13
00:01:04.510 --> 00:01:11.030
when I was putting all my notes
together and also thinking about some of the
14
00:01:11.950 --> 00:01:17.269
discussion points that I needed to have
in place, I thought about, in
15
00:01:17.430 --> 00:01:22.819
fact, the ways to deliver this
podcast session, and one of the ways
16
00:01:22.980 --> 00:01:26.420
to approach it is to look at
it from the higher level. And it
17
00:01:26.540 --> 00:01:33.010
stayed okay, when I first started
off into this industry, how did I
18
00:01:33.370 --> 00:01:38.450
approach the career feel what were some
of the challenges that I approach? How
19
00:01:38.609 --> 00:01:44.409
could I have done things better,
and also to what is it? Some
20
00:01:44.569 --> 00:01:49.319
of the things that I know that
normal people do not talk about when it
21
00:01:49.439 --> 00:01:53.480
comes to career development, because most
of the times when you hear about a
22
00:01:55.040 --> 00:02:00.629
person's career development is talk about education, talk about training, talk about taking
23
00:02:00.709 --> 00:02:05.670
on different jobs, talk talk about
taking on your resumes. That is all
24
00:02:05.829 --> 00:02:09.229
fine, but there are some nuances
that go outside of that that I think
25
00:02:09.270 --> 00:02:15.030
that people need to know. So
stay with me through this podcast session here
26
00:02:15.590 --> 00:02:22.939
and if you are involved with cybersecurity
or if you're thinking about entering the sober
27
00:02:23.020 --> 00:02:28.900
security workforce, I am going to
give you some food for thoughts and to
28
00:02:29.060 --> 00:02:35.090
give you some knowledge. All right, because my personal career started off and
29
00:02:35.210 --> 00:02:44.360
the soybergecurity industry working on a junior
level and then send all those in the
30
00:02:44.479 --> 00:02:47.879
industry that will challenge that way through
education and training, and I jumped on
31
00:02:49.000 --> 00:02:53.520
the bandwagon. Did I ever think
that I would become a podcast host that
32
00:02:53.680 --> 00:02:58.830
talking about cybersecurity? Know, because
a lot of times when you channel your
33
00:02:58.909 --> 00:03:04.069
career. You know, you see
different avenues that you want to travel and
34
00:03:04.270 --> 00:03:08.229
and you travel down those avenues and
you never know where you're going to go,
35
00:03:08.389 --> 00:03:15.699
but they are certain things that should
exist in your career rope map and
36
00:03:15.259 --> 00:03:20.500
this is what we're going to talk
about to day. So let's just look
37
00:03:20.539 --> 00:03:23.900
at the outline for the show.
First of all, I am going to
38
00:03:23.979 --> 00:03:29.289
talk about the need for the cyber
security workforce. Why is the cybergey cyber
39
00:03:29.409 --> 00:03:34.169
security workforce needed? These are not
just people that you hire and put on
40
00:03:34.289 --> 00:03:39.650
the staff just to try to create
a pretty picture for cybersecurity. There's a
41
00:03:39.810 --> 00:03:46.680
dire need to have cyberg security pro
fashionals and we are going to be discussing
42
00:03:46.919 --> 00:03:54.830
why is that need a critical desire
education certification. This is very important because
43
00:03:57.830 --> 00:04:02.469
education certification is needed. But then
again, they are some rumors that are
44
00:04:02.509 --> 00:04:09.349
probably going around about what, what
certification of person needs to have. What
45
00:04:09.469 --> 00:04:13.180
if I have a master's degree,
you know, how come I can't get
46
00:04:13.219 --> 00:04:16.139
hired because I have a doctorate?
All right, we're going to break that
47
00:04:16.379 --> 00:04:20.699
down and look at some of the
pros and the cons and the challenges of
48
00:04:21.459 --> 00:04:29.850
trying to build your professional profile as
of relation to education and certification. Then
49
00:04:30.009 --> 00:04:33.250
next we're going to get into something
that's very imported. My resume needs work.
50
00:04:33.810 --> 00:04:40.040
All right, listen, your resume
is the first thing that speaks about
51
00:04:40.120 --> 00:04:47.120
you. Recruiters don't know you personally
and you have recruiters that haven't even spoken
52
00:04:47.160 --> 00:04:50.800
to you. But guess what,
they they have a copy of your resume.
53
00:04:50.839 --> 00:04:57.709
If your resume do not represent you, it makes it challenging to channel
54
00:04:57.829 --> 00:05:02.750
through the channel, through the cyber
security career. Feel that's men talk about.
55
00:05:03.189 --> 00:05:06.779
I should have three pages, I
should have one page. All right.
56
00:05:08.779 --> 00:05:14.300
So, no matter how many pages
you should have, let's just talk
57
00:05:14.339 --> 00:05:19.220
about why your resume needs work,
because your resumes represents you choosing your role.
58
00:05:19.699 --> 00:05:23.209
Now this is very important. So
you know what out there and you
59
00:05:23.250 --> 00:05:27.209
don't got certified. You have all
the education in the world, but now
60
00:05:27.449 --> 00:05:30.329
what roles should you be choosing?
Because when you spoke to that recruiter,
61
00:05:30.370 --> 00:05:34.649
he told you that was the best
job that you could ever take and you
62
00:05:34.689 --> 00:05:40.199
would get the best skill sets.
And then you probably went on a job
63
00:05:40.319 --> 00:05:43.519
and realize that you didn't like it, and now you go, wow,
64
00:05:43.560 --> 00:05:47.120
I've been working here two weeks and
I really don't want to change jobs.
65
00:05:48.120 --> 00:05:53.670
So how should you choose your role? Next, I am going to get
66
00:05:53.670 --> 00:05:58.389
into now that I am hired.
What's next? This is when you get
67
00:05:58.430 --> 00:06:01.350
hurt and you're on the job.
How should you people? How should you
68
00:06:01.589 --> 00:06:06.860
be performing? What are some of
those things that you should know when you're
69
00:06:06.860 --> 00:06:13.579
working on a job every day?
Okay, these these are the things that
70
00:06:13.660 --> 00:06:18.009
a career professional never talks about.
All right, and, as I stated
71
00:06:18.170 --> 00:06:23.170
before, these are the nuances here. These are the things that are outside
72
00:06:23.209 --> 00:06:27.410
the box that you would never hear
a person discuss about when it comes to
73
00:06:27.769 --> 00:06:32.360
career development. Okay, and speaking
of career development, we're going to end
74
00:06:32.439 --> 00:06:42.639
it by talking about an individual development
plan, and acronym called IDP is pretty
75
00:06:42.639 --> 00:06:46.949
much what it's called. This is
this is where where you're going to learn
76
00:06:47.029 --> 00:06:50.430
how to be on your career,
because it's about you. You know,
77
00:06:50.589 --> 00:06:58.509
everybody plans, but do people effectively
plan for their careers? Okay, sometimes
78
00:06:58.589 --> 00:07:02.540
people shoot from the HIP and luckily
end up in a job or, you
79
00:07:02.620 --> 00:07:09.420
know, they just take a job
because salary base looks really good and others
80
00:07:09.620 --> 00:07:14.860
just kind of kind of take a
job because because it's a piece of commends.
81
00:07:15.459 --> 00:07:18.889
But your individual development plan needs to
be built and you need to have
82
00:07:19.129 --> 00:07:24.850
one in place. So let's just
roll into talking about the need for the
83
00:07:24.889 --> 00:07:30.519
sober security workforce. You know,
and the IT industry and technology first started,
84
00:07:31.879 --> 00:07:36.759
and I spoke about this and some
of my previous podcast sessions, especially
85
00:07:36.959 --> 00:07:43.839
on the dissect and cyber security,
I gave a little history about how cyber
86
00:07:43.920 --> 00:07:47.870
security came about for today. Because
if you go back in history and think
87
00:07:47.910 --> 00:07:54.149
about World War I think about the
s in the s and think about that
88
00:07:54.310 --> 00:07:59.220
every time people had information, they
was writing it down on a sheet of
89
00:07:59.259 --> 00:08:01.860
paper, put in a box and
stuff into the closet or Stephen in the
90
00:08:01.939 --> 00:08:07.339
locker. But over time, when
the Internet surface, that was a die
91
00:08:07.459 --> 00:08:11.500
need for data. People wanted to
log online, you know, to check
92
00:08:11.579 --> 00:08:16.449
the email. People wanted to use
the chat room. I remember the first
93
00:08:16.490 --> 00:08:22.170
computer I got. It was a
packet bail computer and I was logging online
94
00:08:22.209 --> 00:08:33.440
and and I was just using the
computer to go to chat rooms, okay,
95
00:08:33.679 --> 00:08:37.200
and check email and I was happy
about that. But that was not
96
00:08:37.440 --> 00:08:43.110
a dying need for all the data
and all the information. Privacy wasn't really
97
00:08:43.149 --> 00:08:50.149
a critical type of concern during those
years. Banking and online assets was private.
98
00:08:50.149 --> 00:08:54.350
A minimum but over the couple years
a lot of that has change.
99
00:08:54.899 --> 00:09:01.220
And when that change happened, that's
when sober security began to grow and have
100
00:09:01.379 --> 00:09:05.820
a die need. And as and
as the dire needs happened, you need
101
00:09:07.220 --> 00:09:13.129
people to work and sober security feel
so. So as people began to work
102
00:09:13.289 --> 00:09:22.450
in the field, that's when it
became apparent that you needed a workforce.
103
00:09:22.490 --> 00:09:30.240
Right, and in order to build
a workforce, people need to be trained.
104
00:09:30.840 --> 00:09:35.840
And this is how digital modestization came
to surface, because the word force
105
00:09:35.919 --> 00:09:39.230
has to change daily. And as
the workforce is changing, you know,
106
00:09:39.309 --> 00:09:46.309
it's changing because of technology is growing. So so this is the need for
107
00:09:46.429 --> 00:09:50.830
the sober security workforce, because technology
is growing, because there are security threats
108
00:09:50.950 --> 00:09:56.340
that are ever growing every day,
and also too, because you think about
109
00:09:56.379 --> 00:10:01.500
data and privacy. Now, now, here's some so here's some facts to
110
00:10:01.620 --> 00:10:07.889
go shed to this topic. Here. Cyber security cannot be battled alone.
111
00:10:07.090 --> 00:10:13.529
Yeah, you cannot have sobercurity without
having a workforce. Okay, you cannot
112
00:10:13.049 --> 00:10:18.850
battle the field of sober security and
just say hey, you know, we
113
00:10:18.929 --> 00:10:24.159
are safe, but you need people
and you need a workforce to actually accomm
114
00:10:24.320 --> 00:10:30.879
prestimission. Here's here's some facts right
here is that fishing, a fishing a
115
00:10:31.039 --> 00:10:35.559
tax account for nine percent of data
breaches, according to Ciscoes two thousand and
116
00:10:35.559 --> 00:10:41.909
twenty one cyber Security Threat Trans report. So if that is a case,
117
00:10:41.070 --> 00:10:46.309
then we need well trained people and
we need to work for us. Here
118
00:10:46.389 --> 00:10:54.379
goes something else of facts that I
found too, is that human error accounts
119
00:10:54.460 --> 00:11:00.059
for nine five percent of all cyber
reaches. So, with that said,
120
00:11:00.179 --> 00:11:03.980
you need other people to keep other
people in line, and this is why
121
00:11:03.649 --> 00:11:09.250
the cyber security work for us,
it's a dire need. Now, now
122
00:11:09.370 --> 00:11:13.649
for the people that want to transition
into the field or the people that are
123
00:11:13.889 --> 00:11:18.080
into the field itself and, you
know, and for the others that are
124
00:11:18.320 --> 00:11:22.360
part of the work for us,
there's a three legged process that we hip
125
00:11:22.399 --> 00:11:30.480
your career channel. So so let's
talk about Ed Education and certification, because
126
00:11:30.480 --> 00:11:33.389
a lot of time, you know, I hear this talk about I have
127
00:11:33.509 --> 00:11:37.230
a doctor degree, I have a
mouse degree, I should be getting paid
128
00:11:37.269 --> 00:11:39.870
on a hundred and sixty thousand dollars
a year. You know, I have
129
00:11:39.950 --> 00:11:43.590
all these certification. How come I
can't get hired? But you know what,
130
00:11:43.909 --> 00:11:50.059
there's a triangle and it's called the
three legged process. Education, certification
131
00:11:50.139 --> 00:11:56.580
and experience. If your cyber security
professional, you're going to have to balance
132
00:11:56.620 --> 00:12:01.610
all three. If you have a
master segreed, that's great. You can
133
00:12:01.690 --> 00:12:05.970
have all the certifications in the world, but you know, they are certain
134
00:12:05.009 --> 00:12:11.129
companies that also want the education and
they also want to have the experience from
135
00:12:11.169 --> 00:12:18.559
the candidates. So so to accomplish
the mission right, you always got to
136
00:12:18.639 --> 00:12:26.759
think about the three legged process.
So so so still to the question where
137
00:12:26.799 --> 00:12:30.269
do they matter and which one matter
most? It all depends on the job,
138
00:12:30.830 --> 00:12:33.029
because you can go to a certain
job and you know, the job
139
00:12:33.190 --> 00:12:39.990
may just be focused more so on
certifications. And I've seen people that the
140
00:12:39.110 --> 00:12:46.860
actually came from the old school technology
areas and and it was not required to
141
00:12:46.980 --> 00:12:50.980
have education and certification. And you
know, they they've been around this industry
142
00:12:52.059 --> 00:12:54.419
for about thirty years and you know, and they say, and I got
143
00:12:54.500 --> 00:12:58.730
all this experience. You know how
I'm how to that? I scroggle for
144
00:12:58.769 --> 00:13:03.490
a job because the industry changes over
time. Ask the industry changes and ask
145
00:13:03.570 --> 00:13:09.090
the job requirement change. So should
a person career path? All right,
146
00:13:09.570 --> 00:13:13.159
so, if you're in the Industry
today, get your certification, get your
147
00:13:13.200 --> 00:13:18.279
education. All right, look at
the job duties that you have. It's
148
00:13:18.360 --> 00:13:26.120
a change in industry. I was
we believe in a verba secn concept.
149
00:13:26.470 --> 00:13:31.470
You need options. Okay, it
makes you powerful. Options are saying that
150
00:13:33.470 --> 00:13:37.590
that that I have maxed out my
education. I have a doctor, I
151
00:13:37.710 --> 00:13:41.539
have maxed out my certification, I
have a seass P, I have a
152
00:13:41.620 --> 00:13:46.179
certified ethical hacker, I have twelve, maybe thirteen, different certification and I
153
00:13:46.340 --> 00:13:52.059
have so much experience. You have
options. You are powerful if you can
154
00:13:52.139 --> 00:13:58.370
reach that level. So diversify.
Don't just don't just stay to one side
155
00:13:58.409 --> 00:14:01.889
of the coin and and just focus
on certification or focus on education or just
156
00:14:03.049 --> 00:14:07.570
focus on experience. But you got
to add all three legs together. When
157
00:14:07.610 --> 00:14:11.799
you add all of those three legs
together, that's when you can document it
158
00:14:11.919 --> 00:14:18.279
on your resume. So let's talk
about something else important. My resume needs
159
00:14:18.399 --> 00:14:24.159
work. Okay, a recruiter doesn't
know who you are when you submit your
160
00:14:24.200 --> 00:14:31.070
resume. Your resume is a it's
is an image of you. Okay,
161
00:14:31.549 --> 00:14:37.789
that resume has to state who you
are now, but you have to be
162
00:14:37.990 --> 00:14:39.980
real with what you put on your
resume. If you put all these skill
163
00:14:41.059 --> 00:14:45.220
sets on your resume and you don't
have those skills sets and you get to
164
00:14:45.299 --> 00:14:48.019
a job interview, you're going to
fail, all right. Now if you
165
00:14:48.179 --> 00:14:54.090
under document your resume, which means
they'll critical skill sets that you have your
166
00:14:54.169 --> 00:14:58.889
resume make it overlook all right.
So a resume is an image of you.
167
00:14:58.970 --> 00:15:05.049
People don't know who you are.
All they know is that they have
168
00:15:05.289 --> 00:15:11.679
seen cyber security professionals resume, all
right, and when they look at that
169
00:15:11.840 --> 00:15:16.000
resume, that's all they know.
So something else is that so many job
170
00:15:16.080 --> 00:15:20.909
ads and people try to get the
resumes for a different job as here is
171
00:15:22.429 --> 00:15:26.549
my note on that. Right,
who you are. Let the job at
172
00:15:26.710 --> 00:15:31.549
be the job at. Okay,
right, who you are, but you
173
00:15:31.590 --> 00:15:35.500
can take a different job had and
look at those and see what the industry
174
00:15:37.139 --> 00:15:41.860
wants and take notes from that and
to bill your resume based on the critical
175
00:15:41.899 --> 00:15:46.100
skill sets that you offered to the
industry. One, two or three pages.
176
00:15:46.980 --> 00:15:50.850
I would admit I broke the rule. I had six pages on my
177
00:15:50.970 --> 00:15:56.850
resume. I've had four pages,
I've I've had five pages. I've actually
178
00:15:56.850 --> 00:16:00.169
had a friend that had eight pages, okay, eight pages on this resume,
179
00:16:00.250 --> 00:16:04.240
and guess what? Recruiter still called
him. But you know what it
180
00:16:04.440 --> 00:16:10.120
was? Value in his resume.
It was it was critical information and in
181
00:16:10.600 --> 00:16:14.639
this resume that carry weight. It
was not fluff. You know, Flaw
182
00:16:14.720 --> 00:16:21.149
F is just having a resume and
saying that I am the number one person
183
00:16:21.269 --> 00:16:26.470
in my company that leads cyber security. Okay, but there's twozero other people
184
00:16:26.509 --> 00:16:29.909
that work in soyber secure. You
are not the number one person. Trust
185
00:16:29.950 --> 00:16:33.779
me on this. All right,
fluff, you get rid of the fluff
186
00:16:33.779 --> 00:16:37.539
off your resume. Make it actionable, hardcore facts. It's what you need
187
00:16:37.620 --> 00:16:41.620
in your resume. Focus on skill
sets versus the Jacobal trades. Okay,
188
00:16:44.220 --> 00:16:48.570
okay, you can know a million
things about cybersecurity, but the truth is,
189
00:16:49.370 --> 00:16:53.649
what is it that you good at? I remember when I channel through
190
00:16:53.730 --> 00:17:00.289
the industry, I was always trying
to find my niche and where I should
191
00:17:00.289 --> 00:17:03.079
be. You know, I start
off a guy said, okay, I
192
00:17:03.200 --> 00:17:07.319
like programming. Then I realize it
was boring because I didn't want to sit
193
00:17:07.400 --> 00:17:11.880
behind a computer all day. Then
I transition over to networking, okay,
194
00:17:12.559 --> 00:17:15.309
and you know, it was kind
of fun. Then I heard this word
195
00:17:15.349 --> 00:17:21.109
about cybersecurity and I got involved with
it and I like cybersecurity. But under
196
00:17:21.230 --> 00:17:26.990
cybersecurity there are different type of job
feels. You can work in a security
197
00:17:26.029 --> 00:17:33.059
operations you can be an engineer or
you can be analyst or you can roll
198
00:17:33.140 --> 00:17:37.420
into the vulnerability management space, and
this is where I found the most fun
199
00:17:37.579 --> 00:17:42.859
because on the vulnerability management, you
know you have to know networking and you
200
00:17:44.019 --> 00:17:48.569
have to know risk management and you
have to know system administration. So I
201
00:17:48.650 --> 00:17:52.170
said, Hey, I like this
field and also too, I get a
202
00:17:52.210 --> 00:17:56.730
chance to you some really it's gravagant
tools, you know, like next has
203
00:17:56.809 --> 00:18:02.279
rapid seven splunk in a couple of
two, so I can get data.
204
00:18:02.400 --> 00:18:08.240
So so the truth is, think
about your niche think about where you want
205
00:18:08.279 --> 00:18:14.109
to go. Get good at something
and be great at it. I actually
206
00:18:14.109 --> 00:18:18.470
have a friend now that is the
king of macafee products. All right,
207
00:18:18.829 --> 00:18:23.789
he can tell you everything you need
to know about macafee because that is a
208
00:18:25.109 --> 00:18:30.299
exactly what he'd been doing for the
patch when years. It's working on macafee
209
00:18:30.740 --> 00:18:36.500
products. And he's a smart person. He knows everything about macafee and and
210
00:18:36.980 --> 00:18:41.059
you know, job recruiters to chase
him down. Okay, and he's a
211
00:18:41.099 --> 00:18:45.970
smart person. So, so,
so, instead of the Jacobal cript trade,
212
00:18:45.490 --> 00:18:51.569
he actually had focus skill sets.
Your resume tells your story. So
213
00:18:51.769 --> 00:18:55.009
make sure it is easy on the
steward and has a great flow. Yeah,
214
00:18:56.160 --> 00:18:59.720
people reach your resume because it's a
story of you. All Right,
215
00:19:00.519 --> 00:19:07.319
work on that resume because it needs
attention. So so now, now that
216
00:19:07.480 --> 00:19:14.190
you got your resume right and it's
all pretty Nice, time to choose your
217
00:19:14.230 --> 00:19:18.509
role. Okay, what type of
roles should you be choosing? All right,
218
00:19:18.589 --> 00:19:23.190
because you have the government and you
have contracting companies and you have the
219
00:19:23.269 --> 00:19:27.700
financial industry and you have court America, you have banks, mean, you
220
00:19:27.779 --> 00:19:32.299
know, it's so many different type
of roles to choose. So I always
221
00:19:32.339 --> 00:19:34.700
like to say that if your junior
person and you jest coming on board for
222
00:19:34.819 --> 00:19:41.170
Cybersecurity, think about if you worked
in a sock environment, because you put
223
00:19:41.210 --> 00:19:42.930
your hands on tools the most.
All right, and you learned too.
224
00:19:44.049 --> 00:19:47.089
Is A lot. As you move
up to the mid level, you know
225
00:19:47.210 --> 00:19:55.279
you want to get up to more
soul at advanced areas and you know,
226
00:19:55.480 --> 00:19:59.680
and to choose jobs where you may
want to be an engineer. Okay,
227
00:20:00.119 --> 00:20:04.000
and more senior person is is pretty
much most like on a project base,
228
00:20:04.480 --> 00:20:10.430
you know, to go lead different
teams. They have terms called specialists,
229
00:20:10.470 --> 00:20:14.390
analyst, engineers and managers. Okay, specially, as I usually you know,
230
00:20:14.509 --> 00:20:18.029
junior, junior level people. Analysis, allers do is actually what they
231
00:20:18.109 --> 00:20:22.660
supposed to do. Analysis. Information
engineers are don't wants to put the poses
232
00:20:22.740 --> 00:20:27.019
together. Managers are the one that
manage. Everybody else is to go and
233
00:20:27.140 --> 00:20:34.930
make sure that everything is operating efficiently. Manage. All right, which I
234
00:20:34.970 --> 00:20:41.250
should roll? The roles you should
choose, because because it could be different
235
00:20:41.289 --> 00:20:45.690
areas or rows that you like.
But you know, when you look out
236
00:20:45.730 --> 00:20:49.039
a roll, you know you think
about what did that role on a channel.
237
00:20:49.079 --> 00:20:52.839
You to the next level. Look
at the company, all right,
238
00:20:53.559 --> 00:21:00.119
because it's great to diversify. If
you have worked in the financial industry,
239
00:21:00.279 --> 00:21:04.869
the healthcare industry, government contracting,
you know the government and you work for
240
00:21:04.950 --> 00:21:11.869
insurance companies, see you're powerful because
you've been around and you understand how soveragecurity
241
00:21:11.950 --> 00:21:17.509
operates. A monsterose different entities have. If you can ever do that,
242
00:21:18.269 --> 00:21:21.539
see that works well. Even if
you work in the government and you go
243
00:21:21.700 --> 00:21:26.180
between the different agencies like the CDC, the Va, maybe the Department of
244
00:21:26.259 --> 00:21:30.099
Homeland Security, maybe the army,
the Navy, all right, and you
245
00:21:30.180 --> 00:21:34.650
work around all different agencies. Now
what happened is that you become powerful and
246
00:21:34.769 --> 00:21:45.970
you have options. Money versus flame, okay, okay. Sometimes because you're
247
00:21:45.009 --> 00:21:48.039
going to get that big check on
the job doesn't mean that it's the best
248
00:21:48.079 --> 00:21:53.359
job to have. Okay, think
about money versus fame. All right,
249
00:21:53.880 --> 00:21:59.559
fame is all the glory. Okay, it's the glory that you get on
250
00:21:59.720 --> 00:22:03.029
this job. Sometimes, you know, the glory is it's worth to weight,
251
00:22:04.349 --> 00:22:10.589
and then sometimes the glory is not
worth the wait. So so when
252
00:22:10.630 --> 00:22:14.509
you take on a roll, think
about what that role is supposed to carry
253
00:22:14.589 --> 00:22:21.900
you. Okay. Of something else
is that where are the best skill sets?
254
00:22:22.980 --> 00:22:26.420
You know, the best skill sets
are are pretty much what you take
255
00:22:26.500 --> 00:22:27.980
yourself. But you know, it's
a junior person, I would say,
256
00:22:29.019 --> 00:22:33.049
if you worked in a sock environment, it actually helps helps out a lot.
257
00:22:33.089 --> 00:22:36.049
Because so you want to take on
a roll that's going to allow you
258
00:22:36.210 --> 00:22:37.809
to get out of your different skill
sets, because as them now, if
259
00:22:37.809 --> 00:22:42.329
you look at the different type of
teams that involved with soveragecurity, it is
260
00:22:42.369 --> 00:22:48.160
about products and services. You know, there are products like these scalers,
261
00:22:48.400 --> 00:22:55.839
envision, Lonk art site, some
some key radar, you know, Cisco,
262
00:22:56.759 --> 00:23:00.150
Cisco Products and services. You know. So some when you work around
263
00:23:00.190 --> 00:23:04.910
these different areas and working around a
different type of packages. Then it gives
264
00:23:04.950 --> 00:23:10.109
you different skill sets, all right, and as you gain these skill sets,
265
00:23:10.150 --> 00:23:15.259
you are much more markable to employers
and also to you have options now,
266
00:23:15.619 --> 00:23:19.660
because, see, what you want
to do is to change the tone
267
00:23:19.660 --> 00:23:25.779
around. And I give a little
story, maybe about a couple of years
268
00:23:25.779 --> 00:23:30.130
ago I was I was I was
called by recruiter. You know, at
269
00:23:30.170 --> 00:23:33.529
the time I was in the industry
working and you know, the recruiter said
270
00:23:33.609 --> 00:23:37.769
that what is stopping you from leaving
your current job? And I said,
271
00:23:37.890 --> 00:23:41.480
you know, I like the job. He said that it's got to be
272
00:23:41.559 --> 00:23:44.640
more than that. He said check
it out. He said it's no way
273
00:23:44.720 --> 00:23:47.920
that you should stay on that job. So I said on what, and
274
00:23:48.039 --> 00:23:51.000
he got to listen. He said
that if you don't have a reason to
275
00:23:51.079 --> 00:23:52.799
be on the job, he said
you should leave and come in and come
276
00:23:52.839 --> 00:23:56.069
and work for us. So I
sat there for a moment and I thought
277
00:23:56.109 --> 00:23:59.990
about I said, you know it, I said maybe he's right, but
278
00:24:00.069 --> 00:24:06.150
then again he is a job recruiter, okay. And so so I always
279
00:24:06.190 --> 00:24:10.019
like to say that that you have
to know what you want, okay,
280
00:24:10.700 --> 00:24:12.900
and I get that recruiter credit because
I never heard that talk before and I
281
00:24:14.019 --> 00:24:19.980
was almost sold into his plan.
Next is that? Okay, now that
282
00:24:21.059 --> 00:24:26.730
I'm hired, what's next here is
what's next. You need to stay involved.
283
00:24:26.170 --> 00:24:29.849
Don't just sit there at the death's
and say, Hey, nobody told
284
00:24:29.930 --> 00:24:33.650
me what to do. Now you
take that initiative and learn. Cara,
285
00:24:33.809 --> 00:24:37.759
book around you with notes and take
notes, because there are people on a
286
00:24:37.799 --> 00:24:41.200
job that like to teach and like
to teach others. Okay, because it's
287
00:24:41.200 --> 00:24:45.119
powerful to them, because they've been
around the industry for for so long and
288
00:24:47.039 --> 00:24:49.720
now they get kind of bored just
sitting behind the death so they want to
289
00:24:51.400 --> 00:24:56.150
revisit where they first started, and
that's what your position all right, so
290
00:24:56.349 --> 00:25:00.670
you sit down and get some information. Okay, learned. Learning is very
291
00:25:00.710 --> 00:25:06.430
important, because you had in the
area of sybersecurity. Learning is always and
292
00:25:06.710 --> 00:25:12.059
always and always available. You will, you will never stop learning. Okay,
293
00:25:12.460 --> 00:25:18.500
become intellectual, intellectual things that you
can talk to. Talk if you
294
00:25:18.740 --> 00:25:23.650
like Auditan, sit down and have
a conversation with someone that special by Auditen
295
00:25:25.329 --> 00:25:30.450
and tell them about your job.
Okay, if you like to do ethical
296
00:25:30.529 --> 00:25:36.880
hacking, yeah, just to kind
of have an intellectual conversation, especially with
297
00:25:37.000 --> 00:25:42.359
people about ethical hacking. All right, become intellectual. A ten events.
298
00:25:42.440 --> 00:25:48.000
They are all kind of events that
are happening where you can learn information about
299
00:25:48.000 --> 00:25:52.509
the new trends and cyber security,
because at these events is where you have
300
00:25:52.630 --> 00:25:59.190
a chance to network with professionals.
Maybe you're going to be transition into a
301
00:25:59.230 --> 00:26:03.539
job and you know you need some
more information, all right, and it's
302
00:26:03.539 --> 00:26:10.259
a great place to meet people because
it's industry related information and their conference is
303
00:26:10.579 --> 00:26:14.339
out conferences all over the US.
If you go to Google and search in
304
00:26:14.500 --> 00:26:18.529
cybers cyber security conferences, I would
imagine there's five or ten per month that
305
00:26:18.609 --> 00:26:25.130
are going across the US. If
you Atlanta, George rd DC, New
306
00:26:25.250 --> 00:26:27.609
York, you know, the largest
cities, I'm pretty sure that conferences every
307
00:26:27.650 --> 00:26:33.920
week. All right, look for
improvement. Everyone should be trying to improve
308
00:26:34.000 --> 00:26:42.519
that skill sets. No one is, how could I say, left left
309
00:26:42.559 --> 00:26:48.390
behind. But you know what,
that growth mindset plays a key roll grow
310
00:26:48.549 --> 00:26:53.470
your skill sets. Here are some
other nuances. Ten minute rule. You
311
00:26:53.589 --> 00:26:56.589
are never late. When I was
in a military we used to have the
312
00:26:56.789 --> 00:27:00.660
little talk. Right, if you
are ten minutes earlier than you never late.
313
00:27:02.059 --> 00:27:03.740
This is a part of the nuances
are. These are the things that
314
00:27:03.819 --> 00:27:08.779
are not discussed. For Career Development, you don't want to walk into office
315
00:27:08.859 --> 00:27:12.779
and be like late all the time. You know you want to be the
316
00:27:12.900 --> 00:27:17.450
first one in the office and you
want to be the first one that shows
317
00:27:17.490 --> 00:27:21.210
up at a meeting, there with
your notes and what you have had and
318
00:27:21.369 --> 00:27:26.809
ask questions why you at the meeting. Stay involved and learn. Let's see,
319
00:27:26.890 --> 00:27:30.720
virtual meetings. Yeah, teams.
I'm pretty sure about to use teams,
320
00:27:30.759 --> 00:27:33.880
but you got to be careful about
teams. You gotta turn your mics
321
00:27:33.960 --> 00:27:37.400
off because a lot of people are
working remotely from the House, all right,
322
00:27:38.079 --> 00:27:41.559
and you have your TV on the
background or your kids are running running
323
00:27:41.559 --> 00:27:47.230
around the house. You don't need
that information to be going across teams.
324
00:27:47.470 --> 00:27:51.670
Make sure you dress professionally when you're
on teams, all right, and you
325
00:27:51.750 --> 00:27:55.869
can blacking out your background on teams
as well. These are the things that
326
00:27:55.910 --> 00:28:00.700
are not talked about, okay,
because when you're on teams and how you
327
00:28:00.819 --> 00:28:03.579
come to these meetings, it is
an image of you, okay, and
328
00:28:04.819 --> 00:28:08.779
you want to make sure that you
stay professional. High value. Ask set
329
00:28:10.059 --> 00:28:15.170
as skills hits when you can diversify
your skill sets and you've become marketable.
330
00:28:15.450 --> 00:28:18.849
You become a high value s set. In my book to soyberscrty mindset,
331
00:28:21.130 --> 00:28:26.049
I talked about a having a high
value asset. Now the high value asset
332
00:28:26.160 --> 00:28:30.079
staying stating that when you come on
your job, you only have four,
333
00:28:30.200 --> 00:28:37.319
maybe five critical skill sets that you
good at. As you become a long
334
00:28:37.359 --> 00:28:41.430
term employee there, you you may
pick up six, maybe seven more skill
335
00:28:41.509 --> 00:28:47.549
sets. And and now what happens
here is that you're much more valuable to
336
00:28:47.670 --> 00:28:52.750
that company and also you're valuable to
yourself as and so what happens is that
337
00:28:52.910 --> 00:28:57.099
you become a high value asset and
once you become a high as set,
338
00:28:57.980 --> 00:29:03.819
people want you. All Right,
and your resumation document yourself as a high
339
00:29:03.859 --> 00:29:07.700
value asset. If you have auto
skill sets, proactive mindset. Right,
340
00:29:08.819 --> 00:29:12.730
when you work in soyfer security,
stay proactive. We do not want to
341
00:29:12.890 --> 00:29:18.089
work in at emergency mode. Okay, being reacted means that we have to
342
00:29:18.130 --> 00:29:25.839
shoot from the HIP and also to
people have to work in an emergency mode.
343
00:29:26.319 --> 00:29:32.359
All right, proactive mindset, be
proactive about what you do, all
344
00:29:32.359 --> 00:29:37.039
right, and you can resolve a
lot of problems by like being pro proactive.
345
00:29:37.559 --> 00:29:42.630
All right. So, so it's
a care of it is on to
346
00:29:42.670 --> 00:29:47.470
go make all of this work.
What you need to have is an individual
347
00:29:47.630 --> 00:29:51.829
development plan. Okay, when I
was in the navy, we used to
348
00:29:51.869 --> 00:29:57.539
have an individual development plan built and
the purpose of the individual development plan was
349
00:29:57.619 --> 00:30:03.059
to shape your career and as your
mid term evaluation used to occur, every
350
00:30:03.099 --> 00:30:08.930
salor you see have an individual development
plan with the goals as far as their
351
00:30:08.970 --> 00:30:15.809
qualification, as for as their promotion, as for is. where? where?
352
00:30:15.369 --> 00:30:18.650
Where they see themselves in the next
five years? Right, and you
353
00:30:18.690 --> 00:30:22.240
know that same concept can be used
for type of security. You should have
354
00:30:22.359 --> 00:30:27.880
a two year or five year or
tenure type of individual development plan. IDP's
355
00:30:27.920 --> 00:30:33.640
are in schedules of plans designed to
meet your particular goals for development. All
356
00:30:33.680 --> 00:30:37.390
Right, where did that? You
see yourself in those upcoming years? Using
357
00:30:37.470 --> 00:30:44.309
an IDP is is a systematic way
of planning for training and gaining experience in
358
00:30:44.349 --> 00:30:48.069
order to develop these specific skills and
knowledge you may need. Yes, think
359
00:30:48.109 --> 00:30:52.220
about the certifications that you want,
put those down in your plan, work
360
00:30:52.299 --> 00:30:59.059
on those plans. All right.
And now, speaking of certifications, die
361
00:30:59.140 --> 00:31:03.529
a diversify your certification. Go and
get US seeiss peak go and get a
362
00:31:03.529 --> 00:31:08.650
surfi ethical actor. Go and migrate
over to the cloud now and get a
363
00:31:08.690 --> 00:31:12.690
curtification. Go over to Microsoft and
get a certification. Here's the easy way
364
00:31:12.730 --> 00:31:15.650
to look at it. Go out
down and look at all the vendors that
365
00:31:15.930 --> 00:31:21.759
have certification and try to get one
across each. You Got Cisco, Microsoft,
366
00:31:22.200 --> 00:31:26.960
I say, I sc square,
you got comp you got comp tier.
367
00:31:26.440 --> 00:31:32.039
Okay, you got eacy, council. If you had a certification across
368
00:31:32.119 --> 00:31:37.990
all of those, then you're very
remarkable. There's a diversification in your serve
369
00:31:37.509 --> 00:31:44.390
certifications that you offer. And now
what happens is that you much more powerful
370
00:31:44.549 --> 00:31:48.700
and, as I said before,
you become a high value asset. Plan
371
00:31:48.859 --> 00:31:56.539
your training and employment acces your particular
screens, set reasonable goals and provide and
372
00:31:56.740 --> 00:32:04.690
outlines of activitiy that that you're going
to do and and in order to have
373
00:32:04.930 --> 00:32:10.650
your eaty IDP operates there. Okay, so, so. So your individual
374
00:32:12.210 --> 00:32:16.960
development plan is about you. It's
a road map or where you want to
375
00:32:17.079 --> 00:32:24.240
see your career and the next wet
two, five or ten years. All
376
00:32:24.279 --> 00:32:30.269
right, that's that's that's what you
should have in place. And if you
377
00:32:30.349 --> 00:32:34.670
go online in search and type in
the world individual development plan. You can
378
00:32:34.910 --> 00:32:39.190
always find the information out there,
all right. So, so we had
379
00:32:39.230 --> 00:32:44.779
a higher review of what it takes
to bill. That's a CEPHIL cyber security
380
00:32:44.859 --> 00:32:51.059
career. All right, take this
information and use it wisely. Think about
381
00:32:51.099 --> 00:32:54.299
your resumes, think about the certification
and think about the education that you need,
382
00:32:54.940 --> 00:33:00.210
right, because careers can change and
so does technology, and when that
383
00:33:00.410 --> 00:33:05.250
happens, you're going to need to
advance your skill sets, all right,
384
00:33:05.970 --> 00:33:09.730
and when you advance your skill sets, that's when you become that have a
385
00:33:09.849 --> 00:33:15.759
asset and you can help organizations out. All right. So when you're able
386
00:33:15.799 --> 00:33:22.440
to help some organization out, then
you can operate cybersecurity, all right.
387
00:33:22.839 --> 00:33:29.430
So so what I want you to
think about this. You can operate cybersecurity.
388
00:33:30.269 --> 00:33:35.470
Think about it, because in episode
fifteen, less employ cybersecurity. It's
389
00:33:35.589 --> 00:33:38.390
time to see how it operates.
This exactly what we're going to be talking
390
00:33:38.430 --> 00:33:45.299
about. You've been listening to the
chief of Cyber Security Podcast, where you
391
00:33:45.380 --> 00:33:50.700
have gained relevant knowledge to enhance your
cyber security mindset. Be Sure to visit
392
00:33:50.740 --> 00:33:55.930
dwayne heartscom to learn more about authored
publications, show notes and discover more information
393
00:33:57.130 --> 00:33:58.569
concerning cyber security.