- CISO Series Newsletter
- Posts
- 11-12-20 - Join us tomorrow for "Hacking Multi-Factor Authentication"
11-12-20 - Join us tomorrow for "Hacking Multi-Factor Authentication"
Join us tomorrow for "Hacking Multi-Factor Authentication"
TOMORROW! Friday [11-13-20] We're "Hacking Multi-Factor Authentication"
Please join us tomorrow, November 13th, 2020 at 10 AM PT/1 PM ET for “Hacking Multi-Factor Authentication: An hour of critical thinking on best technologies, implementations, and adoptions of MFA”.I'll be leading this discussion with CISO Taylor Lehmann, board member, H-ISAC and Bojan Simic, CTO and co-founder, HYPR.REGISTER
STICK AROUND FOR THE CYBERSECURITY SPEED DATING!
Immediately after the video chat (11:00 AM PT/2:00 PM ET) we'll rollover to our meetup where we'll match everyone who shows up with another cybersecurity professional. And we'll do it five times in less than 30 minutes.
Thanks to our sponsor HYPR
This week's episode of Defense in Depth
What's an Entry Level Cybersecurity Job?
is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our guest is Joseph Carrigan, senior security engineer at Johns Hopkins University Information Security Institute, and co-host Hacking Humans podcast. All three of us discussed:
There has been an ongoing trend for companies to post "entry level but experience required" job listings for cybersecurity professionals.
This is self-defeating for companies because the positions don't get filled. And for true entry level people, they get discouraged. They feel it's impossible to get into the industry. This can drive them away from cybersecurity which hurts the entire industry.
Others would argue that we shouldn't even have this conversation because there is no such thing as an entry level position. Like there are no entry-level doctors. You must have some type of training or experience to do this job.
There's no doubt that CISOs fight more for headcount than they do overall dollars. And if they get a limited headcount, they're going to want to get as much talent as they possibly can with that limited number of positions they can fill.
Security is a layer on top of IT, engineering, or development. For that reason it can be seen as mid-level experience or above, simply because security is a specialization.
Is this behavior of shooting so high for an entry-level cybersecurity role causing the cybersecurity skills gap?
Best way to prove your value to a hiring cybersecurity professional is to setup your own home lab.
The skill that is hard to put on a resume or to explain in a job listing is non-linear thinking. But that's essentially what you're looking for with an entry-level cybersecurity hire.
Special thanks to this week's podcast sponsor, Keyavi Data.
Our Keyavi breaks new ground by making data itself intelligent and self-aware, so that it stays under its owner’s control and protects itself immediately, no matter where it is or who is attempting access. Keyavi is led by a team of renowned data security, encryption, and cyber forensics experts. See for yourself at
.
Cyber Security Headlines
This week's sponsor of
Cyber Security Headlines
is Blumira.
Best Moments from "Hacking Risk Management"
Here are 6 1/2 minutes of last Friday’s CISO Series Video Chat, “Hacking Risk Management: An hour of critical thinking on how we’re allocating resources against our risk posture”. This was a really popular discussion with tons of questions that was slammed with great advice.Joining me in this discussion were Gerard Scheitlin, Reciprocity GRC expert and founder, RISQ Management and Stephen Powell, director of operational risk management, Relativity.Check out the blog post to watch the video, read the "Best Bad Ideas" and the best quotes from the chat room, and to get access to the full one-hour recording.
Huge thanks to our sponsor, Reciprocity.
Subscribe to all our podcasts
Click any of the podcasts below to get access to the subscription feeds. If you're already a subscriber, thank you!