Dan Roberts, host of the “Tech Whisperers” podcast, and a mentor, coach and leader to CISOs and other tech-focused C-suite members for nearly four decades, is today's guest. We talk about Roberts' earliest work, including coining the term “Developing the human side of technology” all the way back in 1984, to spearheading the CyberLX program for CISOs and those aspiring to be. Roberts also provides a four-stage growth chart for CISOs that, quite frankly, scales well to just about any tech...

Confidence Staveley of the CyberSafe Foundation and the CyberGirls program is today's guest. CyberGirls is a year-long cohort program in which women in Africa ages 18 to 28 can learn cybersecurity basics and create career tracks to fast-track these students into cybersecurity careers! Staveley tells us about the workings of the program, how she uses her YouTube channel to teach API security with food analogies and explains the origins of what is likely the first-ever Afrobeat song about...

Ian Campbell, security operations engineer at DomainTools, is someone who has truly carved a niche out for himself in his organization and in the cybersecurity landscape as a whole. His blogs for the DomainTools website have provided paths for neurodiverse cybersecurity professionals and allies who want to make their organizations more friendly to neurodiversity to undertake the small changes to work roles and company culture that can net huge improvements for folks with different types of...

Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of...

Infosec IQ’s director of production, Steve Concotelli comes to us following years working in the movie and TV industry, and his ability to create and craft a great story is at the core of what makes Work Bytes the most award-winning security awareness series on the market! Learn more about Concotelli and the team’s ability to craft storylines with takeaways that stick, as well as the reasons why we create four different information delivery types to match the pace and time commitments of your...

Tomas Smalakys, CTO at NordPass, is today's guest. As our future seems choked with a never-ending need for new passwords of ever-growing complexity for everything we sign up for, Smalakys, along with some large tech organizations, is embracing a post-password future with a system of passkeys. What will it look like? How is it implemented? How will you be able to do this bleeding-edge work in the future? Tune in for today’s episode of Cyber Work and find out! 0:00 - The future of online...

Anna Claiborne from Zayo talks about the spike of DDoS attacks they saw in the past year. Although distributed denial of service (DDoS) attacks trend up nearly every year, new factors around advanced automation and ease of use may be driving the increase. Claiborne takes us back 20 years, when solutions to DDoS attacks involved trying the most far-out solution you could, often for the most far-out clients you could imagine! Seriously, I use the words “Wild West” to describe early security on...

Oliver Tavakoli from VectraAI returns to the program to talk about – surprise! – AI! Having talked about Tavakoli's origin story on the past episode, we’re free to dig right into his main area of interest: the ways in which generative AI can be used by bad actors, whether introducing conflicting messages into GPT guardrail commands or escalating the nuance and complexity of fake-based social engineering attacks. We talk about long-term implications of this emerging tech opportunity, ways for...

Dr. Heather Buker of 6clicks has been a technical SME in the cybersecurity field her entire career, and 6clicks has introduced Ask Hailey, an AI-based governance risk and compliance (GRC) tool that promises to move the work of GRC into a new era. Also on the show, Infosec’s vice president of portfolio product strategy and cybersecurity superstar Keatron Evans in a guest-host capacity! Buker, Keatron and I discuss the spaces in which governance risk and compliance can greatly benefit from...

Tara D. Anderson, managing director of Framework Security and an official member of the Forbes Technology Council, walks us through her journey, including her years in the world of finance, opens up about a traumatic event in her life that altered the way she learns and retains information and how her switch to IT and Cybersecurity was an ideal fit. From her days co-founding the consultancy firm Cognitive SLC, an organization whose founders were all neurodiverse, to Framework Security’s...

Leslie Lynn Smith is the National Executive Director for GET Cities. GET stands for Gender Equality in Tech. Today’s episode will move away from standard cybersecurity and IT insights in favor of a larger look at investment opportunities for tech startups, and where and on who we spend investment capital. Smith is a multi-decade authority on state- and city-wide community investment initiatives with a lifelong passion for bringing people of marginalized races and genders to the table in...

Brianne Caplan is the founder and executive director of Code Your Dreams, a non-profit that brings knowledge, accessibility and excitement about programming and tech to learners from age 5 to adulthood in underserved communities. Caplan tells some incredible stories, like the women’s coding and data analysis group in Burundi, exciting coding projects for students interested in art, music and dance and why her experience inadvertently creating a non-profit company that was incorporated as a...

Limor Bergman-Gross, founder of LBG Consulting, a results-oriented executive coaching service for women in tech, discusses her early programming experience, including Pascal instruction in high school, her move from software engineering manager to career coach and corporate mentorship instructor and why mentors can and should come at any level on the career ladder, not just management or executive. As Limor puts it, “all you need in a mentor is that they be a few steps further down the path...

Lesley Carhart of Dragos, also known as Hack4Pancakes on social media, is a lifelong breaker and builder of things, and their insights on the deep mechanics of Industrial Control Systems are an absolute must-hear for any of you even considering this space. Carhart also talks about their keynote at this year’s Blue Team Con, the differences between incident response in the military vs. the private sector, and why standard cybersecurity studies won’t take you as far in ICS as it will to learn...

Forget what the crime scene TV shows have told you — digital forensics is not done on an overhead projector while the whole department watches! Learn about the day-to-day work of a digital forensics professional from a team of experts who have been putting in the work for decades! In this episode of Cyber Work Live, you will learn: - The types of tools you’ll use to help bring criminals to justice - Why a lack of technical experience isn’t a barrier to entry - How to get real-world...

We met Katie O’Malley, founder of (en)Courage Coaching and Counseling, at this year’s Women Impact Tech conference, and she gave a great talk about effective networking and giving confidence to tech professionals at all levels of the career ladder. Katie and I discussed finding your adjectives and using them to center your interactions, creating courageous workplace culture, and why women only being mentored by women turns into the new unpaid labor. Let’s all step up and make the workplace...

We're talking about chief information security officers CISOs, one of the top-dog roles in cybersecurity, and for many professionals, it’s the brass ring they spend their careers trying to reach. The expectations of a CISO are changing, too, and requirements are growing in many different ways. Mike Scott, CISO of data security provider Immuta, has seen the role change a lot in the past 15 years, and he’s seen the role of CISO move from out of the shadows and into the spotlight for the...

Preparing for the worst is a drag. Nobody likes to think about it, and if you don’t watch out, inaction means that when you do get ransomed or breached, your first thought is not “let’s get the disaster manual and see what it says.” It’s panic. Today, ProServeIT’s Eric Sugar walks you through a crash course in developing a disaster recovery plan for your small business! Don’t panic! Help is on the way. 0:00 - Create a disaster recovery plan 1:15 - What is a disaster recovery plan? 2:35 -...

Leigh Honeywell, CEO and founder of Tall Poppy, a security company that is building tools and services to help companies protect their employees from online harassment and abuse, talks about her career running security incident response at Slack, protecting infrastructure running a million apps at Salesforce.com, shipping patches for billions of computers on the Patch Tuesday team at Microsoft and analyzing malware at Symantec. We talk about how all of these demanding jobs prepared her for...

ProServeIT President Eric Sugar discusses disaster recovery planning for small and medium businesses. This is an excellent add-on episode to our third episode from way back in 2018 when Keatron Evans discussed the work of an incident responder. If your small- or medium-sized company suffers an incident, whether a breach or a ransom or just a power failure, the first thing you’re going to hope is that you have a disaster recovery plan already written and sitting in the CEO’s locked desk...

Huxley Barbee, security evangelist at runZero, talks about the nuts and bolts of asset detection on a large scale, specifically around the U.S. federal government’s current directive. Here, we will shrink the playing field and tell newcomers to security how to do your home asset detection! 0:00 - Asset detection at home 1:18 - What is asset detection? 2:44 - Is asset detection difficult? 3:39 - Do asset detection on your network 4:45 - Asset detection on a school network 6:50 - How to put...

Tech evangelist Huxley Barbee from runZero talks about asset detection, and yes, just asset detection. Learn about the day-to-day work of asset detection and asset mapping. Go beyond the theory and speculation about whether the U.S. federal government will implement it on time, and join Barbee as he walks you through how it’s all done and what you need in order to do it well. 0:00 - Asset detection and asset mapping 2:56 - Getting into cybersecurity 4:12 - Shifting roles in cybersecurity...

CAT Labs CEO and founder Lili Infante worked as a special agent for the U.S. Department of Justice for 10 years specializing in cryptocurrency’s use in dark web investigations. Infante gives us the insider’s view of dark web investigations, why it’s so difficult to prosecute dark web actors when anonymity extends up and down the hierarchy, the current state of dark web markets, and the rise of state-sponsored crypto crime organizations like North Korea’s Lazarus Group. Plus, Infante gives you...

James Stanger, chief technology evangelist at CompTIA, discusses CompTIA's Cloud+ certification and why security professionals must consider adding it to the certification toolbox. 0:00 - CompTIA Cloud+ certification  1:06 - Benefits of Cloud+ 3:24 - Cloud+ is vendor agnostic 6:27 - Preparing for Cloud+ 8:43 - Cloud+'s future   11:18 - Good Cloud+ training    12:50 - How to study for Cloud+ 14:26 - Outro About Infosec Infosec’s mission is to put people at the center of cybersecurity. We...

Leonid Belkind is the chief technology officer (CTO) and co-founder of Torq, a no-code security automation platform. After asking him buckets of questions about the day-to-day work of a CTO in the tech field, we get into a fascinating discussion of all the ways that automation will change the work of cybersecurity, allowing professionals at all stages to work on higher-order problems. At the same time, the great automated data sifters do high-speed data analysis beyond our cognition. This one...