https://www.yourcyberpath.com/92/ In this short episode, our hosts Jason Dion and Kip Boyle discuss the critically important topic of password managers. In the beginning, Jason quickly describes password managers, their use cases and how they work, highlighting both the security and convenience aspects of using a password manager. Then, Kip goes over how to choose a password manager and what criteria you should consider when choosing the best software, emphasizing that attack resistance...

https://www.yourcyberpath.com/91/ Haseeb Awan is the Founder & CEO at EFANI Secure Mobile. In this episode, we'll hear about Haseeb's cyber path, and we'll explore some of the biggest mobile phone risks and what you can do about them. In the beginning, Haseeb tells the story of how his phone number was compromised not once, not twice, but three times, with basically the same type of attack and how that forced him into cybersecurity. Then, Kip and Haseeb go over some of the risks...

https://www.yourcyberpath.com/90/ In this episode our host Jason Dion goes over the very exciting topic of how to get your first job as a Pentester with Chris Horner, banking expert turned Security engineer and Penetration tester and together they go through Chris's background, how he got into banking and why he made the switch to Cybersecurity. Chris discusses his transition story and how it's not the cliche zero to hero in 90 days, explaining that it took him a long time to transition...

https://www.yourcyberpath.com/89/ In this episode our host, Jason, interviews Ayub (@WhiteCyberDuck) about how he got into the Cybersecurity industry This time we go over a very common case where people tend to study something in college that does not relate to Cybersecurity and then shift over to the Cyber world after graduation. Ayub mentions that you are going to have to deal with a lot of silence and rejections when applying for your first job and that it took him 134 applications...

https://www.yourcyberpath.com/88/ In this episode we arrive at the end of our five-part series talking about the CIA NA Pentagram, this time discussing the last pillar, Authentication. Authentication is always associated with passwords and how you can prove that you are who you say you are. When you hear Authentication, always have things like tokens, digital certificates, multi factor authentication or two factor authentication in mind but remember that Authentication will keep...

https://www.yourcyberpath.com/87/ In the fourth video of this five-part series discussing the CIA-NA pentagram, Kips and Jason talk about nonrepudiation. In simple terms, nonrepudiation means you can't say you didn't do the thing that you did. Jason and Kip go over some examples of nonrepudiation in both the physical realm and the digital world highlighting that you should always use some type of example when you're asked about a specific term like nonrepudiation. They also dive deep...

https://www.yourcyberpath.com/86/ In this episode, Kip and Jason discuss everything that makes the A in the CIA Triad, Availability. Availability is when you like to use a system and it's there ready for you to use, because no matter how secure a system is, if you cannot access it when you need to, it serves no purpose. Kip explains how the way you think about availability is also going to change depending on the industry you're in and the niche you interact with the most. Jason...

https://www.yourcyberpath.com/85/ In this episode, Kip and Jason discuss the second pillar of the CIA pentagram, Integrity.  The whole idea of integrity is making sure any entity that you interact with has not been modified after creation and exists where it needs to be.  Jason mentions how it's not always a perfect balance between all the pillars of the pentagram but depending on the real-world situation, the solution tends to lean towards one or more of the pillars.  Kip explains...

https://www.yourcyberpath.com/84/ In this short episode, Jason and Kip discuss the first aspect of the CIA Triad which is Confidentiality.  They break down the critically important confidentiality point and how it works in the real world, highlighting that it's not about the information itself but more likely about where that information is in the flow.  They also mention how confidentiality is brought up in certification exams and how it's always connected to encryption.  They finish...

https://www.yourcyberpath.com/83/ In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF. Rebecca Onuskanich, CEO of the International Cyber Institute, is here to share with us some of her knowledge gained throughout her 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world...

https://www.yourcyberpath.com/82/ In this episode, we get to learn about our guest’s inspirational story as he went from truck driver to Cybersecurity Analyst in less than 15 months. Mike Hillman, former truck driver and current SOC Analyst, goes over his exact roadmap to transition into Cybersecurity without any previous experience, the certifications he acquired, and the courses he took. Jason and Kip share with us how hiring managers think when they are looking for a new hire, and...

https://www.yourcyberpath.com/81/ In this episode, we listen to Kip and Ed go over how Ed managed to get a 25% pay raise in a very short period of time and the whole details of his situation. Edward Skipka, a vulnerability management analyst, goes over his experience and how he managed to double his pay in just over two and a half years. He highlights that doing your best and solving problems can take you to another level within your company. Kip mentions how some skills, like...

https://www.yourcyberpath.com/80/ In this episode, Kip and Jason, along with special guest Drew Church, take a closer look at the NIST risk management framework to help facilitate selecting the right kind of security for your system and help clarify how to direct resources towards the right controls. Drew Church, RMF expert and global security strategist at Splunk, is here to talk about the different steps of RMF, the importance of preparation work, and understanding the bigger picture of...

https://www.yourcyberpath.com/79/ In this episode, Kip and Jason are joined by Steve McMichael who has rapidly climbed the cybersecurity career ladder. Within 2 years, Steve was able to move up to the position of Director of Governance, Risk, and Compliance for a large, publicly traded company after transitioning from a position in accounting and financing. They talk about governance, risk, and compliance (GRC) and how those are applied within enterprise-level organizations. Steve also...

https://www.yourcyberpath.com/podcast/78/ In this episode, Kip and Jason, with special guest Deidre Diamond from CyberSN, talk about the current state of the cybersecurity industry in regards to hiring. CyberSN is a digital platform that aims to match potential employers with skilled candidates in order to help close the cybersecurity talent gap.  Deidre Diamond, the founder of CyberSN, has spent decades as a cybersecurity staffing and leadership expert. She is a passionate advocate for...

https://www.yourcyberpath.com/podcast/77/ In this episode, Kip and Jason, with special guests Max Shuftan and Winnie Yung, talk about what a talent pipeline is and why hiring managers should be using a solid talent pipeline in order to bring in new people into the cybersecurity industry to meet their staffing needs.  Max Shuftan, director of Mission Programs and Partnerships at the SANS institute, is here to talk about how their organization helps people get into cybersecurity through...

https://www.yourcyberpath.com/podcast/76/ In this episode of Your Cyber Path, Kip and Jason discuss the world of cybersecurity certifications and how you can determine the proper path for you to follow. We bust the myth that the Security Certification Roadmap by Paul Jerimy is a proper roadmap from left to right to follow…but it isn’t! A certification roadmap or pathway should be something that allows you to outline the skills and certifications you will need in your career for the next...

https://www.yourcyberpath.com/podcast/75/ In this episode, Kip and Jason talk about the value of university degrees in the cybersecurity career. This topic does come up all the time in discussions or when people come up to Kip or Jason and ask them the same thing. And there really is no single answer that would fit everyone because a degree can either hurt or help, depending on the context. Some people ask whether certifications are better than degrees and vice versa, or whether they need...

https://www.yourcyberpath.com/74/ In this episode, the discussion between Kip and Jason is about the top five mistakes people are making when it comes to negotiating their pay. You need to know what mistakes to avoid when discussing your compensation because it can set you up for a bad experience and affect you for years. When you start a new position, this is usually when you can take advantage of negotiating your salary. It is important to note that when it comes to annual raises, the...

https://www.yourcyberpath.com/73/ In this episode, the discussion between Kip and Jason is about the top five things that will make you stand out from other applicants. These tips will definitely help you get ahead of the pack and have an edge in your job application. In your job hunting, you want to be an irresistible candidate from the hiring manager's perspective. These top five things will separate you from other applicants. These will make the hiring manager want to have you on their...

https://www.yourcyberpath.com/72/ In this episode, the discussion between Kip and Jason is about DISC profiles. You need to understand how important it is to choose the right job for you based on your personality. These are some of the questions you might want to ponder to help you decide what you want. Do you like to interact with people throughout the day? Do you just want to sit in front of your computer and be left alone all day long? Are you a team player? Do you get tired of...

https://www.yourcyberpath.com/71/ In this episode, we are focused on how to make a good impression on your first day at work. Kip and Jason talk about what you can do to impress the organization that you will be working with. Show the hiring manager who you are while on the job and make a good impression. Know that it's not just your people skills that matter, but also your professionalism, like showing up on time, dressing appropriately, being courteous, and being friendly to everyone....

https://www.yourcyberpath.com/70/ In this episode, we are focused on job titles. It is important to know the job you are doing, but the job title doesn't really matter that much. Do realize that there's not just one type of cybersecurity job out there. Even if you know the job by title, it doesn't mean that it is any different from another cybersecurity job. If you are keen on details, you will know what the differences are between job titles. Kip and Jason talk about five cybersecurity...

https://www.yourcyberpath.com/69/ In this episode, the focus of discussion is what Nancy Hunter, the Vice President, Chief Information Officer, and Data Privacy Officer of the Federal Reserve Bank of Philadelphia looks for in a cybersecurity job seeker at the entry level. According to her, there are transferable skills and personality traits that they find relevant that a job seeker must have. The discussion also includes what traits and experience to look up to in a mentor, where to look...

https://www.yourcyberpath.com/68 In this episode, Jason and Kip are focused on how you can demonstrate true passion for cybersecurity. They discuss the six things that you must avoid as they are considered red flags by a hiring manager. These red flags must be avoided at all costs, otherwise they will instantly land you in a hiring manager’s “reject” pile. Don’t tell me about all the organizations you’ve hacked beforeDon’t tell me what you think I want to hearStating you have experience...