Working in ransomware response, investigation and recovery | John Price
Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastJohn Price of SubRosa joins today's Cyber Work Podcast to share insights from his unique career path spanning UK military counterintelligence, banking cybersecurity and founding his own digital forensics consultancy. John breaks down what really happens when ransomware hits small and medium businesses, why most companies choose recovery over legal action, and how his team helps organizations get back on their feet quickly. He also discusses the growing threats facing industries like automotive dealerships, the critical role of documentation in forensics work, and why AI will reshape both offensive and defensive cybersecurity strategies.0:00 - Intro1:00 - Cybersecurity Salary Guide2:34 - Meet John Price2:51 - Early career in military counterintelligence5:13 - Career journey from military to banking to SubRosa8:34 - Role as founder and head of SubRosa10:51 - Digital forensics and breach response operations13:13 - Typical ransomware response process17:57 - Building and managing a forensics team19:50 - Unusual cases and industry-specific threats24:29 - Importance of writing and documentation in forensics27:36 - Breaking into digital forensics without experience30:46 - Future of email security and AI's impact33:47 - About SubRosa and AI security focusView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
--------
35:58
--------
35:58
From security audits to privacy consulting: Building a GRC practice | Will Sweeney
Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastWill Sweeney, founding and managing partner of Zaviant, joins the Cyber Work Podcast to discuss the evolving landscape of data privacy and GRC (governance, risk and compliance). With experience overseeing complex information security audits for Fortune 100 companies, Will shares insights on everything from the key differences between security auditing and implementation to whether privacy regulatory frameworks will continue multiplying or begin consolidating. He offers practical advice for GRC aspirants, emphasizing the importance of understanding core security processes rather than getting lost in framework structures. Will also discusses the challenges of starting a consultancy practice and provides valuable career guidance for those looking to transition into the data privacy and compliance space.0:00 - Intro1:15 - Cybersecurity Salary Guide promo2:30 - Will Sweeney and his early tech background6:45 - Building his first high school website9:20 - Career pivot from IT to data privacy and GRC12:15 - Audit vs. implementation: Understanding the difference16:30 - Starting Zaviant and the GDPR opportunity20:45 - Current challenges in data privacy compliance24:10 - Common security gaps companies overlook28:30 - Breaking into GRC: Skills and career advice32:45 - Starting a consultancy: Hidden challenges36:20 - The future of privacy regulations and AI impact40:15 - Career advice for help desk professionals41:30 - Closing thoughtsView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
--------
42:20
--------
42:20
From "dead-end job" to CEO: Building an IT consulting business | John Hansman
Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastJohn Hansman of Truit joins today's Cyber Work episode to share his journey from a "dead-end job" in electronic security to building a thriving managed IT services company. As the co-host of the Business & Bytes podcast, John brings a unique perspective on how small businesses can leverage AI tools to solve fundamental challenges while maintaining strong cybersecurity practices. He shares practical AI tools that business owners are leaving on the table, discusses the mindset shifts required for entrepreneurship, and explains how his company pivoted during the pandemic to emerge stronger than ever.0:00 - Intro to today's episode0:50 - Cybersecurity Salary Guide2:15 - Meet John Hansman4:20 - Early tech experiences and family influence8:45 - The career transition from dead-end job to entrepreneur12:30 - Starting an MSP during the pandemic16:15 - CEO role vs. hands-on technical work20:45 - Business & Bytes podcast format and pivot25:30 - AI tools for small businesses31:20 - John's AI toolbox and custom GPTs36:00 - Career transition stories and mindset challenges42:15 - Getting out of your own head as an entrepreneur47:30 - About Truitt and cybersecurity services50:45 - Wrap up and where to find JohnView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
--------
45:40
--------
45:40
From FBI Cyber Agent to Police Tech Innovator | Andre McGregor
Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcastAndre McGregor of ForceMetrics shares his incredible journey from reluctant FBI recruit to cybersecurity entrepreneur. Despite initially declining the FBI's recruitment call, Andre went on to become a special agent, tackling high-profile cybercrime cases involving nation-state actors like China, Russia and Iran. Growing up in marginalized communities shaped his commitment to creating safer police-community interactions, leading him to develop ForceMetrics — a platform that gives law enforcement officers real-time contextual data to make better decisions and de-escalate situations. This episode dives deep into cybercrime investigation techniques, the challenges of building secure law enforcement technology, and how data can transform public safety.0:00 - Intro to today's episode1:36 - Cybersecurity Salary Guide2:31 - Meet Andre McGregor4:03 - Early tech experiences and nonprofit work10:50 - FBI recruitment story and cybercrime work15:30 - Nation-state hacking investigations25:28 - Creating ForceMetrics platform29:45 - How ForceMetrics works in practice38:48 - Technical security challenges42:00 - Future of AI in law enforcement43:00 - Career advice for security professionals47:20 - Best career advice received49:20 - More about ForceMetrics and contact infoView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
--------
52:39
--------
52:39
Build your own pentesting tools and master red teaming tactics | Ed Williams
Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastEd Williams, Vice President of EMEA Consulting and Professional Services (CPS) at TrustWave, shares his two decades of pentesting and red teaming experience with Cyber Work listeners. From building his first programs on a BBC Micro (an early PC underwritten by the BBC network in England to promote computer literacy) to co-authoring award-winning red team security tools, Ed discusses his favorite red team social engineering trick (hint: it involves fire extinguishers!), and the ways that pentesting and red team methodologies have (and have not) changed in 20 years. As a bonus, Ed explains how he created a red team tool that gained accolades from the community in 2013, and how building your own tools can help you create your personal calling card in the Cybersecurity industry! Whether you're breaking into cybersecurity or looking to level up your pentesting skills, Ed's practical advice and red team “war stories,” as well as his philosophy of continuous learning that he calls “Stacking Days,” bring practical and powerful techniques to your study of Cybersecurity.0:00 - Intro to today's episode2:17 - Meet Ed Williams and his BBC Micro origins5:16 - Evolution of pentesting since 200812:50 - Creating the RedSnarf tool in 201317:18 - Advice for aspiring pentesters in 202519:59 - Building community and finding collaborators 22:28 - Red teaming vs pentesting strategies24:19 - Red teaming, social engineering, and fire extinguishers27:07 - Early career obsession and focus29:41 - Essential skills: Python and command-line mastery31:30 - Best career advice: "Stacking Days"32:12 - About TrustWave and connecting with EdAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Carbon Black, IBM, CompTIA and others to discuss the latest cybersecurity workforce trends.