https://www.yourcyberpath.com/86/ In this episode, Kip and Jason discuss everything that makes the A in the CIA Triad, Availability. Availability is when you like to use a system and it's there ready for you to use, because no matter how secure a system is, if you cannot access it when you need to, it serves no purpose. Kip explains how the way you think about availability is also going to change depending on the industry you're in and the niche you interact with the most. Jason mentions some te...
Dec 23, 2022•42 min•Transcript available on Metacast https://www.yourcyberpath.com/85/ In this episode, Kip and Jason discuss the second pillar of the CIA pentagram, Integrity. The whole idea of integrity is making sure any entity that you interact with has not been modified after creation and exists where it needs to be. Jason mentions how it's not always a perfect balance between all the pillars of the pentagram but depending on the real-world situation, the solution tends to lean towards one or more of the pillars. Kip explains how digital sign...
Dec 09, 2022•40 min•Transcript available on Metacast https://www.yourcyberpath.com/84/ In this short episode, Jason and Kip discuss the first aspect of the CIA Triad which is Confidentiality. They break down the critically important confidentiality point and how it works in the real world, highlighting that it's not about the information itself but more likely about where that information is in the flow. They also mention how confidentiality is brought up in certification exams and how it's always connected to encryption. They finish up by doing s...
Nov 25, 2022•29 min•Transcript available on Metacast https://www.yourcyberpath.com/83/ In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF. Rebecca Onuskanich, CEO of the International Cyber Institute, is here to share with us some of her knowledge gained throughout her 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world adaptation. Alongsi...
Nov 11, 2022•45 min•Transcript available on Metacast https://www.yourcyberpath.com/82/ In this episode, we get to learn about our guest’s inspirational story as he went from truck driver to Cybersecurity Analyst in less than 15 months. Mike Hillman, former truck driver and current SOC Analyst, goes over his exact roadmap to transition into Cybersecurity without any previous experience, the certifications he acquired, and the courses he took. Jason and Kip share with us how hiring managers think when they are looking for a new hire, and highlight s...
Oct 28, 2022•36 min•Transcript available on Metacast https://www.yourcyberpath.com/81/ In this episode, we listen to Kip and Ed go over how Ed managed to get a 25% pay raise in a very short period of time and the whole details of his situation. Edward Skipka, a vulnerability management analyst, goes over his experience and how he managed to double his pay in just over two and a half years. He highlights that doing your best and solving problems can take you to another level within your company. Kip mentions how some skills, like curiosity, can’t b...
Oct 14, 2022•47 min•Ep 81•Transcript available on Metacast https://www.yourcyberpath.com/80/ In this episode, Kip and Jason, along with special guest Drew Church, take a closer look at the NIST risk management framework to help facilitate selecting the right kind of security for your system and help clarify how to direct resources towards the right controls. Drew Church, RMF expert and global security strategist at Splunk, is here to talk about the different steps of RMF, the importance of preparation work, and understanding the bigger picture of what y...
Sep 30, 2022•1 hr 6 min•Ep 80•Transcript available on Metacast https://www.yourcyberpath.com/79/ In this episode, Kip and Jason are joined by Steve McMichael who has rapidly climbed the cybersecurity career ladder. Within 2 years, Steve was able to move up to the position of Director of Governance, Risk, and Compliance for a large, publicly traded company after transitioning from a position in accounting and financing. They talk about governance, risk, and compliance (GRC) and how those are applied within enterprise-level organizations. Steve also talks abo...
Sep 16, 2022•41 min•Transcript available on Metacast https://www.yourcyberpath.com/podcast/78/ In this episode, Kip and Jason, with special guest Deidre Diamond from CyberSN, talk about the current state of the cybersecurity industry in regards to hiring. CyberSN is a digital platform that aims to match potential employers with skilled candidates in order to help close the cybersecurity talent gap. Deidre Diamond, the founder of CyberSN, has spent decades as a cybersecurity staffing and leadership expert. She is a passionate advocate for building ...
Sep 02, 2022•47 min•Transcript available on Metacast https://www.yourcyberpath.com/podcast/77/ In this episode, Kip and Jason, with special guests Max Shuftan and Winnie Yung, talk about what a talent pipeline is and why hiring managers should be using a solid talent pipeline in order to bring in new people into the cybersecurity industry to meet their staffing needs. Max Shuftan, director of Mission Programs and Partnerships at the SANS institute, is here to talk about how their organization helps people get into cybersecurity through the use of ...
Aug 19, 2022•40 min•Transcript available on Metacast https://www.yourcyberpath.com/podcast/76/ In this episode of Your Cyber Path, Kip and Jason discuss the world of cybersecurity certifications and how you can determine the proper path for you to follow. We bust the myth that the Security Certification Roadmap by Paul Jerimy is a proper roadmap from left to right to follow…but it isn’t! A certification roadmap or pathway should be something that allows you to outline the skills and certifications you will need in your career for the next few year...
Aug 05, 2022•25 min•Transcript available on Metacast https://www.yourcyberpath.com/podcast/75/ In this episode, Kip and Jason talk about the value of university degrees in the cybersecurity career. This topic does come up all the time in discussions or when people come up to Kip or Jason and ask them the same thing. And there really is no single answer that would fit everyone because a degree can either hurt or help, depending on the context. Some people ask whether certifications are better than degrees and vice versa, or whether they need a degr...
Jul 22, 2022•32 min•Transcript available on Metacast https://www.yourcyberpath.com/74/ In this episode, the discussion between Kip and Jason is about the top five mistakes people are making when it comes to negotiating their pay. You need to know what mistakes to avoid when discussing your compensation because it can set you up for a bad experience and affect you for years. When you start a new position, this is usually when you can take advantage of negotiating your salary. It is important to note that when it comes to annual raises, the likeliho...
Jul 08, 2022•45 min•Transcript available on Metacast https://www.yourcyberpath.com/73/ In this episode, the discussion between Kip and Jason is about the top five things that will make you stand out from other applicants. These tips will definitely help you get ahead of the pack and have an edge in your job application. In your job hunting, you want to be an irresistible candidate from the hiring manager's perspective. These top five things will separate you from other applicants. These will make the hiring manager want to have you on their team. ...
Jun 24, 2022•36 min•Ep 73•Transcript available on Metacast https://www.yourcyberpath.com/72/ In this episode, the discussion between Kip and Jason is about DISC profiles. You need to understand how important it is to choose the right job for you based on your personality. These are some of the questions you might want to ponder to help you decide what you want. Do you like to interact with people throughout the day? Do you just want to sit in front of your computer and be left alone all day long? Are you a team player? Do you get tired of talking to peo...
Jun 10, 2022•36 min•Transcript available on Metacast https://www.yourcyberpath.com/71/ In this episode, we are focused on how to make a good impression on your first day at work. Kip and Jason talk about what you can do to impress the organization that you will be working with. Show the hiring manager who you are while on the job and make a good impression. Know that it's not just your people skills that matter, but also your professionalism, like showing up on time, dressing appropriately, being courteous, and being friendly to everyone. Demonstr...
May 27, 2022•31 min•Transcript available on Metacast https://www.yourcyberpath.com/70/ In this episode, we are focused on job titles. It is important to know the job you are doing, but the job title doesn't really matter that much. Do realize that there's not just one type of cybersecurity job out there. Even if you know the job by title, it doesn't mean that it is any different from another cybersecurity job. If you are keen on details, you will know what the differences are between job titles. Kip and Jason talk about five cybersecurity position...
May 13, 2022•39 min•Transcript available on Metacast https://www.yourcyberpath.com/69/ In this episode, the focus of discussion is what Nancy Hunter, the Vice President, Chief Information Officer, and Data Privacy Officer of the Federal Reserve Bank of Philadelphia looks for in a cybersecurity job seeker at the entry level. According to her, there are transferable skills and personality traits that they find relevant that a job seeker must have. The discussion also includes what traits and experience to look up to in a mentor, where to look for a ...
Apr 29, 2022•40 min•Transcript available on Metacast https://www.yourcyberpath.com/68 In this episode, Jason and Kip are focused on how you can demonstrate true passion for cybersecurity. They discuss the six things that you must avoid as they are considered red flags by a hiring manager. These red flags must be avoided at all costs, otherwise they will instantly land you in a hiring manager’s “reject” pile. Don’t tell me about all the organizations you’ve hacked before Don’t tell me what you think I want to hear Stating you have experience or cer...
Apr 15, 2022•34 min•Transcript available on Metacast https://www.yourcyberpath.com/67 In this episode, we are focused on what the real world looks like in cybersecurity supply and demand and the role of geography and location when looking for a cybersecurity job. Jason Dion will walk us through cyberseek.org for a cybersecurity job. He will discuss how to explore the heatmap of the site so that you will understand why you need to consider the location, given data about a certain position, and even certifications when hunting for a job. For those w...
Apr 01, 2022•44 min•Ep 67•Transcript available on Metacast https://www.yourcyberpath.com/66 In this episode, we are focused on how to make yourself into an irresistible candidate for hiring managers. Today, Naomi Buckwalter, another hiring manager, joins Kip and Jason. What do hiring managers really look for candidates? What makes them irresistible to hire? All the hiring managers in this episode are saying that soft skills, aptitude, and integrity matter. Hence, to be irresistible, you should be the person you have written on your resume. Experience is...
Mar 18, 2022•43 min•Transcript available on Metacast https://www.yourcyberpath.com/65 In this episode, we are focused on preparing for a role in a security operations center (SOC). To be effective in a SOC, you need to understand how everything works, including promotions, how to work with other people, the skills you need to be hired in the first place, and a good understanding of the tools to use to perform the job successfully. When working for a security operations center, you usually need to be willing to work 24/7/365, since cybersecurity an...
Mar 04, 2022•42 min•Transcript available on Metacast https://www.yourcyberpath.com/64 In this episode, our special guest, Sebastian Whiting will talk about his mid-career transition into the cybersecurity industry. In his previous career, he was in the Navy working on nuclear submarines, and now he is working as a cybersecurity analyst. Together with Kip and Jason, Sebastian covers the step-by-step process of what he did to transition from one career field to another. If you are like Sebastian was and working in a career that you aren’t passionate...
Feb 18, 2022•39 min•Transcript available on Metacast https://www.yourcyberpath.com/63 In this episode, we discuss the top five reasons why you may not be getting a job in the cybersecurity industry right now. After working in the cybersecurity industry for many years, Kip and Jason have identified the five most common reasons that a person does not land their dream cybersecurity position. Job seekers often do not see the bigger picture or understand the challenges that the hiring manager has in filling the position, which is one of the main things...
Feb 04, 2022•31 min•Transcript available on Metacast https://www.yourcyberpath.com/62 In this episode, we cover the importance of the NIST Cybersecurity Framework (NIST CSF) and its use in managing risk as a business process within your organizations. The NIST Cybersecurity Framework was developed by the National Institute of Standards and Technology in collaboration with cybersecurity experts across the world. The framework is divided into three parts: the Framework Core, the Framework Implementation Tiers, and the Framework Profile. The Framewor...
Jan 21, 2022•32 min•Transcript available on Metacast https://www.yourcyberpath.com/61 In this episode, we talked with John Strand (Founder of Black Hills Information Security and Antisyphon InfoSec Training) about the importance of skills-based certification and training. John’s goal is the provide world-class skills-based training to everyone at an affordable price using a unique pay-what-you-can model. Skills-based certification is different from traditional certifications in that they do not use multiple-choice exams to test your knowledge of t...
Jan 07, 2022•38 min•Transcript available on Metacast https://www.yourcyberpath.com/60 In this episode, we discuss the top five positions that allow you to two-step your way into a new role in the cybersecurity industry. Often, people have a difficult time breaking into the cybersecurity industry due to the lack of entry-level positions or they can’t afford to take start at the beginning of a traditional career path by making $15/hour working in the help desk. By utilizing a two-step approach to landing a cybersecurity position, you can leverage yo...
Dec 24, 2021•21 min•Transcript available on Metacast https://www.yourcyberpath.com/59 About This Episode In this episode, we learn about the five things you should know before getting a job in the cybersecurity industry. First, we discussed what the reality is in terms of entry-level cybersecurity jobs. Even entry-level cybersecurity roles require previous experience in a related position. These include network administrator, system administrator, or auditor, and show employers you are ready to move into cybersecurity. Unlike many industries, ther...
Dec 10, 2021•31 min•Ep 59•Transcript available on Metacast https://www.yourcyberpath.com/58 In this episode, we’re going to learn how one person was able to overcome the catch-22 of getting a cybersecurity job when you don’t have experience, but you cannot get experience because no one will hire you. Our guest, Ed Skipka, a professional vulnerability management analyst, shares his personal experience of how he overcame this catch-22 and provides some great recommendations for others who find themselves in this same position. So, how does someone get the...
Nov 26, 2021•47 min•Ep 58•Transcript available on Metacast https://www.yourcyberpath.com/57 About This Episode In this episode, we are discussing the different hiring seasons in the cybersecurity industry. After all, understanding the different hiring seasons is essential to reaching your goal of getting hired into your dream cybersecurity role. Many people don’t realize that there are high periods and low periods of hiring throughout the calendar year, so in this episode we are going to discuss the three key hiring periods that occur each year and the ...
Nov 12, 2021•17 min•Ep 57•Transcript available on Metacast 
