Cyber Work

Get your FREE Cybersecurity Salary Guide:
https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

Jim Broome of Direct Defense has been doing red teaming since before it became a term — back when a "pentest" meant $25,000, no questions asked and walking out with a server under your arm. In this episode, Jim shares wild stories from decades of ethical hacking, including breaking into major tech companies, causing a cardiac event during a physical penetration test, and why he believes soft skills trump technical knowledge for aspiring red teamers. Learn why most companies aren't ready for red teaming, how to transition into cybersecurity from unexpected fields like education or event planning, and what it really takes to succeed in offensive security.

0:00 - Intro to legendary red teamer Jim Broome
1:00 - Cybersecurity Salary Guide
2:58 - From BBS and ham radio to cybersecurity
7:07 - Evolution from network admin to red teaming
12:02 - GPS hacking and testing inflight entertainment systems
15:31 - Hiring teachers and event planners as ethical hackers
23:36 - Breaking into Symantec and stealing servers in the 90s
28:33 - Physical pentest causes cardiac event
34:06 - When companies should (and shouldn't) hire red teams
39:44 - Why red teaming is "a punch in the mouth"
44:09 - How AI is changing offensive and defensive security
48:12 - Essential skills for aspiring red teamers
50:39 - The groundskeeper who got domain admin
52:18 - Best career advice: Be humble

View Cyber Work Podcast transcripts and additional episodes:
https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

About Infosec
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

David Close, Chief Solutions Architect at Futurex, discusses the reality facing our digital world: quantum computing will soon break the encryption protecting everything from mobile banking to satellite communications. But here's the twist — hackers aren't waiting. They're harvesting encrypted data now, betting that quantum computers will eventually crack today's "unbreakable" codes in a strategy called "harvest now, decrypt later." David explains how NIST's new post-quantum cryptography standards are already being deployed by companies like Google and CloudFlare, why crypto agility is essential for future-proofing your security infrastructure, and how you can break into the exciting field of cryptography — even without a PhD in mathematics.

0:00 - Intro
1:00 - Cybersecurity Salary Guide
3:06 - Meet David Close from Futurex
3:52 - David's journey from embedded systems to cryptography
5:05 - What Futurex does and 40 years of crypto innovation
6:39 - The role of Chief Solutions Architect
8:21 - Evolution of cryptography from payments to enterprise
10:13 - How David discovered his passion for cryptography
13:23 - Post-quantum cryptography explained
15:16 - Why quantum computers break current encryption
16:05 - The "harvest now, decrypt later" threat
18:19 - NIST's new quantum-resistant algorithms
20:02 - Real-world quantum threats to satellites and IP
22:43 - What organizations can do now
25:25 - Crypto agility and future-proofing systems
28:41 - Resources for staying current on cryptography
30:45 - Career paths in cryptography beyond algorithm development
32:18 - Getting started in cryptography careers
34:26 - The cryptography landscape in 15 years
37:34 - Regulatory enforcement of new crypto standards
39:43 - Best career advice: Finding the right vehicle
41:29 - David's current reading and recommendations
42:35 - Where to find David and Futurex online

View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

About Infosec
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

John Price of SubRosa joins today's Cyber Work Podcast to share insights from his unique career path spanning UK military counterintelligence, banking cybersecurity and founding his own digital forensics consultancy. John breaks down what really happens when ransomware hits small and medium businesses, why most companies choose recovery over legal action, and how his team helps organizations get back on their feet quickly. He also discusses the growing threats facing industries like automotive dealerships, the critical role of documentation in forensics work, and why AI will reshape both offensive and defensive cybersecurity strategies.

0:00 - Intro
1:00 - Cybersecurity Salary Guide
2:34 - Meet John Price
2:51 - Early career in military counterintelligence
5:13 - Career journey from military to banking to SubRosa
8:34 - Role as founder and head of SubRosa
10:51 - Digital forensics and breach response operations
13:13 - Typical ransomware response process
17:57 - Building and managing a forensics team
19:50 - Unusual cases and industry-specific threats
24:29 - Importance of writing and documentation in forensics
27:36 - Breaking into digital forensics without experience
30:46 - Future of email security and AI's impact
33:47 - About SubRosa and AI security focus

View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

About Infosec
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

Will Sweeney, founding and managing partner of Zaviant, joins the Cyber Work Podcast to discuss the evolving landscape of data privacy and GRC (governance, risk and compliance). With experience overseeing complex information security audits for Fortune 100 companies, Will shares insights on everything from the key differences between security auditing and implementation to whether privacy regulatory frameworks will continue multiplying or begin consolidating. He offers practical advice for GRC aspirants, emphasizing the importance of understanding core security processes rather than getting lost in framework structures. Will also discusses the challenges of starting a consultancy practice and provides valuable career guidance for those looking to transition into the data privacy and compliance space.

0:00 - Intro
1:15 - Cybersecurity Salary Guide promo
2:30 - Will Sweeney and his early tech background
6:45 - Building his first high school website
9:20 - Career pivot from IT to data privacy and GRC
12:15 - Audit vs. implementation: Understanding the difference
16:30 - Starting Zaviant and the GDPR opportunity
20:45 - Current challenges in data privacy compliance
24:10 - Common security gaps companies overlook
28:30 - Breaking into GRC: Skills and career advice
32:45 - Starting a consultancy: Hidden challenges
36:20 - The future of privacy regulations and AI impact
40:15 - Career advice for help desk professionals
41:30 - Closing thoughts

View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

About Infosec
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

John Hansman of Truit joins today's Cyber Work episode to share his journey from a "dead-end job" in electronic security to building a thriving managed IT services company. As the co-host of the Business & Bytes podcast, John brings a unique perspective on how small businesses can leverage AI tools to solve fundamental challenges while maintaining strong cybersecurity practices. He shares practical AI tools that business owners are leaving on the table, discusses the mindset shifts required for entrepreneurship, and explains how his company pivoted during the pandemic to emerge stronger than ever.

0:00 - Intro to today's episode
0:50 - Cybersecurity Salary Guide
2:15 - Meet John Hansman
4:20 - Early tech experiences and family influence
8:45 - The career transition from dead-end job to entrepreneur
12:30 - Starting an MSP during the pandemic
16:15 - CEO role vs. hands-on technical work
20:45 - Business & Bytes podcast format and pivot
25:30 - AI tools for small businesses
31:20 - John's AI toolbox and custom GPTs
36:00 - Career transition stories and mindset challenges
42:15 - Getting out of your own head as an entrepreneur
47:30 - About Truitt and cybersecurity services
50:45 - Wrap up and where to find John

View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

About Infosec
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.