Cy Says Blog & Podcast

Posts about:

cybersecurity (7)

Ep 62: LevelUp Cyber w/Joe Blanchard - The Right Tools for the Cybersecurity Job

This week we had an engaging discussion with Joe Blanchard, CIO/CISO at Swirlds Labs, as we delve into the world of cybersecurity tools for companies. In this informative session, Joe will share his insights and expertise on the latest advancements in cybersecurity technology.

Discover how automation and tools are revolutionizing the industry with cutting-edge solutions designed to safeguard businesses from evolving cyber threats. From robust intrusion detection systems to advanced data encryption protocols, Joe will guide us through the essential tools every company should consider implementing to ensure their digital assets remain secure.

Whether you're an executive, IT professional, or simply interested in enhancing your knowledge of cybersecurity, this live event is a must-attend. Gain valuable insights, ask questions, and engage in stimulating conversations with Joe and other industry professionals who are passionate about protecting businesses in the digital age.

Don't miss out on this opportunity to stay ahead of the cybersecurity curve. Join us for a thought-provoking discussion on LinkedIn Live with Joe Blanchard from Swirlds Labs. Together, let's empower companies with the tools they need to fortify their defenses and mitigate risks in today's rapidly evolving threat landscape.
 
 
Read More

Ep 61: LevelUp Cyber w/Chris Miller - Cybersecurity Tricks for Small Businesses

 Join us on LinkedIn Live for an exclusive session with Christopher Miller, VP of Sales & Marketing from ATB Technologies.

Are you a small business owner concerned about the growing threats of cybercrime? Don't miss this invaluable opportunity to gain insights from Chris Miller, an industry-leading cybersecurity professional. In this engaging LinkedIn Live session, Chris will share his expert knowledge and reveal essential tricks to protect your small business from malicious online attacks.

Key Highlights:

*Understanding the cybersecurity landscape for small businesses
*Identifying common vulnerabilities and potential risks
*Practical tips and tricks to fortify your digital defenses
*Cost-effective strategies for implementing cybersecurity measures
*Importance of employee training and awareness
*Responding to and recovering from cyber incidents

Don't let your small business become an easy target for cybercriminals. Join us for an interactive discussion, where you'll have the chance to ask questions directly to Chris Miller. Enhance your cybersecurity knowledge and empower your business to stay ahead in this digital age.

Save the date and mark your calendars now. We look forward to having you join us for this imperative LinkedIn Live session with Chris Miller from ATB Technologies. Stay tuned for updates and reminders. See you there!
 
 
Read More

Ep 60: The Future of Youth in Cyber with Rachel Bracker

In a post-COVID world, there are many aspects of our lives that have been impacted. One of the most significant industries affected is K12 education. Teachers are leaving in a mass exodus, students are still balancing online and in-person learning, and parents are often doing the best they can to support their children.

If we narrow that subject to computer science and STEM-related curriculum, it gets even tougher. There are several choices for learning but cost, the skill level of teachers, and the full participation of students play a major role in the efficacy of learning.

Looking ahead to the 2023-2024 school year our team is looking at new and exciting ways that we can IGNITE a students' interest in cybersecurity and help them make positive choices along the way.

Join Rachel Bracker, Youth Program Manager at CyberUp and a former educator herself, for a discussion on where we have been, where we are going, and how we will impact future cybersecurity professionals through volunteerism and modeling.
 
 
Read More

CyberUp’s New Approach to Cybersecurity Education - PowerUp

Why Free Cybersecurity Resources Don’t Work

In 2020, we launched a cybersecurity competition for middle and high school students called PowerUp Cyber Games. Capture the Flag competitions (or CTFs) are a great way for students to learn about cybersecurity in a fun, low-stakes environment, earn awards and recognition among their peers, and determine if cyber is a career they want to pursue. After 3 years of running our CTF, we had hundreds of students across the country involved. It would seem that our program was, by most metrics, extremely successful. However, we were plagued with a nagging question: Are we helping the students who need help, or giving more resources to students who already have all of the resources they need to succeed?

The issue with the CTFs, we found, is that they rely entirely on a teacher or other adult to make it successful for their students. For example, with PowerUp Cyber Games, we created lesson plans, practice packets, and a virtual practice gym, we hosted live streams to cover the topics, and we made an online portal for students to ask questions and play relevant games. But still, the success of the teams came back to their coach–usually a teacher–and whether or not they pushed this content out to their students or encouraged them to use it. And with all that has been happening in education over the past few years and the mass exodus of teachers who are overworked and burnt out, how could we expect them to take more onto their overflowing plates? 

Typically, the students who are the most successful in the CTFs come from districts that had the funding and resources to dedicate to cybersecurity education. This is not the majority of districts. In fact, according to a study by Cyber.org in 2020, only 18% of school districts even offer cybersecurity classes. Missouri has only recently started implementing general computer science graduation requirements for high school. The fact is that most public school districts in America are still way behind when it comes to computer science education. There is a huge pile of free, “easy to use” cybersecurity resources out there for teachers to incorporate into their lessons, but again, this requires that teachers commit time and energy outside of their already packed schedules to learn and prepare these lessons. So, how do we teach students about this important topic while also lightening the load on teachers? 

This is the question that led us to develop our new PowerUp program.

A New Approach to Cybersecurity Education

Starting in Fall 2023, we will be entering several St. Louis Public School District elementary and middle schools to teach students as young as Kindergarten about cybersecurity. Rather than simply giving teachers a lesson for them to prepare and teach, we will be using industry volunteers to deliver the lessons. Teachers will only be expected to stay in the room while our volunteers explore cybersecurity with the class through hands-on activities and relevant, age-appropriate lessons. Volunteers will have the chance to share their experiences and use their expertise to answer questions as they arise. 

CyberUp has developed activities for every age. The program aims to teach students how to recognize and avoid potential online threats. It encourages students to think critically and make informed decisions while using the internet. 2nd graders will learn about talking to strangers online and how to hide their personal information from these people. 3rd graders will get an introduction to how the Internet works with an activity that gets them out of their seats and working together. 7th graders can expect to learn all about cyber crimes and a peek into a career in cybersecurity. These are just some of the many topics that will be covered during our volunteers’ time in the classroom.

Creating Accessible Pathways for All Students

The intended impact of our new PowerUp program is twofold: to educate the youth about their personal online safety, and to inspire students to pursue cybersecurity as a career.

We know that almost all data breaches are caused by human error. The general public uses the Internet every day for work, school, and entertainment. Between phones and computers, we are connected to the Internet at all times. But do most people know what to do if they receive a phishing email? Does the average Facebook user have a secure password? Would your employees download something to their work computer without a second thought? The need for more informed digital citizens has never been more important. We teach our kids not to cross a busy street or to take candy from strangers in vans, but kids aren’t playing in the streets without supervision anymore. They are, however, playing online games and watching YouTube, and chatting with people they met on apps. By teaching them about online threats and how to stay safe while they use the Internet early, we can protect our children and educate the future workforce on avoiding data breaches.

Going back to one of the major questions we had to ask ourselves while we were hosting PowerUp Cyber Games, who are we helping with our services? If our goal as a non-profit is to fill the over 750,000 open cybersecurity jobs with diverse candidates, we should be putting our efforts into help those communities who wouldn’t receive these types of services otherwise. The school districts with plenty of funding for computer science and parents who can afford to pay for their students to participate in CTFs and clubs don’t need our help. The districts that can’t afford enough Chromebooks for all of their students, that struggle to find enough substitute teachers to fill the vacancies every day, and have students who are struggling at home as well as in school–those are the districts we want to help.

If you ask kindergarteners what they want to be when they grow up, they probably won’t say security analyst or information system security officer. In fact, most high school seniors aren’t aware that these jobs even exist. And by that age, they’ve mostly made up their minds about what kind of career they want. They don’t know that they could be making an entry-level salary of $80,000 or that they can get that job without having to go to college. They don’t know that they could start accumulating generational wealth in a career field that’s constantly growing and changing and offers endless opportunities regardless of their background or where they live. It’s not their fault that they don’t know all of this–nobody has told them! That’s why, at the same critical time in a child’s life that they are learning about jobs like firefighter and doctor and teacher, they should be learning about tech jobs, too. And that’s why we include our industry professionals in our program, to help guide and inspire these young people as they form their ideas of what their future could look like.

This is also why we are offering our program for free to public schools in the St. Louis area, as well as supplying all of the materials and volunteers for the lessons. Our activities don’t require technology, so even if a classroom has an outdated SmartBoard, those students can still learn about cybersecurity in a meaningful way. We also gift books and other resources to the classrooms we serve. Our goal with this new program is to make cybersecurity education accessible to all students and, in doing so, encourage a more diverse cyber workforce. 

If we want to fill cybersecurity jobs with capable, hard-working people, we have to start introducing these topics as young as possible. If we want to live in a more cyber-secure world, we have to step in early. Children are the future–so we need to invest in them if we want to change the world.

Read More

Ep 59: Parkour to Tech with Giovani Dambros

In this episode of LevelUp Cyber Live, we have Giovani Dambros with us, who will share his experience of transitioning from a career in parkour to the world of technology.

We'll delve into Giovani's journey of how he made the transition from parkour to technology. He'll talk about how he discovered his passion for technology and how he prepared himself for a completely new field.

As the host of this episode, Tony Bryan will facilitate the conversation and bring in his insights and experiences related to career transitions and how they can impact one's life. Together, they'll discuss the challenges they faced during their career transition, such as imposter syndrome and the fear of starting over. They'll also offer advice to listeners who are considering making a similar shift in their careers.

Join us as we explore the fascinating story of Giovani Dambros, a former parkour athlete who has successfully transitioned to the world of technology, and gain insights into making a successful career change.
 
 
Read More

The Hidden Costs in Hiring

Traditional Hire vs Apprenticeship

Have you noticed how challenging it is to find new employees in the cybersecurity industry lately? It seems like we're constantly playing catch-up with the number of people needed. As of this morning, May 11, 2023, there are over 750,000 cybersecurity job openings listed on cyberseek.org, and that number continues to grow. It's a real struggle!

To compound the issue, hiring new employees through traditional methods can be prohibitively expensive, and the costs only rise as the demand for talent increases. However, there may be alternative approaches worth exploring. Have you ever heard of apprenticeships as a potential solution to our hiring problems? Let's delve into that and examine the expenses associated with hiring new employees.

The Cost of Traditional Hires

Traditional hiring involves posting job advertisements, receiving applications, conducting interviews, and selecting candidates. This process can be quite costly, requiring businesses to invest time and money in various tasks, including:

  • Job Advertisements: Companies must pay to post job advertisements on job sites or other platforms, and the advertising costs can vary based on the location and type of job.
  • Recruiting Costs: Companies may also incur expenses associated with recruiting, such as hiring a recruiter or covering the costs of job fairs or other recruitment events.
  • Screening and Interviewing Costs: Once the applications are received, companies must sift through them and conduct interviews with candidates. This process can be time-consuming and expensive, particularly if the company needs to cover travel expenses for candidates coming from out of town.
  • Onboarding and Training Costs: Once a candidate is selected, the company must invest resources in onboarding and training the new employee.

The cumulative costs associated with traditional hiring methods can quickly reach $20K-$30K, or if you're fortunate enough to fill the position within a month of posting the job, around $16,999, as reported by James Elliot. Examining the cost breakdown is crucial.

The Cost of Apprenticeships

On the other hand, apprenticeships offer a cost-effective option for businesses. Apprenticeships involve hiring individuals with a work history and a passion for a new trade. Some of the benefits of apprenticeships include:

  • No Recruitment Costs: Companies do not need to pay for job advertisements or recruiters when hiring an apprentice.
  • No Screening Costs: Apprentices are already qualified and screened, saving the company time and money.
  • Reduced Onboarding and Training Costs: Apprenticeships provide on-the-job training, allowing the apprentice to learn while performing the job.
  • A More Skilled Workforce: Apprenticeships provide a structured learning environment that helps the apprentice develop job-specific skills and knowledge. This translates into a more skilled employee who can bring greater value to the company.

Why Apprenticeships are the Better Option

In addition to the cost savings associated with apprenticeships, there are other compelling reasons why they outshine traditional hires. Consider the following:

  • Reduced Turnover: Apprenticeships provide apprentices with a structured learning environment and a clear career path, leading to increased job satisfaction and reduced turnover. According to a study mentioned in Apprenticeship USA, the average retention rate for apprentices is an impressive 93%.
  • Better Cultural Fit: Since apprenticeships introduce individuals to the field, it allows for the cultivation of a well-aligned employee who fits seamlessly into your work environment. This, in turn, helps minimize conflicts in the workplace and fosters a positive team dynamic.
  • A More Diverse Workforce: Apprenticeships play a crucial role in promoting workforce diversity by offering opportunities to individuals who may lack a traditional educational background or who come from underrepresented groups. By embracing apprenticeships, companies can tap into a broader talent pool and foster an inclusive work environment.

Conclusion

While traditional hires may initially appear more familiar and straightforward, the cost of employee acquisition can be exorbitant. Conversely, apprenticeships provide a cost-effective and invaluable alternative. By embracing apprenticeship programs, companies can create a workforce that is both highly skilled and diverse, effectively reducing turnover while providing a clear career trajectory for their employees.

Read More

Ep 58: Why Breaking into Cyber is so Hard w/Matt Peterson

In this week's podcast, we discussed why it was so hard to break into cybersecurity. With the increasing importance of cybersecurity, it was no wonder that more and more people were interested in pursuing a career in this field. Our guest today was Matt Peterson with Guidepoint Security, a cybersecurity professional with over two decades of experience.

Matt explained that one of the biggest challenges in breaking into cybersecurity was the ever-changing nature of the field. As new technologies and threats emerge, cybersecurity professionals must constantly stay up to date with the latest tools and techniques. This requires a significant amount of time and effort and can be daunting for those just starting out.

Another challenge is the lack of formal education and training programs specifically tailored to cybersecurity. While there are some degree programs and certifications available, they may not provide the practical experience and hands-on training that employers are looking for. This can make it difficult for new professionals to get their foot in the door and gain the necessary knowledge to advance in their careers.

Additionally, the cybersecurity field is highly competitive, with many qualified candidates vying for a limited number of job openings. This means that even those with the necessary skills and experience may struggle to find employment in the field.

Despite these challenges, Matt emphasized that breaking into cybersecurity is not impossible. Networking, gaining practical experience through internships or volunteer work, and continuing education and training can all help aspiring professionals stand out in a crowded field. With dedication and perseverance, it is possible to build a successful career in cybersecurity.

 

Read More

Ep 57: Realities of Chatbots as Cyber Threats with David Strom

With all the buzz around Artificial Intelligence and chatbots, it's prime time to discuss cybersecurity concerns. A chatbot is a form of artificial intelligence that surveys previously posted content online to synthesize answers to questions placed in its terminal. Being a function of Internet commentary chatbots may provide erroneous information. To better facilitate accuracy some companies have integrated these chatbots to automate workflows that expose data to potential issues.

 

 

Read More

Ep 56: Breaking into cyber thru fed service with Chris Cockburn

Chris Cockburn, cybersecurity advisor for CISA, discusses how to get into cyber with federal jobs. He explains how to match knowledge, skills, and abilities (KSA's) on your resume for USAjobs.gov. Networking with those in roles you want to be in is vital. Ask reqruiters plenty of questions to determine what you want to do and explore strategic partner universities  to potentially get internship opportunities. Most importantly find a mentor. 

 

 

Read More

Ep 55:Cyber is more than SOC with Renita Rhodes

Cybersecurity is more than SOC analysts and penetration testing. Popular culture may glamorize the two previously mentioned occupations but there are other cyber careers like cybersecurity awareness training, product management, network security, cloud security, governance & risk, privacy analysis, identity access management, and more. There are many parallels between SOC analyst and these other careers namely the investigation methodology. A good resource for risk management is following a cybersecurity framework

 

 

Read More