Hacker Valley Studio
Representation Without Technicalities with Mari Galloway

Representation Without Technicalities with Mari Galloway

August 11, 2022

We’re breaking down the concept of difference makers this week, and we couldn’t help but call upon Mari Galloway, CEO of Women’s Society of Cyberjutsu, to be our guest during this conversation. As a black woman in cybersecurity who has dedicated a large portion of her career to helping women and girls become a part of the cyber community on both the technical and non-technical sides, Mari is a stunning example of making a difference and creating a path to expand cybersecurity beyond stereotypes.

 

Timecoded Guide:

[01:29] Defining the difference makers and explaining the OODA loop

[13:52] Introducing Mari and the Women’s Society of Cyberjutsu

[20:14] Finding her purpose in helping others find their purpose

[25:06] Explaining the roles and paths available outside of strictly technical

[30:31] Understanding imposter syndrome and forging a freedom-based career journey

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

 

What is that like to see people go from taking that original red pill all the way through starting their career in cybersecurity?

When we talk about making a difference, many of us don’t get to see our impact as clearly as the Women’s Society of Cyberjutsu sometimes gets to see. Mari tells us numerous stories of women throughout this episode, including herself, who became a part of this industry because of the instrumental work they do in outreach and education. For Mari, seeing women change their minds and majors to become a part of the tech industry shows how vital this work is.

“These are the moments we're waiting for, whether it's one person or 50 million people. We want you to feel confident enough to get the skills you need, get in the industry, continue to refine those skills, and be super successful.”

 

What would you equate your purpose to, and how does everything you do fit into it?

Like many of us, Mari isn’t entirely sure what her purpose is, but she knows that she enjoys helping the next generation and making a difference in the landscape of cybersecurity. Working with a nonprofit is not an easy job, even if it is rewarding, and Mari still prioritizes her freedom alongside meeting her purpose. No matter what Mari’s future holds, she knows that this work and this purpose to help others will always find her.

“I think as I get older, as I start to take steps back to just kind of look at what's happened and the impact that I'm having and others around me are having on the next generation of folks coming up, I think my purpose is to help people. It's to help other people see their potential.”

 

How do you feel like creating that safe environment has affected others?

Helping others find their footing in the cybersecurity industry can be extremely rewarding, especially when Mari found herself in a situation of uncertainty when she first joined the Cyberjutsu Tribe. The community of cybersecurity and the stereotypes around hackers can feel incredibly uninviting from the outside. Offering people, especially women and young girls, an opportunity to step into a safe space where they can ask anything has been huge for Mari.

“We call it our Cyberjutsu Tribe, and we want to make sure that anybody that comes to us feels like they can reach out and touch us and ask us questions and get answers and just have a conversation with us.”

 

How do we invite more people in and let them know that there are opportunities in cyber outside of technical roles?

Whether you’re hacking, selling, managing, or marketing, there is a space for you in the cybersecurity world. You don’t have to code or to be extremely technical to fit in this industry anymore, and you don’t have to have a certain look. The Women’s Society of Cyberjutsu prioritizes educating people on every role involved in the industry and showing them that they don’t have to be a tech wizard or a computer guru to find a satisfying and profitable position.

“You don't have to look like this to be a hacker. You can look like me…That stereotype, I think, is dying, as we see the number of women coming in and men coming into the space that don't look like that anymore.”

Links:

Spend some time with our guest, Mari Galloway, on LinkedIn, Twitter, her website , and the Women’s Society of Cyberjutsu website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter.

Catch up with Chris Cochan on Twitter.

 

Security Team Operating Systems with Christian Hyatt

Security Team Operating Systems with Christian Hyatt

August 9, 2022

Christian Hyatt, CEO & Co-Founder of risk3sixty, knows the secret to building a strong cybersecurity team, and he calls it: Security Team Operating Systems. Walking through his entrepreneurial journey from inspiration as a young child to discovering his interest in the new phenomenon of cyber to co-founding risk3sixty, Christian covers every aspect of intelligent leading and team building. Ready to take your team to the next level? Christian knows 5 key elements you won’t want to miss.

 

Timecoded Guide:

[00:00] Tackling cybersecurity as a business owner in an emerging industry 

[07:04] Building better teams with an emphasis on core values

[14:16] Noticing the potential of decentralized technology and data

[18:51] Stepping away from hands-on technician work to be the boss

[22:37] Leading healthy teams through missions, KPIs, and meeting cadences

 

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody 


AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

 

Where did the journey of wanting to be a cybersecurity and privacy business owner begin for you? 

 

While many guests on Hacker Valley take the journey from technician to eventual business founder, Christian felt the urge to become an entrepreneur from a young age. Watching his father and grandfather run their own businesses, Christian understood the responsibilities of taking this journey and wanted to make an impact in an industry that was blossoming with potential. Cybersecurity came into Christian’s life later, when he was employed at a consulting industry, but he saw the potential for growth immediately and wanted to be a part of it.

 

“Along the way, what I learned about myself is I really love building teams. When we built risk3sixty, we were really culture-oriented, even from the early days. We were thinking about scaling the business, career plans, coaching plans, culture kind of stuff.”

 

What are some of the lessons you’ve learned in the process of building your team at risk3sixty? 

 

Christian cites the books Traction by Gino Wickman and Scaling Up by Verne Harnish as two of his biggest inspirations and influences for team building early on in his entrepreneurial journey. Both of these authors heavily focus on the people element of professional teams, and Christian has implemented that same approach when forming cybersecurity and privacy teams at risk3sixty. The right people in the right positions will make or break a company, which is why risk3sixty has training and apprenticeship programs in place to build a strong foundation of skills with people who are passionate about learning and growing with the company.

 

“It turns out, if you get the right people in the door, you invest in them, you coach with them, you develop relationships, they're going to serve your clients like no one else is going to do it. They're gonna be part of that mission, they're gonna want to serve, and you do great work.”

 

Now that you aren’t as hands-on with security assessments as a CEO, what have you learned from the bigger picture, macro-perspective role you have now? 

 

Many cybersecurity technicians feel understandably cautious about taking over C-level positions because of the lack of hands-on technical assessment work. However, for Christian, he’s enjoyed gaining a different perspective on the industry and learning the “why” behind the “what” as CEO of risk3sixty. As CEO, Christian is able to better understand overarching trends and changes in the security assessments his company performs and has the opportunity to talk directly with security executives about opportunities for growth and investment.

 

“You can walk into an organization and if they don't have a strong leader at the helm, they don't have a security team operating system, they're a little bit dysfunctional, I know already that I'm going to see some problems in there.”

 

What are the most important characteristics that you're finding for folks that are leading really healthy cybersecurity teams?

 

Security team operating systems are made up of the non-technical skills and characteristics that make a team effective. When Christian’s team at risk3sixty needed to hone in on these specific elements, they narrowed it down to 5. Teams need to have a (1) defined purpose and mission to go after and a (2) core set of values to not only guide them through their work, but also understand their (3) set of expected behaviors and standards. There also have to be (4) consistent meeting cadences in place and (5) a solid, standard process of goal setting, KPIs, and score carding. 

 

“A great team defines their purpose and mission. Usually, that’s aligned with a business objective. It might be about protecting data, it might be about customer trust, whatever it is that makes sense for that business, they've set a mission that that team can rally around.” 

 

---------------

Links:

 

Keep up with Christian Hyatt on LinkedIn 

Check out risk3sixty on LinkedIn and the risk3sixty website.

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Learning from Cybersecurity Legends with Davin Jackson

Learning from Cybersecurity Legends with Davin Jackson

August 4, 2022

Those on the red team may not be household names to the everyday person, but they are absolutely legends and icons in the world of cybersecurity and hacking. While we have our personal favorite hackers between the two of us, we also invite our guest, Davin Jackson, to share his favorite cybersecurity legends and the lessons he’s learned from them.

Timecode Guide:

[00:50] The importance of red teaming, especially during this season

[02:17] Ron and Chris’ first experience working in a red team environment

[11:23] Communication and collaboration between blue and red

[16:53] Knowledge gained from Davin Jackson’s humble beginnings in tech

[22:19] Gaining the blue perspective with Hacker Valley Blue

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

_____________

Legends, Icons, Teachers, and Friends

From Marcus Carey to Johnny Long, we’re excited to share the legends that had an early influence and lasting impact on our careers in cybersecurity. While our two backgrounds in red teaming are different, we can attribute so much of our success and our ability to share our knowledge with all of you to the experts that were willing to invite us to join and learn the best hacking techniques alongside them.

“I think that's the most important thing in red teaming, it’s passing that knowledge on to someone else.” - Chris Cochran

 

Communication, collaboration, and community instead of red vs blue

It is not two teams with two separate fights when we’re talking about red teams and blue teams. Often, when cybersecurity is too focused on this split between offensive and defensive, we forget to collaborate and fall short of improving on issues we discovered. Communication between red and blue can be a costly struggle, which is why we’re happy to see our sponsor PlexTrac stepping in to develop communication technology for these teams.

“There's this push and pull of collaboration. On one hand, you want the red team to work autonomously…but on the other hand, they do need insight if you’re going to go deeper and deeper.” - Ron Eddings

 

Legends met, lessons learned, tech loneliness understood

In the latter half of our episode, we’re joined by Hacker Valley Blue host Davin Jackson, also known as DJax Alpha. Davin started his cybersecurity journey with no computer of his own. Working his way up from basic tech jobs at corporations like Circuit City, lessons Davin learned from the legends he looked up to include finding a mentor, focusing on networking (even when it

feels like a dead end), and being always willing to share what you’ve learned.

“It’s about consistency, and you have to have self control and discipline…It’s one thing to get it, but it’s another to maintain that success.” - Davin

----------

Spend some time with our guest, Davin Jackson (DJax Alpha/Alpha Cyber Security) on his website, Twitter, Instagram, Facebook, and weekly on the Hacker Valley Blue podcast.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochan on Twitter and LinkedIn

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Finding the Right IT Teacher with Kevin Apolinario

Finding the Right IT Teacher with Kevin Apolinario

August 2, 2022

Kevin Apolinario, better known as Kevtech IT Support on Youtube, brings his teaching skills to Hacker Valley to talk about the barriers to entry in IT. Disheartened by the lack of good advice given to him as he entered the tech world, Kev breaks down programs and concepts, such as helpdesk, for IT practitioners that may not have access to expensive equipment or formal education. Anyone can learn IT, and it’s Kev’s mission to help everyone find the method and the teacher that helps them learn the best.

 

Timecoded Guide:

[00:00] Forming Kevtech IT Support to give the right IT advice

[07:21] Helpdesk success through customer service skills

[11:49] Printers on VPNs and other major IT troubleshooting lessons

[15:56] Customizing teaching and learning experiences for each IT practitioner

[19:54] Better IT and cyber online communities through shared passion

 

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody 


AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

 

What was your inspiration to start teaching as Kevtech IT Support? 

 

Kev hardly had a traditional journey into IT, instead having jobs in the restaurant industry and law enforcement before even considering entering the tech world. When Kev became a Field Technician for the Department of Education and began learning the ropes of IT, he realized there weren’t resources available for someone of his background to learn simple concepts or master common technical programs. After dealing with the frustrations of education gaps and unreliable advice, Kev decided to be the person for new IT technicians to learn from.

 

“My journey was rough, because I didn't have anyone guiding me, I didn't have anyone telling me what certs to get. I didn't have anyone telling me the tips and tricks for starting in IT.”

 

Was it intentional to interweave your name and brand and have them be synonymous? 

 

Hacker Valley feels synonymous with Chris and Ron’s branding for themselves, and Kev maintains a similar element of that with Kevtech IT Support, especially considering he weaves his name directly into his branding. For Kev, this was an entirely purposeful decision, born out of his own desire to be known as Kev, the helpdesk IT guru on YouTube. Building a brand with authenticity about who he is personally and professionally shows other IT professionals that their work or education experiences don’t have to be separate from who they really are.

 

“That was on purpose for me because I always wanted to be known as the helpdesk guru of IT. Someone that does IT superbly and helps everyone…I wanted to actually show people real-life experiences.”

 

How would you go about having a tough conversation with somebody whose passion isn’t in IT or cyber? 

 

Some people are just in it for the money, whether that “it” is IT or cybersecurity. Considering the spotlight being placed on cyber labor shortages and tech skills gaps, many professionals have considered joining the field without the passion to support their new job shift. Although Kev believes everyone should be welcome to learn about IT, he understands that there’s a cause of concern in making IT all about the money. The industry needs passionate individuals, Kev explains, and the desire to learn needs to be present when you take that next step into IT.

 

“I'm sorry, but this field is not for everyone. If you're going to work helpdesk, or IT support, you need to know how to deal with customer service, you need to know how to deal with people.”

 

What piece of advice would you have for cyber or IT professionals looking to level up their community?

 

From Kev’s perspective, gatekeeping isn’t just mean, it’s legitimately harmful to the IT community. IT professionals can’t level up without leaders willing to step up and teach their knowledge. Hiding IT tips or tricks doesn’t save careers, it only succeeds in hurting other IT practitioners and negatively impacting customers relying on that expertise. Kev advocates for increasing transparency within the IT and cyber communities, and explains that gaining knowledge should be valued more than capital gains by practitioners and professionals.

 

“I believe in helping the community, I believe in sharing your knowledge. So, the more engaged you get with the community, the better it is for everyone.”

 

---------------

Links:

 

Keep up with Kevin Apolinario on LinkedIn

Check out Kevtech IT Support on YouTube and Discord

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Making Hacking Accessible with Deviant Ollam

Making Hacking Accessible with Deviant Ollam

July 28, 2022

In this season of Hacker Valley Red, we focus on cybersecurity legends in offensive operations with a legend in the physical pen testing and lockpicking: Deviant Ollam. As a pioneer in our industry and an author of two incredible books about lockpicking, Deviant shares his history from hobbyist to professional and all that he’s learned along the way about making the secrets of the hacking world accessible to all.

Timecoded Guide:

[01:28] Defining the pioneers in cybersecurity

[08:47] Deviant’s first explorations in lockpicking

[16:03] Accessing and democratizing hacking secrets

[18:58] Becoming an author to transfer his knowledge

[23:12] Seeing the past, present, and future of hacking

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusive Red Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy! And be sure to come say hello to us at Black Hat at Booth #1686!

----------------

What does it mean to be a pioneer in cybersecurity?

As our season focuses on legends, it’s important that we explain what makes these individuals such a vital part of our community. In the case of this episode, we explain that our guest Deviant is nothing short of a pioneer. Deviant has been willing to take on new challenges and revolutionize the industry throughout his career, influencing hundreds of individuals and leaving a lasting educational impact on the entire industry.

“That ‘zero to one’ part can be the hardest part of any progression in any field, but especially in cybersecurity.” — Chris

 

When you reflect on changing this whole industry, how does that make you feel?

Despite our guest’s legendary reputation, Deviant is humble about his achievements, caring more about how his work has impacted others than himself. What he focuses most on in his teaching, presentations, and writing is making lockpicking and penetration testing accessible and understandable. Instead of harboring secrets and perpetuating exclusionary policies, Deviant wants anyone to be able to master these skills and understand this knowledge.

“I’m not the first one who ever did this. What I like to think of my contributions is that they have chiefly been making it accessible and democratizing this knowledge.” — Deviant

 

Do you think it's harder today to stand out than it was a couple decades ago?

For Deviant, our globalized internet and algorithm-focus social media sites are both a blessing and a curse. While knowledge can be found on every corner of the web and anyone can become familiar with information that was once borderline inaccessible, Deviant also recognizes that younger hackers and lockpickers will have a very different rise to success than he did years ago, especially due to fragmented audiences and tricky algorithms.

“We have more avenues to put yourself on display, to put yourself out there than ever before, but that means the audience is fragmented and is spread so thin.” — Deviant

 

What piece of advice would you have for the folks that want to make an impact in security and technology and in our community today?

Although success will look different for newer members of our cybersecurity community, Deviant is confident that the younger innovative minds of the future will be able to solve so many of the long-standing problems within our industry. However, he reminds our younger audience that they need to still respect the tenured members of the cybersecurity world and to learn from them without oversimplifying the issues past professionals have faced.

“Start thinking about it in a way that doesn’t use ‘just,’ because every old head in the industry has heard that….We couldn’t ‘just’ do it, or we would’ve ‘just’ done it.” - Deviant

------

LINKS:

Spend some time with our guest, Deviant Ollam, on his website, Twitter, Instagram, and Youtube channel.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter.

Catch up with Chris Cochan on Twitter.

Cyber Espionage & Entrepreneurship with Karim Hijazi

Cyber Espionage & Entrepreneurship with Karim Hijazi

July 26, 2022

Karim Hijazi, Founder & CEO at Prevailion and host of the Introverted Iconoclast podcast, comes to Hacker Valley Studio to discuss his varied experiences in entrepreneurship. With a humble start in bartending, Karim explains how learning about people inspired his exploration into counterespionage and cybersecurity. Armed with stories from the streets of NYC to the hallways of his own companies, this episode is a look into the mind of a successful entrepreneur and founder of 2 incredible businesses.

Timecoded Guide:

[00:00] Bartending in NYC and its overlap with espionage and entrepreneurship

[07:14] Real-life knowledge application in cyber intelligence 

[12:15] Founding Unveillance and being acquired by Mandiant 

[18:22] Karim’s entrepreneurial mindset and his journey with Prevailion 

[24:51] DIY podcasting with Introverted Iconoclast and learning to tell his stories

 

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody 
AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

 

How do your experiences in bartending and espionage overlap?

The jobs taken as a means to an end just might teach something invaluable. This was the case for Karim, who took a job bartending to make ends meet while he figured out what he wanted to do with his future. At the time, cybersecurity and counterespionage weren’t on Karim’s radar, but bartending taught him about people; how they act when they want something and how to connect with them even in the busiest and most public places. Learning this changed the game for Karim when he got into the espionage world and assisted him even more so when he became an entrepreneur in the industry.

“It's just learning the way to slowly gain a confidence level with someone. It's actually where the word "con man" comes from, confidence man. Ultimately, that is how you get the information you need.” 

 

What are the different aspects that organizations or individuals look at with counterintelligence?

At Karim’s own firm, the shift from competitive intelligence to counterintelligence focused around three security aspects. One, identifying weak spots and vulnerabilities, noticing your points of exploitations and vectors of attack. Two, taking advantage of disinformation, using it to root out moles within an organization and throw off cyber adversaries. Finally, three, finding out where your information is going and noticing where there is weaker security than your own. Karim emphasizes that in this third aspect, it is not so much about an organization’s strategy when the information is still at home. It’s harder to secure information once it goes elsewhere.

“A controlled rumor within an organization can do several things. It can weed out a mole that you may have, a spy within your organization that maybe you don't know about, that's been able to be hired and gotten through the background checks and whatnot.”

 

When you look back to starting your journey as an entrepreneur, what are some of the wrong assumptions you made early on? 

Karim, like many entrepreneurs, was under the impression when he founded his first company, Unveillance, that he should be seeking to hire, not to do anything himself. While hiring is an important part of being a business owner, Karim has realized that it's better to learn how every piece of the machine of a company works before hiring. Trying things out for himself and taking a chance on his own abilities hasn’t been easy, but it’s made him a better leader for his employees. If they drop the ball or need his assistance, he’s able to lead from a place of understanding and call the shots with his own vision in mind and his own knowledge to back him up. 

“As a CEO, it's almost imperative for you to go and try it all, even if you fumble through it and you get by with something that is subpar. It's better to have tried it and understand it, so now you know how to call the shots a little better.” 

 

What prompted you to start your podcast, Introverted Iconoclast?

Ironically enough, Karim’s podcast was a do-it-yourself project born out of having an employee drop the ball on creating it for him. Relying on himself and struggling his way through the beginning, Karim realized that podcasting is not just about the equipment and the idea behind it, it’s about the stories being told. Focusing on the lead up and context around some of his own career stories and professional highlights, Karim was able to discover the rhythm for his podcast and build a solid foundation of content that opened up doors for new topics to be addressed and new guests to welcome onto his show. 

“It's very cathartic for me. Speaking the stories out loud, rather than just sort of regaling people over a dinner or thinking back on them nostalgically, is extremely interesting because you remember things you don't remember when you're casually talking about them.”

---------------

Links:

Keep up with Karim Hijazi on LinkedIn and Twitter

Check out Prevailion on their website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Where Cyber Meets Content Creation with Henri Davis

Where Cyber Meets Content Creation with Henri Davis

July 19, 2022

Henri Davis, CEO of TechTual Consulting & host of the TechTual Talk Podcast, comes to Hacker Valley this week to talk about his history with cybersecurity incident response and the content he currently creates with the TechTual Chatter Youtube channel. From interview tips, passion vs creativity, the intersection of cybersecurity and content creation, Henri walks through the path his career has taken him on, as well as imparts advice on those looking to follow a similar journey.

 

Timecoded Guide:

[00:00] Explaining incident response’s role in cyber 

[07:15] Henri’s journey from incident response to TechTual CEO 

[14:04] TechTual Consulting’s content about interviews & breaking into cybersecurity

[23:43] Marrying passions together within your career path

[29:54] Career path advice, cybersecurity vs content creation

 

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody 

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

 

If you could explain it to someone who has never been in a cybersecurity incident before, what is it like from the beginning of the incident through to closure?

While the majority of Henri’s work revolves currently on content creation, Henri’s background in cyber has extensive involvement in incident response. Incident response, although vital for today’s cyber industry, is sometimes misunderstood, even by cybersecurity practitioners. Henri explains that incident response is something you don’t see the usefulness of until you do it, and that attempting to work through an incident can feel like dealing with a car crash; you always have a risk of something like this happening, and it matters how you prepare for it.

“An incident is like a car wreck. A wreck is something that you have a potential risk for, but you drive with insurance hoping that if it does happen, you know what to do. And even though it happens, you're still not prepared for the actual wreck.”

 

How are you hoping to help people, especially those breaking into cybersecurity, with TechTual’s content?

Henri’s focus on TechTual has given him an outlet for content creation and he hopes to use that platform to consistently help others. With the pandemic creating many jobless and job searching people, Henri saw an opportunity to focus on cybersecurity and IT content and assist outsiders looking to transition into the cyber industry. From tips about interviews to assistance with resumes, Henri often covers the basics with the mission to empower others, no matter their background, to embrace the ever-expanding industry. 

“My goal is to say it's okay. Everyone has a starting place, everyone has to start from somewhere. Just build your skill set up and eventually, you won't even have to have your LinkedIn profile open for work.”

 

When you find something that you're passionate about, and then you find another thing that you're passionate about, how do you marry those two together?

A marriage between passion is definitely possible, especially when looking at someone like Henri, who combines his love of content creation with his experience in cybersecurity and his passion for helping others. However, Henri is realistic in explaining that there’s a give and a take to the decisions made around your career path and how passions impact that. Henri recommends choosing a career path not just centered around passion, but instead focused on providing for yourself and your family. When your needs are fulfilled with your job, your passions and hobbies can grow and turn into legitimate projects in your life.

“If I was just by myself, I could just bet on myself, I always bet on myself. When you have that family aspect to it, you have to kind of weigh your options and see when the time is going to be right, and how you can do that.”

 

What is that one piece of advice that you would have for somebody that's looking to take one path in their career journey, but they have many paths before them?

During episodes of TechTual Talk and TechTual Chatter, Henri focuses heavily on career advice, especially when it comes to making the right decisions in your career journey and behaving professionally during the interview and job search processes. When asked about advice he would give, Henri explains that prioritizing logical paths and being honest in the work you do will always have a positive impact on job prospects. For example, lying in the interview process can lead to long term dissatisfaction between employee and employer, and building a career without a logical path is never a strong foundation for anyone’s future.

“What is the most logical path for you right now? Which one is the lowest barrier to entry for you? What's going to take care of you, or whatever your situation is? Try to do that first, and then reserve time for your passion.”

---------------

Links:

Keep up with Henri Davis on LinkedIn and the TechTual Consulting Website.

Check out Henri’s podcast, TechTual Talk, and his Youtube Channel, TechTual Chatter.

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Financial Independence & Freedom with Eddie Thomason

Financial Independence & Freedom with Eddie Thomason

July 12, 2022

Eddie Thomason, bestselling author, speaker, consultant, and creator of the Simply Secure podcast, comes to Hacker Valley Studio to discuss financial independence, the freedom of a healthy work-life balance, and habits that have helped him succeed. As a father of two with a full-time job and a thriving content creation career, Eddie explains not only how he does it all, but also how much he cares about helping other security professionals achieve the same level of success.

 

Timecoded Guide:

[00:00] Eddie’s background & his current cyber role with Data Locker

[06:07] Growing up in Baltimore City & finding his podcasting inspiration

[13:10] Balancing work & life with calendar planning 

[19:13] 4 essential habits: reading, listening, association, & work

[28:20] Advice for digital content creators & security professionals 

 

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody 

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com

 

What is the connection between cybersecurity and this financial independence and freedom mindset you have?

In his book, on his podcast, and throughout his career, Eddie has emphasized the importance of financial independence, especially when it comes to diversifying his income. Instead of calling his projects and revenue streams “side hustles,” Eddie prefers to think of them as baby businesses; small businesses in the infant stage that have massive professional potential. With COVID severely changing Eddie’s economic perspective, he firmly believes in having multiple sources of income and in fostering the growth of each project until he’s seeing revenue to rival the full-time income he already makes in his day job.

“If you look at it as a side hustle, that's all it's ever going to be, it's just something that creates a little bit of extra income, but if you look at it as a baby business, that could really replace the income that you currently make.” 

 

How do you balance content creation, day-to-day job responsibilities, and fatherhood? 

Being an author and a cybersecurity consultant can both already be demanding jobs, but throwing 2 young children and an entire podcast into the mix makes Eddie’s success borderline hard to believe. However, Eddie credits his success to understanding his priorities and heavily managing his calendar. Entrepreneurs need to think of their schedules down to the minute, maybe even the second. Eddie is not afraid to set aside time for his children, even if it means he has to work in the evenings on his own entrepreneurial goals. Eddie knows that when he puts his calendar together, he is giving himself the time he needs and deserves to work and spend time on what’s important to him, even alongside all his other responsibilities as an employee.

“If you're going to work for 8 hours a day for somebody else's dream, then why can't you come home on a daily basis and give yourself at least 2 hours? We're not talking about a whole nother 8, but give yourself at least two hours. From the hours of 5 to 7, what can you do to invest in yourself?”

 

What are some successful habits you’ve picked up throughout your life and that you mention in your book, Unlock Yourself?

Four successful habits guide Eddie through his busy life as an entrepreneur and full-time worker, the first of which is reading. Reading is a source of knowledge and connection with others, and Eddie has learned amazing lessons from reading books and articles. The second is listening, which, just like reading, offers Eddie the ability to learn and to connect with the world. Coming in third is association. Surrounding himself with people who inspire him and are dedicated to his goals reminds Eddie of how badly he wants this. Fourth and finally, work. Putting in the work without expecting the success to happen overnight helps Eddie with his patience and always leads to a much better payoff.

“If you surround yourself with incredible people who inspire you and uplift you and encourage you, then there's no reason why you should not get to your goal. There's no reason why you should give up because you have people that understand how badly you want to accomplish your goals. They won't let you quit on yourself.” 

 

Do you have advice for those looking to achieve success similar to you? 

Although it may seem daunting to tackle a career as extensive as Eddie’s, Eddie is confident that his mindset around work can help anyone become successful. Most specifically, amongst all the entrepreneurial advice Eddie gives, his strongest point centers around understanding the “why.” Knowing why he does what he does not only helps keep Eddie on track for a solid work-life balance, it also allows him to see the impact his work has on the people around him. With his wife being a stay-at-home mom and his children being young, Eddie understands the necessity of his hard work and wants to inspire his family with his continued success.

“If I don't perform, the people around me suffer. If I don't do what I need to do, then the people around me are not going to be better off. The impact that it is going to have on them is so much heavier than the impact that it'll actually have on me individually.”

---------------

Links:

Keep up with Eddie Thomason on his website, Youtube, LinkedIn, Instagram, and Facebook

Check out Eddie’s podcast, the Simply Secure Podcast, and his book, Unlock Yourself

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

The Future of Artificial Intelligence with Jeff Gardner

The Future of Artificial Intelligence with Jeff Gardner

July 5, 2022

Jeff Gardner, CISO at Germantown Technologies, comes to Hacker Valley Studio this week to talk about the future of cybersecurity and what up-and-coming hackers may encounter on their journey into an ever-evolving industry. With a specific focus and interest in artificial intelligence, or AI, Jeff’s discussion in this episode covers the current perception of AI in tech, the timeline of when we may see highly-intelligent AI come into play, and what the future of AI looks like from a cybersecurity standpoint. 

 

Timecoded Guide:

[03:54] Focusing on numerous areas during his day job as CISO and understanding the necessity of a strong team of trusted cyber professionals

[09:00] Getting excited about current and upcoming technology in cyber while remaining realistic about present day limitations and needs 

[15:53] Automating security analyst tasks and finding the quality control balance between machine knowledge and human intuition

[22:50] Breaking down the concept of “bad AI” and understanding how to address the issues that may arise if AI is used for nefarious purposes

[28:22] Addressing the future of unique thought and creativity for computers and for human beings 

 

Sponsor Links:

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody 

AttackIQ - better insights, better decisions, and real security outcomes. Be sure to check out the Attack IQ Academy for free cybersecurity training, featuring Ron and Chris of Hacker Valley Studio, at academy.attackiq.com

 

What are some of the things that you are expecting the next generation to be doing when it comes to bypassing security in a way that they won't get caught?

Jeff, like many hackers and security pros in the industry, started his journey in cyber by hacking different systems from his own computer as a kid just because he could get away with it. While that type of hacking still exists, there are new ways for systems to manage and counteract these threats and attacks, as well as expose who is behind it. The new generation of hackers will learn in different ways on different technology, and Jeff is confident that what they choose will come because of where the security industry is already going, with devices that use machine learning and pattern learning, as well as the continuing development of AI. 

“When it comes to artificial intelligence and all the myriad of models and neurons and all that, we're still pretty much at single neuron, maybe double neuron systems. But, as things evolve, it's gonna be harder and harder to bypass those defenses.” 

 

What is your perspective of AI not being here and available for us yet?

In Jeff’s opinion, the biggest thing missing from our current AI to really make it the intelligence we claim it is, is creativity. We have smart technology, we have technology that can automate tasks and can be told very easily what to do, all through feeding in data and processes. However, Jeff points out that most of what we call artificial intelligence in the cyber and tech industries doesn’t have the creativity or the human intuition to match the human brain. We’re in an exciting escalation of technology and intelligence, but we aren’t at true AI yet. 

“I think one of the things that's missing from AI, and it's being solved rapidly, is creativity. We train it through models, but those models are only the data that we give it. How smart is the system if you just give it a plethora of data and have it come to its own conclusions?” 

 

How far away do you think we are from highly intelligent AI?

Although the futuristic AI that appears in science fiction movies and books isn’t here yet, Jeff believes we aren’t far off from a level of computer technology that we have never seen before. With the quantum leaps in technology that we’ve continued to see, namely in computers starting to solve math problems we’ve never even thought of or engage with art in a way we’ve never dreamed possible. What we see now is the tip of the iceberg, but the future holds massive potential for what AI will look like and what automation of certain tasks will look like, with accuracy rates for analysis technology continuing to narrow to 99.9% accuracy rates. 

“When you can get to that level of processing speed, you can do things we can't even dream of, and that's what they're doing now. They're solving math problems in ways that humans have never thought of, they're creating art in ways that humans couldn't imagine.”

 

How do we create AI for good? 

The fear of the “evil” or “bad” artificial intelligence comes up frequently when we discuss what the future of AI may look like from a security standpoint. However, Jeff is confident that the issue is not as black and white as our fears make it. For starters, when we understand the purpose behind what “bad” AI might be programmed to do, we can put other measures in place to combat it. On the other hand, the struggle of good vs bad, right vs wrong has been a problem in hacking and in cyber since the first white hats and black hats came into existence. The fear of bad AI is a philosophical discussion instead of just a technical conversation.

“I think it all comes down to, like you said, purpose. What's the purpose of the bad AI? What's it trying to do? Is it trying to hack our systems and steal the data? Is it trying to cause physical harm?”

---------------

Links:

Stay in touch with Jeff Gardner on LinkedIn

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Learning to Lead Future Tech Leaders with Dr. Stacey Ashley

Learning to Lead Future Tech Leaders with Dr. Stacey Ashley

June 28, 2022

Leadership expert, Dr. Stacey Ashley, joins us at the Hacker Valley Studio to talk about her journey from the corporate world of leadership to her current roles in consulting and coaching. As a speaker, author, and educator for leaders, especially executive and C-level leaders, Dr. Ashley shares foundational skills needed to go from expert to leader, mindset shifts that need to occur regarding our perspective on our own leadership responsibilities, and experiences that inspired her to become an author. 

Timecoded Guide: 

[02:58] Developing stronger leadership capabilities and understanding the value of scaling work with her decision to become an author  

[09:51] Jumping over the hurdles and obstacles to becoming a better leader through mindfulness, practice, and checking the privilege of your executive role 

[13:45] Knowing when to get off the treadmill of busyness and focusing on setting better boundaries for yourself as a leader 

[20:53] Cultivating the next level of leadership with a focus on mentoring, role modeling, and coaching  

[25:40] Providing advice for future leaders and understanding the values of awareness and of developing your listening skills  

Sponsor Links: 

Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! 

Want to learn more about how Mindbody enhanced its asset visibility and increased its cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody

AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at  academy.attackiq.com 

 

What have been some of the challenges that you've seen, out of yourself or from others, to start to cultivate that leadership ability? 

There’s a common path to leadership in many industries, especially tech and cyber, where becoming good at your job skyrockets you into leadership spaces and executive roles. While this is often an achievement worth being proud of, Dr. Ashley warns that we rarely mentor and teach these newly appointed leaders how to lead. Expert skills are important to have, but not being able to satisfy your executive role and your leadership responsibilities with developed leadership skills leads to confusion and dissatisfaction amongst employees and clients who aren’t receiving the type of leadership guidance normally delivered by someone in that role. 

“It's great to have those specialist skills, but it's not enough. If you're going to lead people, if you're going to lead a program of work, if you're going to be a thought leader, or an influencer, or any of those things, you need to have more skills.” 

 

What are some of the common obstacles that people have that keeps them from being the best leader that they can be? 

Dr. Ashley is the first to admit that tech leadership issues and obstacles are hardly a one size fits all. However, a commonality she sees is a focus on busyness instead of on active leadership practices. Being “busy” does not translate into high levels of productivity, especially for leaders in prominent company or industry roles. She advises that a better focus for leaders and aspiring executives is to practice their leadership skills and prioritize finding a coach or mentor, instead of just filling up their schedule with unnecessary busy work. 

“This whole concept of busy isn't actually very effective. Busy is just doing stuff for the sake of doing stuff. One of the things that I find that great leaders do is that they're really clear about where they make a difference, where they add value, where they can make a real contribution. They don't focus on being busy, they focus on the important stuff.”  

 

What sort of creative license do you give for those people that just want to be helpful, but are over taxed when it comes to their job?  

We all want to better prioritize our tasks and to feel less overwhelmed by our work, but setting boundaries often feels mean or unrealistic for those used to being helpful and people pleasing. Dr. Ashley sees this a lot in her work, where she often advises people to consider how they’re saying no and what ways they’re presenting what they’re working on. By showing people that you have important tasks that rely on your focus to attend to, you’re inviting them to see your time in a much more understanding light and you will invite them to consider that they should try on their own for a solution and prioritize their own tasks before they can engage with you again. 

“I think if we let people know that we're doing something else, and that it has a big impact, then they're much more understanding. Also, we're giving that other person some time to see if they can figure that thing out on their own rather than relying on us.” 

 

What are some of the tenants that you follow for cultivating the next level of leadership? 

Dr. Ashley believes that one of our key responsibilities as leaders is to grow this next generation of leaders and help them develop the best leadership skills imaginable. She advocates for this by focusing on three core tenants. The first being mentorship, meaning you’re willing to share your knowledge, wisdom, and experiences all on a personal mentorship front. The second is role modeling, where you’re showing how to be a good leader, representing what that looks like for everyone in your business. The third? Coaching, which she bases a large majority of her career around. Being able to coach and provide a customizable approach for future leaders allows them to address what they need to learn and where they need to grow. 

“I don't know if every leader recognizes this, but every day, you are role modeling. You may not be role modeling great stuff, but you are role modeling. And so, you have a responsibility every day to recognize your role modeling.” 

--------------- 

Links: 

Stay in touch with Dr. Stacey Ashley on LinkedIn, Facebook, and Instagram 

Connect with Ron Eddings on LinkedIn and Twitter  

Connect with Chris Cochran on LinkedIn and Twitter 

Purchase a HVS t-shirt at our shop 

Continue the conversation by joining our Discord 

Check out Hacker Valley Media and Hacker Valley Studio