Podcast – Your Cyber Path

EP 89: Getting My First Job in Cybersecurity with Ayub Yusuf

In this episode, our host Jason interviews Ayub Yusuf (@WhiteCyberDuck) about how he got into the cybersecurity industry.

This time, we go over a very common case where people tend to study something in college that does not relate to cybersecurity and then shift over to the Cyber world after graduation.

Ayub mentions that you are going to have to deal with a lot of silence and rejections when applying for your first job and that it took him 134 applications to get only 5 interviews.

Listen Now »

EP 88: The CIA Triad – The Basis of Cybersecurity (Authentication)

In this episode we arrive at the end of our five-part series talking about the CIA NA Pentagram, this time discussing the last pillar, Authentication.

Authentication is always associated with passwords and how you can prove that you are who you say you are.

When you hear Authentication, always have things like tokens, digital certificates, multi factor authentication or two factor authentication in mind but remember that Authentication will keep changing and evolving over the years and new ways, techniques or protocols could be introduced to the field.

Listen Now »

EP 87: The CIA Triad – The Basis of Cybersecurity (Nonrepudiation)

In the fourth video of this five-part series discussing the CIA-NA pentagram, Kips and Jason talk about nonrepudiation.

In simple terms, nonrepudiation means you can’t say you didn’t do the thing that you did.

Jason and Kip go over some examples of nonrepudiation in both the physical realm and the digital world highlighting that you should always use some type of example when you’re asked about a specific term like nonrepudiation.

Listen Now »

EP 86: The CIA Triad – The Basis of Cybersecurity (Availability)

In this episode, Kip and Jason discuss everything that makes the A in the CIA Triad, Availability.

Availability is when you like to use a system and it’s there ready for you to use, because no matter how secure a system is, if you cannot access it when you need to, it serves no purpose.

Kip explains how the way you think about availability is also going to change depending on the industry you’re in and the niche you interact with the most.

Edward Skipka, a vulnerability management analyst, goes over his experience and how he managed to double his pay in just over two and a half years. He highlights that doing your best and solving problems can take you to another level within your company.

Listen Now »

EP 85: The CIA Triad – The Basis of Cybersecurity (Integrity)

In this episode Kip and Jason discuss the second pillar of the CIA pentagram, Integrity.
The whole idea of integrity is making sure any entity that you interact with has not been modified after creation and exists where it needs to be.
Jason mentions how it’s not always a perfect balance between all the pillars of the pentagram but depending on the real-world situation, the solution tends to lean towards one or more of the pillars.
Kip explains how digital signatures work and what are the best use cases for them, while Jason dives in deep explaining how hashes work and how to best utilize them.

Listen Now »

EP 84: The CIA Triad – The Basis of Cybersecurity (Confidentiality)

In this short episode, Jason and Kip discuss the first aspect of the CIA Triad which is Confidentiality.

They break down the critically important confidentiality point and how it works in the real world, highlighting that it’s not about the information itself but more likely about where that information is in the flow.

They also mention how confidentiality is brought up in certification exams and how it’s always connected to encryption.

Listen Now »

EP 83: Automating NIST Risk Management Framework with Rebecca Onuskanich

In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF.

Rebecca Onuskanich, CEO of International Cyber Institute, is here to share with us some of her knowledge gained throughout 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world adaptation.

Listen Now »

EP 82: From Truck Driver to Cybersecurity Analyst with Mike Hillman

In this episode, we get to learn about our guest’s inspirational story as he went from truck driver to Cybersecurity Analyst in less than 15 months.

Mike Hillman, former truck driver and current SOC Analyst, goes over his exact roadmap to transition into Cybersecurity without any previous experience, the certifications he acquired, and the courses he took.

Listen Now »

EP 81: How to Negotiate a Pay Raise with Edward Skipka

In this episode, we listen to Kip and Ed go over how Ed managed to get a 25% pay raise in a very short period of time and the whole details of his situation.

Listen Now »

EP 80: Risk Management Framework with Drew Church

In this episode, Kip and Jason, along with special guest Drew Church, take a closer look at the NIST risk management framework to help facilitate selecting the right kind of security for your system and help clarify how to direct resources towards the right controls.

Drew Church, RMF expert and global security strategist at Splunk, is here to talk about the different steps of RMF, the importance of preparation work, and understanding the bigger picture of what you want your system to accomplish.

Listen Now »

PODCAST EPISODES