🔏 Simplifying Cybersecurity Issue #1

Welcome to the first issue of Simplifying Cybersecurity!

This newsletter is packed with info to help you up your cybersecurity game. Whether you're just getting started or a seasoned cybersecurity professional, I've got you covered with tips, tools, and resources to help you keep growing and keep your career moving forward.

In this issue:

• Cybersecurity news stories you should know about

• Professionals you should follow or connect with

• Tips to stand out in your next interview

• Training resources to improve your skills

• Career opportunities you might want to check out

• Featured book from The Bookstore

📰 Cybersecurity in the News

The Gili Ra’anan model: Questions emerging from Cyberstarts' remarkable success. Cyberstarts, a remarkably successful cybersecurity venture capital fund, is under scrutiny for its "Gili Ra'anan model," where Chief Information Security Officers (CISOs) are offered compensation tied to their engagement with the fund's portfolio companies. While Cyberstarts denies direct incentives for product purchases, critics raise concerns about potential conflicts of interest and unfair competitive advantages for the fund's startups.

Disruptions at Many Car Dealerships Continue as CDK Hack Worsens. The cyberattack on CDK Global, a major software provider for car dealerships, highlights the vulnerability of critical infrastructure to cyber threats and the potential for widespread disruption. Cybersecurity professionals should pay close attention to this incident as it underscores the importance of robust security measures, incident response planning, and business continuity strategies in the automotive industry.

US Bans Kaspersky Over Alleged Kremlin Links. The US government has banned Kaspersky Lab from operating in the US due to concerns over its ties to the Russian government and potential risks to national security, citing Kaspersky's vulnerability to Russian government influence and its access to sensitive US customer data. This decision underscores the growing geopolitical tensions between the US and Russia, impacting the cybersecurity landscape, and emphasizes the importance of choosing cybersecurity providers with transparent ownership and strong data protection practices.

Cybersecurity Burnout Costing Firms $700m+ Annually. Cybersecurity burnout is a significant issue causing major financial losses for companies in the US and UK, with an estimated $756 million lost annually due to decreased productivity and sick leave. This highlights the urgent need for organizations to prioritize employee well-being and mental health in the cybersecurity field to mitigate the financial and operational risks associated with burnout.

🤝 Professional Networking

I follow a LOT of cybersecurity leaders on LinkedIn, and I recommend you do the same. Here are five (5) folks who consistently post thought-provoking, insightful, and engaging content. Don’t just follow them, though. Join in the conversation!

• Helen Patton - Cybersecurity Advisor, CISO, Board Member, Author, Teacher; Cybersecurity Executive Advisor with Cisco

• Paula Januszkiewicz - CEO, Security Expert, MVP; Founder and CEO of CQURE Inc. and CQURE Academy

• George Kamide - Cybersecurity Community Builder | Speaker | Podcast Host | Nonprofit Director | Advisory Board Member; Co-Host Bare Knuckles and Brass Tacks

• Brian Krebs - Investigative reporter, krebsonsecurity.com

• Richard Bird - Questioning The Status Quo Of Cybersecurity | Corporate And Start Up Multi-Time C-Level Exec | Global Speaker | Media Personality | Good Trouble Maker; Chief Security Officer, Traceable AI

💼 Interview Tips

I posted this question to LinkedIn:

“Thinking back on one of your previous hires, what's ONE THING that person said, did, or demonstrated in the interview that helped convince you they were the right person for the job?”

The question received some fantastic responses, but this response from Jerich Beason (Chief Information Security Officer, WM) was my favorite:

“They ran to help a woman who dropped a stack of papers. It was clearly instinctive but showed me their character. Great decision..he was a team favorite from the start.”

I highly recommend you check out the post and read the other responses.

💡 Training Opportunities

I’m having conversations about application security literally every work day, so I thought I’d share a pair of appsec courses from LinkedIn Learning.

If you’ve got a Premium profile, or if your company has a LinkedIn Learning subscription, you can check out these courses anytime you’d like.

But even if you don’t have a LinkedIn Learning subscription, you can use these links to take these courses for FREE. The links themselves shouldn’t expire, but as soon as you click on them, you have 24 hours to complete the courses. You can bookmark them for a rainy day.

• Static Application Security Testing

• Dynamic Application Security Testing

🚀 Career Opportunities

If you’re looking for an Entry Level or Associate role, you might want to check out these opportunities:

• Cyber Security Analyst, Brooksource ($30-$40 hour, remote)

• Fractional InfoSec Engineer, Braintrust ($50-$70 hour, remote)

• Security Operations Center Analyst - Level One, Enterprise Iron (remote)

If you’re looking for a Mid-Senior Level role, you might want to check out these opportunities:

• Cybersecurity Architect, Blackbaud ($117.2k-$157.5k year, remote)

• Senior Product Security Engineer, Newsela ($120k-$140k year, remote)

• Red Team Operator, U.S. Bank ($116.3k-$150.5k year, remote)

📚 The Bookstore

Navigating The Cybersecurity Career Path (1st edition) by Helen Patton is a comprehensive guide offering practical advice and unique insights to help cybersecurity professionals at all levels succeed and advance in their careers. Well-worth the read for anyone in cybersecurity, regardless of where you are on your own career path.

Alright, folks. That's it for this week. If I’m doing my job right, you’re a few steps closer to making the career moves you want to make.

If you’re digging this newsletter, share it with a friend or colleague who might like it as well. We’re all in this together, and sharing what we learn along the way helps everyone.

And connect with me on LinkedIn! I'm always up for chatting about all things cybersecurity and career growth.

Stay safe out there, and keep learning!

Jerod

You found it! You can use the promo code LEET1337 to save 25% on any order in the Simplifying Cybersecurity store at https://simplifyingcybersecurity.com/store. This promo code will self-destruct in… well, you know the rest. Nicely done!