For the past decade, I have listened to a number of stories from a minority of cybersecurity professionals I talk to about unbelievably hostile and abusive workplaces. More insidious to me, are the workplaces that “pass” as okay on paper, but are continually undermining, failing, and gaslighting their junior employees. Unfortunately, it’s often harder for junior people to judge that they are not being treated fairly than in cases of extreme abuse.… Read More About Cybersecurity Management and Expectations
This page is perma-linked at pancakescon.com Thank you for your attendance and support; see you next time! Media coverage: https://www.csoonline.com/article/3533422/virtual-security-conferences-fill-void-left-by-canceled-face-to-face-events.html Info and CFP #PancakesCon is an impromptu, virtual hacker con which occurred on Sunday 3/22/2020, from 9AM-6PM Central US Time. Every talk at PancakesCon was approximately 40 minutes long, and had two halves: 1) An… Read More PancakesCon 2020: Quarantine Edition
I’ve had the (dubious) honor and privilege of witnessing a couple decades of IT educational lab environments. Even after well over a decade of full-time cybersecurity work, I often still have to re-certify on various tasks which require I complete a live lab or CTF (capture the flag). I build such environments myself. The way… Read More Bad, Good, and Super-Cringey Infosec Lab Environments
Ever wondered if your conference talk proposal measures up? I definitely do, every time I submit to a conference. Over the past week I reviewed over 600 call for paper submissions for the Derbycon information security conference. This was definitely a unique experience – I had participated in review boards in the past, but never… Read More I reviewed 600+ call-for-paper submissions, (and you’ll probably guess what happened next.)
A brief vlog on stylistic and content problems I see on resumes at clinics and from candidates.… Read More Infosec Resume No-Nos [VLOG]
Foreword (Lesley) One of the hardest things to accept in information security is that we as individuals will simply never know everything there is to know about the field, or all of its many niches. Despite this absolute reality, we still often feel embarrassed to ask basic questions about topics we don’t understand, due to… Read More The InfoSec Amnesty Q&A
I commissioned the very talented artist Bryan Ward to make a good quality version of my previous credit card security infographic. This is meant as a tool to educate and inform people who post photos of their credit cards on the internet, and you may link to or repost it accordingly. Please give credit and… Read More Credit Card Security Infographic
So, you love to hack, and you’re going to get that dream job in infosec! Except, now what? A wide array of certification firms and colleges are willing to sell you an infosec program, with shiny advertisements and clever sales pitches. Unfortunately, college is massively expensive in the US, and the learning environment isn’t great… Read More College and Infosec: To Degree or not to Degree?
I had a absolutely fabulous time chatting with fellow Chicagoan @HashtagLaToya (of shenomads.com) about information security careers, OPSEC, the Chicago security community, and the accuracy of the Mr. Robot TV show. I highly recommend checking out her outreach and education work!
Listen as Gary and Lesley discuss incident response, digital forensics, security engineering, security certifications, and more. Source: Show 128: Lesley Carhart Discusses Incident Response and Digital Forensics | Cigital