EP 61: Skills-based Certification and Training with John Strand
- S2E61
- 37:46
- January 7th 2022
https://www.yourcyberpath.com/61
In this episode, we talked with John Strand (Founder of Black Hills Information Security and Antisyphon InfoSec Training) about the importance of skills-based certification and training. John’s goal is the provide world-class skills-based training to everyone at an affordable price using a unique pay-what-you-can model.
Skills-based certification is different from traditional certifications in that they do not use multiple-choice exams to test your knowledge of the material and instead require candidates to prove their knowledge through real-world, work-related exercises. These skill-based certification courses are short in duration and extremely hands-on in nature.
During this discussion, we explain the differences between ANSI-based certifications and non-ANSI certifications. The importance of certifications in general to the hiring managers and human resources teams is also discussed because large organizations rely on these ANSI-based certifications. Smaller organizations, though, like Black Hills Information Security who has under 100 employees, don’t necessarily rely on certifications to find qualified candidates.
Cyber deception was also discussed, which is a way of setting up honey tokens in your domain servers to identify hackers, attackers, and penetration testers when they try to break into your system. John provides three quick tips to implement cyber deception in your network today!
What You’ll Learn
· The importance of skills-based certifications
· The difference between ANSI and non-ANSI certifications
· How to use honeytokens and canary tokens to detect an attacker quickly
Relevant Websites For This Episode
· Black Hills Information Security (https://www.blackhillsinfosec.com)
· Antisyphon Training (https://www.antisyphontraining.com)
· Canary Tokens (https://canarytokens.org)
· Try Hack Me (https://tryhackme.com)
· Hack the Box (https://www.hackthebox.com)
· Holiday Hack Challenges (https://www.holidayhackchallenge.com)
Your Cyber Path: How to Get Your Dream Cybersecurity Job
The Your Cyber Path podcast is designed to help you find out what it takes to get your dream cybersecurity job (from the hiring managers' perspective). After all, it is the hiring manager you need to impress in order to land your dream role. Stop wondering what the hiring manager is thinking, and learn first hand from our team of professional cybersecurity hiring managers who can help you cut through the process and understand what it takes to get hired these days.
Meet the Hosts
Jason Dion is a former college professor and the lead instructor at Dion Training Solutions. He has multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), CySA+, Security+, Network+, A+, PRINCE2 Practitioner, and ITIL. With networking experience dating back to 1992, Jason has been a network engineer, Deputy Director of a Network Operations Center, and an Information Systems Officer for large organizations around the globe.
Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015 after 7 years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs, where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!