Navigating cybersecurity careers: Non-traditional roles to consider | Guest Paige Hanson
Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/
Paige Hanson from SecureLabs discusses identity theft management and her extensive experience as a security communicator. With nearly 20 years in consumer and digital safety, Paige shares insights on pursuing a cybersecurity career and offers guidance for those interested in non-traditional security roles. Join us to learn about the current IT job market, key certifications and strategies for entering the industry. Discover how Paige transitioned from tech interests to a leading role in cybersecurity education, and explore job opportunities beyond traditional paths.
View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/
00:00 Intro to today's episode
00:34 Free cybersecurity salary guide
01:28 Welcome Paige Hanson
01:46 Paige's background and career journey
03:23 Early interests in technology
05:02 Career at Norton LifeLock
06:52 Educating law enforcement on identity theft
10:15 Cybersecurity career opportunities beyond traditional roles
12:10 Identity theft risk management certification
17:23 Communicating cybersecurity concepts effectively
22:02 Recognizing and adapting to audience feedback
22:41 Effective communication strategies
23:42 Advice for seniors and law enforcement
25:35 Challenges and solutions in cybersecurity education
26:41 Career opportunities and getting started
35:40 Building a strong support system
39:33 Starting and growing SecureLabs
40:55 Wrap up and final thoughts
About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Transcript
[00:00:00] Chris Sienko: Today on CyberWork, Paige Hanson of SecureLabs joins me to talk about identity theft risk management and her work as a security communicator. Now Paige speaks to law enforcement classes, senior centers, and everything between and helps people make sure that they know the best cyber security practices for all of their day to day activities.
Now if this sounds like the type of work that you might want to do, Paige has some great advice for getting started right away. This is the type of job that you can pretty much do the work for free until someone hires you. Uh, which is not always the case with every security rule, but this is, uh, one of the ones you can, and you'll find out how to do so today on CyberWork.
The IT and cybersecurity job market is thriving. The Bureau of Labor Statistics predicts 377, 500 new IT jobs annually. You need skill and hustle to obtain these jobs, of course, but the good news is that cybersecurity professionals can look forward to extremely competitive salaries. That's why InfoSec has leveraged 20 years of industry experience Drawing from multiple sources to give you, cyber work listeners, an analysis of the most popular and top paying industry certifications.
You can use it to navigate your way to a good paying cyber security career.
So to get your free copy of our cyber security salary guide ebook, just click the link in the description below. It's right there near the top, just below me. You can't miss it. click the link in the description and download our free cyber security salary guide ebook.
Your cyber security journey starts here.
Now let's get the show started
[00:01:28] Chris Sienko: Welcome to this week's episode of the cyber work podcast. My guests are a cross section of cybersecurity industry thought leaders. And our goal is to help you learn about cybersecurity trends. And how those trends affect the work of InfoSec professionals, while leaving you with some tips and advice for breaking in or moving up the ladder in the cybersecurity industry.
My guest today, Paige Hanson, is a renowned authority in consumer and digital safety, with nearly 20 years of experience in identity management. As co founder of SecureLabs, Page has dedicated her career to protecting consumers and businesses from identity theft and cyber threats. She is a certified identity theft risk management specialist and holds certificate in identity leadership from the University of Texas at Austin's Center for Identity.
Page also serves as an advisory board member to ROSE, R O S E, Resources Outreach to Safeguard the Elderly. Uh, her dedication to public safety has led her to design a national identity theft training program for law enforcement in collaboration with FBI, L E D A. I don't know. Uh, this program has, has been taught in all 50 states, uh, reaching nearly 20 K law enforcement officials.
And in addition, Paige has served as a liaison for the National Organization for Victim Advocacy or NOVA, where she played an instrumental role in training thousands of victim advocates and military personnel. Page is a frequent speaker at nationwide events, raising awareness about identity theft and related issues, and her expertise has been featured in numerous media outlets.
Uh, now in cyber work, uh, solidifying her reputation as a leading voice in the field of digital safety. On a personal note, Page resides in Arizona with her husband, Uh, daughter and their boxer dog Tyson off. And for the record, Tyson's name is not her password. Good to know. Also, uh, it's about a hundred degrees here in Chicago, but I realized if you're in Arizona, I am not going to get any sympathy from you.
So, uh, Paige, uh, thanks for joining me today and welcome to cyber work.
[00:03:19] Paige Hanson: Thank you so much for having me.
[00:03:21] Chris Sienko: My pleasure. Great to talk to you. So, um, so Paige, to give our listeners a chance to get to know you and, and sort of where you started, could you tell us about your first interests in computers and tech? What was the, what was the first thing that got you excited about it?
[00:03:34] Paige Hanson: Yeah, well, you know, early on it was, uh, the exposure of, you know, the games of Oregon trail.
[00:03:40] Chris Sienko: Sure. Yeah.
[00:03:41] Paige Hanson: mean, it's just like that, you know, I remember those fondly and then there's all these, you know, computer games that you could explore your creative side, you know, making cards for people and art and, you know, all of these things. But really, um, I was really fascinated with those, but my real interest in technology developed later. So that
[00:04:00] Chris Sienko: Okay.
[00:04:00] Paige Hanson: So I, I attended a university in Iowa that every student was issued a laptop and with that you had a shared network. So that was really my first deep dive into how files and information were shared digitally.
And I was really interested in how we were doing that and saving that. And of course, you know, your first coding classes. So here I am, you know, creating the flashing banner and the,
[00:04:24] Chris Sienko: of course.
[00:04:25] Paige Hanson: that move all over. And, you know, that was super exciting back then. And
[00:04:28] Chris Sienko: Oh, yeah. Yeah.
[00:04:31] Paige Hanson: anymore.
[00:04:32] Chris Sienko: that now, you're like, this thing is 25 years old. Yeah.
[00:04:36] Paige Hanson: But I mean, that just really gave me the, the glimpse into the power of technology and how it can be used to create and communicate in new ways. And that's something that was really interesting to me,
[00:04:47] Chris Sienko: Yeah, absolutely. Now, um, I, I want to, uh, sort of jump a little forward from there because, uh, you know, I, I looked through your, your, your LinkedIn profile and looked at your career and, uh, you know, we got a good example of some, some career forensics from you here. So I want to talk first of all, I mean, a bunch of interesting things there, but I want to talk about your 15 years.
Uh, at the world famous identity protection entity known as Norton LifeLock, because this, I feel like it tells kind of its own story in terms of the way you said that you started sort of interested in tech, but it came later because like when you started in 2006, you were there in your capacity as a marketing manager and you were working in their public affairs department and managing educational programs.
Uh, but as the years progress, your title see you becoming more and more deeply entrenched in the work of identity education. From senior manager, educational programs to identity education, lead to principal education instructor, and then chief of cybersecurity education, uh, until 2022. So can you talk about that journey?
Like what were some of the pivotal moments? And am I reading that correctly? Like you, you started in kind of one place and something, it seems like something kind of got you excited and you, and you did like a strong pivot. So what was that like?
[00:05:56] Paige Hanson: right? Well, one, I was thankful to join a startup. It was just this little tiny startup
[00:06:02] Chris Sienko: Okay.
[00:06:03] Paige Hanson: employee at LifeLock. You know, it doesn't get that protection. We don't know if it's, it'll take off.
[00:06:07] Chris Sienko: Right.
[00:06:08] Paige Hanson: you know, super grateful for that opportunity. I found it a week. Into moving from Iowa to Arizona.
[00:06:14] Chris Sienko: Okay.
[00:06:15] Paige Hanson: that was pretty incredible.
I, you know, to be quite transparent, I was thankful I had a job, you
[00:06:20] Chris Sienko: Sure. Yeah. Yeah.
[00:06:21] Paige Hanson: go any, any role and, um, but it was, it quickly evolved, you know, as the company grew, um, then I transitioned more into this public affairs role. And we had a big presence from just a marketing presence in, in identity, that protection and kind of.
Um, a new, creating a new category almost.
[00:06:41] Chris Sienko: Yes.
[00:06:42] Paige Hanson: that, I mean, you probably remember, uh, the, the bold marketing campaigns and, and things like that
[00:06:47] Chris Sienko: Yeah.
[00:06:48] Paige Hanson: but as far as, as my role, it. It transitioned to be more of a spokesperson in education because we were getting as an identity theft protection company, we were getting a number of identity theft victims
[00:07:02] Chris Sienko: Mm hmm.
[00:07:04] Paige Hanson: Well, the story was very similar in a lot of these victims. And they were saying, I went to law enforcement and I wasn't able to report my issue because. With law enforcement, you just don't likely don't have the resources to say if it didn't happen in that city, they were likely not going to be able to, uh, even look into it.
[00:07:24] Chris Sienko: Especially at that time, there was not the interconnectivity that there is now, I suppose.
[00:07:28] Paige Hanson: right, right. So, um, instead of just taking that and saying, oh, you know, oh, okay.
[00:07:33] Chris Sienko: So, sorry.
[00:07:34] Paige Hanson: you know, under that direction of our CEO at the time, Todd Davis, he said, you know, let's do something about it. Let's. Let's change it for law enforcement. Let's educate them and go out and educate them on not only the crime, but how to investigate it.
So we have less, you know, not as many victims that come to us and say, I was turned away because you need that police report to identify yourself as a victim. And so I was really fortunate to be part of that program, this initial effort of educating law enforcement. So we went to all 50 States and things like that, but that's really the, the role was to go out and educate.
Educate because consumers need to know what they're doing to reduce their vulnerability, what they can do in law enforcement on the other side need education as well. So those in hand in hand, um, led to my career and kind of deepened the, the, not only the message that we would, would do out there, but then just my interest in taking technical, technical, um, kind of thoughts around cybersecurity and then And then making it so it was easy for understand Sunday standing for just the average consumer,
[00:08:39] Chris Sienko: Yeah, I wanted to ask you about that because, yeah, as you mentioned, uh, you, you know, your work involved training law enforcement in tech that, uh, you know, was not especially well known to them, as you said, in our introductory meeting. So, like, can you talk, like, yeah, can you talk about, like, how you taught them what, like, what a card skimmer looks like or how to identify fake documents and things like that?
[00:08:59] Paige Hanson: Yeah, actually, one of the most rewarding aspects of this training was the fact that we did these hands on demonstration. Yes, there was. There was technical instruction and instruction, but the hands on demo, right? was the interactive part that I really thought this class came to life. So for example, we would do a check washing demonstration.
So yes, check washing. It's still a thing. It's still around to this
[00:09:20] Chris Sienko: Sure.
[00:09:21] Paige Hanson: do a
[00:09:22] Chris Sienko: Oh, yeah. Yeah.
[00:09:23] Paige Hanson: writing checks, but it was really cool because Um, you take something like nail polish remover, which is acetone that lifts the ink of a, of a pen. And so whether you're signing an important document, whether you, um, you know, are signing a check, whatever it may be, you can actually lift that.
So I love the fact that we could do these hands on demonstrations. And to your point, one of them was skimming. So we would guess pass around the skimmers, but I would, I would get on the laptop and actually show them how you modify the track data on a credit card. So when they had. people in their community being victimized of credit card skimming or duplication of their, their credit card, they could say, actually, I know how that works.
You can easily modify this track data. It's easier than to investigate and then communicate to the victim what is happening. And then the next steps that the fact that they're a victim.
[00:10:13] Chris Sienko: Okay, yeah, that's, that's really interesting. Uh, now our discussion started when you told me about a presentation you gave to a college class on white collar crime, uh, where you discussed the breadth of career opportunities that cyber security offers beyond the usual analyst, risk manager, pen tester, engineer, which is, you know, a big part of what our podcast is about is getting people.
Interested not just in, uh, the more common cyber security roles, but also things that might appeal to people who, uh, aren't, you know, natural hackers or aren't natural, uh, tech whizzes, but still want to get involved. So can you talk, start by telling us more about the topic of your presentation in that class and, and who it was aimed at, what the, who, who were like the students and so forth.
Mm hmm.
[00:10:56] Paige Hanson: was invited by the instructor of this white collar client class. It was for the university of Arizona. So that was based in Tucson. So, um, I was a guest speaker and in this class, it was a diverse group. So you had people with the aspirations of becoming law enforcement, law, corporate security, and you know, others that, you know, like me, when I was younger, still trying to figure out their career path, you know, that's fine too, but really the goal was twofold.
So I wanted to want to educate them. On the best practices to keep their digital life safe. I mean, they're, they're all online. They're all, they had their devices right there. Some of them were on their devices during class. You know,
[00:11:30] Chris Sienko: Of course,
[00:11:31] Paige Hanson: it's just distracting,
[00:11:33] Chris Sienko: what they do. Yep. Yep.
[00:11:34] Paige Hanson: that's beside the point,
[00:11:35] Chris Sienko: That's where it is now. Yeah.
[00:11:37] Paige Hanson: but then also just to show and broaden their perspective on career opportunities within cybersecurity. So. I wanted to show them that they didn't have to go down the traditional paths of law enforcement or even the legal profession to even make a significant impact on people's lives when it came to cyber safety. They really wanted to help. There are other things that you could do. You can work for a corporate company.
You, there are roles within nonprofits or various industries that really make a critical impact on prevention in cybersecurity.
[00:12:08] Chris Sienko: Yeah, no, absolutely. I mean, uh, one of the, um, the roles you discussed was, uh, with me before was identity theft or risk management. Can you talk a little bit about that?
[00:12:18] Paige Hanson: Yeah. So what a certification that you can get. And a lot of our phone agents had this as well, which is identity theft risk management specialist. So
[00:12:29] Chris Sienko: Okay.
[00:12:29] Paige Hanson: through a course, take a test and it's all around the best practices in protecting one's identity and being a subject matter expert in that field. if you call an identity theft protection company, you want the person that you're talking to, to have gone through additional training around. Protecting your identity. You want to be a, a good advocate for not only just the product you're selling, but just in general best practices. And so that's one of the first certifications that I took, um, years ago, uh, and it still continues to be a very popular certification class is to get your feet wet and to understanding, okay, these are the things that you not only can. Do to best protect someone's identity. But then this is also, um, how you should talk about it to others as well, which I think is, is the important piece to
[00:13:19] Chris Sienko: Yeah. Yeah. What, what are, what are some of the components of, of this, this certification? What are, what are some of the things that you're learning? Like, what are, what are the, the, the sort of the most challenging parts of it? I guess.
[00:13:28] Paige Hanson: Oh, gosh, you know, Chris, I took this certification probably 15 years ago. So I've showed the best of my knowledge. I remember it being, uh, the common, simple as what is personal identifying information and,
[00:13:40] Chris Sienko: Okay. Mm hmm. Mm hmm. Mm hmm.
[00:13:42] Paige Hanson: a lot of people think, Oh, name, social security number, date of birth, that's it.
But it's, it's beyond that. It's. your pet's name. You know, recently it was national pet day.
[00:13:50] Chris Sienko: Yeah.
[00:13:50] Paige Hanson: it. And I use that in my bio that my dog's name is not my password,
[00:13:54] Chris Sienko: Mm-Hmm.
[00:13:55] Paige Hanson: the important things to them. So they, they live where they shop. Like all of this can be considered In that kind of the ecosystem of identifying information.
And so it's just really bringing that to life. So you have a better understanding. So when you're talking to people, you're not in this narrow scope of, Oh, nope. It's, it's only your name, social security number, date of birth, but it actually can be your driver's license number and your, uh,
[00:14:19] Chris Sienko: Mm-Hmm.
[00:14:19] Paige Hanson: address and, and your spouse's name, your kid's name, all of
[00:14:23] Chris Sienko: Yeah. Yeah. And I mean, I think that, I guess that that goes towards the, the, you know, I, I feel like I, some of my guests are talking about trying to move past that, but, uh, I, I suppose a lot of that connects to the, uh, the quote unquote security questions. And you know that, you know, if you're, you forget your password, they say, okay, what was the, the street you were born on?
What's your pet's name? Blah, blah, blah. Uh, and you know. People can, will harvest large swaths of this and then they can just play puzzle pieces and put passwords against these things and see what,
[00:14:54] Paige Hanson: right.
[00:14:55] Chris Sienko: what fits, right?
[00:14:56] Paige Hanson: Yeah. And, and, you know, one of the perfect place to Harvard's such information is to check someone's social media. Do you know how many surveys people take that are just these fun surveys
[00:15:05] Chris Sienko: Yes.
[00:15:06] Paige Hanson: let's play this. And, you know, you have your, your high school, your mascot, the
[00:15:10] Chris Sienko: Uh huh.
[00:15:10] Paige Hanson: first car, your first boyfriend or your girlfriend.
And it's like of that information you just gave because it was a fun little exercise to do. It's like, no,
[00:15:20] Chris Sienko: Yeah. Yeah. Yeah. Yeah. Yeah. Yeah. That's something I try to impart here too, is that like a lot of times stealing identity is a long game. Like they might just get those pieces and then they get another bunch of passwords and like another breach or something. And then like you say, I mean, it can take. You know, and I've heard other, other guests have said that they might even just wait a year because it looks, it's, you know, there's a, uh, you know, plausible deniability or, you know, it's just like, you know, it's a long game.
So, yeah, not only not sharing those things, but also keeping an eye on, on things for a long, long time afterwards, I suppose.
[00:15:54] Paige Hanson: no. And I, I agree with your guests because what do you get once there's a big data breach year of some sort of protection. So
[00:16:02] Chris Sienko: Yep. Yep.
[00:16:03] Paige Hanson: same calendar invite that reminded me or reminder that reminded me of our, our conversation is the same sort of calendar invite and reminder that they can. They can also set up and that is to
[00:16:13] Chris Sienko: A hundred percent.
[00:16:14] Paige Hanson: that it's been a year since this breach certification went out.
[00:16:16] Chris Sienko: Uh huh. It's
[00:16:18] Paige Hanson: using that personal information.
[00:16:19] Chris Sienko: time to go. Yeah, exactly. So, um, so let's, let's talk about some of these, uh, these paths and stuff. I, you know, I think your Norton lifelong journey, I mean, sort of clarifies the path of some of these unconventional security roles. And again, a lot of our listeners are coming to this podcast from other industries, whether it's a law or industry or manufacturing or education or what have you.
And, and, uh, you know, These are, you know, these all have these deep knowledges of, of communication skills and, and certain things that you can do well that can very easily sort of transition over to, uh, cybersecurity roles. So, I mean, I know we talk a lot about soft skills, uh, over here. Um, but can we. Talk about sort of like dedicated strategic communications, both inside and especially outside of security.
Cause I know that, you know, obviously, uh, your, a lot of your role is around, uh, making these ideas more communicable. And so, so tell me a little bit about that and how that, how you took that from your sort of marketing time and are able to apply it here.
[00:17:23] Paige Hanson: yeah, well, when I think of skills, I think of just one, the ability to communicate effectively is essential. And it might seem obvious, but depending on the level of your, that you're talking to in the organization, you probably know that when you're, when you're communicating to the C suite. You've got one message and when you're communicating or upstream and then you're communicating downstream, that's a, is a, maybe another message.
So the same would apply if you're talking internally, externally. So, you know, it is really important for you to just, uh, you know, whether you're dealing with complex technical topics, even easy topics is that, um, communication skills. Um, but when I, I think of strategic communications, um, I think about. For years, I was on the road communicating externally.
Every training I was doing, it was to law enforcement, victim advocates, businesses, consumers. But then when I take a look at it, our internal, I noticed that we didn't have that same sort of training opportunity internally, here we are. Yes, you had the. Citrums, they call it certified identity theft risk management specialist,
[00:18:22] Chris Sienko: Okay,
[00:18:23] Paige Hanson: for short,
[00:18:24] Chris Sienko: nice.
[00:18:24] Paige Hanson: that everything I was doing externally that wasn't being taught internally.
So what I did is I took the initiative and delivered my presentation internally. It was an elective course. Anybody could take it. I named it and branded it the Centurion program.
[00:18:40] Chris Sienko: Hmm.
[00:18:41] Paige Hanson: um, When I started to receive more technical questions, I recruited internally, a technical, more technical person, people, they wanted to see the dark web.
I knew a little bit about the dark web, but I didn't have necessarily the skill set to log onto the dark web,
[00:18:56] Chris Sienko: Yeah.
[00:18:57] Paige Hanson: show them, you know, typing. Uh, it's similar to a Google search engine, but typing in, uh, on the dark web and showing that, and that was incredibly value to valuable. Uh, and it also helped that technical person work on their public speaking skills
[00:19:11] Chris Sienko: Mm hmm.
[00:19:12] Paige Hanson: to do.
[00:19:13] Chris Sienko: Yes.
[00:19:14] Paige Hanson: this really just applies to just about anyone. So if you have a skill or a topic that you're really passionate about, bring it to your leader. offer to host a lunch and learn, offer
[00:19:27] Chris Sienko: Mm
[00:19:28] Paige Hanson: a small group. And, um, as long as you can demonstrate that it aligns to your company's goals, you'll really start developing a reputation internally that you're the subject matter expert on that. And that could leave you to external opportunities. So maybe you become, uh, opportunities like a media interview that they want to do, pitch you for a media interview, or even, you know, serving as a company spokesperson, maybe you could help the sales team sometime and show them kind of the shock and awe of what your product does, because
[00:19:57] Chris Sienko: Yeah.
[00:19:57] Paige Hanson: they know you're interested in that.
And so think, um, if it doesn't exist in your company, that's okay. Just. There might be an opportunity for it to exist by you just raising your hand and bring it to your leadership.
[00:20:09] Chris Sienko: Yeah. Yeah. I suppose so. Now, that's, that's a, that's good advice for upstream. Now going. Downstream, we're even going into sort of, um, the realm of the, you know, the, the people that you're, you're, you're helping, you know, their identity, the, the, you know, lowering the risk of their identities, like for people, senior citizens or folks that you're speaking to, like, what, what do you do to sort of change your message there?
Like how. You know, cause sometimes I know, you know, when I'm talking to my parents about technical issues, they have, like, you take for granted, you know, certain technical things that you assume they know. And they're, they just give you this done look or whatever. And you have to really like, okay, I got to go one level lower.
Like, what, what is, what has your experience been with like explaining this to, to folks in these presentations?
[00:20:53] Paige Hanson: Probably just what you described.
[00:20:55] Chris Sienko: Yeah.
[00:20:55] Paige Hanson: look and you go, okay, let's
[00:20:57] Chris Sienko: All right.
[00:20:57] Paige Hanson: up a
[00:20:58] Chris Sienko: Yeah.
[00:20:58] Paige Hanson: And that's a lot of it is trial and error. And
[00:21:01] Chris Sienko: Yes. Mm hmm.
[00:21:03] Paige Hanson: I mean, I promise you I'm a fun person to talk to, but like, I'll use a lot of my things I'm testing out on a, uh, within my friend group, or just talking, it out to kind of see what questions even My age or my peers have, and it's
[00:21:18] Chris Sienko: Mm hmm.
[00:21:19] Paige Hanson: know I'm testing it.
They'll be like, I'll say, Oh, did you guys see that USPS text message? Did you guys get that? You know,
[00:21:26] Chris Sienko: Mm hmm. Mm hmm.
[00:21:27] Paige Hanson: listen to this and be like, Oh, Paige, I know what you're doing now.
[00:21:30] Chris Sienko: Yeah. Yeah.
[00:21:31] Paige Hanson: I almost, uh, test that out or I'll talk to my parents. Uh, I had a family vacation, uh, it was with my entire dad's side this summer.
And we were talking about, uh, scams and things like that with my whole bigger family. And we're asking the younger kids what they thought. And, um, and so just kind of testing out that message. I know that maybe you don't have the opportunity to talk to a bunch of people, but I think that If you have a technical skillset, you really maybe use chat GPT, how do I scale this back?
You
[00:22:02] Chris Sienko: Yeah. Yeah. That's a good point.
[00:22:03] Paige Hanson: personally, I like to just have the conversations. If I noticed that there's kind of a glazed look, I just, I don't, I feel like maybe just a natural ability to just, Bring it one step back, but you have to recognize that you can't just
[00:22:17] Chris Sienko: Yeah.
[00:22:17] Paige Hanson: in your way and just, and saying that no, no, no, but it's the home screen, the home screen.
I don't know. You know what I
[00:22:24] Chris Sienko: Yeah. Yeah. Right. Yeah.
[00:22:28] Paige Hanson: settings button is. So it's here, go to the gear, you know, or whatever scenario you're looking at. So it's, it's really just also being just aware that who you're talking to. If you see those glazed eyes that you just got to take it a step back
[00:22:41] Chris Sienko: Do you, do you get feedback from, from like people like that in terms of like, Oh, you really helped me understand this in a way that I hadn't before. Like, do you, I mean, are you able to sort of incorporate feedback of like, Oh, you're, you know, you're talking a little over this group or whatever like that, or what's it like?
[00:22:57] Paige Hanson: Absolutely. Feedback. I mean, early on, I think you see, I don't mean, I don't know. This is for everybody, but you've somebody gives you feedback and you're like, talking about, I'm perfect. No, no.
[00:23:07] Chris Sienko: Yeah. Right. Right.
[00:23:08] Paige Hanson: you get over that real quick? You realize feedback is a gift and it's really how I've approached my career.
And I think that that's one of the reasons why I've been so successful in communicating with others about helping to protect their identity is just because Feedback is a gift. If they say, I don't understand this page, or if they say, yeah, I do like that. Let's do more of that. Then I'll go down that rabbit hole and start developing more content that way.
So it's, in my opinion, very important to seek and feedback, take that feedback and do something with it.
[00:23:42] Chris Sienko: Can you give us maybe sort of a, I mean, not, not a full presentation, but like what, what is the kind of advice that you're currently giving to seniors or to people in, in these types of classes? Like what is, what's your sort of like, you know, quickity quick checklist or whatever, of, of things that most people you're amazed they're still not doing.
[00:24:01] Paige Hanson: I would, um, I like to approach my presentations depending, asterisk, how much time I have, but
[00:24:07] Chris Sienko: Yes. Yeah.
[00:24:13] Paige Hanson: landscape. So the old school, so I talked about, uh, check washing, just old school mail theft. Putting a pot, like just really, but easy touches.
Cause it's likely in these senior communities, they're going to be the things that they're doing. Um, and then in our law enforcement training classes, a number of, most of the officers are working cases that involve mail theft, people breaking into their mailbox, check washing, and kind of these lower level old school things.
So I like to touch on those, but then I think it's also important that we talk about their connected device. Um, most of them are going to have some sort of a phone, an iPad or tablet that's connected. And just the best practices on the settings that you should do. And then the key is the why. Why does it matter?
Because at the end of the day, a lot of times convenience wins. Convenience will likely always win.
[00:25:05] Chris Sienko: Right.
[00:25:05] Paige Hanson: really getting through, uh, the why of convenience. is why you don't connect to public wifi and
[00:25:12] Chris Sienko: Yeah.
[00:25:13] Paige Hanson: your bank account.
[00:25:14] Chris Sienko: Yep.
[00:25:15] Paige Hanson: is why, and you show them why might take a little bit, depending on the group.
Um, it might take a little bit extra time because you're showing screenshots of why. Um, I personally can relate to seeing the screenshots,
[00:25:27] Chris Sienko: for sure.
[00:25:28] Paige Hanson: I'm better. It just resonates more with me. And I remember things better that way. So I like to approach my presentations that way too.
[00:25:35] Chris Sienko: Do you, do you sort of push people towards MFA or especially like facial recognition, things like that? Is that, I mean, is that making it harder, easier? Like where, where, where, where is, you know, uh, people of this sort of level of, of challenge? Where, where do things like MFA stand in terms of adoption or their ability to do so?
[00:25:52] Paige Hanson: I would say MFA is probably about 50
[00:25:56] Chris Sienko: Okay.
[00:25:57] Paige Hanson: Um, VPN, forget about it.
[00:25:59] Chris Sienko: Yeah, sure.
[00:26:00] Paige Hanson: um, not for everybody,
[00:26:02] Chris Sienko: Yep. Yep.
[00:26:03] Paige Hanson: that would be the next, because we do talk about the good, better, and best ways to connect
[00:26:08] Chris Sienko: Okay.
[00:26:09] Paige Hanson: safely. Um, so, uh, good would be like that safe, that, uh, public wifi, the better would be using your, um, data instead of connecting to the public wifi.
And then the best would be the VPN. And so, um, when you get to the VPN, it's like. Do I have to buy something extra? Is that a
[00:26:25] Chris Sienko: Mm hmm. Mm hmm.
[00:26:26] Paige Hanson: is good? You know, because there's going to be
[00:26:28] Chris Sienko: Of course.
[00:26:29] Paige Hanson: better companies than not.
[00:26:30] Chris Sienko: Yeah.
[00:26:31] Paige Hanson: where the, a lot of the, the questions happen. And so that's, you know, just breaking it down in answering those questions before they're, they're asked is, is, um, I found to be helpful.
[00:26:41] Chris Sienko: Yeah. Now, um, what, what is the job market like for the type of role that you do? Are, are, are there, is this a freelance kind of thing? You said that it seems like organizations sometimes have this kind of in house communication person, but in, in your experience, like, uh, where, where should people be looking for these types of jobs?
[00:26:59] Paige Hanson: Yeah. So. Um, I, now that I am on my own, I've started my own own business. I do go into organizations and I'm that they're outside And the majority of the people I work with are in a role. They have a cybersecurity awareness department. So that is, is a department I've worked with, uh, security analysts and a lot of times the security analysts or that team is tasked with internally, they're the ones that are host, be educating. Um, and then I've also worked with, you know, privacy teams. So that's, that,
[00:27:34] Chris Sienko: Right.
[00:27:35] Paige Hanson: roles in, in their, um, and so those are probably the three main groups or buckets that these roles exist. but I, I found the larger the company, and of course it depends on the industry. than likely, there is a department and or person in charge of educating that whether it's an event person or an internal comms person, but their, their is to bring an outside speakers. so, whether it's always security related, or if it's just. That happens to be, you know, October, they bring in the cyber security awareness month and they bring in the cyber security specialist. Um, it, it seems like that, but it seems like it's almost larger companies that those exist versus smaller companies.
[00:28:19] Chris Sienko: Yeah. Well, it's, it's interesting because as we go through each of the job roles, and you know, we have, we've gone through quite a few of them on, on our hundreds of episodes now, but, uh, you know, I'm always thinking in terms of someone who's just trying to enter the industry and, you know, the, the inevitable.
How do you get your first job without experience? How do you get experience without a job? Uh, this feels like something that you could almost do the way that you would do, like, you know, if you're young enough, like a summer job or something like that. Is this something that you think like, like, uh, you know, someone just out of college or just out of high school could sort of move in this direction, do it in their community and then be able to sort of demonstrate that to you, like a potential company that you want to work for.
[00:29:01] Paige Hanson: 100%. And that is where, what I did in, um, you know, volunteering my services is I would speak to computer clubs and churches and civic, you know, other civic groups pro bono, because, because it was a message one, I wanted to enhance my communication skills and effectiveness and communicating that, but those were the groups and kind of that. the population that needed it the most. So, Yeah. Maybe you don't go to that, that extreme, but if you're involved, you know, maybe if you do have a church or if you do have a group that you're involved with, or your kid's school or your sister or brother's school or whatever it is, that's a really good place to start. Absolutely.
[00:29:49] Chris Sienko: Can you talk about the way that you would sort of document doing the, you know, because again, it's always like, you, you know, you, you have to really sort of like catch, you know, the hiring manager with your resume or whatever, like, how would, how would you sort of show that you've been doing this? Do you recommend like having like a blog or like video channel or just explaining it in a certain way on your resume or your cover letter?
Do you, do you see any way that like seems to sort of get attention better?
[00:30:16] Paige Hanson: I, it's a, an a noisy space to break through. I
[00:30:20] Chris Sienko: Yeah. Mm-Hmm?
[00:30:22] Paige Hanson: and just even getting a job in general, and I know that's a topic you, cover a lot, but,
[00:30:26] Chris Sienko: Yeah.
[00:30:27] Paige Hanson: just being able to show something. Is it, you already use social media to showcase your accomplishments? When that's gonna be a great spot for you?
[00:30:37] Chris Sienko: Mm-Hmm.
[00:30:38] Paige Hanson: Are you working on building up your LinkedIn profile? Then start post posting on, on LinkedIn, so then
[00:30:44] Chris Sienko: There you go.
[00:30:45] Paige Hanson: Have that in the features that allow you to showcase. certain things within your profile, you know, uh, if you're a volunteer, then you can showcase the things that you've done while you volunteered.
[00:30:55] Chris Sienko: Yes.
[00:30:56] Paige Hanson: I think you, you use the, the avenue that you're wanting to build up because it's, I'd hate to say, you know, only use social media when, you know, it, you could be very effective by, you know, including a document of your presentation and, um, the. A list of all the places you've spoke at and then your, you know, top comments, you know, I've gotten, you know, nine out of 10 and
[00:31:20] Chris Sienko: Yeah,
[00:31:21] Paige Hanson: 25 speaking events, you know, or something like that, you know, that could
[00:31:24] Chris Sienko: I love it.
[00:31:25] Paige Hanson: helpful as well.
[00:31:26] Chris Sienko: Yeah. Now you mentioned some of the other sort of departments that you work with as a security communicator, like security analysts and, and you're, you're definitely working with sort of hard tech folks. And so, you know, there needs to be, in addition to an ability to communicate, you know, obviously you need to have.
Uh, sort of a core of sort of technical knowledge. I imagine you have to sort of know in and out how VPN works and stuff like that, but like, what are, what's the sort of baseline technical skills and specifications of the industry that you think are, are essential to someone who wants to do this kind of work?
[00:31:59] Paige Hanson: Well, well, from a technical aspect, you have to be wanting to learn about it. So, I mean, aside from my coding experience, I had.
[00:32:10] Chris Sienko: Mm hmm.
[00:32:11] Paige Hanson: college and maybe a dabble or two after that, you don't have to know how to code a website and
[00:32:16] Chris Sienko: Right.
[00:32:16] Paige Hanson: don't need all of the, the certifications that come along with the technical expertise that, um, are, come with, come with it. I think you have to have the, the one you really need to be wanting to help. Others. I think that's a really
[00:32:31] Chris Sienko: Mm hmm.
[00:32:32] Paige Hanson: is to help others. You have to be doing it for a reason. And that reason, I mean, at least for me, and this drives me is to help others. I truly believe that, you know, that has helped because otherwise, I mean, cause you're giving and you're giving and you're giving and you're giving.
So you have to
[00:32:46] Chris Sienko: Mm hmm. Mm hmm.
[00:32:48] Paige Hanson: to help others. And so, um, I think that's, that's super helpful is, is that, but as far as getting started, I mean, You just need to find your you like how you want to do it, you
[00:33:02] Chris Sienko: Yeah, I guess I'm saying like, like, bare minimum, I imagine you have to kind of know how, like, a man in the middle attack works. Like, you can explain that.
[00:33:09] Paige Hanson: Yes.
[00:33:10] Chris Sienko: Things like that. So, I'm like, like, there is some degree of technology. You can't just say, like, MFA, you know, or whatever, like.
[00:33:17] Paige Hanson: I 100, you know, no, you know, let's say a hundred security cybersecurity terms. And I probably know the ins and outs of probably 75 of them, but the, for the super, super technical ones, I know enough in the surface.
Okay.
[00:33:30] Chris Sienko: Yeah.
[00:33:31] Paige Hanson: In reality, that's all the consumers need to know is enough on the surface. Nobody's asking you to come, um,
[00:33:38] Chris Sienko: You're not.
[00:33:38] Paige Hanson: attack
[00:33:39] Chris Sienko: Yeah. Yeah.
[00:33:40] Paige Hanson: maybe set up a fake access wifi point and, um, start having people connect to it and show you that, you know, everything that goes along with that. Um, it's a great, it makes a great demo.
You
[00:33:51] Chris Sienko: For sure.
[00:33:52] Paige Hanson: um, and, and that's where I think your technical skills will, um, enhance over every time you start talking, because the more you follow creators, follow the speakers that you like, follow the
[00:34:04] Chris Sienko: Yeah.
[00:34:05] Paige Hanson: follow those things. Your interest naturally is going to go come into these newer technologies and these, uh, and you're going to want to know about them because people are going to want to ask about them.
[00:34:16] Chris Sienko: Yeah. Totally. Yeah. I think that, I think that's what I was kind of getting to is that you're able to do, you really need to just have enough sort of skills, targeted skills, you know, uh, that you're able to understand these things. You don't necessarily have to. Like be studying for the security plus and a, being able to set up a home network and all that kind of thing to do this kind of work, but you also don't need nothing, this is not just like grant writing or something like that.
You need to, yeah, you need to still understand the things like the exploitation methods need to make sense to you as well, I suppose.
[00:34:45] Paige Hanson: But a word of caution, just like anybody in the tech industry or cyber security industry, you will be asked to set up the home network. You
[00:34:52] Chris Sienko: Oh yeah. Oh yeah.
[00:34:53] Paige Hanson: these things. You are now going to be the advisor for all your family's devices
[00:34:57] Chris Sienko: Yep.
[00:34:58] Paige Hanson: all of that.
[00:34:59] Chris Sienko: Oh, yeah. Yeah. I was gonna say it's, uh, about about 90 days until, uh, national Parental Tech Amnesty Day, which is Thanksgiving, where we all come back to our homes and, and, and, and flick off all the, uh, switches and turn off motion smoothing on the TV and every other thing. And yeah, we're gonna make it work.
Uh, so yeah. And, and, um. Uh, yeah, so I guess before we go, um, uh, page, this has been really, uh, fascinating and I appreciate all of the, uh, career insights you've given me, but I, I want to ask you what I ask all our guests, which is what's, what's the best piece of career advice you've ever received? Is there something that someone told you once that's like been like influential, influential in your life, whether it was like a colleague or a parent or a teacher?
[00:35:40] Paige Hanson: I think, um, collectively, I would say that I've learned the value of a strong support system.
[00:35:47] Chris Sienko: Mm-Hmm.
[00:35:48] Paige Hanson: you gotta have it, you know, so whether it's family mentors, they all go in this bucket colleagues that now are friends. They have believed in me and they've also pushed me to take risk
[00:35:59] Chris Sienko: Yes.
[00:36:00] Paige Hanson: You know, there were some kind of fork in the road moments in my career at Norton LifeLock, I could go either way and I, and I pushed myself to take the risk and I'm, I'm so glad I did it.
Or now that I've started my own business. Taking the risk and, um, having that support system has has made it doable. Um, but it also, you also have to be able to embrace the challenges and step outside your comfort zone. So that is 1 of the pieces of advice. With that. Um, I've had a number of people we're pushing you, you know, but you're, when it's outside your comfort zone, of course, um, you, it feels funny, but that doesn't mean it's bad,
[00:36:37] Chris Sienko: Yeah. Right, right. Yes. I was gonna, I was gonna ask about that. Do you have any sort of thoughts on, on sort of ex exercising that muscle for people who, uh, don't necessarily, aren't, aren't gregarious, you know, inclined to just start networking with people? Like what, what did you do to sort of break the ice in that regard?
[00:36:54] Paige Hanson: well, you, you go and start a business, you're gonna have to be thrown in that
[00:36:58] Chris Sienko: Sure.
[00:36:58] Paige Hanson: real, real
[00:36:59] Chris Sienko: Uh, yeah. Yeah. Yeah.
[00:37:01] Paige Hanson: it or not, but I would start small. So if it is, um, let's say you want to start educating or you wanna start. Showcasing something internally. Let's
[00:37:11] Chris Sienko: Mm-Hmm?
[00:37:11] Paige Hanson: with in your organization. We'll start public speaking. So what does that mean? That doesn't mean sign up for a 200 person amphitheater. No, that starts your small group. Maybe for your, your, your team, you
[00:37:22] Chris Sienko: Mm-Hmm.
[00:37:24] Paige Hanson: something, and then that evolves into something Um, I also think it's a really important that to, if public speaking is your thing, or if you want to present is it's really important to record yourself.
[00:37:36] Chris Sienko: Mm-Hmm.
[00:37:37] Paige Hanson: there are things that are going to come across where you're, you're talking and you, you might be waving your hand a lot or something. I don't, I don't know if it's
[00:37:45] Chris Sienko: Oh yeah.
[00:37:46] Paige Hanson: comes off letting them, I'll tell you this and I'll, um, I have this post it. So I listened to one, this was, um, I don't know, six months back.
And I said, so almost every single they'll the question and I would say, so, you know, blah, blah, blah. So, and I noticed it. And so I created a post it and I said. We got to cut that we
[00:38:06] Chris Sienko: Mm-Hmm mm-Hmm mm-Hmm.
[00:38:07] Paige Hanson: my, I've caught myself a couple of times here that so, so, so, and it's just. That's okay. Just that's almost the feedback that I'm, you know, I'm giving myself because I will rewatch it and I'm very critical, but I want to be able to not have those distractions that come across that. And, um, and that's okay. And so that was the feedback is that, sorry, the, um, The advice was treat feedback as a gift when I
[00:38:32] Chris Sienko: Yeah. Yeah.
[00:38:33] Paige Hanson: was not treating feedback as a gift. I wasn't
[00:38:36] Chris Sienko: Mm-Hmm.
[00:38:37] Paige Hanson: so now I am, you know, that I evolved as a, as a human, just like we all do. Um, and I, and I take it as feedback as a gift. And I, I am forever grateful for that person that just sat me down and it was like feedback as a gift. You, you know, you, they're going to take it. You're going to do what you want.
But if you want to succeed here, then, um, feedback is going to be a gift. And so I really appreciate that.
[00:38:56] Chris Sienko: Yeah, yeah, it takes a sort of flipping the intention of what you're doing from this is going to make me look really good to I want to make this as the very best thing that it can be and if it once you get yourself firmly in the, you know, opinion of I want this to be the very best thing it can be, then you are practically begging for feedback.
You're like, I don't know how to make this better unless you tell me what I'm not doing correctly.
[00:39:20] Paige Hanson: that say, oh yeah, it's good. It's like, what was good about it?
[00:39:23] Chris Sienko: Yeah, yeah. Yeah. Are you just telling me that to make me stop asking you questions or do you actually think it was good? Yeah.
[00:39:30] Paige Hanson: I know,
[00:39:31] Chris Sienko: Right. So as, as, as we wrap up today, uh, Paige, can you tell our listeners about SecureLabs? That's your, your company's work you do with your, your clients here. Tell us, tell us about it.
[00:39:41] Paige Hanson: Yes, yes. So I started a company alongside two of my co founders and it's called Secure Labs. what we do is we are dedicated to helping small to medium sized businesses strengthen their cybersecurity posture. does that mean? You know, um, we're looking at the kind of the regulatory landscape. They're very complex. And so many businesses find themselves struggling with trying to navigate all of that. So that's really where we come in. So we help them build their compliance and security programs. So whether they're preparing for maybe like a SOC two ISO 27, 001 audit, um, will help them do that.
Or if they just want a gap assessment to say, you know, where our policies are all across the board, you know, we need assessments. So, um, alongside then, um, providing virtual CISO work and testing. So all of that goes just hand in hand. So we end up being an extension of their team and it's, it's really rewarding.
I'm really proud of the work that our team is doing.
[00:40:33] Chris Sienko: That's awesome. So one last question then, if our listeners want to learn more about you, Paige Hanson or about secure labs or any other things you're excited about or involved with, uh, where should they look online?
[00:40:42] Paige Hanson: Yeah, I'd love that. I'm always open to connecting with new people. I am very active on LinkedIn. And so connect with me there on LinkedIn. And then my company's website is secure labs. ai.
[00:40:54] Chris Sienko: Beautiful. All right. Well, thank you for your time and insight today, Paige. This was a lot of fun talking.
[00:40:58] Paige Hanson: Yeah, same. Thank you so much, Chris.
[00:41:00] Chris Sienko: My pleasure. And thank you to everyone who watches and listens and writing to the podcast with, oh, there's the word again, feedback. Uh, if you have any topics you'd like us to cover or guests you'd like to see on the show, drop them in the comments below.
I always read them and I do what I can to, uh, do, uh, all of them that you guys want. So, uh, before we go, of course, don't forget InfoSecInstitute. com slash free. Uh, that's the page where you can get a whole bunch of free and exclusive stuff for Cyborg listeners. Uh, you can learn more about our security awareness training series, which is called WorkBytes, a smartly scripted and hilariously acted set of videos in which a very strange office is staffed by a pirate.
A zombie, an alien, a fairy princess, a vampire, and others, and navigate their way through age old struggles of yore, whether it's not clicking on the treasure map someone just emailed you, making sure your nocturnal vampiric accounting work at the hotel is VPN secured, or realizing that even if you have a face as recognizable as the office's terrifying IT guy, Boneslicer, Boneslicer, Boneslicer.
We still can't buzz you in without your key card. Anyway, go to the site, check out the trailer. It's I love it. It's it's, it makes my day. So, uh, also don't forget to go over there and download our free cybersecurity talent development ebook. You'll find our in depth training plans and strategies for the 12 most common security roles, including SOC analyst, pen tester, cloud security engineer, information, risk analyst, privacy manager, and more.
One more time, infosecinstitute. com slash free. And yes, the link is in the description below one more time. Thank you so much to Paige Hanson and thank you all for watching and listening. This is Chris Senko signing off until next time. Keep learning, keep developing, and don't forget to have a little fun along the way.
Bye for now.
Subscribe to podcast
How does your salary stack up?
Ever wonder how much a career in cybersecurity pays? We crunched the numbers for the most popular roles and certifications. Download the 2024 Cybersecurity Salary Guide to learn more.
Weekly career advice
Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Booz Allen Hamilton, CompTIA, Google, IBM, Veracode and others to discuss the latest cybersecurity workforce trends.
Q&As with industry pros
Have a question about your cybersecurity career? Join our special Cyber Work Live episodes for a Q&A with industry leaders. Get your career questions answered, connect with other industry professionals and take your career to the next level.
Level up your skills
Hack your way to success with career tips from cybersecurity experts. Get concise, actionable advice in each episode — from acing your first certification exam to building a world-class enterprise cybersecurity culture.