Originally streamed on Infosec.live and shared here with their approval, Simon and Josh share their unconventional cybersecurity journeys and advice on breaking in, overcoming imposter syndrome, the cyber skills gap, and new career developments.
Guest: Simon Linstead, Founder, Infosec.live
On LinkedIn | https://www.linkedin.com/in/simon-l-aaa1a1208/
Host: Josh Mason
On ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/joshua-mason
______________________
Episode Sponsors
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network
______________________
Episode Introduction
Originally streamed on Infosec.live and shared here with their approval, Simon and Josh share their unconventional cybersecurity journeys and advice on breaking in, overcoming imposter syndrome, the cyber skills gap, and new career developments.
They discuss their unusual career paths into the industry, with Josh detailing his Air Force pilot background and Simon recounting how he rebuilt his life after bankruptcy.
Both share valuable insights on beating imposter syndrome and negativity through self-reflection, mindfulness, pushing comfort zones cautiously, and not forcing yourself to be someone you're not.
On the cyber skills gap, they advocate demonstrating skills rather than formal experience, being inquisitive, and networking. They also reveal promising recent career progress, with Simon taking on investment to grow his InfoSec Live community globally and Josh working on new training courses since his company's acquisition.
______________________
Resources
Entering Cyber the Wrong Way: Play to Your Strengths (Original livestream): https://www.youtube.com/watch?v=PGgt1Fy7uDE
______________________
For more podcast stories from Loops and Lifecycles Podcast with Josh Mason, visit: https://www.itspmagazine.com/loops-and-lifecycles-podcast
Watch the webcast version on-demand on YouTube: (coming soon)
Simon Linstead: [00:00:00] Happy Cyber Friday. A massive welcome to all of you. 7, 922 I think now subscribers, channel members, LinkedIn viewers, and of course, first time watchers. So what's going to be a thoroughly entertaining and we hope very insightful session. I'm joined today by one of the people I first had a call with in the industry back in 2021 when I was looking to break in.
And I can honestly say. It was this person's motivation and support that gave me the drive and belief to build the amazing InfoSec Live community and effectively be standing where I am today. And that's right. Today we have as a guest, the man, the legend that is. Josh Mason, and we're going to be discussing our unconventional journeys and taking your questions all the way through this session.
But before we bring him on, and for those that are new to the channel, my name is Simon Linstead. I'm the founder of the InfoSecLife community. And by sharing stories and best practices, we have had over 130, 000 views here on YouTube over the last few months. Thanks to all of you amazing subscribers. And for those that haven't subscribed yet, [00:01:00] And once obviously who do enjoy our content, please do take a moment to hit that subscribe button and ring the bell to be notified of all of our future shows.
And let's not forget, as I mentioned, this is all started with the global info sick life community, which is now sitting at 5, 554 strong growing fast every day where we have study groups, mentor sessions. Regular networking events, all to help you raise your game in cyber security and with a brand new leadership focused channel, encouraging collaboration and knowledge sharing launched a couple of weeks ago.
And it would be remiss of me not to mention our awesome community driven in person leadership events in both the UK and the U S with 25 dates being released next week for 2024, please do check out our events page for more information. And if you're in the UK, our next events are in London on the 5th, 6th.
And 7th of December to coincide with Black Hat Europe. The link for all this and our community site will be in the event description here on YouTube. And a quick thank you to our latest channel members, Marianne Louise Nimmo and Carlos Guerrero. Your [00:02:00] support is massively appreciated. And if anyone watching would like to support the community, we do have three tiers of membership options available right here on this channel.
But whether you join or not. Being here and engaging with our content is what matters. So if you're watching this live, please do subscribe. We want these events to be interactive. So make sure you drop any questions in the chat and seeing as I'm 50 next year, please mark them with a Q just to make sure that I can see them and we'll do our best to cover them all throughout the show.
You'll be pleased to know Simon's rambling intro is over. It's time for the main event. Let's bring Josh on
Josh Mason: Here we go, hey mate man, you really know how
Simon Linstead: to make me um
Josh Mason: A little embarrassed. You're amazing.
Simon Linstead: The thing is, it's not like I'm blowing smoke up your ass either. It's, it's a genuine comment. I mean, we [00:03:00] met, um, I think I've been working with, with Ben, maybe started working, doing some sales for pen testing, but I'd gone from failing my OSCP a few months before and thinking there was no place for me in the industry to being a little bit disillusioned with selling.
Which is what I got my first job doing. And, and for that reason, I've done sales on my life and the whole, my whole desire to come into the industry was my love of tech and to try and do something different. So when I realized I was crap at being a pen tester, I took, I took a bit of a knock and you were the first person I spoke to after that point.
And you've built my confidence up massively. I know, and I know from people I've spoke to in the community, I'm not the only one. So a massive thank you for that.
Josh Mason: Thank you. Thank you. Um, I, I looked it up. Um, I was like, I'm pretty sure we like booked a whole, there was like a thing. So I know I've got a calendar invite.
So I looked it up. It was April of 2021. [00:04:00] Um, and yeah, I very much remember like hearing your story, hearing about that. And my first take was, that's perfectly fine, because I was having a crap time trying to get a job as a pen tester. Actually, right around that time, um, I had finished, 2021, was I going to EJ?
Uh, yeah, I was working on going to INE to be teaching, um, that would have happened a few months later. But, yeah, I was still working my first civilian job. I was working on OSCP, um, and I think at that time I was working on passing EJPT.
Simon Linstead: I think you were. Yeah. Yeah. I remember that as well. And did you pass EJPT?
Oh yeah. Yeah, of course you did. Yeah, not like my OSCP attempt, right? Well,
Josh Mason: EJPT, [00:05:00] and then But it was different, it was less trick you, um, and then I turned right around and got hired to build the next version of it. So, yeah, that was alright. So,
Simon Linstead: um, before we dig in, I suppose, to both of our journeys since we've hit the industry.
I'm not going to bore the audience with my story because most of the people watching this have heard it a million times before, but a lot of my viewers won't have heard yours. So do you mind just telling everyone a bit about your background? No problem.
Josh Mason: Um, uh, I know Kerry and James, uh, and Michael know my story, but yeah, for anyone else who, who doesn't, uh, who hasn't been around, um, I, Started my adult career as a, uh, or my adult life as a pilot in the U.
S. Air Force. So, um, out of high school, went to the Air Force Academy, and unlike a lot of people who wanted to become pilots, I had never been at the controls of a plane before I got to the Academy. So, [00:06:00] by the time I graduated, I had soloed a glider, I had soloed a Cessna, I had jumped out of a plane five times without anyone else, and pulled my own parachute as I got.
A couple, uh, jump wings. Um, now I've got type rating in a beach jet, type rating in, uh, two types of, uh, C 130s. I've flown in Africa, all over Asia, Europe, North America, Central America. I
Simon Linstead: can remember the C 130 conversation because the week before we had our call. We live in a rural location in Norfolk here in the UK, and for those in the US and those in the UK watching, you'll know there's a lot of US military bases around that part, and we had a C 130 on manoeuvres about, it looked like it was 50 yards above my head, I'm sure it was slightly higher than that, but I remember having a conversation with you, and I think you told me that they flew by line of sight on those operations.
Oh yeah. Oh,
Josh Mason: actually. Uh, 2019, um, like January or [00:07:00] February, 2019, I was out in England in the UK at Mildenhall Air Force Base and actually got a ride on one of those. Yeah, it was like, uh, We took off at 10 at night and landed at like 3 in the morning. Um, it was wicked awesome. Uh, it was with the special operations folks that are out there.
Um, I never got to fly in special operations. By that time I had to patrol for cyber and com and was teaching. And so I was out there to teach a course and was like, Hey, could I fly with you guys tonight? And they're like, Yeah, you're not crew. You're just gonna be passenger. I was like, yeah, like, I won't touch anything.
Like, I don't have a flight suit. They're like, you don't need one. I was like, excellent. Let's have fun. I got to throw the sandbag out the back. So that was like, scared the crap out of me. Um, because we're over
Simon Linstead: the water. Did you feel like you were going with it?
Josh Mason: Yes. Um, because we're like, no kidding, like 50 feet.
It's pitch black out. Um. Everything is [00:08:00] like the green NBG lights inside. I've got a strap to like the, the ground inside the plane going around me, like a big climbing harness. I'll like it around my shoulders. That way I don't fall out like on the ground. I got with a load master and set it so I could like lean out the door.
But not any further I'm also scared of heights in the front. I'm fine in the back. I was like, oh my god, I better Why do you
Simon Linstead: think you're fine in the front and not the back is it a control?
Josh Mason: I never get that feeling I Like fear of heights Doesn't make any sense to me It's like I get like top of a building top of a ladder on top of the plane I've done that a few times and you just get a little bit of vertigo.
You're just like, oh, I don't like the feeling I can't explain it, it just, it happens, but yeah, no, in the cockpit, or like, in a passenger seat, or even walking around inside the plane, fine. It's just like if I'm working on like, uh, [00:09:00] Clearing stuff out of the gutters, or doing work on the roof, Or like putting up Christmas lights, or Yeah, I walked around on top of the plane sometimes for some stuff, Like the wind blows, and you're just like, Whoa!
Ho ho ho! Like
Simon Linstead: I don't like this feeling. Just laying flat on the floor
Josh Mason: like this. Just like Spider Man, like, you know, Wait, okay, I'm good.
Simon Linstead: So talk, talk to me about, um, talk to me about when you left. Service. What happened next from that? So, yeah,
Josh Mason: uh, we were just talking about, uh, Stefan, but it was this time, uh, 2019.
I was getting out of the air force. Uh, I didn't have enough experience in cyber. And so I didn't promote to the next gig, which they brought me into cyber. So because they needed people as a major or in lieutenant colonel in cyber, they're like, Oh, you're about to become that. We'll put you over here in cyber.
And then once they got there, they're like, I don't have enough experience to be in that position. Well, , whatever you want to do. Air Force, like , I've learned, I have no control [00:10:00] over this anymore at all. So like, just ride the wave. Um, I was like, excellent, I'll get out. I've got my MBA, I know how to do some stuff.
I know how to work with some people. Um, I'm gonna go work and grab like a project manager job, get my PMP like easy. Um, and then ran into step and he is like, no, you're not doing that. like, you know, cyber like, can you do this? I was like, yeah. It's like, can you do that? I was like, sure. He's like, learn this stuff.
Like, okay. He's like, here, can you do a buffer workflow? I was like, I could do that. Damn it. Okay. Let me find you a job in cyber. Got a job teaching because I had been teaching at the special operations school. And, uh, yeah, it wasn't that hard. Ironically, now I'm, right now I'm building out courseware. That like I learned how to and I taught while I was at the Defense Cybercrime Center cyber training academy in my first job three and a half years ago.
So right back around to [00:11:00] building out the courseware that I used to teach for a new client.
Simon Linstead: Let's talk about that. Let's talk about the transferable skills that you've brought from your service because there'll be a lot of people watching this who may be about to transition or they're going to transition.
What would your what would your advice be to them?
Josh Mason: Uh, it's going to be the same, the same advice I gave you is if, if you are starting your career, you're starting your, uh, out as, uh, you know, 17, 18, early twenties, you don't know anything, you haven't done much, um, no matter where you go, you're going to have to like start somewhere and prove yourself and do some stuff.
That's just how the world seems to work. And like, you can like knock into some stuff and get. Go places real fast real far if you want. Um, It's gonna be hard to sell yourself as anything other than entry level though You could if you have the stuff and this is where we get into if you [00:12:00] have transferable skills if you've done anything man, maybe you did four years of working at fast food and Now that you're you know Out of school or whatnot.
And you want to go and work in cybersecurity. It's like, okay, were you a manager? Did you work scheduling? Did you work budgets? Did you work manpower? Do you know how to lead people? Do you know how to lead a team? Then I don't really want you to, I want you to learn the stuff to be, if you want to get into like the sock, learning the stuff to be a sock one, thinking about like, I'm going to be here for six months until I can prove to someone that I can be a sock three.
And lead the whole team, um, because that's the part that's really hard to teach. I can't teach that at school. I can't teach someone to be a leader, to come up with crazy ideas and see them all the way through. But you and I had like the points in our careers where we've
Simon Linstead: been like crazy ideas between us,
Josh Mason: right?
I've been training. I've been, I've been a safety [00:13:00] officer. Um, I've held so many different roles in the air force on top of being a pilot or being just a cyber officer. That you get, it's like, Hey, there's this thing that we're going to do. I want to see it through. It's like, okay, I've both been trained and have done that.
Take an idea through fruition all the way to it executes. And then how do we get better at it? It's just, I can't teach that. I've just done it for 20 years of my life. I did it when I was a boy scout. Um, so it's.
Simon Linstead: Have you seen Prashant's comment in the chat? He said, so it's not a case of making McDonald's fries and then becoming a CISO then?
Josh Mason: No, no, um, if you do, I really want to interview you. If you can make that jump, like, I would love to have a chat. I can't promise it's going to work that way. I, I kind of want to use that to like lean into your, uh, like your [00:14:00] background. I know everyone might know it, but I also like to turn the tables on these.
I'm a horrible guest. I prefer to be a host.
Simon Linstead: I prefer to be a host, which is why I just asked questions. Um, I won't give, I won't give the whole long drawn out story because I'm 50 next year and we'll be here all night. But I am. I was adopted as a kid, and there's a reason for telling you this. Adopted as a young child, my adopted parents sent me to private school.
And two of my loves there were, one, computers. And funnily enough, I've got my first computer box sitting down next to me here, because I've been taking some pictures of it. So that was my, that was my kind of passion at school, as was swimming. I used to swim at a national level when I was about 16. But my mum and dad Split up when I was 13 and when I was at private school, I was the poor kid bear So my adopted parents didn't have a lot of money They sacrificed a lot to send me there and I think that formed my ideas of [00:15:00] success from quite a young age being financial so Left the private education when my parents split up got thrown to the local state school Didn't go terribly well.
I was a posh kid who'd done kickboxing for a number of years, got kicked on, fought back, and got in a lot of trouble, and ended up leaving school at 16 with no real exams, and went straight into selling mobile phones when they were this big. Did that for a while, then sold frozen fish out the back of a van, sold double glazing home improvements, and then when I was 21, a friend of mine went on holiday to the Canary Islands, a place called Tenerife.
I went with them, they came home after a week and I stayed there for, I think it was about three and a half years, set up a boat party, a booze cruise where we chartered mock pirate galleons three times a week. And I had teams of sellers on little twisty mopeds riding around and harassing tourists. So did that for a while.
Then the girl I met over there, who I knew for four weeks, fell pregnant. [00:16:00] We came home and I had to get a real job. I'd spent all my money. , the only job I could get was in a call center for, it was a, a large insurance company here in the UK called Norridge Union or Aviva. Mm-Hmm. as they are now. And that launched me into seeing that financial advisors and investment brokers earned money back to this driver again.
So I decided to sit some exams and cut. Long story short, after six months, I got a job at a Canadian firm, sun Life Financial of Canada as a trainee consultant, and that launched me into a 22 year career in financial services. The last 10 of which I founded the first fee charging, um, independent financial advisory practice in East Anglia here in the UK.
It grew exponentially and as it was growing and there's, this is the relevance. I went from doing a job I loved, which is this talking to people, helping people to running a business, dealing with staff problems. Um, I lost focus a little [00:17:00] bit. I had everything I wanted. Sports cars, Range Rovers, boats, all this stuff.
I was still miserable. I was super stressed and I made the decision in 2015 to buy another business for a few million, which was a complete vanity purchase. And that basically set me on the path of self destruction. So from then on I was juggling money, trying to find money every month. Started drinking more and more.
Got remarried. I had three children at the time. My wife fell pregnant and we had a little girl. Mum was diagnosed with Parkinson's six months later. I'm still trying to juggle these payments. And then my wife tells me she's pregnant with twins and I had a breakdown and I'm not just a small one, um, a really big one.
And we went from multimillionaires to bankrupt or I did. I bankrupted myself and the business and my family back in 2019. And we went from living the life of luxury to eating out of food banks. My wife kicked me out, uh, lived in a caravan for some time. And that for me was the point where I had to take a real look at myself and work out what I was going to [00:18:00] do next.
So the first thing was to stop drinking and I've now been clean since October 2019. Um, after I'd done that, it was then about getting this right, which meditation helped. Buddhism became a big part of my life without going into too much detail. Um, living in a caravan in the middle of the countryside is quite therapeutic as well because it puts you back in touch with nature, which is another part that I think really helped.
But when my wife invited me back home, she said, okay, well, what are you going to do now? I said, well, I don't want my own business again. Ironically, um, I want to do something either that I've got a passion for. Or I'm going to be a painter and decorator. I'm going to get a van, go to work, come home and forget about it.
And I found a website called Cybrary back in 2019, which told me along with a load of other misinformed information on the internet, that if I studied really hard for six months, I could become the world's best pen tester and wear a hoodie every day for work and be really cool. And that culminated in, [00:19:00] well, a year's worth of very intensive ADHD focused study.
Um, I got an interview with a company called F Secure for a junior Pentester role. And the first 10 minutes went really well, um, until he started asking me about networking. And my knowledge was clearly a little bit lacking. So again, not knowing anything about the industry, I said to him, what do I need to do to get a job with you?
And he said, pass OSCP. So at this point, I haven't got any contacts in the industry. I don't know anyone who works in the industry. So I borrowed money from family. To pay out for lab time and for exams, which finished up with me failing it absolutely miserably in October, 2020, at that point, I'd helped my wife set up a virtual assistant business just as the pandemic hit and use kind of my sales and marketing experience to get that off the ground.
And it was paying the bills. So my wife said to me at that point, look, you're happy, you're interested in cyber. Why [00:20:00] don't you do a part time degree, help me with my business. And we'll just carry on. Keep feeding the birds in the, in the garden. Simon, there's a good boy. Carry on being balanced and normal again.
Life is all good. So I did that. A little bit of wind knocked out of my sails. I've got to be honest, because I was kind of set on being a pen tester. Not that I really knew what that
Josh Mason: was, Josh, if I'm perfectly
Simon Linstead: honest. Same. Yeah. I was helping her by marketing the business and I put together like a sales funnel that was built on a community site and I was social engineering effectively.
I was pretending to be my 12 year younger, more attractive wife on Facebook to sell her video marketing services, introduced myself to a pen tester who'd worked at the NCC group for 10 years. He'd left and he set up his own business. He'd been ripped off by every. Sales funnel, expert LinkedIn, social media guru.
There is, um, that lands in your inbox on a daily basis. And I worked with him for free for three months to put him in, put him together a [00:21:00] sales and marketing plan, do some competitive analysis and work out how we could take his mark, his, his proposition forward. Um, and in the end he gave me a job. Um, I implemented the processes for him, it became successful, but I think at the point where we spoke, I'd built his processes out, the business was coming in, and I felt a little bit like I'd turned into one of these people who had been ripping him off before because he didn't really need me anymore, but he was still paying me.
So at that point, my mum had a really bad turn one afternoon. And what I would have done before is gone to the drinks cabinet and got a bottle of scotch out and nicked it, but I hadn't drunk. So I, I got a bit insular and locked myself in my office. And since I've been working with Ben, I'd stopped, my wife had stopped working.
So we'd sort of wound up her virtual assistant company because I was working again and I was looking through all the stuff on my laptop. And I found that site that I built, that community platform site as a sales funnel. And I spoke to a few people in the industry who were struggling with soft skills, [00:22:00] communication, et cetera.
So that afternoon I thought up a name, which was InfoSec Live, registered the domain, designed a logo, and threw up some soft skills training and stuff on that website. And I suppose the rest is history really. We're now, it's kind of blown up and we'll move on later to where it's blown up to. But the last two and a half years since launching that, we've helped dozens of people get jobs for free.
It's, you know, continues to be free. And it's turned my life around because it's enabled me to meet a lot of amazing people and off the back of that, I had to look at a way of monetizing it and getting some money from it without charging people in there. So the YouTube channel was born this channel, which we monetized last year through sponsorship with rapid seven.
I think it was no name security before that. And then this year we've, we've launched, as I said, at the start, a series of in person leadership events in the UK and us, which have absolutely blown up. With 25 to go next year. [00:23:00] And if we hadn't have had that conversation on the 21st of April, none of this would have happened.
Josh Mason: And see, that's, that's one of the pieces that like, I feel like I should get no credit because you were already doing this thing. Basically, all I told you to do is don't try to be an entry level pen tester. And I think, I think that's what, is that all you were kind of waiting for is for someone to be like, Why can't I just like, why can't I get hired into one of these entry level jobs?
And I've been watching the chat and someone mentioned the, like, the, the failures that we have in this industry, just in like, you can't get an entry level sock job without two years experience. And how are you going to get that experience until you get an entry level sock job and that, like that loop of you gotta get the stink on you in order to like be okay in like, you know, the crowd.
Um, [00:24:00] Right.
Simon Linstead: And I think it's important, it's also important to say that what my opinion or my perception of what a pen tester did and what a pen tester actually does for a job, going back to what I did in financial services, a lot of my role was report writing or checking reports for clients, you know, risk management, a lot of risk assessment, but it was a lot of paperwork and that was the thing I hated the most.
Out of it. So if, had I've known how much paperwork and report writing there was involved and I couldn't just sit there with my hood up trying to hack people's shit. Yeah. I might've done something different.
Josh Mason: What's funny is anytime I've looked at getting a role as a pen tester and I've talked with my wife about it, she's like, didn't you say you didn't want to do this because it's all just report writing?
I was like. Oh, yeah, that's right.
Um, which is funny coming full circle, uh, [00:25:00] so events and the community, like the things that spurred you into doing that, that you've enjoyed about doing that. Is that from past experience? Is that just something that felt fresh and new and like.
Simon Linstead: I say no. Um, I suppose it is the one thing I've been very good at throughout my whole career is identifying opportunities and spotting things that need fixing or improving.
And I think coming into this industry with over over probably 30 years business experience, it became clear that there were quite a few areas within it that could do with a little bit of improvement. And one of them was. The nonsense that spouted about how easy it is to break in if you do our course, um, so for me and my experience that I had through no one's fault, but my own, I'd like to add, there was no nefarious bootcamp provider who coerced [00:26:00] me into spending money on OSCP.
It was me, but I'd seen a lot of people and spoke to a lot of people who I think were being preyed on, whether they were transitioning from the military, um, whether they were transitioning from different careers. And I've always been one. I mean, I got suspended from school six times for fighting and five out of those six times it was for sticking up for someone who was being picked on.
So for me, I've always felt the need to try and help people. Um, it wasn't until I lost everything and started to do some volunteer work in a charity shop that I realized how much better it made you feel about yourself. So again, no such thing as altruism, perhaps because. It's back to the Buddhism thing, the trying to help people, the karma, that's what changed my life.
And I've basically been, I should say this live, should I? I've basically been trying to make up for being a complete arrogant prick. For a [00:27:00] long time who was really self-centered and just worried about how much shiny stuff he could own. That's the honest answer. Yeah. Yeah. Guilt.
Josh Mason: Yeah. For you, it's How come, how come are you suddenly
Simon Linstead: interviewing me, by the
Josh Mason: way?
It's, uh, stoicism. So like the idea of, uh, momentum and the obstacles, the way that, yeah. What, uh, what causes our pain or what causes like. The thing that's going to propel us forward is the thing that's in our way right now. Like the, what you decide to spend your time digging into is going to pay off in the end.
The building the community, building that network. I mean, right here, Jess Bishop says like, he, you spend two years bugging the crap out of people with questions. That's how you get that two years of experience. And that's because Um, I mean, around that same time, I'm pretty sure is when I met Jess, [00:28:00] uh, when we first met and because at that point, I don't know, I was sitting down with a lot of people being like, I've seen.
So many students and so many people come through who are trying to break in and run into this question, run into that question It's like here's all these free resources. Here's all this free stuff Just
Simon Linstead: ironically
Josh Mason: We should catch up And, um, there's, there's other ways. Uh, the, the term hacker comes from the MIT, uh, uh, model, uh, railroad club, like way back in the day, and it's just fabricators.
And I,
Simon Linstead: one of the things I like
Josh Mason: doing, I was actually doing earlier today. I watch people do like blacksmithing and knife smithing and like just. Uh, and little engineering stuff on like a mill and like power hammers and on a lathe. Uh, I'm actually been watching, uh, Blondie Hacks. She's been building out a model rail, [00:29:00] like steam engine.
She's, uh, yeah, in Canada. Um, but, uh, that idea of so much of what they have to do is try to find a way to get there. Like this can be done. We're scaling it. We're doing something weird. We're doing something different. Um. Do I need to make, like, do I need to try and try and try and break something and be like, okay, don't do that.
Uh, look around and find out what other people are doing as well as, uh, kind of lean into the, maybe if I build a jig, maybe if I build something that will make this easier and more repeatable, or like, I don't have a thing that cuts in this direction, but what I could do is take my piece, put it on like a block of wood and turn that, then push that through my bandsaw.
It's like, I could do that.
Simon Linstead: I'd lose a
Josh Mason: finger if I tried to do that one. Right, me too. That's why I watch it. I've got a table saw. I do sketchy stuff on it. [00:30:00] But, uh, We try to, that's, that's, that's the real hacking, is there's something we want to get to. There's something that we are, and that ability to drive to, towards
Simon Linstead: that.
And, and the pivot, the ability to pivot, and identify the points of pivot as well. Exactly. And I think, um, I, I just want to Bring up this comment. Let me move you to the top because people say, what's your motivation for doing things? This, this is my motivation for doing things. It's not financial because I'm poorer now than I probably have been for most of my adult life, but happier.
It's Prashant's comment here. You know, being part of the InfoSec community has helped me remain positive whilst going through my own challenges in finding work. So kudos for getting this community going. That's what drives me every day is seeing other people succeed. And the difficulty has been working out how to have a career doing that without becoming one of these, and I'm not going to name [00:31:00] names here, um, what shall I,
Josh Mason: I
Simon Linstead: don't want to come one of these people who say, who, um, you can, you can pay for advice on how to break in to the industry, because I think.
For me, there's enough barriers as it is for entry. There is enough free content to get you started. You definitely have to pay out for stuff to get properly educated, my opinion, but I think there's an awful lot you can do before you start parting with money. And I probably should have studied for at least 18 months before even starting to look at getting into cybersecurity because whilst it's always been my passion.
The last time I coded anything before 2019 was basic on that bloody ZX Spectrum down there. So, although I'd always had a love of it, and should I admit that I was pirating films before anyone else was and burning them on tape? I don't know. Um, and when I [00:32:00] had my own business and we had an MSP who did all of our computer stuff, it was still me who, if there was a problem, wanted to get my hands on the keyboard.
But I confused my passion and love for that for a skill. Yeah. And I think it was the conversation with you that started off me thinking about how my existing skills, what I've learned already, can perhaps work in this industry.
Josh Mason: Exactly. Exactly. Jess, I love, uh, I'll give it to you, Dana. When I was like, my daughter's age, uh, I made a very, very simple text game on QBasic.
So I, I know what you mean. I edited that a while. Um, yeah, it's leaning on those, like, the skills that you can't teach. Because the things that you can teach, again, you can learn fairly easily, right? [00:33:00] And if you're at
Simon Linstead: the point where you've got nothing Yeah, it's, it's tricky.
Josh Mason: If you want to get a video on it, but like, um, there's better ways of using your time that's, and that's often what it really comes down to is, uh, I've got a whole bunch of leaves, like I'm surrounded, I'm in very wooded area here.
Um, and so like my yard, my driveway just look horrendous cause there's tons and tons of leaves and, um. W talking with a wife, I got a bid for someone said they'd do all the leaves, remove everything. We're on an acre, so remove everything for like 600 bucks. I was like, that's a lot. That's a, that's a lot
Like I, I'm gonna do it myself. But it is one of those things where you decide to have the conversation, if it was gonna be 50 bucks or a hundred, maybe $200. Like for someone to go and do all [00:34:00] that there's other things I could do I could waste it like a saturday and a sunday doing that because I might actually have some fun like with a leaf blower and stuff but like
Simon Linstead: Two if it's anything it's anything like me with a pressure washer.
It's fun. Yeah five minutes
Josh Mason: Yeah, to a point, I'll do it for a day, you know, it's like, that's all the stuff I'm returning this to my buddy and I'm don't want to pressure wash for a while. Yeah, exactly. Um, if I really, really cared and it was worth the value, I would have someone else do it for me to learn how to become really, really skilled at getting a shell back on like this one.
That's not going to end up paying dividends because the job then that I'm really skilled at makes. Money that isn't enough to meet my bills, and like, prep anything going forward. And for like me and you, if you maxed out the, like what you can do as a [00:35:00] pen tester full time, there's jobs that I could do with the skills I have that are going to make more.
And it's, I don't love it enough to take the page up, uh, because there's other things that I could do that. I do enjoy this building out a community, selling things, demoing things, explaining and training. Is what I like to do, and I have found out that there is actually a market for that. Be it sales engineering, or leadership, or building out training.
And there's certain skills that I've got that I didn't know were rare. And the ability to take someone's idea and be like, okay, give me three hours of your time. We're gonna do this over like three or four, like, meetings. And I'm gonna have, be able to then go from there with what we've talked about. And they'll do 120 slides?
They'll do a whole slide
Simon Linstead: deck? I think, um, I think your other [00:36:00] superpower, it's, it's one that I think I've got as well that we've got in common, is the ability to connect people. Yes. Because that, that in itself, for anyone out there watching who's also good at that, Who knew there was very few people who could do it?
Because I didn't.
Josh Mason: Based off the books, it seems like other people should be able to do it? It does. Like one of my, my favorite book is how to win friends and influence people. Yeah, that's a funny book. Yeah. Uh, I thought it was just that I haven't picked up those skills because I'll, I'll share my senior year of high school.
I didn't like hang out with people at lunch. I was on the wrestling team. I had been in band. I was in Boy Scouts. Uh, I was on the track team at lunch. I didn't go and hang out with people because I was not like that sort of connector. Um, and Ed's in here now and he's [00:37:00] probably like, that doesn't sound like Josh.
Simon Linstead: Um, but it's the, it's the connecting the dots, isn't it? The Steve Jobs speech where everything you do throughout your life then forms who you are at that point. And I think we both, we've both reached that point or it feels like it recently where things are starting to feel like it. Yeah.
Josh Mason: Uh, like a week ago it was getting there.
And then this week has this just been like the wildest freaking week? It's of
Simon Linstead: the year. Look, let's, let's leave a spoiler there because I, I,
Josh Mason: you wanna tease,
Simon Linstead: do you wanna tease some things? Yeah, I want, I want us to finish on, on that because we've both had massive changes, positive changes the last few weeks, but before we do that, we did say that we'd answer some questions and I've kind of blanked them all the way through.
So. I've saved a few and I'm going to bring them up one by one if that's okay with you. So Prashant first, um, how many years experience is needed for an entry level role? And does one need CISSP, CISM, CISP, CEH, et cetera for an [00:38:00] entry level role? I think that might be a bit tongue in cheek because Prashant's been in the industry for a long time, but he's also looking for work and finding it a little bit frustrating at the moment.
Josh Mason: I'll say it's, um, it's hard. No, it's a hard period. Um, One of the reasons I went out on my own is because trying to find a job doing the things that I wanted to do at the pay that I wanted, that I felt I deserved, um, uh, was not looking great. And I was like, and Stefan convinced me that I could just, I'd be able to make it on my own, um, which ended up working.
Simon Linstead: So I just, I better just give a shout out to Stefan actually, because it was Stefan's recommendation where I got this camera set up from. Um, and he, he again is someone else who empowers other people because when I spoke to him and this is, this is completely relevant to another question. I'm just going to skip over yours, Carrie, but I'm going to come back to it, which is this one, [00:39:00] which is from both your journeys and challenges.
What would you say to yourself to help beat imposter complex? I've had that so much and people say to me, it's all right for you. You're confident and you're this. You know, I'll be open and vulnerable here. I tried to kill myself back in 2019. That's how vulnerable I was back then because I was in such a mess.
And I had to crawl back from that point and rebuild my confidence. And I think my advice would be baby steps to build that up. Putting yourself out of your comfort zone a little bit every day. And start to believe in yourself and start to focus on the things you know you're good at. And start positively reinforcing that in your head before you do anything else without wanting to get to self help book here.
Yeah. I think the whole positive visualization thing definitely works. What about you, John? It's
Josh Mason: huge. And, uh, sitting and being able to think about your thoughts is a huge thing. Mindfulness, [00:40:00] um, being able to identify your feelings. Uh, it's something that I've been trying to teach my. My six and eight year old, their whole lives in that process.
I've also been trying to figure out my feelings as I'm having them. Um, uh, I mean, the reason I'm not a pilot anymore is this time. Um, I was just thinking about this a couple of weeks ago because it was the anniversary, the eight year anniversary, um, of my last flight in, uh, my last, yeah, flight at the controls of a us air force aircraft.
It was a drone. I was at drone school. So it was my wife. And she was getting sick. We had a four month old and we were looking at a job that, uh, the, the life style of drone pilots and of dual military drone pilots sucks. And I was like, I can't do this. Like I'm going to lose my family or I'm going to lose like my mind or like we're going to get divorced because I'm.
Once we get there, I'm not going to ever see them all. You either be at work or she'll be at work or [00:41:00] yeah. Um, and so I was thinking of, uh, of self harm as a way of like given getting out of it and I was like, Ooh, that scares the crap out of me more than anything else. Um, and so that's, that began the whole process of me no longer being a pilot.
Um, not necessarily by my choice. I tried to get back into a cockpit job. That wasn't going to suck as much. Um, It all works out in the wash, so, um, it's that, but it is that the thing that really helped me to like, with my anxiety, with my parenting, with, uh, with that, with, um, imposter syndrome is sitting and being like, what am I feeling?
Why am I feeling this way? And is that logically true? Like, am I in a place that I shouldn't be? No, no, I've done a lot. Like I know a lot of things I've done everything that I've done has not been handed to me. [00:42:00] Everything has been like earned and It hasn't been easier for me possibly because I'm a white dude in the US possibly but that's different than overall it I'm one of seven boys, uh, seven sons.
My parents are not rich. Uh, I knew there was not going to be money
Simon Linstead: for college. So I know why they're not rich. Yeah,
Josh Mason: right. Um, and I was like, that's why I went to the Air Force Academy. I wanted to be a pilot and, uh, I didn't have any, any money for school. I was like, I don't want to go into debt. So I'll go to the Air Force Academy.
It'll suck. It'll be hard. Um, it doesn't cost me anything. Um, but it'll get me to be in a pilot and it's going to be a lot of hard, hard work. Um, and it was, and it worked, but
Simon Linstead: I think the thing is though, you, you've, you've shown what not everyone does, which is the commitment and consistency. And I think that's what so much of it is, man, having the drive, the drive to do it and being able to self motivate is super important, but going [00:43:00] back to the negative thoughts.
One thing I didn't mention in my kind of brief story of my background is the fact that I was diagnosed with ADHD just after I'd had a breakdown. Um, it helped me really understand why I've got like a titanium arm from coming off fast motorbikes and bones missing from my hip from other stupid inactivities that I've done.
And, you know, despite never served, I've still jumped out of an airplane several times with a parachute on the back for no reason other than I've always used thrills, right? Yeah. Risk. And that led me because I've been addicted to alcohol. When I went to the doctors in, I mean, I don't know what it's like in the U.
S., but I think it's similar, but not as similar. The first thing they tried to give me was tablets when I said what I was going through. And I, I nearly threw the table over in that office because I was like, I've just sat here for an hour and told you what I've gone through. The fact I've been clean for nine months, I'm [00:44:00] asking for some help.
I need to talk to someone. I don't need tablets. It's kind of how I felt. So it's flippant comment was, well, try meditation then. And I sort of left there thinking, but I tell you what, it's changed my life. Same, same. It's changed my life because it helps you learn. I'm not going to say I don't still have negative thoughts and I don't still have days where my head's up my backside and I struggle because I think that's part of having ADHD.
But what I can do now is analyze those thoughts, not try and shut them out, but just let them be there, but appreciate them for what they are. Just negative thoughts. It's going to get better in a day or two. It's
Josh Mason: so true. Uh, yeah. Uh, one of my friends mentioned, um, well, we're sure I'm sharing someone else's story.
They went through PT. Uh, they saw something really dramatic when they were in the service. They've got PTSD from it and it made them [00:45:00] change how they view humanity and what they felt like they're capable of because they saw themselves as a good person, but then they had this thought that, you know what, if I ever ran into the person that did this or that, like I would be able to do this horrific thing that I saw, um, overseas and they're like, oh, am I capable of that?
Does that mean that I'm a bad person? And for me, I think that we're all just human beings. You're not a good person or a bad person until you like, Um, so what you choose to do with your time and your actions is what spells out whether you're a good or bad person, not your thoughts, not anything else.
Simon Linstead: Yeah. Yeah. There's a reason why we can't read other people's minds all day because we wouldn't ever see anyone ever again.
Josh Mason: Yeah.
Simon Linstead: Um, back, back to these questions because I'm conscious of time. I could talk to you for hours. I know, I
Josh Mason: know. Um, I was, I was fine. If this ran for like two [00:46:00] hours, just do like a
Simon Linstead: therapy session for me, I've got to be honest.
Um, from Demetrius, what are your thoughts on the potential evolution of the cybersecurity skill set over the next few years, particularly in light of advancements in AI? And how do you play to plan to stay current with these changes whilst he rubs his hands in glee?
Josh Mason: There are things in the works dealing with exactly that. One of the things I've wanted to do ever since I met you, ever since I met, uh, this community and understood kind of the issues that we face of, it just sucks to try to get in and be in. And like, how do you find real skills or like, do you go to a place and do 10 months and pay 20 grand and end up with like no certs and not hireable?
Um, there's solutions for that. And there's like, there's cheap stuff. But what I really want is to build out,[00:47:00]
take on what you built out as a community, take on that connecting tissue, like not have to rely on recruiters because we take the people, we train them and then we have the job. And if we don't have the job, we have the people elsewhere who have the job edging.
Simon Linstead: We're edging forwards on this spoiler edging forwards.
Josh Mason: There's some really freaking amazing stuff.
Simon Linstead: So I think, I think just, just to stay next year, so just, just to stay on that. Um, and back to, I suppose, one of the biggest frustrations I saw when coming into the industry is the fact that the whole hiring process, and this is a technical term here in the UK, it's fucked and it's fucked.
Because of the expectations that are being mismanaged on both sides and the fact that there's cookie cutter training for people to do that will make them a cyber expert when in reality, every organization has a different tech stack. Every organization has different processes and a different [00:48:00] reason for being effective.
This is going to affect it. And for me, having having six children, but one of them, my 18 year old is doing an apprenticeship. Funny enough with the firm who I got my first job when I moved back in the UK with Aviva. Um, and I've watched his journey with what they've been doing with him and how they're molding and growing him.
And this is what everyone needs to be doing. But the problem is not every company is the same size as Aviva with the same resources as Aviva and the same budget as Aviva. But I think as a community and with the skillset you have and the people that you've got and the connections we've got, then the next couple of years are going to be super exciting because I'm hoping that we can start to change.
The way people come into the industry. Stop there. Spoiler. Back to the last question. And then we'll come back to the changes that we've had just over the last few weeks.
Josh Mason: I wish I could just hand out NDAs and be like, here, you want to hear something cool? [00:49:00] I know.
Simon Linstead: Um, there's, there's two Kishen's up first, which is question for stock analyst roles.
They're asking for experience of two years. And how can you get that experience if you can't get a job in the field?
Josh Mason: Ooh, HS Bishop, um, meet people and show the skills that you have. So there are so many different tech stacks, but the skills themselves are specific. Um, how to land and take off a plane like doesn't change.
It's what the air speeds are, what the controls are in that plane and what the feel is. That's what's going to be different. And there's a difference between bringing new. And being like skilled in that, but at the same time, I'm at the point, if I walk up to someone who like has a plane, I showed them all my stuff and told them, they'd take me up and they'd give me a, like, they'd show me and give me a shot at landing that thing because they're like, this guy's landed thousands of times.
Now, I might not have landed that plane, but at that, you know, [00:50:00] there's trust there that I've done this thing. So, if you've got Wazza, if you've got, if you've done, uh, like the security blue team, blue team level one, if you've done less, less defense, and if you can show that you get it, it's not just like, I wouldn't just show up and be like, Hey, I've got this stuff, let me play your plane.
You know, we'd have to like discuss some things and talk about some things. And maybe like, I'd have to like do some demonstration here and there before. Then you're like, yeah, let's go up to like 2000 feet and pretend like we're landing. Okay, we're not actually getting anywhere close to the ground, but cool.
You can hold airspeed, you can hold altitude, you can do all these things. You make all the radio, okay, you know what? You've shown me that I can trust you to like fly this thing. And then I can actually take over, but. You know, you got to be able to show those things. So if you pull like a Jess Bishop and you put out a blog about like, this is how you would find this recent ABT based off this TALOS report with these IOCs.
Let me walk you through [00:51:00] that process. Like, how would I take this alert and figure out if it's real or if it's
Simon Linstead: a false? You stupid!
Josh Mason: Yeah, I mean, that's how, that's how I've gotten my jobs is I just, you know what, I'm going to show people how to do this thing and people go, you know how to get this, come do that over here.
Literally
showed up, shown I can teach and I can talk about cyber, which got me my job teaching cyber. There's,
Simon Linstead: there's one rule I've lived by my whole life, which is, it's kind of loosely taken from Sun Tzu's, um, of war, but it's, it's all about adding value or giving value first and putting yourself in the driving position.
So if you can demonstrate that you can add values to that organization or to a person, you will win. And it might not be overnight and it's taken both you and I a little bit of time to get to the point where we have the last few weeks, but by giving that knowledge away effectively and genuinely trying to help [00:52:00] other people and share that.
Has a massive impact. And I think Jess has made a really good comment as well about having a diverse network. Don't be afraid to approach people as well. You're intimidated by, I was super intimidated by this guy. He's an ex pilot from the military in the U S I live in a little village in the UK. It was like, wow, I ran downstairs to tell my wife, you're not going to believe that I spoke to this guy was this, and this guy was that, but we're all just fucking people, right?
That's that's, that's who we are. And we're all, most of us are approachable. I think, I mean, there are some who are approachable, but at a cost, but you know, we're not those people.
Josh Mason: The joy I've learned and like it, uh, just, you should probably, you got tired of me, hearing me talk about this a wild west, but your ability to like, if you can, will meet people and talk to them, especially in this community, like they're happy to talk and meet you.
And like, if you put in an ounce, they'll put in like a pound. Um, and. It's wild, like how much people [00:53:00] want to help each other. It, it kind of makes sense when you get down to it. Security is helping the company in ways that like we might not get any kudos. We might not get any, any bonuses from it, but it's essential.
It's crucial. It's
Simon Linstead: the mindset that people in the industry, that inquisitiveness, that desire to help and that desire to protect. And I think. That's the biggest shock for me coming out of financial services where everyone's in it for themselves, right? Um, I never knew anything like this industry existed.
It's it's phenomenal. It really is Wow last question before Give a really brief five minute overview of how excited we are for the next for the next year This is a really relevant one for you from blue arms any tips advice I'm thinking on starting or creating a course training Do have some ideas, but I've never got the point to start my idea.
Well, I've, I've never really done training apart from many courses, but my advice before Josh takes over is just start
Josh Mason: Yeah. [00:54:00] Put down, uh, you started the end. So I, I like to brainstorm initially. Just get all the ideas out. If you can record it with a transcription, uh, if there's so many services that'll just record and transcribe what you're saying.
Your phones will now Good. Talk about all the things that you want, put that in chat, GPT or BARD or whatever and be like, Hey, what, what, if all out of all this, what is this course? And like, what are the, like the main points out of it? Then sit there with that, with whatever it spits out and be like, is that what I want to teach people and figure out what should they be able to do at the end of it?
From there, you can be like, okay, well, how do you get to that? That's how you build out your like lesson projects. What do you got to stack up? And then, okay, if we've written all that down, what do we want people to do? What's the outcome going to be? And how do we get there? Like, there's your outline fill in the blanks with the specifics.
You've got a course
Simon Linstead: it's and a quick and a quick offer for you here. So if you're not a member of the InfoSecLive [00:55:00] community, we have got to learn an LMS system, um, to build out courses in that community. And Joe Wells, I'm not sure if he's in the chat. He's recently built out the community, uh, how to Python course.
I've built out soft skills and goal setting courses. Another member, Richard Blakemore. Uh, zero to cyber pro course. They're all free to give people access. If you want to practice, um, blue arms, you're more than welcome to have your own little mini course in the community for free, if you want to try building it out and, and see what feedback you get the off the offers there.
And it is for anyone, anyone who wants to do that, because that's the whole point of the community is giving people those opportunities, opportunities to progress. Um, I've helped
Josh Mason: just do stuff. I know James has built out some stuff. Uh, when another one of my interns has done stuff, Brayden got his job because he started putting out some videos and some blogs and some worksheets, like did it for a couple of months.
And now he's the deputy director of cybersecurity for, uh, in, in [00:56:00] DC. So
Simon Linstead: what would, what would your advice be for James? Because James, again, people say this to me, yo, it's all right for you. You're confident. Well, again, back in 2019, I couldn't even go in a supermarket. because I couldn't bear to be around people.
So for me, it was about taking baby steps and putting myself outside my comfort zone a tiny bit each day, but never too much where I felt so uncomfortable it made me feel sick. So there's a, there's a kind of balance, isn't there?
Josh Mason: Yeah, I don't, I don't believe you should have to force yourself to not be yourself.
Oh, so I recently found out I'm autistic. Um, like in the last month. And, yeah, uh, and I've learned about masking, like, I'm really good at it. That's why I bet no one would know or no one would believe me if I said I'm autistic. I never would have said that, no. Except for my friends who are autistic who are like, you're such an autistic child.
[00:57:00] It's fine. Uh, very good friend. If they see this, um, I love you, by the way. Um, and, uh, baby steps. If you want to get to a place where you're not at now, you got to figure out the baby steps to get you there. And if you need tools, if you need help, if you need like professional help to get you there, um, my anxiety was about the life I was about to go into led me to have some horrible thoughts and I had to get professional help with, and I knew I needed that.
I was like, that's what. Triggered everything is out. I called someone who was like, Hey, I need to set up a session because of this and they're like Explain what's going on. I told him way too much Now I tell everyone way too much, but I told him way
Simon Linstead: too much and today he
Josh Mason: freaked out. Yeah Because I was freaking out but [00:58:00] we eventually had set up sessions and I learned skills and Yeah, we got to that place.
So if it's something, if it's a hurdle that you got to get over, there's ways that we can get you there. You don't have to like go cold turkey. You don't have to dive
Simon Linstead: into the deep end. I love the most. What you said is, is not trying to make yourself to be someone that you're not. Yeah. That I think that that's, that's crucial, isn't it?
Um, we're, we're way over time and I'm conscious that we haven't given any kind of information on what's happening. So I'm going to throw it over to you. Okay. As to what's happened, what's happened in your world the last few weeks, and then I'll finish it off on mine and then we'll wrap it up and we'll leave a teaser for part two in a week or two, yeah?
Josh Mason: I'll share what I'm allowed to share. Because there's a lot of stuff that's now back up in the air that's quite amazing if it comes through. Um, I, uh, Mason SC has been acquired by Arbiter Security. I'm teaming up with Pete Hay and a few others. [00:59:00] Um, again, I didn't get my script on what I'm allowed to share.
But I am allowed to share that. And we're building out courseware right now, um, for the DoD again, stuff that I, I used to teach and we're building it out on a new platform, doing really cool stuff, um, and that might bear some more fruit, but we're going to, I'm also building out leadership training. I'm going to, uh, cool.
If I share this real fast and tease what I've been working on all day. This is a Miro board. This is the Cyber Defense Matrix by Sunil Yu Sunil,
Simon Linstead: I've got the book here somewhere. Yeah.
Josh Mason: Yeah. I've got the e-book. It's a free download, by the way. Is it? I got matrix copy signed here from San, you just gotta send Sunil your email address and you get it downloaded.
Wow. But it's, uh, and this is been built out. This is legitimately stolen from Step and . Uh, but he's cool with it. , he sent it to me. Uh, but I am making that. It's all the different NIST CSF, um, areas as well as [01:00:00] devices, applications, networks, data, and users. And it's this matrix of what do you have in place, where do you want to be, and then coming up with this plan of how are you going to get there.
Or is this a gap and are you going to accept that risk? Is this a gap and you want to try to find some mitigations or put walls around somewhere else? Uh, but Overall that tied with, I just with Jason Dion and Kip Boyle at Accolade Cyber built out a course on NIST CSF and Kip's CRMAP, the Cyber Risk Management Action Plan, um, which is in his book, uh, Fire Doesn't Innovate.
He explains it all there, um, but Accolade has now built out a certification both on NIST CSF. And on how to implement and utilize a CR map. And so that, along with the cyber defense matrix, what I know [01:01:00] from getting my MBA and leading cyber teams in the military and meeting other CISOs and BCISOs, um, we're building out a whole course on how to become a cyber leader.
Uh, the, think of an executive MBA, but for cyber. No, it's not a CISP. No, it's not going to be everything to all people, but, uh, if the SEC is going to make it so every private company, you know, public company has to know things about cybersecurity, we're going to make it as possible, you know, as accessible as possible for that.
And, uh, speaking of a bunch of, uh, executives in C suites. What have you been up to, Simon? What have you got going on this year? Oh, it's
Simon Linstead: something you should mention that, Josh, and thank you for passing that over. So, I suppose I should just, um, frame this a little bit. Ever since we've met, we've been dying to collaborate and do stuff together.
So much so. But, both of us have been steering our own ships for some time. Two and a half years [01:02:00] now of being for the SetLive community. Lots of help from people in the community who've come and gone. People who've stuck around, which I'm ever thankful for. But, the last year in particular, Especially with the in person events and the YouTube channel.
Things have got to the point where I was at capacity as to what I could do. Although I'd found a job that I absolutely love, which is hosting these events. And that is what I absolutely love. So, for me I was happy doing that. But, as the years gone on, and I've got a waiting list of vendors now wanting to sponsor these events.
The one thing I've learned from destroying everything in my life a few years ago and being that arrogant prick is that I'm not actually good at everything. And one of my biggest downfalls before was thinking that I was, I could do everything. And this time I've, I've been offered lots of offers and investment over the last 12 months from different companies who I felt would take away the true ethos of the [01:03:00] community.
So I haven't. I've gone ahead with it and it's left me in some pretty sticky financial situations over the last 12 months, which my wife and kids have supported me through thoroughly. However, through a chance meeting, um, through my personal trainer at the gym, as of two weeks ago, I've accepted an investment and I now have a strategic director on board with me full time, a graphic designer team of, um, ad specialists and business strategists.
lawyers, accountants, and all sorts of stuff. So, in the last 14 days, I've gone from running my own diary and running around chasing my tail constantly every day, trying to just survive, to being worked like a dog by my new director. Good to see you, Ben. And I've loved every minute of it, because whilst I'm really good at building relationships and spotting opportunities, I'm shit at following them through and having any strategy.
So I'm so excited because our [01:04:00] plans are, well, we've got 25 events for a start plan next year, which two reasons, one, I love doing them and I want to travel around more of the U. S. and the U. K. And secondly, it's going to fund, I think, what we want to do for the community. And a big part of what we want to provide for the community is everything you and I have been talking about today, which is access, not just to, for talent to be developed.
So over the next year, we're going to be working really closely with people like you and hopefully Stefan to build out a multifaceted InfoSec Live community that's going to try and address lots of different problems. And one of the things I haven't mentioned is the whole vendor leader debacle when it comes to sales.
So like you with the training. The only thing I've ever done or ever known anything about is sales. So I'm working with some leaders in the security space to put together some sales training for vendors and some [01:05:00] training for sales team and marketing teams to get on better and also some training for sales management to hopefully be able to motivate their teams a bit better with the intention to have a segregated vendor community, providing access to leaders, access to pitches if they want to do them to leaders and lots of training.
So. Yeah, I think, um, I think for both of us, it feels like the stars have aligned a little bit the last few weeks and we're finally going to start doing some work together that we can't talk about potentially next year. Yeah. So I've told you absolutely nothing really, but I've told you as much as I can.
Josh Mason: But hopefully we've teased out a little more. Um, yeah. No, while we've been talking here, I got a homework assignment from, uh, My future CMO, um,
Simon Linstead: uh,
Josh Mason: seeing what you were just, what you were saying and I've worked with him before and he's amazing. Um, [01:06:00] uh,
Simon Linstead: yeah, I think, um, I think what, what we should do is, well, let me just say this for a start.
So one of the things I'm going to be doing moving forward is offering other people to host shows on the InfoSec live channel. Now we've got so many subscribers and such great viewers like we have tuning in today. And Josh is going to be our first victim. I mean, volunteer for doing that. Um, and if there's anyone else out there who fancies having their own show, there's no charge.
There'll be someone in the background doing all the button pressing for you. Probably not me because I'm a bit crap at that. All the production will be done by us. All the promotion on LinkedIn and YouTube will be done by us as well. We just want to try and give people a voice in the community. And I think over the last two and a half years, we've built up quite a good platform for that.
So reach out if you're interested. Who was it that said that
Josh Mason: they, uh, wanted to make courses? This could be a great platform for that. If you want to work
Simon Linstead: on that, let me know. If that's a real name or not. But if you do, for anyone who [01:07:00] hasn't joined the community, and if you're putting, um, a join request in for the community today, you do need a picture, and you do need your real name to join, because our, the safety of our members is super important.
It doesn't have to be, if you don't want to put your actual picture on, A cartoon image of yourself is absolutely fine, but we are quite strict on the fact that it's a community full of real people, not bots, and we don't want people to feel threatened. So if you're coming in to join, please make sure you've got that headshot.
Um, Christopher Young's asked, Are you looking for someone to host a routine regular show or a one off? Both is the answer. I would like, um, content going live every day on this channel. And the only way that's going to happen is if we get people in for regular shows and for one offs. So, yeah, absolutely open to that.
I've been rambling now for a while. Any closing remarks, Josh, get on with your homework from your CMO and I go and eat the rest of my birthday chocolates that are in the fridge with my name on. Yeah.
Josh Mason: Um, no, it's just, this is a great [01:08:00] community. And, uh, if you, if there was any questions that didn't get covered today, I'm on LinkedIn, Josh Mason.
Uh, And feel free to reach out and ask any questions. Yes, definitely. Um, the whole purpose of this is to do exactly this. I want to spur people on. Um, uh, I, I'd rather be the, that person that, you know what, this person gave me a kick in the butt. This person helped me. This person answered the question. Then, um, uh, if I'm known as the guy that helped other people get into something rather than like the guy who's great, they were amazing at this or that, like, Oh my gosh, that's so fulfilling.
That's, it's, uh, it's the sort of thing that it's the reason why I want to keep doing it. Yeah. When I saw Justin get a job, when I saw Brady get a job, when I saw this work for you, like, oh my gosh, it empowered me so much more. Uh, I love it. It's what I like
Simon Linstead: the most about this. Let me [01:09:00] finish off by saying a massive thank you to you for everything you've done for me.
Um, especially on the support and the, I suppose we could say counselling sessions we've had over the time since we've known each other. If anyone's looking for counseling, Josh is awesome at that. Um, so, so do reach out for counseling or cyber security support. And again, if, if, um, if someone just wants to chat, I can't advise you how to get into the industry.
My route in is pretty unusual and pretty unique, but I think you'll find for more people you speak to in the industry, there's a lot of people like that. Um, it's just about finding, finding your own path. But what I am very good at is motivating people. So if you feel like you need a bit of motivation, Send me a message in the community.
I've got a calendar link that I can share with you where we can get 15 minutes, 20 minutes for a chat once a week if you want it. So the offer's there and I've allocated some time. Josh Mason, thank you so much for coming on the show. Um, everyone who's tuned in, thank you so, so much and enjoy the rest of, I think it's a holiday weekend over there for you guys and girls, isn't it?
Yep. [01:10:00] Not here. So, although, um, we are off to pick up a puppy. I'll finish with that on Sunday. Yeah. My dog passed away earlier this week and we live in a pretty rural location. Now I'm telling all the burglars our fears and my wife doesn't want to be on her own without a dog. So we're going to get a tiny little puppy.
There's a cross between a bull Mastiff and a cane Corso, which is going to grow to about 12 stone in weight, I think by the time it gets big. So it should be good. Are
Josh Mason: you going to post pictures on InfoCycle later? Of course I will. Okay. Yeah.
Simon Linstead: Good, good. Yeah. Josh, thank you, my friends. And we'll catch up next week.
And again, everyone else, thank you so much for tuning in. Hope to see you all again soon. See ya.