Hack Red Con 2024
-
Beyond Patching and Scanning: Building a Robust Vulnerability Management Program
Nick BerrieDone
-
The Hitchhiker's Guide to Cyber Insurance
Jonathan VanSchaackDone
-
Hacking your CISO!
Scott StantonDone
-
The CISO's Myopia
Jordan BonaguraDone
-
CISO Panel
Done
-
Securing Derby 150
Jason PaytonDone
-
Reframing the “Success” of an Offensive Test: Taking a Risk-Based Approach
Celina StewartDone
-
More Tools Won't Solve Your Problem
Jordan SilvaDone
-
Social engineering the social engineers, you suck at buying software.
David GirvinDone
-
The New Era of Social Engineering: AI, Deep Fakes, and the Dark Web.
Seth BowlingDone
Josh Mason is the Director of Cyber Training at Arbitr, bringing a rich background in both military and civilian cybersecurity education. A former combat pilot and cyber warfare officer in the United States Air Force, Josh has taught at the US Air Force Special Operations School and the DoD Cyber Crime Center's Cyber Training Academy. He also co-authors the Penetration Testing Student program and the eLearnSecurity Junior Penetration Tester (eJPTv2) exam.
In addition to his military experience, Josh has excelled in sales engineering, consulting, and program development in the cybersecurity industry. He is a technical editor for various industry publications and a dedicated advocate for empowering individuals to pursue careers in cybersecurity. Josh is also the founder of several non-profit organizations.
In the realm of cybersecurity, one of the most critical yet often overlooked skills is the ability to communicate effectively with business stakeholders. My talk, "Making Friends and Influencing People," is designed to bridge this gap and ensure that our vital cybersecurity messages resonate with those who make business decisions.
I've been a pilot and cyberwarfare officer in the Air Force and identified these communication failures first-hand, As a consultant and project manager for a pentesting firm, I have honed an approach for translating cybersecurity information into business-relevant language. In this talk, I will share actionable strategies for cybersecurity professionals to improve their communication by leveraging open-source intelligence about the business, its leadership, and its public-facing documents.
Key highlights of my presentation include:
1. **Business Examples**: Demonstrating how real-world business scenarios can be used to frame cybersecurity needs in a language that business leaders understand and value.
2. **Open-Source Intelligence**: Utilizing information from the company’s investor page, SEC filings, public statements, and social media to tailor cybersecurity messages that align with the company’s strategic priorities.
3. **Crafting Effective Messages**: Techniques to transform technical cybersecurity reports into compelling narratives that highlight their importance to the business’s success and risk management.
By focusing on these areas, my goal is to empower cybersecurity professionals to create impactful, business-centric communications that drive action and support from leadership.