In this episode of the Abricto Security Podcast, we meet with Chris Mitchiner, Executive Director for Cyber at the University of North Georgia. Cornel and Chris discuss the value of earning a degree in Cyber, how to stand out from the competition when landing your first role, and what private companies can do to make an impact in the Cyber community. Other questions we'll explore include:

• What can students do outside the classroom to prepare themselves for careers in Cyber? 
• What is UNG doing differently to better prepare its Cyber students?
• Why should students opt for UNG's Cyber program as opposed to self-study?
• What certifications are UNG's Cyber students able to earn while still in school?
• How is UNG helping to bridge the gender gap in Cyber?

In this episode, we meet the young and emerging star in cybersecurity, 5pider. We explore a new Command and Control framework by the name of Havoc. This is a powerful and flexible architecture that is capable of huge scalability. Havoc is open-source and is being used by nation-state threat actors. 

• How does someone so young get into cybersecurity creating C2s and malware? 
• What is it like creating modern malware avoiding detection? 
• Where does the inspiration for Havoc come from? 
• What are the future plans for Havoc? 
• How does it feel to know nation-states are using your framework as a standard C2 in their arsenal? 
• How can vulnerable services like Log4J be identified when a zero-day vulnerability drops?

In this episode, we meet with David Levine, Vice President, Executive Partner at Forrester and former CISO at Ricoh USA. In this discussion we dive into the world of risk management. Specifically, David explains how he was responsible for protecting Ricoh’s assets and what approaches he used to accomplish that goal. Some questions we answered include:

• How do large companies track and manage the risk of their internet-facing digital footprint? 
• What are some data privacy and ownership concerns companies should be considering when moving to the cloud? 
• What is the root cause for the majority of cloud breaches? 
• What are the pros and cons of running a bug bounty program in-house? 
• How can vulnerable services like Log4J be identified when a zero-day vulnerability drops?