Infosecleaders Professional Development Workshop Today at Black Hat

August 4, 2011

From my three days in Las Vegas, I am clear about one thing – there is an increasing demand for quality information security professionals and companies are having a very difficult time attracting Information Security professional to their teams.

On the surface, that should be great news.  However, with choices come decisions.    With decisions come mistakes.   It is our goal at Infosecleaders, to provide you with information and frameworks, to minimize your risks, and maximize your rewards!

Thanks to Jeff, Ping, and the folks  at Black Hat, today we have a platform to do this.

This afternoon, at the Black Hat Briefings in the Florentine Room – Mike and I are going to share our collected data on InfoSec Certifications (The Value of Cert Survey), help you beat out your competition for the “Good Jobs”  (Second Place Sucks),  provide you with a road map for developing your “future skills” (Infosec Leader of the Future), shed insight into the real world of hiring, recruiting, and interviewing  (The Other Side of The Desk), and  provide an open forum for you to ask your Information Security Career Questions (Career Advice Tuesday – Live – (in Vegas, it is always someone’s Tuesday).

Schedule- Florentine Room

1:45 – 3PM – Value of Certification Results & Second Place Sucks

3:15 – 4:45PM – InfoSec Leader of the Future & Other Side of the Desk

4:45 – 6PM – Career Advice Tuesday Live  and Predictions for the Future

We hope that if you are attending Black Hat, you choose to spend some of your afternoon with us, and take something away from the conference that you can apply to your professional growth and career development.

Look forward to seeing you,

Lee and Mike

Posted by lee | Filed Under Compensation, Interviewing, Position Selection, Presentation, Recruiting, Security Industry, Survey | 1 Comment 

“Value of InfoSec Certification Survey” – Results Preview Featured in Dark Reading

July 28, 2011

Last year at RSA, we launched the “Value of Info Sec Certification” Survey.

A preview of the results are featured in today’s issue of Dark Reading, in an article by Kelly Jackson Higgins.

On Thursday, August 4th, at 1:45 PM PST,  as the first part of our Professional Development Workshop at Black Hat, we are going to announce the full results.

We were very happy to receive 1349 respondents to the survey, and from reviewing the background of the respondents we find it to be a very good sampling of the Information Security industry:

2/3 of the respondents have worked in information security for more than 6 years

25% of the respondents have worked in the industry for more than 12 years

1000 of our respondents either hold or have held an information security certification  (Yes, exactly 1000)

699 of the respondents hold or have held the CISSP  (667 current/ 32 no longer)

50% percent of the respondents earn 100K or more

35% have a long term career goal of becoming a CISO or CSO, an additional 10% aspire to be a CTO or CIO – (Competition should remain fierce for these roles!)

25% of the respondents said that they had a Written Career Plan – (which means that we are making progress)

These results are just the tip of the iceberg – you will have to come to our session at Black Hat if you want the full release.   Anyone who is not in attendance at the conference and would like a copy of the results after the conference, you can sign up at Infosecleaders – Research – shortly after the release.

A special thanks to all of those who participated.  Thanks for making this a great success.    Stay tuned for our next industry survey!


Lee and Mike


Posted by lee | Filed Under Behavior, Planning, Resume, Security Industry, Skills, Survey | 2 Comments 

Career Advice Tuesday – “Black Hat Preview – Professional Development Workshop”

July 26, 2011

For today’s Career Advice Tuesday – we wanted to share a more detailed look at our Black Hat Professional Development workshop.  The workshop will take place on Thursday afternoon – from 1:45 – 6:00PM.    Anyone in attendance can come to either any individual session or stay for the whole program.

If you are at Black Hat, please come by and introduce yourselves.


InfoSec 2001 – A Career Odyssey

The Professional Development workshop is a half-day program that is designed to inspire the Black Hat attendee to think about their career as an information security professional and assist them in their journey towards the achievement of their long term career goals.

The Professional Development workshop will be divided into five (5) unique information security career topics that will be linked by a common theme – Skill Development and Differentiation.

The program will consist of the following:

1)    “The Value of Information Security Certifications Survey” – Research Revealed – 1350 information security professionals responded to an independent survey on the topic – the research will be revealed

2)   “Second Place Sucks” – A presentation geared toward differentiating yourself from your peers (and your competition)

3)   The Information Security Leader of The Future” -  a presentation that will outline the skills that employers are looking for when identifying and selecting their information security leaders.

4)   “The Other Side of The Desk” – a panel that will explore the different attitudes and beliefs by job applicant and employer during the interview process

5)   “Future Predictions” and “Career Advice Tuesday- Live” – Future trends will be discussed and explored – and attendees will have the opportunity to ask questions about infosec related career topics

The workshop is designed as an interactive forum that should inspire some shared thought and debate between audience members and the presenters.

Attendees should understand that they can elect to either participate in the entire workshop, or to pick and choose from select sessions that have a particular interest to them.

Session Previews:

Session 1  – 1:45 – 3:00

“The Value of Information Security Certifications Survey”

Presenters – Mike Murray and Lee Kushner –  

In February of 2011, launched an independent survey on the value of information security certifications.   The value of InfoSec certifications is a highly debated topic in the industry, and this is the first independent survey that asks questions to information security professionals (certified or not) – their opinions on topics that include – the motivations for certifications, the impression of the certification bodies, the value of skills vs. certifications, and certifications effect on employment.  With over 1350 respondents, the results should be revealing and eye-opening.

Second Place Sucks -

Presenter – Mike Murray

So, if certifications are no longer the magic bullet to get you to your career goals, then what is.  The topic of strategic career investments and personal branding will be the focus of this presentation.  The presentation will be spent on how you can plan and execute on career investment strategies that will enable you to differentiate from your peers and successfully compete for promotions and external information security leadership opportunities.

(15 minute break)

Session 2 – 3:15 – 4:45PM

3:15 – 3:45PM

“The Information Security Leader of the Future” –

Presenter – Lee Kushner

The skills for information security leaders are changing quite rapidly.  As many companies are aligning information security with their core business and branding, information security professionals will need to evolve as well.  The presentation will break down the core skill components of what information security professional will need to acquire and demonstrate to be considered for leadership roles in the future.


3:45PM – 4:45PM

The Other Side of the Desk – Different Perspectives on the Interview Process

Moderator – Mike Murray

Candidate Perspective – Lee Kushner

Hiring Managers Perspective –    

Bill Phelps, Executive Director Accenture  

Justin Somaini, CISO at Yahoo!


There are two parties involved in every interview process, the information security professional (the applicant) and the hiring manager (the decision maker).   While in essence, both parties ultimately desire the same outcome, their motivations lie in different places.   This portion of the presentation will present to the audience the perspective of the candidate and the perspective of the hiring manager, in a way that will educate both parties and enable them to social engineer the interview process, to work to their personal advantage.

Bill Phelps:

Bill Phelps is an Executive Director in Accenture’s security practice, and has spent the past 25 years in technology services.  In the past decade, Bill has been a practice leader, company founder, board member and trusted advisor helping organizations with complex management and technology challenges in the areas of information security, data center transformation and technology strategy.     Bill currently has overall responsibility for Accenture’s security business in North America.  Bill is aggressively growing Accenture’s security team, and plans to hire over security 200 professionals in the coming year.

Justin Somaini:

Justin Somaini is the Chief Information Security Officer at Yahoo! where he’s responsible for all aspects of Yahoo!’s Information Security strategy.  With over 15 years of Information Security experience he’s seen as a leader in industry by promoting an evolution of the security and risk management models.  Through his public speaking and industry involvement he’s given extensive talks and interviews on the threat landscape, public policy, security management and risk management.  Prior to joining Yahoo!, Justin was the CISO at Symantec.  Justin has also held security leadership roles at VeriSign, Charles Schwab and PricewaterhouseCoopers LLP.

4:45 – 6:00PM

Predictions for the Future and Career Advice Tuesday – “Live”

Presenters – Lee Kushner and Mike Murray

The employment market is dramatically changing – and the closing session will begin with information security employment predictions (based on experience and research) for the next ten years.  Once completed, this will be followed by a version of “Career Advice Tuesday” – “Live”.   All attendees can have their personal information security career questions answered in an open forum.   Topics will include skill development, compensation negotiation, career investments, career planning, and anything else you want to ask about your Information Security Career.

Posted by lee | Filed Under "The Other Side of The Desk", Advice, Behavior, Branding, Career Advice Tuesday, Compensation, Interviewing, Networking, Planning, Position Selection, Presentation, Recruiting, Resume, Security Industry, Skills, Survey, Uncategorized | 1 Comment 

Value of Certification Survey – Update

March 18, 2011

Mike and I want everyone to know that we are off to a very good start for the “Value of Certification Survey   We are steadily approaching 750 responses, but we have lofty goals.  The data that we have collected so far, the responses have been very interesting and eye-opening.

Again, the survey is independent and open to any and all information security professionals, at any stage of their infosec career.   All opinions are welcomed – whether you hold information security certifications or do not.

We are hoping that our readers will continue to promote the survey to their peers, on their blogs, twitter feeds,podcast,  and mailing lists – so that we can provide as much relevant data as possible, when we reveal the results around Black Hat.

If anyone would like an interview, podcast, or additional information, please contact either Mike mmurray@infosecleaders.comm  or me

Thanks for your continued support,

Lee and Mike

Posted by lee | Filed Under Behavior, Personal, Security Industry, Survey | Comments Off