Stu Hirst - 10 Years To Ciso

•Download as PPTX, PDF•

0 likes•165 views

The document discusses the career journey of an individual from their entry into the infosec field 10 years ago to becoming a CISO. It provides advice based on lessons learned along the way. Key points include taking calculated risks early in one's career, learning from others in the industry, knowing when to change jobs or roles, avoiding burnout, actively seeking out opportunities, getting involved in industry communities, and bringing your authentic self to your work.

Technology

Disclaimers;
I like memes & gifs.
I’m not an ‘expert’ or a
‘thought leader’, but I’ve
learned some stuff along the
way.
@stuhirstinfosec

@stuhirstinfosec
Talk Outline;
- how did I end up here?!
- what have I learned?
- advice/musings

@stuhirstinfosec
One of the questions I
get asked the most is…

@stuhirstinfosec
HOW DID YOU
GET INTO
INFOSEC?

@stuhirstinfosec
It never really crossed
my mind that I would fail

@stuhirstinfosec
‘Take calculated risks’

@stuhirstinfosec
Plan?!
What plan?!
My only plan was to get back to a
good job… & it took graft

@stuhirstinfosec
Advice
Does your existing
company need more
Security people?!

@stuhirstinfosec
Advice
My first Security
course was
immensely important

@stuhirstinfosec
Skyscanner,
DevSecOps,
Squads & Tribes

@stuhirstinfosec
I turned down the chance of….
For….

@stuhirstinfosec
Here, I learned about
• Agile
• DevOps
• Cloud
• Automation
But I had a lot to learn about Security!

@stuhirstinfosec
Advice
I learnt SO MUCH
from people who had
simply already solved
many of these
problems!!!

@stuhirstinfosec
Sometimes
‘making the leap’
doesn’t work out

@stuhirstinfosec
Life and careers are
NEVER smooth!
But you’ll sure as hell
learn a lot…

@stuhirstinfosec
“Cyber at scale”, but
too slow for me
It’s ok to fail.
But you’ve also got to
know when to move
on

@stuhirstinfosec
Advice
I reached out to
someone on LinkedIn
to ask about roles. It
got me a job.

@stuhirstinfosec
Accept change.
It’s constant.

@stuhirstinfosec
Junior Analyst - £20k p/a:
- 10+ years experience
- CISSP, CISA, CISM, Masters, All The
Certs
- AWS, GCP, Azure, All The Clouds
- AppSec, CloudSec, SecOps, Risk,
Compliance
- Serverless, Kubernetes, ML, AI,
Buzzword Bingo

@stuhirstinfosec
Advice
Make the leap before
you feel ready???!!

@stuhirstinfosec
Lifelong Learning,
Public Speaking &
Bravery

@stuhirstinfosec
If you’re not brave
enough to offer
opinions, how will
we disrupt or
change anything?
Step forward.

@stuhirstinfosec
“You need to be more
technical”
“You need to be able to code”

@stuhirstinfosec
- Take calculated risks
- Utilise other people in the industry
- Appreciate not every career move will work out
- Beware the burnout
- Don’t wait for the dream job to land on your lap -
hustle!
- Take the leap before you’re ready?!
- Immerse yourself in community & opportunity
- Be yourself

When we look at the Google algorithm, we only think of updates that influence crawling and indexing. However, marketers must also bear in mind the increasing prevalence and variety of featured snippets in the SERPs. Here's how to use data to create SEO and content marketing strategies that make Google display your pages in snippets as well as get visitors to click through to your site. Presented at SEMrush Chennai Meetup on 18th May 2018.

Hi DevOps, I'm Security, I Love You

Stu Hirst

seo strategies for a constantly evolving google algo

Chakrapani Anumula

Grammar of truth and lies

Peter Bleackley

The Grammar of Truth and Lies

Peter Bleackley

Organic Click Through Rate Optimisation Tactics - MKGO - June 2018

Stacey MacNaught

21 Content Marketing Tools and Tactics by @staceycav at #TTLPresents - Septem...

Stacey MacNaught

My presentation from #ttlpresents in Belfast in September 2016. This deck goes through 21 content marketing tools and tactics our team at Tecmark uses to improve the efficiency and success in the areas of: - Ideas generation for content marketing - Data sourcing to support content projects - Content distribution and promotion Hope it's useful to some of you and if you have any questions at all, shoot me an email! Email address on the final slide.

The Evolution of Marketing Research

Peanut Labs

Slides for the presentation at Outdoor Retailer Summer Market 2014 on the topic of Millennial Marketing. Session Description: Millennials buy “the experience”. They don’t purchase hiking boots; they buy the idea of protecting their feet on the trail, while staying dry, avoiding blisters and looking “cool". The outdoor lifestyle is about the feeling of the experience, but our marketing strategies don’t show it. This session will identify acquisition strategies focusing on content to attract and engage millennials.

Concentrated Startup Wisdom talk for Startup Lisboa companies

Sean Tierney

Hacking a career

Stuart Coulson

2021.12 Fortress Agile by Cheryl Hammond @ Agile MiniCon

Cheryl M Hammond

When the broader organization just isn’t agile, teams can get stuck. They’re waiting for their knight in shining armor – the ‘enlightened’ executive – to transform it all. What happens when the hero isn’t coming? Is it possible to realistically accept an organization’s limitations without killing morale? Can a manager or coach ‘shield’ a team without losing momentum? Is there any point to making incremental change at the team or division level when ‘real’ progress seems eternally blocked by external impediments? This session explores practical tips to care for the humans in your realm; provide them a safe, comfortable, and defensible space in which to work; and make it inviting enough to win over (some of) the forces outside. Help your teams become self-rescuing princesses, and create the happily-ever-after that your people deserve!

The art of delivering value on timeChristophe Achouiantz

Twitter Talk: Using Twitter for Learning and Professional Development in Res ...

Melissa Robertson

An Imposter's Journey Into InfoSec

Stu Hirst

Pivot For Startups

IIMBNSRCEL

How to trive as an early stage startup by using the right metrics

➚ Mike van Hoenselaar

Inventing a Better Mousetrap: It’s All in Perspective

earthkind

Can I Use Twitter to Help My Career - TweetCamp San Antonio

Jim Adcock

How to Hire an Insanely Great SEO (BrightonSEO talk)

Stephan Spencer

Job Search Seminar

Kelley OBrien

Resources for Entrepreneurs

jbischke

UX Charlatans - World Usability Congress, Graz, Austria 2018

martina mitz

User Experience (UX) is probably one of the fastest evolving and most exciting disciplines to be a part of these days. As the practical value of UX-work has become more and more obvious in the past few years, the demand for UX Designers and Experts has grown exponentially. Unfortunately, there are no official educational paths or certifications yet and the confusion around UX is very broad - UX is becoming a buzzword. As a result, the market is not only confused or has at best a very narrow understanding of the term, but this also offers a soil for many amateurs and fake representatives of the discipline to evolve. Over the past few years, I have had the (dis)pleasure to meet and work with some highly promoted UX Charlatans, so that over time I started spotting the patterns - some of their similarities and tactics. My aim is to share my observations in this presentation, in the hope to save you some time, money, and frustration - no matter if you are an evolving UX Designer or a Business/Project owner in need of UX expertise.

Jill Rowley's (Marketo) presentation at Mumbrella's B2B Marketing Summit 2018

Stephanie Borys

#Sharepocolypse

Anchor Media

Since the days of MySpace and even before them, with Tripod and SixDegrees, social media sites have attracted millions of users. As these users discovered new platforms, they created profile after profile to promote themselves or their businesses. With each profile came more liking and commenting and sharing – thus, the #sharepocolypse was born. With all the social outlets to post on, scroll through, and promote with, navigating and managing your business’ social life can feel like a balancing act – and that is why Anchor is here to help!

ISSA-SouthFlorida-03052015-finalChrista Pusateri

How to get started with event driven analytics

Effin Amazing

When it comes to building and growing a business, analytics play a critical role. The problem most founders and growth marketers face is that they have bad data they just don’t trust. With the abundance of tools and opinions on how to go about implementing analytics, analysis paralysis can be a very real thing. In this webinar, Dan McGaw will walk you through the steps you need to take in order to successfully implement your own event based analytics. What you’ll learn: How to choose the right analytics tool How to deal with corrupt data (and avoid it entirely) What you should (and shouldn’t) be tracking How to create a proper spec (templates included) How to audit your analytics implementation

Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...

Stu Hirst

AWS Meet Up COPENHAGEN.pptx

Stu Hirst

Similar to Stu Hirst - 10 Years To Ciso

From Aha! to Eureka Smartees Seminar

InSites on Stage

Marketing to Millennials: Strategies & Tactics - Outdoor Retailer 2014

Anthony Piwarun

Concentrated Startup Wisdom talk for Startup Lisboa companies

Sean Tierney

Hacking a career

Stuart Coulson

2021.12 Fortress Agile by Cheryl Hammond @ Agile MiniCon

Cheryl M Hammond

The art of delivering value on timeChristophe Achouiantz

Twitter Talk: Using Twitter for Learning and Professional Development in Res ...

Melissa Robertson

An Imposter's Journey Into InfoSec

Stu Hirst

Pivot For Startups

IIMBNSRCEL

How to trive as an early stage startup by using the right metrics

➚ Mike van Hoenselaar

Inventing a Better Mousetrap: It’s All in Perspective

earthkind

Can I Use Twitter to Help My Career - TweetCamp San Antonio

Jim Adcock

How to Hire an Insanely Great SEO (BrightonSEO talk)

Stephan Spencer

Job Search Seminar

Kelley OBrien

Resources for Entrepreneurs

jbischke

UX Charlatans - World Usability Congress, Graz, Austria 2018

martina mitz

Jill Rowley's (Marketo) presentation at Mumbrella's B2B Marketing Summit 2018

Stephanie Borys

#Sharepocolypse

Anchor Media

ISSA-SouthFlorida-03052015-finalChrista Pusateri

How to get started with event driven analytics

Effin Amazing

Similar to Stu Hirst - 10 Years To Ciso (20)

From Aha! to Eureka Smartees Seminar

Marketing to Millennials: Strategies & Tactics - Outdoor Retailer 2014

Concentrated Startup Wisdom talk for Startup Lisboa companies

Hacking a career

2021.12 Fortress Agile by Cheryl Hammond @ Agile MiniCon

The art of delivering value on time

Twitter Talk: Using Twitter for Learning and Professional Development in Res ...

An Imposter's Journey Into InfoSec

Pivot For Startups

How to trive as an early stage startup by using the right metrics

Inventing a Better Mousetrap: It’s All in Perspective

Can I Use Twitter to Help My Career - TweetCamp San Antonio

How to Hire an Insanely Great SEO (BrightonSEO talk)

Job Search Seminar

Resources for Entrepreneurs

UX Charlatans - World Usability Congress, Graz, Austria 2018

Jill Rowley's (Marketo) presentation at Mumbrella's B2B Marketing Summit 2018

#Sharepocolypse

ISSA-SouthFlorida-03052015-final

How to get started with event driven analytics

Recently uploaded

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Bits & Pixels using AI for Good.........

Alison B. Lowndes

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Recently uploaded (20)

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

How world-class product teams are winning in the AI era by CEO and Founder, P...

UiPath Test Automation using UiPath Test Suite series, part 4

Bits & Pixels using AI for Good.........

Monitoring Java Application Security with JDK Tools and JFR Events

Epistemic Interaction - tuning interfaces to provide information for AI support

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Designing Great Products: The Power of Design and Leadership by Chief Designe...

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

The Art of the Pitch: WordPress Relationships and Sales

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Key Trends Shaping the Future of Infrastructure.pdf

PCI PIN Basics Webinar from the Controlcase Team

Elevating Tactical DDD Patterns Through Object Calisthenics

GraphRAG is All You need? LLM & Knowledge Graph

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Stu Hirst - 10 Years To Ciso

1. 10 Years To CISO @stuhirstinfosec

2. Disclaimers; I like memes & gifs. I’m not an ‘expert’ or a ‘thought leader’, but I’ve learned some stuff along the way. @stuhirstinfosec

3. Who Am I? @stuhirstinfosec

4. @stuhirstinfosec

5. @stuhirstinfosec Talk Outline; - how did I end up here?! - what have I learned? - advice/musings

6. @stuhirstinfosec One of the questions I get asked the most is…

7. @stuhirstinfosec HOW DID YOU GET INTO INFOSEC?

8. @stuhirstinfosec

9. @stuhirstinfosec It never really crossed my mind that I would fail

10. @stuhirstinfosec BUT FAIL, I DID!

11. @stuhirstinfosec ‘Take calculated risks’

12. @stuhirstinfosec Plan?! What plan?! My only plan was to get back to a good job… & it took graft

13. @stuhirstinfosec Advice Does your existing company need more Security people?!

14. @stuhirstinfosec Advice My first Security course was immensely important

15. @stuhirstinfosec Skyscanner, DevSecOps, Squads & Tribes

16. @stuhirstinfosec I turned down the chance of…. For….

17. @stuhirstinfosec Here, I learned about • Agile • DevOps • Cloud • Automation But I had a lot to learn about Security!

18. @stuhirstinfosec Advice I learnt SO MUCH from people who had simply already solved many of these problems!!!

19. @stuhirstinfosec Sometimes ‘making the leap’ doesn’t work out

20. @stuhirstinfosec Life and careers are NEVER smooth! But you’ll sure as hell learn a lot…

21. @stuhirstinfosec “Cyber at scale”, but too slow for me It’s ok to fail. But you’ve also got to know when to move on

22. @stuhirstinfosec Beware the Burnout!

23. @stuhirstinfosec Advice I reached out to someone on LinkedIn to ask about roles. It got me a job.

24. @stuhirstinfosec Accept change. It’s constant.

25. @stuhirstinfosec

26. @stuhirstinfosec

27. @stuhirstinfosec Junior Analyst - £20k p/a: - 10+ years experience - CISSP, CISA, CISM, Masters, All The Certs - AWS, GCP, Azure, All The Clouds - AppSec, CloudSec, SecOps, Risk, Compliance - Serverless, Kubernetes, ML, AI, Buzzword Bingo

28. @stuhirstinfosec Advice Make the leap before you feel ready???!!

29. @stuhirstinfosec Lifelong Learning, Public Speaking & Bravery

30. @stuhirstinfosec Research!!!!

31. @stuhirstinfosec

32. @stuhirstinfosec If you’re not brave enough to offer opinions, how will we disrupt or change anything? Step forward.

33. @stuhirstinfosec Community

34. @stuhirstinfosec

35. @stuhirstinfosec Bad Advice?!

36. @stuhirstinfosec “You need to be more technical” “You need to be able to code”

37. @stuhirstinfosec To Wrap Up…

38. @stuhirstinfosec - Take calculated risks - Utilise other people in the industry - Appreciate not every career move will work out - Beware the burnout - Don’t wait for the dream job to land on your lap - hustle! - Take the leap before you’re ready?! - Immerse yourself in community & opportunity - Be yourself

39. THANKS! @stuhirstinfosec

Stu Hirst - 10 Years To Ciso

Recommended

Recommended

More Related Content

Similar to Stu Hirst - 10 Years To Ciso

Similar to Stu Hirst - 10 Years To Ciso (20)

More from Stu Hirst

More from Stu Hirst (10)

Recently uploaded

Recently uploaded (20)

Stu Hirst - 10 Years To Ciso