Wednesday, October 29, 2014

SecurityJobCoach.com addresses your Personal Branding and Career Development Needs







SecurityJobCoach.com services were designed to assist you with your Personal Branding:


  • Resume coaching
  • Resume writing
  • LinkedIn profile optimization
  • Interview Coaching
  • Board of Director Presentation Coaching
  • Guerrilla Job Search Coaching
  • Career Transition Coaching and more



Jeff Snyder's SecurityRecruiter.com, Security Recruiter Blog, 719.686.8810

Monday, October 27, 2014

Cyber Security News, Education and Vulnerability Patch Report for the Week of October 27, 2014




CYBER SECURITY NEWS OF THE WEEK


FROM OUR FRIENDS AT CITADEL INFORMATION GROUP

 

Cyber Crime

‘Spam Nation’ Publisher Discloses Card Breach: In the interests of full disclosure: Sourcebooks – the company that on Nov. 18 is publishing my upcoming book about organized cybercrime — disclosed last week that a breach of its Web site shopping cart software may have exposed customer credit card and personal information. KrebsOnSecurity, October 23, 2014
Hackers Ran Loose Inside JPMorgan For 2 Months Before Getting Caught: It’s as if a robber were to break into a bank today and stay there until Christmas before someone noticed. HuffingtonPost, October 23, 2014
Banks: Credit Card Breach at Staples Stores: Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach. Staples says it is investigating “a potential issue” and has contacted law enforcement. KrebsOnSecurity, October 20, 2014

Cyber Privacy

China-backed hackers target Apple’s iCloud users: blog: (Reuters) – Apple Inc’s (AAPL.O) iCloud storage service in China was attacked by hackers trying to steal user credentials, a Chinese web monitoring group said, adding that it believes the Beijing government is behind the campaign. Reuters, October 21, 2014

Financial Cyber Security

DTCC urges greater collaboration on cyber-crime threats: A white paper published by the Depository Trust & Clearing Corporation (DTCC) has urged regulators and financial institutions to collaborate more on the increasing threats posed by cyber-crime. COO Connect, October 23, 2014
Financial Services Ranks Cyberattacks Top Industry Worry: Depository Trust & Clearing Corporation (DTCC) survey says cyberrisk is one of the top five concerns for financial services firms. DarkReading, October 23, 2014
How to Combat Online Fraud: How Consumers and Banks Can Work Together: Last month, industry watchdog, Financial Fraud Action UK released some worrying figures about how online banking fraud has increased by 71% over the past year. IBTimes, October 20, 2014
Spike in Malware Attacks on Aging ATMs: This author has long been fascinated with ATM skimmers, custom-made fraud devices designed to steal card data and PINs from unsuspecting users of compromised cash machines. But a recent spike in malicious software capable of infecting and jackpotting ATMs is shifting the focus away from innovative, high-tech skimming devices toward the rapidly aging ATM infrastructure in the United States and abroad. KrebsOnSecurity, October 20, 2014
Wall Street Urges U.S. Regulators’ Joint Cybersecurity Approach: Wall Street’s top trade group is calling for the creation of a new inter-agency working group of regulators and the White House that would be tasked with developing consistent cybersecurity rules for the financial industry. FoxBusiness, October 20, 2014

Identity Theft

What’s behind the dramatic rise in medical identity theft?: A decentralized U.S. health system, increasing digitization of records, and demand in the black market are fueling a surge in thefts. Fortune, October 19, 2014
We’re Getting Too Blase About Identity Theft, Data Breaches: The world is a risky place, and it’s getting riskier. According to a poll by The Travelers Cos. (TRV), 63 percent of American consumers (801 of them, age 18 to 69, were surveyed in July for this annual survey) say they believe the world is getting riskier. DailyFinance, October 15, 2014
Keeping Credit Cards and Bank Account Data from Hackers: JPMorgan Chase has disclosed that the accounts of 83 million households and businesses were compromised this summer in a cyberattack. Nine other financial institutions were also infiltrated by the same group of overseas hackers. The New York Times, October 4, 2014

Cyber Warning

Hackers Are Exploiting Microsoft PowerPoint to Hijack Computers: Hackers are exploiting a security flaw in Microsoft Office by using PowerPoint to attack Windows users and gain control of computer systems. Mashable, October 24, 2014
The ‘Backoff’ malware used in retail data breaches is spreading: The number of computers in North America infected by the Backoff malware, which is blamed for a string of payment card breaches, has risen sharply, according to research from network security company Damballa. PCWorld, October 24, 2014
Malvertising Campaign on Yahoo, AOL, Triggers CryptoWall Infections: Attackers have been leveraging the FlashPack Exploit Kit to peddle the CryptoWall 2.0 ransomware on unsuspecting visitors to sites such as Yahoo, The Atlantic and AOL. Researchers believe that for about a month the malvertising campaign hit up to 3 million visitors and netted the attackers $25,000 daily. ThreatPost, October 23, 2014
Attacks On Patched Sandworm Flaw Force Microsoft To Issue Fix It: More than a week after Microsoft fixed a flaw affecting almost all Windows versions, attackers are continuing to exploit it. DarkReading, October 23, 2014
Terrible People Prey On Ebola Fears In New Email Scam: If you get an email from a seemingly trustworthy organization about the Ebola virus in the coming days, beware. It could very well be a scam to obtain your personal info. HuffingtonPost, October 22, 2014
Phone Hackers Dial and Redial to Steal Billions: SAN FRANCISCO — Bob Foreman’s architecture firm ran up a $166,000 phone bill in a single weekend last March. But neither Mr. Foreman nor anyone else at his seven-person company was in the office at the time. The New York Times, October 19, 2014

Cyber Security Management

Cybersecurity help coming for franchises: Two industry groups are teaming up to help franchise businesses learn about cybersecurity. The Hill, October 23, 2014
Your business can’t afford the cost of cyber crime: It’s not a surprise that cyber crime is costly for organizations. The cost of any lost productivity, combined with the fallout of any compromised data, the impact to the organization’s reputation, and the cost to clean up and recover from an attack all add up. CSO, October 23, 2014

Cyber Security Management – Cyber Defense

Google Accounts Now Support Security Keys: People who use Gmail and other Google services now have an extra layer of security available when logging into Google accounts. The company today incorporated into these services the open Universal 2nd Factor (U2F) standard, a physical USB-based second factor sign-in component that only works after verifying the login site is truly a Google site. KrebsOnSecurity, October 22, 2014

National Cyber Security

Report: Russia, China near cybersecurity deal: Russian President Vladimir Putin is close to finalizing a cybersecurity cooperation agreement with China, according to Russian media reports. The Hill, October 23, 2014
Steptoe Cyberlaw Podcast, Episode #39: An Interview with Tom Finan: Our guest today is Tom Finan, Senior Cybersecurity Strategist and Counsel at DHS’s National Protection and Programs Directorate (NPPD), where he is currently working on policy issues related to cybersecurity insurance and cybersecurity legislation. Marc Frey asks him why DHS, specifically NPPD, is interested in cybersecurity insurance, what trends they are seeing in this space for carriers and other stakeholders, and what is next for their role in this space. He is incredibly forthcoming in his responses and even asks listeners to email him with their feedback. LawFare, October 23, 2014


Weekend Vulnerability and Patch Report, October 26, 2014


Important Security Updates

Apple iOS: Apple has released version 8.1 of its iOS. The update is available through the devices or through Apple’s website.
Apple TV: Apple has released version 7.0.1 for Apple TV to fix a security issues in previous versions. Updates are available through the device or Apple’s website.
Avast: Avast! Free Antivirus has released version 10.0.2206. Updates are available on Avast’s website.
AVG Free Edition: AVG has released version 2015.0.5557 of its 32 bit Free Edition. Updates are available on AVG’s website.
Mozilla Firefox: Mozilla has released version 33.0.1 for Firefox. Updates are available within the browser or from Mozilla’s website.
Piriform CCleaner: Piriform has released version 4.19.4867 for CCleaner. Updates are available from Piriform’s website.

Current Software Versions

Adobe Flash  15.0.0.189 [Windows 7: IE]
Adobe Flash  15.0.0.189 [Windows 7: Firefox, Mozilla]
Adobe Flash  15.0.0.189 [Windows 8: IE]
Adobe Flash  15.0.0.189 [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.09
Dropbox 2.10.39 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]
Firefox 33.0.1
Google Chrome 38.0.2125.104
Internet Explorer 11.0.9600.17280
Java SE 8 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.5
Safari 5.1.7 
Safari 7.1 [Mac OS X]
Skype 6.21.0.104

Newly Announced Unpatched Vulnerabilities

None
For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

Cisco Multiple Products: Secunia reports Cisco has released updates for Email Security Appliance, TelePresence MCU 4200 Series versions prior to 4.3(2.30), TelePresence MCU 4500 Series versions prior to 4.3(2.30), TelePresence MCU MSE 8420 versions prior to 4.3(2.30), Adaptive Security Security Appliance (ASA), and others. Apply available updates.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2014 Citadel Information Group. All rights reserved.


Wednesday, October 22, 2014

Resumes that Open Interveiw Doors are Clean, Clear and Logically Written




A recent LinkedIn “Influencer” post not only got my attention, it hit on a topic I address every day of my life.

The Influencer suggested that resumes might want to incorporate what he referred to as “design-thinking” ideas. 

These ideas included graphics and videos.  This is precisely and exactly the opposite advice I give my resume clients…the clients whose resumes open interview doors globally.

Applicant tracking systems (ATS) generally do not know what to do with fancy fonts and boxes found in many resume templates.  Most ATS tools turn fancy fonts and items their artificial intelligence does not understand into gibberish.  This is not how you want to be stored in a recruiter’s database or a company’s database for present or future reference.

Resumes that are clean, clear and logically written with the resume’s audience in mind are resumes that open interview doors.  Better yet, resumes that clearly demonstrate an individual’s accomplishments, contributions and business value are the resumes that capture attention.

When you write your resume, the end product is not for you. It is for someone in your audience.  You have to know your audience.

Present your resume in the language of the audience that will receive and review your resume in a matter of seconds and you’ll very likely find yourself opening interview doors.



Jeff Snyder, Twitter: @secuirtyrecruit, is the Founder and President of SecurityRecruiter.com, SecurityJobCoach.com, SecuirtyCaererCoach.com, SecurityLeadershipCoach.com and he is a well-traveled Public Speaker.

Tuesday, October 21, 2014

Monday, October 20, 2014

Cyber Security News, Education and Vulnerability Patch Report for the Week of October 20, 2014


CYBER SECURITY NEWS OF THE WEEK


FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Cyber Crime

Oregon Employment Department data breach: more than 851,000 people could be at risk: Hackers may have obtained the personal information of more than 851,300 people after tapping into an Oregon Employment Department database, agency officials announced Monday. OregonLive, October 13, 2014

Cyber Attack

Russian Hackers Used Bug in Microsoft Windows for Spying, Report Says: LONDON — Russian hackers used a bug in Microsoft Windows to spy on several Western governments, NATO and the Ukrainian government, according to a report released Tuesday by iSight Partners, a computer security firm in Dallas. The New York Times, October 14, 2014

Cyber Privacy

Apple defies FBI and offers encryption by default on new operating system: The latest version of Apple’s operating system for desktop and laptop computers, Mac OS X 10.10 “Yosemite”, encourages users to turn on the company’s FileVault disk encryption, as the company hardens its pro-security stance. The Guardian, October 17, 2014
App Behind The Snapchat Leak Admits It Was Hacked, Apologizes: A website that allowed Snapchat users to save images that were supposed to disappear said it was hacked and apologized for allowing thousands of private photos to be leaked online. HuffingtonPost, October 13, 2014

Cyber Warning

In Plain Sight: How Cyber Criminals Exfiltrate Data Via Video: Just like Fortune 500 companies, attackers are investing in sophisticated measures that let them fly beneath the radar of conventional security. DarkReading, October 17, 2014
New attack hides stealthy Android malware in images: A new technique that allows attackers to hide encrypted malicious Android applications inside images could be used to evade detection by antivirus products and possibly Google Play’s own malware scanner. PC World, October 17, 2014
Google reveals major flaw in outdated, but widely-used SSL protocol: Google’s Security Team revealed on Tuesday that the long obsolete, but still all too used, Secure Sockets Layer (SSL) 3.0 cryptographic protocol has a major security flaw. ZDNet, October 15, 2014
Hackers Have A Really Simple Way Of Getting Your Passwords To Sites Like Dropbox And Snapchat: Last night an anonymous hacker claimed to be in possession of 7 million passwords to Dropbox accounts. While that claim was probably false, it demonstrates the increasingly common way that hackers are using to gain access to your passwords. Business Insider, October 14, 2014
Who’s Watching Your WebEx?: KrebsOnSecurity spent a good part of the past week working with Cisco to alert more than four dozen companies — many of them household names — about regular corporate WebEx conference meetings that lack passwords and are thus open to anyone who wants to listen in. KrebsOnSecurity, October 13, 2014

Cyber Security Management

Cyber Risk Series: Board and C-Suite responsible for data breach preparedness: Stan Stahl, President of Citadel Information Group, welcomes Melissa Ventrone, chair of the Data Privacy & Security Practice at the law firm of Wilson Elser, and Worldwide Facilities VP Steve Vallone, to discuss the responsibility of the Board and senior management regarding company preparedness for cyber liability and data breaches. World Risk Insurance News, October 2014
Cybercrime Costs Have Doubled in Last Five Years, Ponemon Report Says: The average annual cost of cybercrime to companies has nearly doubled in the last five years, a new report from a cybersecurity research firm says. American Banker, October 16, 2014

Cyber Security Management – Cyber Defense

‘Silent’ Fix For Windows USB Bug?: Researchers say a newly patched Microsoft USB flaw in older versions of Windows had at some time previously been fixed in newer versions of the OS. DarkReading, October 16, 2014

Cyber Security Management – Cyber Update

Microsoft, Adobe Push Critical Security Fixes: Adobe, Microsoft and Oracle each released updates today to plug critical security holes in their products. Adobe released patches for its Flash Player and Adobe AIR software. A patch from Oracle fixes at least 25 flaws in Java. And Microsoft pushed patches to fix at least two-dozen vulnerabilities in a number of Windows components, including Office, Internet Explorer and .NET. One of the updates addresses a zero-day flaw that reportedly is already being exploited in active cyber espionage attacks. KrebsOnSecurity, October 14, 2014

Financial Cyber Security

Obama signs order to tighten security for federal credit cards: (Reuters) – U.S. President Barack Obama signed an executive order on Friday to beef up security measures for federal credit cards, and urged banks and retailers to follow suit in an effort to combat the growing threat of identity fraud. Reuters, October 17, 2014
N.Y.’s Lawsky Considering Strict Cybersecurity Regime for Banks: Banks chartered in New York could soon be required to appoint chief information security officers and submit to quarterly tests of their systems’ vulnerabilities under a cybersecurity regime being considered by state regulator Benjamin Lawsky. American Banker, October 17, 2014
Can Apple Pay Do to Your Wallet What iTunes Did for Music?: With added security, better design, and improved convenience, Apple Pay hopes to finally make mobile payments commonplace at the register. MIT Technology Review, October 15, 2014
Millions vulnerable to scams as banks launch Know Fraud, No Fraud campaign: Poll finds millions leave themselves open to scams as banks launch campaign The BBA is launching a fraud awareness campaign as YouGov polling reveals that millions of people in Great Britain are unwittingly leaving themselves vulnerable to scams perpetrated by fraudsters posing as their bank. Banking Business Review, October 14, 2014

National Cyber Security

9/11 Commission Urges Senate to Pass Cybersecurity Bill: The 9/11 Commission is calling on Sen. Majority Leader Harry Reed (D-Nev.) to get cybersecurity legislation passed before the end of this Congress. MultiChannel News, October 17, 2014
Steptoe Cyberlaw Podcast, Episode #38: An Interview with Shaun Waterman: Our guest for the podcast is Shaun Waterman, editor of POLITICO Pro Cybersecurity. Shaun is an award-winning journalist who has worked for the BBC and United Press International; and an expert on counterterrorism and cybersecurity. LawFare, October 16, 2014
FBI Director Urges New Encryption Legislation: Encryption algorithms do not acknowledge “lawful access.” DarkReading, October 16, 2014

Cyber Insurance

5 Reasons You Should Have Cyber Liability Insurance: It’s not just for big companies. Cyber insurance can make the difference between staying in business or shutting your doors after an attack. Inc.com, March 18, 2013

Cyber Sunshine

Seleznev Arrest Explains ‘2Pac’ Downtime: The U.S. Justice Department has piled on more charges against alleged cybercrime kingpin Roman Seleznev, a Russian national who made headlines in July when it emerged that he’d been whisked away to Guam by U.S. federal agents while vacationing in the Maldives. The additional charges against Seleznev may help explain the extended downtime at an extremely popular credit card fraud shop in the cybercrime underground. KrebsOnSecurity, October 15, 2014


Weekend Vulnerability and Patch Report, October 20, 2014


Important Security Updates

Adobe Flash Player: Adobe has released version 15.0.0.189 to fix at least 3 highly critical vulnerabilities reported in previous versions. Updates are available from Adobe’s website. Updates are also available for AIR.
Apple iTunes: Apple has released version 12.0.1 of iTunes for Windows (64-bit) to fix at least 82 unpatched vulnerabilities, some of which are highly critical. Updates are available from Apple’s website.
Apple OS X: Apple has released updates for OS X to fix 32 vulnerabilities, some of which are highly critical. Update to version 10.10. Updates are available from Apple’s website.
D-Link Multiple Products: D-Link has released updates for its DSR-500, DSR-500N, DSR-1000, and DSR-1000N wireless routers to a security issues reported in previous firmware versions. Update to firmware version 1.09.b61. Updates are available from D-Link’s website.
Google Chrome: Google has released Google Chrome version 38.0.2125.104 for Windows, Mac, and Linux to fix at least 13 unpatched vulnerabilities, some of which are highly critical, reported in previous versions and versions bundled with Flash Player. Updates are available from within the browser or from Google Chrome’s website.
Malwarebytes Anti-Exploit: Malwarebytes has released version 2.0.3 of its free Malwarebytes Anti-Exploit. Updates are available from Malwarebytes’ website.
Microsoft Internet Explorer: Microsoft has released updates for all versions of Internet Explorer to fix at least 14 highly critical vulnerabilities. Updates are available through the program or from Microsoft’s website.
Microsoft Patch Tuesday: Microsoft’s Patch Tuesday released 9 updates to address at least 24 vulnerabilities, some of which are highly critical within Windows, Internet Explorer, Office, Word, .NET and other Microsoft products.
Mozilla Firefox: Mozilla has released version 33.0 for Firefox to fix at least 9 highly critical unpatched vulnerabilities in previous versions. Updates are available within the browser or from Mozilla’s website. Updates are also available for Thunderbird and SeaMonkey.
Opera: Opera has released version 25 to fix moderately critical unpatched vulnerabilities. Updates are available from within the browser or from Opera’s website.
Oracle Java: Oracle has released versions Java SE 7 Update 72 and Java SE 8 Update 25 to fix at least 25 vulnerabilities, some of which are highly critical. The update is available through Windows Control Panel or Java’s website. [See Citadel's recommendation below]
TechSmith Corporation SnagIt: TechSmith has released version 12.2.1.1968 for SnagIt. Updates are available from TechSmith’s website.

Current Software Versions

Adobe Flash  15.0.0.189 [Windows 7: IE]
Adobe Flash  15.0.0.189 [Windows 7: Firefox, Mozilla]
Adobe Flash  15.0.0.189 [Windows 8: IE]
Adobe Flash  15.0.0.189 [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.09
Dropbox 2.10.39 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]
Firefox 33.0
Google Chrome 38.0.2125.104
Internet Explorer 11.0.9600.17280
Java SE 8 Update 25 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.5
Safari 5.1.7 
Safari 7.1 [Mac OS X]
Skype 6.21.0.104

Newly Announced Unpatched Vulnerabilities

None
For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

Apple OS X Server: Secunia reports Apple has released version 4.0 of OS X Server to fix at least 7 unpatched moderately critical vulnerabilities, a weakness and a security issue. Apply update.
BlackBerry OS: Secunia reports Blackberry has released an update to fix a security issue. Apply update.
Cisco Multiple Products: Secunia reports Cisco has released updates for Intrusion Prevention System (IPS), Adaptive Security Security Appliance, (ASA), 5500 Series, 5500-X Series, IOS XE, and others. Apply available updates.
Citrix XenServer: Secunia reports Citrix has released updates for its XenServer to address at least 6 moderately critical vulnerabilities in versions 6.2 Service Pack 1 and prior. Apply hotfix.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2014 Citadel Information Group. All rights reserved.


Friday, October 17, 2014

Momentum, This Is A Habit I Could Get Used To



I’ve never written blogs at the end of the day on a Friday but last week ended with great momentum and this week is ending with even stronger momentum.

Highlight

The highlight of my week was an opportunity to speak at the Colorado Springs ISSA Cyber Security meeting where I suspect there were over 100 people in attendance.  I just received a call from a local information security leader who was not at the conference but my business card and a recommendation made it to him.

These emails have come to me over the past 48 hours.  I’m so thankful to the people who wrote these kind messages from the Colorado Springs ISSA.

"It was my pleasure meeting you at yesterday's ISSA conference. I really enjoyed your presentation. It was a nice break from the standard technical briefings ISSA puts together for these types of events.  I told Glenn York he should have you speak at more of the ISSA's forums. As a transitioning USAF veteran, the tips you mentioned during the briefing really touched me….You're briefing sent me on a soul search to figure out what path I should take for this new second career I'm beginning to pursue…. I just wanted to thank you for coming over and sharing your wisdom and humor with us…"
"Wanted to send a personal thank you for speaking at the conference. Your presentation was very well received.  Hope to see you at ISSA-COS meetings and future conferences."
"I’m a member of ISSA and attended your presentation yesterday. I didn't get a chance to thank you in person so email will have to do. I’ve seen a lot of ISSA talks and yours might be the best one I’ve seen. As you pointed out ISSA members are a diverse group both in age and skill and my impression is that you spent considerable thought on how to include everyone. I thought you nailed it."

Morning

This morning, I was fortunate to discuss career advancement strategy with a very bright up-and-coming information security leader who wants to align his personal marketing package and his personal career strategy for future success.  This call got my day started off with tremendous momentum.

My next call came from a former resume writing client who wants help to align his resume with his LinkedIn presence.  This same client is very happy with his current role but he has an eye open toward the future.  We discussed what our career coaching and emotional intelligence coaching could do to help him prepare for the next level in his career.  For this client, the next level will be a significant CISO role.  My day picked up more momentum.

Afternoon

This afternoon I was privileged to coach two absolutely outstanding CISOs towards higher levels of career success. Both CISOs are already successful but both are interested in maximizing their performance.  Helping these guys to maximize their performance feeds my top 5 Maximizer strength.  I love doing this work!

Working with two more people in a row who are both coach-able and teachable made my day end with significant momentum to roll into Monday morning.

The Weekend


Now for some family time and one-on-one time with my mountain bike this weekend before the trails are soon covered with snow and we’ll have to break out the snowshoes!

Jeff Snyder's, Security Career Coach, Security Recruiter Blog, 719.686.8810

SecurityRecruiter.com's Security Recruiter Blog