July 3, 2024
2
minutes

EP 9: Ryan Black: Training the Next Generation of Security Professionals

In episode 9 of the "In Security" podcast, host Mike Cataffo interviews Ryan Black, the Chief Information Security Officer at BLACKCLOAK, on training the next generation of security professionals. Ryan shares his insights and experiences, emphasizing the importance of mentorship, creating a learning culture, and fostering collaboration across disciplines.

Watch the episode here:

Key takeaways:

  • Mentorship is crucial in fostering the next generation of security professionals by offering guidance and support.
  • It is vital to establish a learning culture where it's acceptable not to know everything and where knowledge can be shared and learned. This encourages curiosity and continuous growth.
  • It's essential to create opportunities for cross-disciplinary collaboration, which allows for knowledge sharing across different fields.
  • An approachable training framework, like the Capture The Flag model, can stimulate learning growth. This tool can cater to various individuals, from project managers to early developers, providing an array of puzzles and challenges.
  • Practical examples demonstrate how such a training framework can ignite a passion for learning and enable rapid skill acquisition, even for individuals without a technical background.
  • In security roles, hands-on involvement is crucial to preserve credibility with other technical staff and better understand their challenges.

About our guest:

Ryan Black, CISO at BLACKCLOAK, has a decade-long security career. His previous roles include CISO at Origami Risk and Director of Engineering Security at Mandiant. He founded Threatsurface.io and has a degree in software development. Known for building effective security teams and fostering collaboration, his skills encompass risk assessment, vulnerability management, and security operations. He contributes to open-source projects and is recognized for his empathetic leadership style and strategic thinking.

Ryan began his career with a diverse technical background and a passion for solving problems. His security journey was not intentional but evolved through various roles and opportunities to lead teams and projects. His diverse experiences in pen testing, security services, and operations shaped his path to becoming a CISO.

Mentorship and Learning in Cybersecurity

An experienced security leader, Ryan Black values mentorship, having benefited from it during his early years. As a teenager, guidance from seasoned professionals sparked his curiosity and equipped him with foundational technology and security skills. This is reflected profoundly in today’s discussion around Training the Next Generation of Security Professionals.

Ryan encourages a culture where questions are welcomed, knowledge is shared, and continuous learning is promoted, deeming it crucial for nurturing future security professionals.

He advocates for creating opportunities for people from different disciplines to work together. By pairing individuals with diverse expertise on projects, teams can benefit from a broader range of knowledge and perspectives. This collaborative approach enhances learning and problem-solving capabilities.

Ryan developed a Capture The Flag (CTF) training framework to facilitate practical learning. This tool is designed to be approachable to various individuals, from project managers to early developers. It includes an array of puzzles and challenges that simulate real-world security scenarios, helping participants develop their skills in a hands-on environment.

Ryan shares a compelling story of a project manager who initially doubted their ability to participate in a CTF event but ultimately excelled and placed third. This example illustrates how the CTF framework can ignite a passion for learning and enable rapid skill acquisition, even for those without a technical background.

Ryan emphasizes the importance of staying hands-on and encourages security leaders to maintain technical credibility. Leaders can better understand their teams' challenges and provide more practical guidance and support by remaining involved in the more technical aspects of their team’s roles.

Ryan Black's insights on training the next generation of security professionals highlight the critical roles of mentorship, a collaborative learning culture, and hands-on leadership. His innovative approaches, such as the Capture The Flag framework, demonstrate how practical tools and fostering an environment of continuous learning and curiosity can inspire and develop the security industry's future leaders.

No items found.
No items found.
No items found.
No items found.
Nirvana Karkee
Content Writer

Best Practices for Anti-Money Laundering Compliance

Explore the importance of AML practices, global regulations, and strategies to mitigate financial crime risks such as laundering on our blog.

Matt Sharp: A CISO’s approach to creating AI governance framework

Join Matt Sharp as he discusses Xactly’s approach to shaping an AI governance framework in GRC in our latest podcast.

SecurityPal Hosts OWASP Foundation Kathmandu Chapter

Discover SecurityPal's state-of-the-art SOC 2 certified Security Operations Command Center (SOCC) in Kathmandu, showcasing our dedication to handling global security needs. Learn about our engagement with OWASP Kathmandu, featuring industry experts and sponsors like Salesforce, Adobe, and KPMG. Join our community of over 200 cybersecurity professionals and experience our engaging events firsthand. Schedule a meeting with SecurityPal today to explore how we can elevate your security posture.
Resources
eBooks & Whitepapers
Case Studies
Events & Webinars
FAQs
Blog
SecurityPal Council
Company
Vision & Values
Leadership Team
SOCC
Careers
Press
Newsroom
Connect
Contact us
Call us: +1 650-503-9216
Legal & Compliance
Terms of Use
Terms of Service
Privacy Policy
DPA
Security & Assurance