July 3, 2024
2
minutes

EP 9: Ryan Black: Training the Next Generation of Security Professionals

In episode 9 of the "In Security" podcast, host Mike Cataffo interviews Ryan Black, the Chief Information Security Officer at BLACKCLOAK, on training the next generation of security professionals. Ryan shares his insights and experiences, emphasizing the importance of mentorship, creating a learning culture, and fostering collaboration across disciplines.

Watch the episode here:

Key takeaways:

  • Mentorship is crucial in fostering the next generation of security professionals by offering guidance and support.
  • It is vital to establish a learning culture where it's acceptable not to know everything and where knowledge can be shared and learned. This encourages curiosity and continuous growth.
  • It's essential to create opportunities for cross-disciplinary collaboration, which allows for knowledge sharing across different fields.
  • An approachable training framework, like the Capture The Flag model, can stimulate learning growth. This tool can cater to various individuals, from project managers to early developers, providing an array of puzzles and challenges.
  • Practical examples demonstrate how such a training framework can ignite a passion for learning and enable rapid skill acquisition, even for individuals without a technical background.
  • In security roles, hands-on involvement is crucial to preserve credibility with other technical staff and better understand their challenges.

About our guest:

Ryan Black, CISO at BLACKCLOAK, has a decade-long security career. His previous roles include CISO at Origami Risk and Director of Engineering Security at Mandiant. He founded Threatsurface.io and has a degree in software development. Known for building effective security teams and fostering collaboration, his skills encompass risk assessment, vulnerability management, and security operations. He contributes to open-source projects and is recognized for his empathetic leadership style and strategic thinking.

Ryan began his career with a diverse technical background and a passion for solving problems. His security journey was not intentional but evolved through various roles and opportunities to lead teams and projects. His diverse experiences in pen testing, security services, and operations shaped his path to becoming a CISO.

Mentorship and Learning in Cybersecurity

An experienced security leader, Ryan Black values mentorship, having benefited from it during his early years. As a teenager, guidance from seasoned professionals sparked his curiosity and equipped him with foundational technology and security skills. This is reflected profoundly in today’s discussion around Training the Next Generation of Security Professionals.

Ryan encourages a culture where questions are welcomed, knowledge is shared, and continuous learning is promoted, deeming it crucial for nurturing future security professionals.

He advocates for creating opportunities for people from different disciplines to work together. By pairing individuals with diverse expertise on projects, teams can benefit from a broader range of knowledge and perspectives. This collaborative approach enhances learning and problem-solving capabilities.

Ryan developed a Capture The Flag (CTF) training framework to facilitate practical learning. This tool is designed to be approachable to various individuals, from project managers to early developers. It includes an array of puzzles and challenges that simulate real-world security scenarios, helping participants develop their skills in a hands-on environment.

Ryan shares a compelling story of a project manager who initially doubted their ability to participate in a CTF event but ultimately excelled and placed third. This example illustrates how the CTF framework can ignite a passion for learning and enable rapid skill acquisition, even for those without a technical background.

Ryan emphasizes the importance of staying hands-on and encourages security leaders to maintain technical credibility. Leaders can better understand their teams' challenges and provide more practical guidance and support by remaining involved in the more technical aspects of their team’s roles.

Ryan Black's insights on training the next generation of security professionals highlight the critical roles of mentorship, a collaborative learning culture, and hands-on leadership. His innovative approaches, such as the Capture The Flag framework, demonstrate how practical tools and fostering an environment of continuous learning and curiosity can inspire and develop the security industry's future leaders.

No items found.
No items found.
No items found.
Nirvana Karkee
Content Writer