Want to Stand Out with Cyber GRC Labs? Watch This Now!

Gerald Auger, PhD - Simply Cyber
29 Feb 202404:32

Summary

TLDRIn this engaging video, the speaker outlines three practical ways to gain GRC (Governance, Risk, and Compliance) experience from home. Viewers are encouraged to write and document information security policies, conduct audits for local businesses or personal networks, and create end-user awareness training content. These projects not only build valuable skills but also serve as compelling evidence for potential employers. The speaker emphasizes the importance of documentation and sharing these resources to enhance visibility in the job market, ultimately positioning viewers for success in the GRC field.

Takeaways

  • 😀 Gaining home lab experience in the GRC space is essential for practical skills and employability.
  • 🎥 The speaker hosts daily live sessions for cybersecurity discussions and Q&A, providing a platform for learning.
  • 📝 Writing information security policies is a valuable project that showcases writing skills to potential employers.
  • 📦 Bundling written policies into a downloadable resource can attract attention from small businesses in need.
  • 🔍 Conducting audits using established frameworks like NIST CSF or CIS 18 enhances practical experience.
  • 🚫 Be cautious with sensitive findings during audits; avoid sharing potentially compromising information online.
  • 👥 Volunteering to perform audits for local businesses or organizations can provide hands-on experience.
  • 🎓 Developing end user awareness training content helps improve security practices and demonstrates knowledge.
  • 📣 Promoting created resources online can increase visibility and networking opportunities in the GRC field.
  • 💼 Using documented projects as conversation starters in interviews can effectively showcase your skills.

Q & A

  • What is the main focus of the video?

    -The video focuses on providing ideas for gaining practical skills in Governance, Risk, and Compliance (GRC) at home, along with methods to document and showcase these skills to potential employers.

  • What regular activity does the speaker conduct every weekday morning?

    -The speaker conducts a live daily threat briefing and an 'Ask Me Anything' session every weekday morning, engaging with an audience of about 500 people.

  • What is one suggested project for GRC analysts mentioned in the video?

    -One suggested project is to write information security policies, bundle them into a downloadable kit, and share them publicly to provide value to small businesses.

  • Why is it beneficial to document the process of creating information security policies?

    -Documenting the process helps analysts articulate their experiences in interviews and provides tangible evidence of their skills and capabilities.

  • What is a recommended approach for conducting audits?

    -It is recommended to volunteer for audits at local businesses, churches, or even for personal home networks, using established frameworks like NIST CSF or CIS 18.

  • What precautions should be taken when sharing audit findings?

    -Sensitive findings from audits should not be shared publicly to avoid compromising security. Instead, analysts can discuss general insights without revealing specifics.

  • What type of training content does the speaker suggest creating?

    -The speaker suggests creating end user awareness training content that is effective in modifying behavior regarding information security.

  • How can analysts leverage their created resources in job interviews?

    -Analysts can reference their created resources, such as policies and training materials, to demonstrate their practical experience and proactive approach to information security during interviews.

  • What is the purpose of creating a 'Small Business Information Security Policy Starter Kit'?

    -The purpose is to provide a valuable resource for businesses that may need information security policies but do not know where to find them, while also showcasing the analyst's work.

  • What mindset should analysts adopt when creating these projects?

    -Analysts should adopt a mindset of providing value to others by sharing their work without the intention of selling it, thereby building goodwill and potentially opening doors to job opportunities.

Outlines

plate

Этот раздел доступен только подписчикам платных тарифов. Пожалуйста, перейдите на платный тариф для доступа.

Перейти на платный тариф

Mindmap

plate

Этот раздел доступен только подписчикам платных тарифов. Пожалуйста, перейдите на платный тариф для доступа.

Перейти на платный тариф

Keywords

plate

Этот раздел доступен только подписчикам платных тарифов. Пожалуйста, перейдите на платный тариф для доступа.

Перейти на платный тариф

Highlights

plate

Этот раздел доступен только подписчикам платных тарифов. Пожалуйста, перейдите на платный тариф для доступа.

Перейти на платный тариф

Transcripts

plate

Этот раздел доступен только подписчикам платных тарифов. Пожалуйста, перейдите на платный тариф для доступа.

Перейти на платный тариф
Rate This

5.0 / 5 (0 votes)

Связанные теги
GRC SkillsCareer DevelopmentHome ProjectsCybersecurityInformation SecurityPortfolio BuildingResume TipsPolicy WritingAudit ExperienceEnd User Training
Вам нужно краткое изложение на английском?