Full video on Youtube.com/convocourses
Hey guys, this is Bruce and welcome to convo courses, podcasts. Every week. What I do is I talk to you guys about cyber security, mainly speaking on security compliance. And I’m opening this things up to questions. So if you have any questions during the course of this live session, feel free to ask ’em.
This is the perfect time to interact with me. And if you didn’t know, I’m the sole proprietor owner of convo courses.com where I got tons of free stuff. If you’re interested in cyber security compliance in particular, lots of downloadables, lots of free stuff for you to check it out.
You might not even be interested in cyber security, but outta, unless you try you, you must been hearing about it. It’s a hot career path and let’s get right into this. So what I wanted to talk about today, If somebody on TikTok said just another guy selling a book and yes, I am selling a book, but I’m also selling courses.
I’m selling my time. But it, the thing is I’ve been doing this for years. , it’s I’ve been putting free content out for years. My. Has something like 600 free videos where I’m putting people on how to get into cyber security, how to do cyber security compliance how to secure their system.
All things, cyber security I’ve been talking about for free and you can still get this stuff’s all out there. So if you’re interested in this. The best place to follow me. If I can’t, if you wanna get stuff for free, you wanna try it out or whatever, or get information is to go to YouTube.
YouTube has hour long. Literally I do these every week. I’ve been doing hourly long videos for years, teaching people, just ask me questions and I’ll just go ahead and speak for an hour straight about a topic. Yeah, I am I selling a book? Yes. On Amazon, I’m selling a risk management framework. I, this Audi, most of the people in this audience will not be interested in that book.
I’m selling to a very niche group of people who are interested in this is people who are in cyber security, trying to make big money. Not everybody is willing to do, take the time to to learn this trade. And to get into this and they want that quick money, but this is not quick money.
This is long term money that’s gonna help you and your family for years. If you are interested in that, then you come to the right place, cuz I’m here to teach. And if you’re here to learn then let’s do this. Somebody said what up family? Somebody said any thoughts on IBM cybersecurity certificate on Corsera is really dope.
Corsera if I’m not mistaken they’re also doing the Google support it certification. So Coursera is incredible. Another one I would recommend is you to me. I’ve taken TMY myself, actually, TMY is incredible because it has a lot of entry level courses and stuff. IBM cyber security certification.
My opinion on it is I really, this is the first time I’ve heard about it. That being said, one of the things that you wanna look into whenever you try to get a certification is how. How popular is that certification that matters to give you an example of why that matters is because there’s a certification called the C and it’s a certified ethical hacker cert certification.
And it’s got a lot of attraction, like HR departments, companies know what exactly what it is and what it does. It’s for people who do pen testing it’s for people who are looking at cyber threats. Cyber threat analysis, things like that. Now in the hacker community, if you talk to most hackers, people have been doing this for a while.
People really know what they’re doing. They hate that certification. The reason why is because the certification is a, not, I won’t say it’s a money grab, but it doesn’t. It goes into a lot of the tools that you use for the trade, rather than the actual theory. And I having read through the books for C I would disagree with that.
They treat you a lot of the fundamentals that it takes to learn the basics of hacking and goes a little bit deeper. So I would say it was from basic to intermediate. But it’s got a, an unfair shake in my opinion, from the hacker and the pen testing community, because it just doesn’t go deep enough and they want it to be more hardcore.
If you want something more hardcore, you wanna go to the SC P O S C P or Cali Linux, stuff like that. Those certifications have more hacker respect. What the point I’m trying to get at is C is a very marketable certification. If you have that certifi. You’re looking at and a little bit of experience under your belt.
You’re looking at six figures, but that’s because it’s a popular certification. So IBM cyber security certification I’m saying is not super popular. I’m guessing, but let’s take the guesswork out of it when I’m gonna do right now is I’m gonna go to, I’m gonna go to a. And I’m gonna show you what I’m talking about.
As far as marketability of certifications, you wanna look at the marketability of a certification. Let’s go to indeed.com. One of my favorite sites to go to for job searches. And I’m gonna show you, let me show you my screen real quick while I’m doing this. Somebody ask me what search do I have?
I’ll answer that in a second. While I’m doing this C I S P and Cap and a few other ones, but let me show you what I’m talking about. Oh man. You can not see that. Okay. I’ll just walk you through it. Okay. So I’ve got a bunch of people watching, so I’m on indeed right here. And I’m gonna type in IBM what’d you say security certification.
You said cyber security certification cyber. And this is what you wanna do with any kind of certification that you are trying to pursue. You wanna see the marketability of it? Cyber security, certifi. You can just go to any kind of job aggregator such as LinkedIn, indeed monster and just type it in. So it says there’s no searches, but that’s because it’s only searching in my area of Colorado.
Let’s look at all the United States and let’s see how many certifications how many people are looking for the certification. So I did a search here. And it’s saying that there’s 11 jobs looking for the IBM certification where that keyword came up and really it’s not even it’s keying in on certification security.
It’s not really finding the IBM certification, but let’s take an equivalent certification. Let’s say equivalent of cyber security certification. Let’s say it’s a security plus. Now watch this. I type in security plus comp Tia. In fact let’s narrow it down. Comp Tia security plus certification.
There are 9,000 jobs. That’s what that says right there. Nine, 9,000 jobs for the comp Tia security plus, and look at the look at what they’re paying. Now. This is for a junior ethical hacker, but that’s not bad at. And it’s getting you into ethical hacking, which is pretty good. It’s I’ve.
So my opinion about the IBM certification is doesn’t have traction just yet. A lot of these vendors will try to create their own, and this is coming from somebody who has vendor level certifications. I’ll get into what kind of certifications I have in a second, but vendor level certifications, some of ’em don’t take off some of ’em don’t they lose traction.
And because it’s the company, the organization doesn’t market them effectively. And what they lack that some of the certification organizations have. A couple being ISACA, which has C I S a C I S M C risk and some of the others comp Tia, which has a plus certification network plus certification security plus certification and others.
And then you have is I C ISC two squared, which has CS S P and a couple of other big time certifications. What these guys do right? Is they market the certification. They know who to talk to, to get in on these lists, the government lists to say, Hey, these are approved set of certifications. They market it so that other people have to take the cert.
And then it becomes a requirement like they did with the C the marketing on C is incredible. Like they did a great job on the marketing aspect of it. So my opinion of the IBM cyber security certification, it doesn’t have traction just. I would probably go for something like the sec security plus if you’re trying to get in the field and make money.
So that’s my opinion about it. I hope that answers your question. That’s a question from TikTok, by the way. Here’s another question that I have from Floris floes leak. And it says, what kind of certifications do you have? Certifications that I have. Okay. I’ve got the C I S P that certification singlehandedly changed my life as a professional level certification from ISD to squared.
I got it when it, not when it first came out, but shortly after it came out. So I have a pretty low number. They have a set of numbers. So I got mine in like 2006 or 2005 or something like that. And then I’ve got the ISC two cap, which is it’s for a security compliance for N 800. I. I’ve had two different versions of the security plus one of which doesn’t expire.
Cuz I got it. Like when it first came out, I used to teach security plus comp Tia. I had the original network plus the original, a plus, which was one certification now is two. I have Microsoft C I’ve got, I had the CCNA, but that expired. I don’t like, I don’t, my, that knowledge has left me. If you don’t speak a language for a while it’s gone.
I understand still the basics of, I, I could probably configure a router or something like that, but it will take me a minute. Then I’ve got a bunch of vendor level certifications. I’ve got one for arc site. I’ve got one for QS. I got one and I got a few other ones, and I’m not people call me a paper tiger or whatever, cuz I, I go out and get these certs and stuff.
I normally, I would get the cert based on the job I’m in. If there’s a job I need to do. And they need me to do learn this particular, this a certain thing. Then I’ll go out and learn that. So that’s why I have so many certifications. I got ’em outta necessity. I didn’t get ’em because I was trying to get a bunch of certifications.
It was all for me. It’s outta necessity. I got other things to do with my time. , you know what I’m saying? Like the next certification I’m gonna get is probably gonna be a cloud based certification. Like I’ll probably get that AWS. Cloud practitioner one coming up real soon because people keep asking me questions about cloud.
I’m like, damn, I don’t really, I’m not really deep on cloud, so okay. Let me see. Jimmy says thanks for the breakdown, man. I really appreciate that. Hey man, no problem. No problem at all. Okay. So I wanted to take some have people call in, but I’m having, I don’t have a lot of people joining me on YouTube, so I’ll wait on.
In the meantime, what I can do is I could take more questions and I can actually teach some stuff on a N 837. Or, you know what I think a better thing to do is to speak a little bit more on certifications since I got a lot of people asking questions about it. Okay. So certifications, I would recommend let’s talk about that certifications.
I would recommend I’m gonna talk about the Entry level intermediate to expert. Okay. Let’s start with intermediate entry level certifications. So entry level certifications. I would highly recommend in this order. If you let’s say you come in off the street, you get, you know anything about it or computers.
I would recommend a plus certification. That was the first one I took. It was, it’s a great introduction into the common body of knowledge that you need to know in order to troubleshoot. Systems and how to secure them as well as the networking aspect of computers. A plus certification is one of the best ones from comp Tia.
So comp Tia, let me just show you what that site looks like. CompTIA. Another one I would recommend would be the Google support it certification. This is comp tier right here. It’s one of the top certification. Organizations in the world, CompTIA, they got a plus they got network. Plus they’ve got cloud plus they’ve got a really good course curriculum that breaks down the basics of what you really need to know for this career field.
So it’s a really good starting point. I would say. And then another one I would recommend would be the Google. It support it, which a lot of people are getting jobs off of that for some reason. And then the other one I would highly recommend for entry level. If you’ve already taken the a plus, if you’ve already taken security plus stuff like that, ISS.
Certification AWS cloud practitioner. This is this one’s hot. Because Amazon, if you didn’t know, owns a large percentage of the market share for cloud. So they’re competing against Google. They’re competing against, Oracles in there now, but the biggest competitors is Microsoft and Google.
Microsoft has Azure, their Azure product. And then Google has their own cloud based products and the go. Of the world are, and other companies are starting to use their cloud services, but the ones that they use the most is Amazon. I believe like Netflix, Netflix uses Amazon cloud services and then other like large organizations multi-billion dollar trillion dollar organizations are using, or either they already have their own cloud service or they’re using Amazon Google or Microsoft Azure.
So those are the three entry level certifications that I would recommend. Intermediate let’s say you’re already an it person. You’ve got three years under your belt doing it. You, your work on help desk, you work as a customer support. What would I recommend? I would recommend for entry level or intermediate is to go for a professional level certification.
That’s what I would recommend. That’s a CIS S. Top one, especially if you’re doing cyber security, I would recommend if you’re networking, then you want to go with either a CCNA security or a CCNP security. I think they have a CCNP cloud and a CCMP video and all kind of other CCMP. These are not easy certifications, but CCMP is from Cisco.
It’s one of the highest sought after certifications out there. It. It’s gonna pay you a lot of money. That’s why I’m saying that you should do it. And on top of that, you’re gonna really know what you’re doing because and then a, they, Cisco owns a lot of the market share for networking technology.
The only other one that comes close is like Huawei, which is in China and is banned in the us and parts of Europe. Their products are, and Juniper and I think Palo Alto or something like that, that even come close to their market share, but Cisco’s the best. And so that’s why we recommend that’s one of the, one of the few vendor level certs out.
You could get by yourself. You can get that one cert by itself. And then that would be incredible. Like it would. It will butter your bread. It will. It’s gonna pay your bills. it’s and then expert low level certifica. Oh, another one for intermediate would be there’s red hat certifications that if you happen to be a red hat person and then there’s Microsoft, if you, so once you get intermediate.
Entry level is gonna be like basic stuff that you need to know. But once you get into intermediate territory or professional level territory, you have, you’re going to drill down into one or two products. Like you’re gonna be really good on one or two products. You’re not gonna be a master of everything.
So once you get to that level you’re gonna wanna get a professional level cert in that field that you’re in. If you happen to do Microsoft, you’re gonna get I don’t know what they’re calling it now. MCs. MCSE. Is that still valid? I haven’t done Microsoft in a while, so I might be wrong.
Let me see CSE and correct me if I’m wrong, guys, if I’m okay. Cuz I know that they changed it recently. Yes. Still MCSE. Okay. They have different. Okay. It’s definitely evolved quite a bit. MCSE and MCSA yeah, that’s a professional level cert as well. And then Cisco has CCMP so you’d wanna go deeper into whatever product that, once you get to the professional level, then at the expert level.
That’s very specialized typically. So an expert level cert would be would be a C, C I E. And a lot of people, most people don’t have it. It’s like the equivalent of a PhD. Not many people get those because they’re super, super hard. And it takes a toll outta your life. It’s serious.
So C I E if you’re in, if you’re in networking, another one would be. I think there’s an there’s one in hacking called the O S C E, which is super high level. I don’t know much about it. I just know it’s a high level expert level certification. And then there’s GS E which also not many people have, cuz it’s just super expensive and super hard to get.
So you’ve got entry level certifications, which are usually called like core CompTIA calls ’em core. They’re. Entry level or associate, then you’ve got professional level certifications. They’re called the usually professional level certifications or intermediate certifications. And then you got expert level certifications.
What do you think about the IBM certification on a program on KRS Coria? So I already answered this one, but your quick answer would be that I don’t think it’s a very popular certification. I’m not trying to hate on IBM certification. Now, if you, if it happens to be your first certification, it just add a caveat to it.
If it happens to be your first certification, go for it. If it’s your first certification, you’re trying to learn it and they’re giving it out for free. It won’t hurt to go ahead and try it. But as far as if you got the certification, would it be marketable? I don’t know how marketable it’s gonna be like a security plus will be way more marketable.
I’m just telling you guys honestly like a, that IBM certification is not on any, it’s not on the D O D approved list. It’s not, I just heard about it on TikTok. It must be. They’re giving it out for free because more than one person has asked me about it. If you happen to be learning this, go for it.
If you’re like learning this from scratch, go for it, do it. But if you wanna level up at some point, take that one and then do the security plus security. Plus once you get that certification under your belt, it’s marketable. Like you could put it on your resume. And get a job. So I don’t know if you can do the same with IBM cyber security.
I’m not trying to hate on it or anything, but go, I’m saying, go for it. IBM is dope. I just putting IBM actually IBM itself is a key word that you could put on your resume. So IBM itself would be good to put on your resume. IBM security program. I’m sure it, it would make you a little bit more marketable than you are.
If you don’t already have it on there. That’s my 2 cents on it. Cisco does have some free search too. I’m not sure if they’re already covered. Oh, really? I didn’t know that. Cisco has a C E N T, which is an entry level certification. I think that one’s pretty good. And then.
Above the CC E and T you have a CCNA and then above CCNA, you have specializations of CCNA, and then you have a CC N P, which is a professional level cert, which goes pretty deep on different technologies. Yeah that’s the whole thing then CC I E is like expert level, top tier type certification.
I’ve known a few people who have the C I E, but they’re pretty rares. I’ve known a lot more people who have the CCMP or a CCNA as matter of fact, I’ve had a CCNA before. Okay. Let me see here. Let me see if I got any more questions or stuff I want to talk about. Okay. Here’s one. I wanted to talk about the pros and cons of cybersecurity.
If you guys are interested in joining a call that I have right now on YouTube, feel free to jump on. This broadcast on YouTube on just go to YouTube type in combo courses. You’ll see me there. And then I will a give you a link if you’re interested in this. And if not, that’s cool. Let me see, I’m gonna talk to you guys about the pros and cons of it.
For, I get a lot of people who are contacting me, who are new to this and who want to get in this field. And I feel like one of the questions they should ask is what are the pros and cons of this, especially if they happen to. A nurse or a teacher or some other profession trying to get in this security field in this field as a cyber security person or it person, what are the pros and cons of this and the pros and cons of it really depends on, I think, on where you’re coming from.
If you happen to be in the service based industry and you’re dealing with a client, a lot of clients and you happen to not to hate to. Love dealing with people. You happen to be an extrovert. You love interacting with people, and it’s just boring where you don’t have anybody to talk to makes the day go by faster.
If you have somebody to talk to then one of the negative things about can be with it is that you sometimes you’re isolated. Sometimes your. Sometimes a job makes it so that you’re actually isolated to where, for example when I was a network engineer, we just, sometimes we’d be in the com closet, the computer, the communications closet hooking up wires all day.
And I wouldn’t see a person. I wouldn’t see a human for six hours a day, like four hours. I’d be in this computer room, this cold computer room. With no windows fixing a router, just trying to, trying to fix the iOS on a router and backing the router up and stuff like that. And it would take all day cuz it be something wrong with it.
For whatever reason, it’s not connecting to the next rest of the network. I’m connecting a bunch of systems to it. Or I’m trying to figure out which wire’s not working or. Or I’m trying to turn on port security on a bunch of ports or something on a switch. Like I’d just be messing tinkering with this thing for hours.
If you happen to be an extrovert, that can be a negative thing. If you really like interacting with people, that’s one of the negative things about it, but. It really depends, cuz not all jobs are like that. It could be a positive thing if you happen to be an introvert, like you don’t really want be in the industry, the service industry, for example, you just don’t really want to talk to people you don’t wanna really deal with this kind of stuff.
Then it’s perfect for you cuz you’ll be in locked in a closet programming or something all day long so it really depends on what you wanna do? Pros and cons of it. Let me think of some other pros and cons of it. And if you guys happen to be in it, I wanna ask you guys, what are the pros and cons of being in information technology?
What are the good things about in being in information technology and what are some of the bad things about being in information technology, please chime in. Feel free to talk to me about it. I’ll read your comment on there, but another one good thing I would say. It is that it, it pays pretty good.
Like even if you start off entry level and you’re not getting paid really good after about a year, if you put that stuff on your resume, you work your resume, you can very quickly escalate to another level. And a lot of career paths don’t have that kind, that level of they don’t have that kind of progression built into the structure.
Like I know that my I’ve got a few friends and family who were nurses. Who were doing nursing or they were CNAs or something like that. And I noticed their progression’s a lot harder. Like it’s really hard to go from say a certified nursing assistant to a nurse. There’s a huge gap in pay and skillset.
And there’s just this huge gap between those two things you would think it’s close. It’s not close at all. Like a certified nursing assistant. Is a huge gap. Whereas in it, you can quickly progress one like one skill at a time and make a little bit more money, little bit more money, little bit more money.
So that’s one of the pros and DG five, one says remote working is a pro. Oh my Lord. That’s a great one. That’s a great point, man. Thank you for bringing that up. Remote work is one of the. Things about it, the it field in my personal opinion because a lot of people don’t have that option.
I think if you’re a nurse, you’d be a traveling nurse and you can have remote work and then, but you’re still traveling. You’re still going to site and stuff like that. But with it, you can truly be remote, and there’s networking jobs that remote, there’s Infrastructure jobs that are remote there’s cyber security jobs that are remote there’s computer consulting jobs that are remote.
I, that was my last position. There’s cyber security that are remote risk assessments that are remote customer service, technical that are that’s remote. There’s so many remote positions and that’s one of the great things about doing remote. Let me see. So somebody said somebody said, do you need computer science degree to start no.
To do in cyber security or in it? No you don’t need you don’t need to have a degree to get into. To get into it. So the caveat to that is that I’m gonna prove it to you. I’m gonna show you some I’m gonna actually prove to and show you what exactly what I’m saying is true. So do you need that kind of those kind of computer?
So first of all, let’s break this down. A computer science degree. It typically the courses typically focus on software engineering. Okay. Computer science. I don’t even have a computer science degree and I’ve been doing it for 20 years and I’m making six figures working from home. Okay. I have a bachelor’s degree in information technology, but I know people who have a bachelor’s degree in information systems.
I know people who had math degrees, actually I know people with double’s that’s a electrical engineer who are working in this field as cyber security. So typically. If there are, if they are looking for a degree, you don’t even have to have a computer science degree or a cyber security degree. You just need something in stem, which is science, technology, engineering, and mathematics.
If you have that with a little bit of experience, you can get, you can get in there and make really good money. Now that being said, There are jobs that don’t require a degree at all. Now let me qualify that. So they do expect you to either travel a lot or learn very quickly, or have a G E D high school equivalent or.
Be working on a degree or have a certification or have a certain skill set. They usually want you to have something without a degree. And it’s probably not gonna pay as much. That being said, two of my mentors who taught me all kinds of stuff did not have a degree. And they were the highest paid guys in the room at any given time, but they were brilliant.
They were brilliant. They were coming outta the military with three, four years of experience. They were the main person everybody was relying on. So I’m just trying to qualify this, but now let me show you where jobs, where you don’t need a degree working in it. So what I’m gonna do here is I’m gonna go to a, I’m gonna go to a
Job search engine. And I’m gonna show you how you can find these jobs where it doesn’t need a degree. Now it does need you to know you gotta do the work. They’re gonna expect you to know exactly what you’re doing. So you gotta actually have some knowledge of it. I’m not saying you can just walk in off the street.
This is not sweeping floors. You know what I mean? Like you have to know some stuff to come in to do this. So if you wanna follow along, let me just explain to you what I’m doing. Cause I’ve got people listening in on this as well. So what I’m doing is I just went to indeed dot. Okay. And I do job search. I remove the state.
You gotta remove the state. Because sometimes it’ll come up with your local state. If you happen, you can also do this on LinkedIn and go to the search results. And then what you’re gonna type in is entry level entry level it, okay. That’s all I’m typing in entry level it
and. It’ll come up with a bunch of stuff. Now we’ve got all kinds. Okay. Here’s one help desk technician. What you’re gonna do is you’re gonna go down this list and look for positions that don’t require a degree. So you’ll go to the requirements. You’ll go to each one of these jobs. I clicked on one called help desk technician.
And it’s in it’s remote job in Missouri and there’s, here’s their requirements. They said proven experience with help desk and customer service role customer. Customer oriented in difficult situations. Tech savvy must be able to be a part of a team be able to speak proficiency in English communication skills and it’s a 40,000 to 60,000 per year job.
They’re not saying anything about a degree. This is the kind of stuff I’m talking about. And what all I did was typed in entry level. It that’s, this is the kind of jobs you can get. You don’t actually need a degree. And that’s another positive thing about it is that you, it’s. So in demand that a lot of times you don’t actually need a degree, but you’re gonna have to look for those jobs.
And in addition You you’re gonna have to know what you’re doing because you saw that what they wanted you to have was a proficiency in actually fixing the computers. And they’re looking for you to already have one to two, two to three years. Actually they’re saying here in a position that said, or one year experience.
For entry level positions, and there’s all kinds of positions like this that you can find, but you gotta know what you’re doing. You gotta do your due diligence. And that’s why I always tell people, Hey, go for an a plus certification, cuz it’s gonna break down the fundamentals of what you really need to get into this field, to get in an entry level position, just like this.
All right. I’ve got some people who are joining me on YouTube. Let me just read a couple of these questions here. Somebody said Tony said. Thanks Tony for the comment he says I work in cyber security and I have a criminal justice degree. I have a criminal justice degree. I have a C I S P.
That’s awesome. That’s incredible. Tony, you should are you actually working in the field right now? Do you have a job in information technology and what’s the status of that? Is it doing pretty good? I would be really interested in this. When I was in the military, I worked as a.
As a security forces member, where I had associate’s degree in criminal justice. And I was like, man, I don’t wanna get out and be a police officer. This is, it was a tough job. Like it was not an easy job, mad respect to police officers, cuz that’s a thankless job where your customers. Hate your guts.
and you’re dealing with the worst parts of society. A lot of times you’re going and you’re going in an and. Talking to people on their worst day of their life. And so they’re not usually in their best frame of mind. It’s a hard, it’s a hard job, I know all the stuff going on with police officers today, and I’m not at any, at all, trying to justify some of the bad police officers that are out there cuz there’s there’s like right now, this is the epidemic and the police department’s defend these guys.
I’m not saying that stuff is good. Like with some of the stuff that’s happening, it’s good at all. When I was in, they, when I was in the military, they, if you slipped up at all, they weren’t did not have your back. You were, they threw you right under the bus. Like you better you were held to a higher standard.
And that’s how I think police officers, the whole industry should be, but it’s not, that’s not what’s happening. That being said, mad respect to that profession because it’s very difficult and not everybody can do that. And I wish they would stop putting people in those positions that don’t, that shouldn’t be police officers cuz that’s what’s happening.
Okay. Tony says I’m actually a cyber security manager at oh KPMG. That’s one of the top big four. That’s one of the big four, one of the top. If I’m not mistaken, that’s one of the top accounting firms in the us. There’s four there’s de. There’s ston young there’s P KPMG. And then there’s one more.
I can’t remember what the other one is. If you guys can remember what it is, please chime in. He says he acts as a cyber security manager at the okay. That’s awesome, man. I do. I work in GRC work. So what kind of things do you guys do? Do you guys. So that means you’re in the financial sector.
Do you guys have a system security plan where is that a, it’s a package where you put all the security controls into one package and then you get the system authorized. I’m sure you guys have risk assessments. You guys have things like continuous monitoring. You guys have things like, but do you guys have like a system security plan where it’s.
All of the documentation for all the controls are put in one place in a database. And that’s shared out to the organization for some sort of approval with your C level execs and for the agency to approve that system. I’m very curious that you got, if you guys have something like that, do you guys also use Sarbanes Oxley?
That’s a, if you didn’t know, that’s a security compliance set of rules. That banks, financial institutions, investing institutions use to make sure that the organization’s doing what they’re supposed to do. I’m very curious about that, Tony. And while you’re answering that one, let me see somebody else.
Ask me another question. They said anyone trying to get into cyber and it. Should get in the help desk. That’s yeah. That’s definitely a big step up. It’s a great way to learn the foundation that you need to get ahead. Oh man. SS that’s some great advice. Great advice. Okay. So while I’m waiting on Tony to respond, I think I’m gonna go to assess this comment.
So you work in KPMG. And then you said you work in GRC. Okay. I don’t know if Tony’s gonna respond. So let me just go to SS. So SS says anyone trying to get into cyber and it should get into help desk. It’s a great way to learn foundations. It needed to get ahead. Absolutely. Another thing I would add to that is that if you do help desk for some time to help desk, okay.
So there’s a lot of different names for help desk. You’ve got customer support, technical customer support. You’ve got field tech, one field tech two, you’ve got a lot of different names for a help desk person, but essentially it’s the first line of defense. Outside the user themselves, the first line to defense in the organization, the first person somebody calls.
When their computer is not working properly or it needs to be updated and something went wrong or they need a backup, a quick backup of a desktop or a laptop or something like that. Or they need to reconfigure their laptop or re-image the laptop or something. That’s the, when they call the number, it goes to help desk.
That’s the first person that they’re contacting. It really is great for your resume because it’s gonna give you. Like one, two years of experience where you actually get exposure to networking, you get experience with a little bit of a little bit of cloud technology. If they have that in environ environment, you get a little bit of, you might even get to touch on servers, some net routers and cyber security, of course.
So you just gotta put all that stuff on your resume. So that after about a year of work with that, Being on the help desk being on the front lines of that organization, that you can go ahead and level up after about a year. So yeah, a help desk was my actual first position on the job training. It was.
That was incredible. Like that experience I don’t take it for granted. Like when I was there, I was just wanting to jump into routers or do firewalls or something like that, something specialized, but that foundational knowledge and skillset that I got of troubleshooting. And trying to figure out basic problems on those computers in a production environment, that experience, and that exposure allowed me to get into things like do deeper dives into things like networking.
Cuz I did network engineering for a while. It allowed me to do deeper dives into. Learning to build a software in a real environment, like how to, how not to develop software in different environments, like webpages and stuff and web applications and things like that. We didn’t have that many back then, but from time to time we had to touch those.
So those are some of the stuff that I learned on the help desk. I would SS I would definitely agree with you on. All right. I’ve been talking for a little bit. I really wanted to test out I’m on this new thing where I can actually have people call in. I’m gonna keep using this until I can get people to call in and add their 2 cents on.
On things like cyber security and security compliance, maybe next week, we’ll do this again and then have people call in. But if you’re interested in calling in at some point give me your email and then I’ll let you call in and I’ll let you speak. On all this stuff. And but for today, I think that’s about it.
Thank you guys so much for your questions. Thank you for your comments. Thanks, SS. Thanks Tony. And all the people on TikTok. Wow. There’s a lot of interaction on TikTok with just a very few people who’ve been follow me. So thank you guys for that, but I’m gonna close this thing out.
Thank you so much. Let’s close out TikTok first in the live show. And then I was also live on the podcast that’s over and thanks so much once again, as always. Thank you so much for joining me on YouTube. Thanks for your questions. I’m outta here.