Phight the phish

Phight the Phish: 5 Ways to Detect a Phishing Email

October is Cybersecurity Awareness Month. This year, the Cybersecurity & Infrastructure Security Agency (CISA) and the National Cyber Security Alliance have announced their efforts towards encouraging “individuals and organizations to own their role in protecting their part of cyberspace,” including the initiative “phight the phish,” a phishing awareness campaign designed by the Information Security Office to keep our community safe.

As a cybersecurity academy and consulting firm, we also want to help our community understand how to incorporate actions into their daily lives to reduce their cybersecurity risks. “Do Your Part. #BeCyberSmart”.

In this blog post, we tell you all about spotting a phishing email. The details you need to check on every email you open and what to do in case you receive a suspicious one.

What is Phishing?

Before we dive into the different ways to help you spot a phishing email, you need to understand what phishing is all about. This is one of the most common methods of cybercrime, and it is designed to trick you into giving the hacker personal or sensitive information. Once you have provided them with that information, they can access your email account, bank, or any other account they are targeting.

Just so you understand how serious the situation is, it is calculated that only 3% of target users report malicious emails to their managers. Also, 30% of phishing messages get opened, and 12% of those users click on the malicious link. No wonder why the FBI reported that phishing was the most prevalent threat in the US, with over 241 thousand victims during 2020.

Phight the Phish: How to Spot a Phishing Email

As hackers are getting more sophisticated with their attacks, it is very common to see a phishing email pass through detection filters from email providers. That is why you must always check these details before clicking a link or downloading a file from a suspicious email.

1- Always Check The Sender’s Email Address

Usually, phishing emails come from a public email domain (such as @gmail.com or @hotmail.com), or there are inconsistencies between the organization’s name, the email address, and the links.

One way to spot these inconsistencies is to hover the mouse pointer over the link and see the URL that pops up. Please do not click on it. Just hover over it and check if the URL is related or not to the alleged sender. If it reads something different, report it as a phishing attack.

Another great way is to check the domain. Usually, it will look very similar to the organization they are trying to copy, with a typo or a misspelling. For example, if they were trying to mimic Netflix, they would have a domain similar to netfliix.com (notice that this domain has two is).

2- Try Doing Some Proofreading

While we don’t want you to spend an enormous amount of time reviewing the grammar and spelling of an email you received, you do need to understand that phishing emails usually are filled with grammatical mistakes and poorly made translations.

3- Phishing Emails Usually Demand Immediate Action

Attackers are looking for you to take action as soon as possible. This is only because they don’t want you to spend too much time reviewing the content of the email or website and just grant them the necessary access to your accounts.

Always check what they are asking you to do and why.

4- Look at the Greeting

Phishing emails rarely include your first name. They usually go with greetings such as “Dear friend” or “Hi Customer.” Most organizations do not follow a practice, as they always want to make their customers feel valued.

5- Think Before Clicking or Downloading an Attachment

Phishing emails will always have either a link you need to click or an attachment to download. Always check the four steps we mentioned before taking action. Once you click a link or open an attachment, you are hacked.

As we have explained before, to check a link, hover your mouse over it and see the URL it displays. It should match the sender’s website.

Always treat with caution files .zip, .exe, .scr as they are usually associated with malware.

If you have completed all these five steps and do not think of the email as a risk, you are ready to take action and complete whatever it is asking you to do. If you do spot it as a phishing email, then you must report it.

How To Report A Phishing Email

Reporting a phishing email can help phight the phish, and it does not take much of your time. This is a two-step process that consists of:

  1. Forwarding the phishing email to the Anti-Phishing Working Group at [email protected]
  2. Report the phishing attack to the FTC at ReportFraud.ftc.gov

Be part of the solution, Phight the Phish. Be Cyber Smart.

10 Cybersecurity Awareness Initiatives Around the World

Have you ever imagined your data traveling the entire world? How often have you thought about how vulnerable you are through the Internet? The rapid growth and adoption of the Internet is an unprecedented opportunity for innovation and social and economic growth worldwide.  However, it also makes securing cyberspace more difficult.

To address this challenge, many countries organize cybersecurity awareness initiatives to educate governments, private industry, educators, and individual citizens about potential problems they can encounter online and understand their respective roles in creating safer cyberspace.

Since Cybersecurity Awareness Month was launched by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS) in October 2004, cybersecurity organizations have stepped up their efforts to protect Americans and keep them more secure online.

At the same time, people from all over the world have also done this magnificent work to encourage people to learn more about cybersecurity. So, as part of cybersecurity awareness month, we’ve gathered some of the most exciting cybersecurity initiatives worldwide. Let’s check this out together!

THE UNITED STATES OF AMERICA

1. ACROSS THE COUNTRY – BE CYBER SMART

In its 18th year, Cybersecurity Awareness Month—previously known as National Cybersecurity Awareness Month—continues to raise awareness about the importance of cybersecurity across the USA, ensuring that all Americans have the resources they need to be safer and more secure online.

This year’s theme is “Do Your Part. Be Cyber Smart,” which encourages individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity.

If you want to join the conversation, you can use the Hashtag #BeCyberSmart to connect with people online.

2. CISA – STOP. THINK. CONNECT.

STOP. THINK. CONNECT. is a campaign undertaking a national public awareness effort to increase cybersecurity mindfulness, understanding the potential of cyber threats, and enable the U.S. public to feel safer when surfing online. It encourages Americans to realize that the goal of a secure internet is a shared responsibility either at home, in the workplace, and our communities.

If you want to join the conversation, you can use the Hashtags #CyberAware and #ChatSTC to chat and connect with people online.


AUSTRALIA

3. ACSC’s Personal Cyber Security Series

This event encourages Australians to take simple steps to better protect themselves from common online threats and cybercrime during Cyber Security Awareness Month in October.

The Personal Cyber Security: First Steps is the beginning of three guides designed to help Australians understand basic cyber security concepts and measures that they can implement to protect themselves from concurrent cyber threats.

If you want to join the conversation, you can use the Hashtag ### to connect with people online.

AFRICA

4. AFRICAN SOCIETY FOR CYBERSECURITY AWARENESS

The African Cyber Security Awareness Society (ASCSA) is a non-profit organization that promotes safe online behaviors and practices. To inform South Africans, Africa, and the rest of the world to be more vigilant in practicing safe online habits and keeping them alert to see internet safety as a shared responsibility at home, in the workplace, and our communities.

ASCSA facilitates and organizes multiple awareness programs, workshops and training at national and continental levels in partnership with South African government support agencies.

CANADA

5. ACROSS THE COUNTRY – GET CYBER SAFE

Get Cyber Safe is a national cybersecurity awareness campaign designed to inform Canadians of simple steps they can take to protect themselves online. This campaign helps Canadians stay secure online by teaching them simple steps to protect themselves and their devices. In 2021, Cyber Security Awareness Month in Canada takes place from October 1 to October 31, and the theme is “Life Happens Online.”

If you want to join the conversation, you can use the Hashtag #CSAM2021 to connect with people online.

DOMINICAN REPUBLIC

6. ITLA SECURITY FEST

This higher education institution, ITLA, has an annual conference in October, which tries to raise awareness about cybersecurity among its students and people interested in cybersecurity in the country. This year, the speakers at this conference included our CEO, Reinier Moquete. Some of this year’s topics are Security in Digital Ecosystems, Cyber Resilience after Advanced Persistent Threats, Strategies to Secure E-Commerce, and Trends: Cybersecurity and Business 2021.

7. THE NATIONAL CYBERSECURITY CENTER

This initiative is for the general public to understand the importance of cybersecurity. From parents, children, and teenagers to companies and organizations. They focus on cyber hygiene, essential tools and habits users could put into practice, and case studies that reflect challenges related to the gender gap.

EUROPE

8. EUROPEAN UNION (E.U.) – THINK BEFORE YOU CLICK

The European Cyber Security Month (ECSM) is also hosted every October, and it’s an E.U. campaign dedicated to promoting cybersecurity awareness among citizens and organizations, providing information on current online security by raising awareness and sharing best practices. This features a range of activities across Europe, ranging from conferences, workshops, pieces of training, webinars, presentations, and more, to promote digital security to cyber hygiene.

The two themes of the ECSM2021 campaign are First Aid, guidelines on what to do if one is a victim of a cyber-attack, and Be cyber safe at home.

If you want to join the conversation, you can use the Hashtag #ThinkB4UClick to connect with people online.

PANAMÁ

9. COMUNIDAD DOJO (DOJO COMMUNITY) – AWARENESS TALKS

The Dojo Community is a non-governmental and non-profit organization that offers opportunities for career awareness in cybersecurity. They provide resources and advice for the execution of projects that contribute to the development of their country. They do talks for NGOs, companies about awareness, free of charge.

SINGAPORE

10. CYBER SECURITY AGENCY (CSA) – “BETTER CYBER SAFE THAN SORRY”

The “Better Cyber Safe than Sorry” campaign is a nationwide cybersecurity awareness campaign from July 2021 through January 2022. This campaign uses a combination of traditional and digital media platforms and outdoors to achieve the campaign’s objectives of increasing cybersecurity awareness and improving the adoption of good cybersecurity practices in everyday life.

This campaign focuses on drawing parallels between four cybersecurity tips and everyday life: use a strong password and enable two-factor authentication (2FA), detect signs of phishing, use antivirus software, and update software often.

A COMMON GOAL

These initiatives around the world remind us of the importance of raising awareness about cybersecurity, and more importantly that we’re all sharing the same cyberspace. These campaigns encourage good cybersecurity practices worldwide and empower citizens with a sense of shared responsibility to practice safe and informed behaviors on the Internet. And a note to remember: behind those initiatives, there are people, like you, intending to ensure a safer and more secure Internet for all.

Do you know of any other cybersecurity awareness initiatives? Please, share it in the comments below!

Be cyber smart

Be Cyber Smart: 10 Tips to Upgrade your Personal Security

The internet has become riddled with malicious links and viruses. Data breaches are more frequent, and users are more vulnerable than ever before. When one click can cost thousands or even millions of dollars, users need actionable to-do’s to help them stay safe online and be cyber smart.

We developed ten security tips from our experience within the security industry for businesses and individuals. With these personal cyber security tips, you can become more cyber smart.

1.      Safeguard your personal information; don’t share personal info.

When malicious hackers can’t find a security vulnerability, they’ll attack in other ways, so beware of Social Engineering. This type of attack is more on the user’s mind than on the device to gain access to systems and information. Cybercriminals develop creative ways to dupe users, especially with publicly available information online and over social media.

2.      Think before you click; double-check and verify links.

Clicking Without Thinking Is Reckless. Malicious links can damage several different ways, so be sure links are from trusted senders before clicking. If you can click doesn’t mean you have to; it can cost you a hefty sum.

3.      Be careful with public WiFi; use secure public internet.

Connect Securely. You might want to connect your device to an unsecured public connection, but it’s not worth it when you weigh the potential consequences. Only connect to private networks, especially when handling sensitive information.

4.      Make sure your connections are secure; use a VPN.

If you are in an emergency and need to use public WiFi, please use a Virtual Private Network (VPN). When you use VPN software, the traffic between your device and the VPN server is encrypted, and it’s much more difficult for a cybercriminal to obtain access to your data on your device.

5.      Ensure your connections are secure; only use sites that start with HTTP:// and have valid certificates.

When you visit a website, it will use either the Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS). Please make sure the latter option is enabled as it uses a layer of encryption.

Remember that while HTTPS is best used by default in general browsing for online purchases, this protocol is crucial to protect your payment. To reduce your risk of theft as much as possible, you shouldn’t give any critical information to websites without HTTPS enabled.


Look in the address bar for “HTTPS://,” to find out if it is enabled. Many browsers also show a closed padlock.

6.      Verify your connections; be careful who you chat with.

If you get an email from your “boss,” verify the email address he usually uses for your communications. If a friend changed their social account, find out if it is legit before starting the conversation. It’s more important than ever to know that the persons you’re virtually talking to are really who they say they are.
 

7.      Safeguard your connections; turn off your Bluetooth when not in use.

Devices can be hacked via Bluetooth, and as a consequence, your private information can be stolen. Disable Bluetooth when you don’t need it. If there is no reason to have your Bluetooth on, turn it off!

8.      Safeguard your personal devices; use antivirus software.

As long as you are connected to the web, it’s impossible to have total protection from malware. Still, you can significantly reduce your risk by ensuring you have an antivirus and at least one anti-malware installed on your computers.

9.      Be security aware; use secure passwords.

Don’t be lazy with your passwords! Put more effort into creating your passwords. You can use a tool like how secure is my password to find out how strong your passwords are.

10. Safeguard your data; maintain secure data backups.

Back up important data. Critical data can be lost in case of a security breach. To be prepared and restore your data, you should ensure your information is backed up frequently on a local storage device or the cloud.

Remember: It can happen to you

Cybercriminals do not discriminate in targeting all sorts of users. The most damaging thought you can have is “it won’t happen to me,” or “I only visit safe websites.” That kind of mistake couldn’t be undone with “ctrl + Z.”

Simple cyber security tips like these can fully help you prevent a catastrophe, but they’ve only scratched the surface of how you can be educated and protected. It’s part of CyberWarrior’s mission to educate more people so you and we all can be cyber smart.

If you want to learn more about this interesting topic, contact us.

Cybersecurity Awareness 

5 Ways to Raise Cybersecurity Awareness in your Business

Many years ago, you first knew the internet – this innovative technology made to make it better and easier for everyone publicly and privately. However, in recent years, due to the cyberattacks and vulnerabilities, people began to raise awareness about security around the world, mainly in organizations and businesses. If you look at the employment rate of cybersecurity positions, you’ll notice how much that’s been incrementing for the past 20 years, so cybersecurity awareness is necessary more than ever.

However, as businesses increment their security measures, you might wonder how to keep your organization secure. In this article, you’ll learn some tips to improve cybersecurity awareness in your organization.

1. Let cybersecurity be the #1 priority

The success of any cyber security awareness program depends on its implementation. The best thing you can do is take the time to identify and prioritize any weak areas — teams or departments which may benefit immediately from cybersecurity awareness training. Develop a comprehensive plan dividend in the long run.

2. Know your Organizational Tolerances

If you want to have a successful awareness program, your organization needs to evaluate the threat landscape and identify your top risks. That way, you’ll have a better understanding of the world’s threats that could compromise your security itself or even the organization. Your risk tolerance needs to be defined from the beginning; that way, you can implement the correct solutions to every risk coming and implement many security parameters even to prevent those risks.

3. Set specific rules for emails, browsing, and mobile devices

You must set rules for browsing, emails, and mobile usage. Now, why is that? Because these are the three top areas in which your information and security can be compromised. Setting rules to these will make your work more secure, and I promise you that your information will be in good hands.

4. Make Cybersecurity Awareness Training Mandatory For All

Implement Cybersecurity with the same courage and seriousness that you take into account other risks. Make cybersecurity training mandatory for everyone, whether through an external course or internal training. Regardless of the employee’s position in the company, everyone must be aware of the common threats.

5. Implement Cybersecurity Awareness right from the first day

It is always great to start on the right foot. If we want to have everything protected, why not start the right way? To do that, inform employees about their cyber-responsibilities. Adapting Cybersecurity as part of your onboarding processes and policies is an excellent method to educate users. So, this step is key.

There’s a high number of users being affected by attacks online. Organizations, enterprises, employees, data, everything is exposed to cyber threats and technology risks. Having a good cybersecurity system will help you protect your systems against various threats such as ransomware, malware, among others. Thus, your data and networks will be safe, avoiding the entry of unauthorized users who may have bad intentions.

If you want to learn more about this exciting topic, contact us.

Be Cyber Smart

Cybersecurity Awareness Month: Be Cyber Smart

Technology is snowballing, attacks are innovating, and users’ vulnerability is increasing. Even though security is also growing and being developed by cybersecurity analysts, the job is not done. It is important to understand that security doesn’t start or end with the professionals fighting for good; it also counts on the people who use the technology every day, like all of us.

Now, what can you do to prevent these massive attacks that are ruining people’s lives and big companies around the whole world? Simple, make the decision – play smart! Now, you’ll probably want to know how to do that? Right?

Every October, cybersecurity awareness month serves as a timely reminder for companies and individuals to check their cybersecurity practices after a tumultuous year of cyberattacks across industries.

In 2021, the Cybersecurity & Infrastructure Security Agency (CISA) will continue using the overarching theme:

Do Your Part. #BeCyberSmart.


Each week of this fantastic month will be based on a different topic. This article will guide you through it and help you be Cyber Smart at the same time. Let’s go!

Week 1. Cybersecurity First.

To protect your data, such as passwords, files, or information, cybersecurity needs to be the first thing in your life.

The best way to protect yourself first is to do the basics without using any tools, like making strong passwords, having different passwords for different platforms, or avoiding putting your personal information on untrusted links. These actions may seem so basic they don’t help – but they do. They are really helpful as they make it a lot more difficult for attackers.

Week 2. Phight the Fish.

You might have heard the word phishing, but what’s that exactly? Around the world, some people fish daily, and it is curious to see the fish just getting trapped repeatedly and how the fishermen use and improve their techniques to get their prey.

“I don’t know why the fish keeps being caught like that,” you may think, but millions of users fall into the trap every day with just a click. It’s incredible how much information you can give through a link. That’s why you must be aware of the causes and consequences of phishing – because it’s your job to fight it.

Do not open every link you see. Even if you like cats a lot, you don’t need to open every file about cats you see. Hackers know that you might love cats (or dogs), and because they do, they’re going to use that to your disadvantage, so your job to protect yourself starts today: fight phishing!

Week 3. Explore. Experience. Share.

Right now, you may be in the step of your life in which you are discovering new things, such as visiting new places and moving forward, so… have you ever wonder what a day in the life of a cyber professional is like?

Cybersecurity professionals, or infosec analysts, have a wide range of responsibilities, but the goal of their job is to protect data online from being compromised. As more of our personal information is stored online, it becomes more important to step up security.

Explore new ways to protect yourself, experience putting them into practice, and you could also consider a career in cybersecurity. There are 500.000 open cybersecurity jobs across the United States, a field with a 0% unemployment rate since 2010 and an average starting salary for entry-level employees of $82,500.

We can not only raise awareness about cybersecurity but also work to make our communities safer.

Week 4. Be Cyber Smart.

What does it mean to be cyber smart? We just talked about it – make it harder for those who want your data. Increase those basic security measures that are so crucial for you. As we said, users don’t usually pay attention to having a strong password or checking before clicking because they see them as “basic” and don’t think how these measures could protect them. That’s precisely why the attackers can and will take advantage of the situation.

Raising cybersecurity awareness is more crucial than ever. You can’t leave everything to the cybersecurity professionals and assume your personal information “doesn’t matter to strangers.” This is your time to make a choice.

So, what are you waiting for? Do your part “#BeCyberSmart.”

If you want to learn more about this interesting topic, contact us.

Cyber Threat Intelligence: Lifecycle

Regular monitoring and reporting of emerging threats and vulnerabilities can alert you to take action and prevent an attack. Understanding the cyber threat intelligence lifecycle is key to successfully implementing a threat intelligence strategy, using information about what adversaries are doing, incorporating protective measures in your defense scheme, and reducing your organization’s attack surface. Incorporating cyber threat intelligence in your business strategy helps you to fight against cybercrime.

If you are looking forward to implementing this model in your organization, this article will explain the steps you can follow.

Note: If you are reading about cyber threat intelligence for the first time, I recommend that you stop for a moment and read this article with some key concepts.

Step 1 – Direction

In this first step of the cyber threat intelligence lifecycle, it is very important to define what will be the strategy to collect the information, the type of information and content, define and classify the availability and reliability of sources and communication flows, and formulate intelligence team roles and responsibilities.

Step 2 – Collection

In this step, we need to focus more on collecting the desired intelligence defined in phase one. The data can be collected in different ways through either technical or human means and directly or secretly based on the confidentiality of the information. Intelligence is collected through sources like human intelligence (HUMINT), imagery intelligence (IMINT), measurement and signature intelligence (MASINT), signal intelligence (SIGNT), open-source intelligence (OSINT), and loCs, and other third parties. Investing time in this step will increase your probability of having a successful cyber threat intelligence lifecycle implementation. 

Step 3 – Processing

Processing is the transformation of collected information into a format usable by the organization. Almost all raw data collected needs to be processed to deliver to the stakeholder’s actionable data.

Step 4 – Analysis

Here, the obtained data is analyzed and the unusable one eliminated. The data is converted into information by applying various data analysis techniques such as qualitative and quantitative analyses, machine-based techniques, and statistical methods.

Step 5 – Feedback

The feedback is an assessment that describes whether the goal of converting threat intelligence information into action is achieved. That way, the organization would have reduced the attack surface and risk exposure. In this stage, the analysis allows the organization to define another router if the goal is not achieved.

Step 6 – Dissemination

This is the last phase of this cycle. Its objective is to supply intelligence to whoever must execute the appropriate actions with sufficient diligence to avoid decision-making delay.

In summary, in this article, we expose you to the six steps that make up the life cycle of cyber threat intelligence. In the following piece of this series, we will talk about Cyber Threat Intelligence Sources – Talk to you soon!

professional development

How to Set Your Professional Development Goals

What is the first thing you do when you are going to jump into a new project? The short answer is that you set out different goals and the path and actions needed to get there. Professional development is not the exception.

In order to advance in your career and reach the level of expertise and role you are expecting to have, you need to set your own goals. These professional goals usually go around improving your skills, your career, your competencies, and capabilities in the workplace.

A key aspect here is that they are exclusively yours. You can’t copy or replicate your coworkers or leader goals. You need to identify those areas you need to work on, those skills, degrees, or certifications you want/need to earn, so you can get more experience in a certain area, move up in your workplace, and advance in your career.

Having your professional development goals with milestones and timeframes is the best way to fully understand how you are progressing towards them. They will also help you identify your long-term aspirations, make a great impression on your employer (they highly value workers who go the extra mile, and are dedicated to their job and career), and they will boost your motivation and productivity.

That said, here are the different steps you need to take to set your professional development goals:

1- Define Your End Goal

To set your professional development goals, the first thing that you need to do is answer a few questions that will help you understand how you envision your future.

  • Where do you want to be in 5, 10, 20 years from now?
  • What title do you want to have?
  • What type of organization do you want to work for? Private or public? Large corporation or small business?
  • In what industry do you want to work in?
  • What accomplishments do you want to achieve?

Once you have answered these questions, you can even add some more, try working things backward. Think of the skills, experience, and knowledge you will need to get there.

2- Take A Look To Your Last Performance Evaluation

Checking your last performance evaluation is a great starting point to identify those areas where you need to start working. If you don’t get regular evaluations in your workplace, then try asking your boss or someone in a higher-level role who you interact with on a regular basis,  what is the one thing you could improve that would help you the most. 

3- Set SMART Goals

Stick to the SMART methodology for setting goals. They should be Specific, Measurable, Achievable, Relevant, and Time-bound. This will help you set goals that not only are clear and realistic, but that also have a deadline to be accomplished by, so they are not left behind in your weekly/monthly to-do list.

4- Break Your Goals Into Smaller Tasks

Each goal should be accompanied by a strategy to achieve it and a set of milestones that will help you understand how you are progressing. For example, if your goal is to become a Cybersecurity Analyst, then your milestones would be to study the different certifications needed to get hired in the field, work on getting hands-on experience, and study everything needed beyond the certifications’ content.

5- Set Time In Your Agenda For Your Goals

We know that your schedule might be coped with tasks and meetings from your current job, but if you want to make progress and improve your profile, you need to set time on a weekly, or even daily basis, to complete all the tasks and goals you have set out for yourself.

Don’t kid yourself about getting everything done in just a few weeks, give yourself enough time so you can avoid feeling burnout, but not that long so it’s something that you will forget.

6- Check Your Progress

The last step in this process is setting the time on a monthly basis to track your progress. What have you been able to complete? What have you left behind? When will you complete it? How do you feel?     

Now it’s time for you to start working on your goals and begin the road to improving your skills, both in a personal and professional way. Make sure to write everything down, make them visible, make them nice. You want to feel inspired, not scared away.

Cybersecurity Podcasts

Top 5 Cybersecurity Podcasts You Should Start Listening To

Podcasts are here to stay. They are an alternative to visual entertainment and accessible on the go. You can listen to them from your smartphone, tablet, or computer while doing almost anything.

Podcasts are free entertainment loaded with tons of information. It all depends on what you want to listen to, the subjects you are interested in, and being able to find those podcasters that do a great job telling a story or talking to a guest in a way that catches your attention and makes you want to go from one episode to the next one.

There are tons of cybersecurity experts that have created their podcasts as a way of nurturing the audience interested in the field, sharing what they have learned through their many years of experience, and discussing everything that is happening in the industry.

In this blog post, we want to share with you our top favorite cybersecurity podcasts. We believe they are a great option, especially for those who are considering making a career change into the field.

1- The Unsupervised Learning Podcast, by Daniel Miessler

Every Monday, Daniel Miessler, a highly recognized infosec expert, shares an overview of the most current cybersecurity events. If something hits the news, Daniel will talk about it, and if it is something very important he will dedicate an entire episode to discuss and explain what and why something happened.

Listen on: Apple Podcasts and Spotify Podcasts

New episode: Every Monday

Website: https://danielmiessler.com/podcast/

2- Darknet Diaries, by Jack Rhysider

The cybersecurity expert, Jack Rhysider, educates and entertains his listeners about the cyber-threats in the world. This podcast is all about hackers, breaches, and cybercrime happening right in front of us without us even noticing them. 

Listen on: Apple Podcasts, Spotify Podcasts, Google Podcasts, RSS

New episode: Bi-weekly

Website: https://darknetdiaries.com/

3- The CyberWire Daily Podcast, by David Bittner

This podcast is a bit different from the rest, as it is run by a news service instead of a cybersecurity expert. On a daily basis, they discuss the latest events and news of the cybersecurity industry, so listeners can have a better understanding of cyberspace.

Listen on: Apple Podcasts, Spotify Podcasts, Google Podcasts, Pandora, RSS

New episode: Every weekday

Website: https://thecyberwire.com/podcasts/daily-podcast

4- Smashing Security, by Graham Cluely and Carole Theriault

A fun and informative podcast that guides you through cybersecurity news as well as the theory that supports this field. Graham and Carole have managed to make this as lighthearted as possible while still being able to address cybercrime. They usually go over different real-life situations in which organizations used scams to trick their customers to do something.

Listen on: Apple Podcasts, Spotify Podcasts, Google Podcasts, Overcast

New episode: Every week

Website: https://www.smashingsecurity.com/

5- Security Now! By Leo Laporte and Steve Gibson

Security Now! Is one of the longest-running cybersecurity podcasts, and it’s the perfect place to listen to relevant cybersecurity topics. On a weekly basis, Leo and Steve deep dive into a 2-hour conversation where they review important issues, like personal computer security, as well as long-standing problems, concerns and solutions.

Listen on: iTunes, RSS, Podnova

New episode: Every week

Website: https://www.grc.com/securitynow.htm

At CyberWarrior Academy we want to encourage you to start listening to these podcasts on a weekly basis. You can do it while exercising, walking the dog, or driving to work. Consider this as a good step towards your cybersecurity training.

Online interview

Acing an Online Interview

Think about all the things you did one year ago in person: grocery shopping, studying, working, and even going to yoga class! While some of them are back to normal, some are still done remotely. Our life has changed enormously! 

Online interviews are no exception. In fact, even before COVID took place, many organizations had decided to start having online meetings with their job applicants. Not only is it easier for both parties involved to just click on a link and join a meeting rather than driving there and open enough time in their agendas; but it is time-saving, and opens the doors to more candidates as it gives the opportunity to anyone, around the world, to apply for that job.  

Although the essence of an online interview is basically the same as one hosted in-person, there are some details that you need to look out for if you want to make a great impression. But do not worry, we are here to help you. In this blog post, we give you 8 tips that will help you ace this first meeting and get the job.  

8 Tips For An Online Interview 

1- Interview Rules Still Apply 

Just because you are home, does not mean you can be in your sweat pants and laying on the couch. If you want to make a great first, second, or third impression you have to dress accordingly. Don’t forget to even wear shoes, this will help your mind understand that you are in “work mode”.  

2- Do a Test-Run 

The first thing you need to figure out is what system will be used to connect you to the online interview (Zoom, Skype, Microsoft Teams, Google Meet, or even a WhatsApp video call), make sure you have downloaded it to your computer, and that it is working correctly. Also, check that your microphone and speakers are set and running, and a few minutes before the meeting starts, make sure your internet connection is working fine (try having a backup option).  

3- Do Not Let Distractions In 

Try having this meeting from a place where you would not get interrupted by outside noise, the sound of a TV, or your cell phone. You need to be fully concentrated so you can answer all the questions you are getting in the best way possible.  

Let your family or roommates know what you will be doing so they don’t open the door and make noise. Some recruiters understand that your kids can be at home making noise, but it is best for you to try to be in a place that is as quiet as possible.  

4- Work on Your Background 

Remember this is a work interview, you do not want a messy house or an unmade bed to keep you from getting that job. Try placing your computer or mobile device somewhere you can sit and have a neutral background, it can be a white or colored wall, a desk, or even a bookshelf. Just do not let it be a source of distraction.  

5- Prepare Your Answers 

Just as you would do for an in-person interview, take some time to prepare answers for the commonly asked questions. Think of examples of how you have used some of the frequent traits, skills, or even technology concepts in the past.  

Try writing down some easy-to-read/remember notes that can help you while talking to the person that is hosting the interview. And while you are at it, try to think and write some questions you want to ask about the organization, the role, and the industry.  

6- Get The Perfect Lighting 

If possible, stick to a place that has a great source of natural light, and if you can sit in front of it, even better. This will help you show the most natural colors, and highlight your eyes and facial features. If you do not have access to a place like this, then try to avoid being in the dark by placing a source of light on each one of your sides.  

7- It Is Important That The Interviewer Can See You 

When joining a video call we tend to fix the computer in a way that you can see everyone on the screen (and we even spend more time looking at ourselves than others), but during an online interview, this cannot happen. You need to prioritize the camera, remember he/she is evaluating the way you talk, your expressions, and even your background. So try to position your computer, and the place where you will be sitting, in a way that you are comfortable and they can get a perfect display.  

8- Check the Time Zone 

While it may seem obvious, one of the most common misunderstandings when joining an online meeting is the time. Confirm the time with the person you are meeting and make sure to check, and double-check, the equivalent for your location. You want to avoid the need to reschedule for something that could have been prevented.  

As a bonus, we want to remind you to speak naturally, to see the other person in the eyes, to watch for the gestures, and to talk slowly in a way that they can understand you.  

We hope these tips can help you ace that interview. 

LinkedIn

How to Use LinkedIn For Professional Growth

Although LinkedIn has been in our lives for several years now, not everyone understands its true value or how to use it. Some of you might even have a profile with just your name on it or those who log in once or twice per year. But, the time has demonstrated that when used the right way, this social network can become a very important asset for your professional growth. It can help you keep in touch with old colleagues, it can help you find that job you have always dreamed of, it can help you make new connections and expand your network.  

In this post, we want to share with you some tips to create a powerful profile, understand why, how, and who you need to engage with and start growing your professional network.  

The Power of LinkedIn 

With over 740 million active users, LinkedIn leads the 2020 ranking for Digital Trust, way over Facebook, Twitter, and even YouTube, meaning that out of the nine major social platforms, it is the one most trusted by its users.   

The most recent statistics of this social network presents some interesting facts that are worth knowing:  

  • Its audience is built mostly by men between the ages of 25 to 49  
  • 49% of its users are people who earn over $75,000 annually.  
  • 51% of its users have at least a college degree 
  • 4 out 5 users are decision makers in their businesses 

In other words, these are the people with who you want to connect. Not only they are the ones who can offer you a better work opportunity, but they can recommend you for other job offers. Having an online presence and engaging with the right people can open the doors to a world filled with career opportunities.  

Using LinkedIn for Your Professional Growth 

To help you make the most out of this social network, we crafted 6 tips that will help you make your profile more robust so it starts appearing in front of the right people.  

1- Create a Powerful Profile 

Consider this as your first impression, you need to make the most out of it. The first thing you should do is upload a professional profile picture, our best advice here is to use one in which you are wearing the appropriate clothing and with a neutral or office-like background. Make sure it is in high resolution and with natural soft light. Be the only one in the picture, and let your face take at least 60% of the frame, you want people to know exactly who you are.  

Once you have the right picture, you need to work on your headline. Think of this as a 120-character elevator pitch. Some people like talking about what makes them different, others about the benefits they add to their customers, others about their role in a determined company. You choose whatever makes you comfortable, just try to avoid buzzwords, typos, and write something that catches the eye of the reader.  

Now you have to start completing all the information related to your education and work experience. Take advantage of the description area to talk about your experience, the projects you worked on, and the results you got. When possible try adding a link or an attachment. Don’t forget to mention the different publications you have done, and the certifications and titles you have earned all along the way, as well as any volunteering experience you might have.  

2- Connect With Others 

Once you have completed filling out all the fields of your profile, you need to start sending connection invites. A good starting point is your friends and family, but as this is a social network for business, we suggest you continue with your co-workers (present and past), your classmates, and people you know from your industry. 

A great idea is to send invites to those people who have shared posts you have found interesting. You can add a note saying how much you appreciated his comment and that you would like to connect so you can read more of his opinions.  

If someone you don’t know sends you an invite, make sure to check his profile before you reject it. He/she might be a connection that is worth accepting.  

Word of advice: when sending invitations to people you don’t know, try to add a short text of why you think you two should connect. You can mention what you do and how you can help each other. Personalize it.   

Once you get 500 contacts you have reached the golden number for LinkedIn. From now on your profile will show a +500 next to your name and only you will be able to see the exact number of connections that you have. 

3- Be Active  

Just like any other social network, it is not enough just to have a profile on it, you need to actively participate by sharing content and engaging with posts from others. Share links with information relevant to your industry, share a comment about some recent study, share an update about your organization. The sky is the limit, just make sure it is relevant to your network.  

Just a piece of advice, the ideal number of posts you should be doing on LinkedIn is 1 every business day. So try to arrange in your daily schedule spending time in this network, you can log in every morning, spend some time reading what your connections have posted and share an update.  

4- Ask For Recommendations 

Try asking for recommendations from different people you have worked with to give recruiters a better view of how you can execute different situations. You can ask your previous co-workers, managers, members of your team, clients, and senior leaders.  

When you send them the request from LinkedIn, try adding some context of what you are looking for from their recommendation. Be as explicit as you can. For example, you can tell them to point out different skills that you have,  how you handled a specific situation, or to talk about a specific project.  

5- Follow Companies 

One of the great benefits of LinkedIn is that you can follow a company and get notified about their updates on business opportunities, new features, announcements, and even job opportunities. Start by following those you think can be helpful for you, perhaps Indeed or Glassdoor are great options. Then, you can add those that share inspiring content such as TedTalks and Forbes. Later,  you can add those that are the most followed like Google, Amazon, Apple, Microsoft. Don’t limit yourself, if you want to apply for jobs in a determined industry then start following companies where you would like to apply.  

6- Join Groups 

One thing you should not miss from LinkedIn is the groups. Groups are the perfect place to connect with people, outside of your network, with similar interests. There are a lot of options out there, so make sure you have a list of topics you want to follow and look for groups related to them. There you will be able to share updates, ask questions, and read anything the other members post.  

With these 6 steps, you will have a better chance of growing your professional network and reaching those people that can help you achieve all of your work-related goals.