People-Focused Leadership in Cybersecurity with Cody Wass
Hacker Valley Studio15 Dec 2022

People-Focused Leadership in Cybersecurity with Cody Wass

Cody Wass, VP of Services at NetSPI, brings his near-decade of experience to the pod to talk about longevity, development, and leadership. It’s no secret that cybersecurity is in need of people. Cody’s journey from intern to VP at NetSPI has shown him the importance of training employees, creating opportunities for new graduates, and engaging teams effectively, both virtually and in person. In this episode, Cody provides the roadmap toward intentional employee investment in the ever-changing cyber industry. Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[00:00] Cyber career longevity from NetSPI intern to VP

[07:51] Putting people before process & technology at NetSPI

[15:33] Collaboration as the foundation of the cybersecurity industry

[18:13] Understanding cyber’s entry-level position problem

[24:12] Investing intentionally in employee development

Sponsor Links:

Thank you to our sponsor NetSPI for bringing this security podcast to life!

For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human-delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.

Detect and protect the unknown with NetSPI's new and free attack surface management scan! Check it out now at asm.netspi.com/

You’ve been at NetSPI for 9 years. When you think about a rewarding feeling in your journey at the company, what comes to mind?

Starting his journey at NetSPI as an intern, Cody has had the rare but impactful opportunity to grow alongside the company. Now, as VP of Services, looks back at the lives he’s impacted himself and the opportunities he’s had to see others grow. Employee development is a huge part of NetSPI’s success. Cody is proud to have seen newcomers join his team and become amazing practitioners over the years.

“It's really rewarding seeing people come into this industry as a fresh face with a specific skill set, to watch them grow over and see them really spread their wings, and come out the other side stronger, better, and having a skill set that you never would have imagined day one.”

NetSPI has a very unique culture and philosophy about balancing that duality between technology and people. Could you tell us a little bit about that?

People come first, before process and technology, at NetSPI. While all three elements of this sacred cyber trifecta are important, Cody and his team believe that the balance should focus on making the lives, skills, and experiences of the people at NetSPI better. Process should be taught to the people, with a focus on prosperity and consistency. Technology should be implemented intelligently, with proper training and time given to the people for the best results.

“NetSPI’s differentiator is our people, first and foremost, and then, our process and our technology. We have a ton of really cool things we're doing with tech, but the focus is always on: How can you use that tech to make a person more efficient at their job?”

How important is collaboration for you and your team at NetSPI?

Collaboration is built into the DNA of NetSPI, from how employees are trained to how NetSPI interacts with the industry around them. Cybersecurity thrives when teams, practitioners, and organizations work together for the sake of the greater good. Even though COVID and remote workers have increased the virtual footprint of NetSPI, Cody still emphasizes the importance of communication and collaboration with his team and to practitioners around the world.

“This industry we work in is super interesting. It'll never be finished; you're never going to learn everything there is about security and be able to call it done. We're far past the point where one person is going to be the expert of everything in cybersecurity.”

For anyone in a cybersecurity leadership position who wants to start to really invest in their people, what would be your recommendation on where to start?

Intentionality is vital for the success of any leader trying to invest in their employees. Cody explains that it’s one thing for leaders to want to invest in training and professional development opportunities for their team, but another thing entirely when it comes to implementation. If a leader isn’t intentional, they won’t have clear goals for investment and will risk letting implementation fall to the wayside for the sake of a budgetary line.

“Yes, we are going to be making this investment. It is going to cost us. It will cost us time, it will cost us money, but we are committed to making that investment because we know the payoff in 12 months or 18 months or 24 months is going to ultimately be worth it.”

---------------

Links:

Keep up with our guest Cody Wass on LinkedIn

Learn more about NetSPI on LinkedIn and the NetSPI website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase an HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Avsnitt(390)

The AI Shift You Can’t Ignore with Marco Figueroa

The AI Shift You Can’t Ignore with Marco Figueroa

AI isn’t just evolving—it’s sprinting, and cybersecurity needs to keep up.  Ron Eddings is joined again by cybersecurity leader Marco Figueroa, Program Manager for Gen AI at the ODIN Bug Bounty Program, who called it in January: 2025 is the year of AI agents, and the early signs are already here. From Grok 3’s speed advantage to AI-powered red teaming for $25K, this is the reality check security leaders need. No more six-month security projects—it’s all about speed, automation, and staying ahead.     Impactful Moments: 00:00 - Introduction 01:45 - Breaking down Palantir’s stock drop 07:15 - Why Grok 3 is a game-changer 10:24 - The real difference between GPT-4 and Grok 17:25 - AI-powered red teaming for $25K? 22:00 - The death of six-month security projects 26:24 - OpenAI’s Operator: The future or a gimmick? 34:22 - How AI is eliminating busywork 36:55 - Next month’s prediction: Agents building agents Links: Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Feb 37min

Superhuman Productivity and AI Mastery with Pedram Amini

Superhuman Productivity and AI Mastery with Pedram Amini

What if you could have a conversation with yourself—years into the future? Or leave behind an AI-powered avatar that understands your thoughts, philosophies, and even your voice? In this episode, we explore the mind-blowing potential of AI and its impact on cybersecurity, productivity, and even legacy. Pedram Amini, Chief Scientist at OPSWAT, joins Ron Eddings to discuss his journey from bootstrapped startups to AI-driven innovation. Together they cover topics like the role of AI in cybersecurity, the rise of fake identities in hiring, the ethics of AI-generated content, and why mastering AI tools is no longer optional—it's essential. Pedram shares his workflow for superhuman productivity, his thoughts on deepfakes, and how AI is reshaping how we work and communicate. Impactful Moments: 00:00 - Introduction 02:00 - Meet Pedram Amini, cyber innovator 03:07 - The $17M North Korea insider threat case 06:00 - Fake job candidates and AI hiring scams 09:28 - Deepfakes and AI-driven deception 14:00 - Future of AI-powered personal assistants 20:49 - The reality of bootstrapping vs. VC funding 26:00 - AI in cybersecurity: risk or revolution? 31:00 - “AI isn’t taking your job—someone using AI is” 35:00 - The ultimate AI-powered legacy project   Links: Connect with our guest, Pedram Amini: https://www.linkedin.com/in/pedramamini/ Check out the entire article about the $17M North Korea insider threat case here: https://www.theregister.com/2025/02/12/arizona_woman_laptop_farm_guilty/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

21 Feb 36min

Cybersecurity Meets AI: The Good, The Bad & The Janky

Cybersecurity Meets AI: The Good, The Bad & The Janky

There’s no doubt that AI is changing the game in cybersecurity, but not always in the ways we expect. In this episode, Ron Eddings shares his firsthand experience with AI-powered tools that make him a cyber superhero—when they work. From automating security tasks to turbocharging programming workflows, AI is proving its value, but also revealing its limits. Through live walkthroughs and real-world examples, he showcases how AI automates security tasks, accelerates programming, and enhances research—while also showing why some cybersecurity actions should stay human-led.   Impactful Moments: 00:00 - Introduction 02:00 - The good and bad of AI in security 04:00 - Google’s AI weapons controversy 06:30 - Deepfake scams and AI-powered phishing 09:00 - How AI helps (and fails) at programming 12:00 - Automating security research with AI 18:00 - AI-generated meeting notes & productivity hacks 21:00 - What AI should NEVER do 23:00 - The future of AI in cybersecurity   Links: Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

13 Feb 22min

A Human-Centric Approach to Cybersecurity with Edna Conway

A Human-Centric Approach to Cybersecurity with Edna Conway

What if cybersecurity was more than just tech—what if it was about the people it serves? In this episode, Edna Conway, Founder and CEO of EMC Advisors, shares her incredible journey from law to cybersecurity and explores the human element often overlooked in technology.  Recorded live at InfoSec Nashville 2024, Edna discusses the intersection of innovation and tradition, the critical role of accuracy in AI, and her vision for cybersecurity's future. From anomaly detection to the wisdom of creating "enclaves," her insights remind us that tech is here to serve people, not the other way around.   Impactful Moments: 00:00 – Introduction 01:22 – Keynote insights: Innovation meets tradition 02:39 – From prosecutor to cybersecurity leader 07:00 – Human-first approach to AI and security 11:40 – LLMs in cybersecurity: opportunities and accuracy 16:34 – Balancing risk with AI use in business 23:06 – Bringing diverse talent into cybersecurity 32:30 – Advice on leadership and collaboration   Links: Connect with our guest, Edna Conway: https://www.linkedin.com/in/ednaconway/ Learn more about ISSA Middle TN here: https://issamidtn.org/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

4 Feb 35min

Rise of the Machines: Why Your Attack Surface Has More Holes Than You Think ft Pandian Gnanaprakasam

Rise of the Machines: Why Your Attack Surface Has More Holes Than You Think ft Pandian Gnanaprakasam

Did you know nearly half of your enterprise devices are agentless—leaving your attack surface wide open? In this episode, Ron is joined by Pandian Gnanaprakasam, Co-Founder and Chief Product Officer at Ordr, to discuss the critical risks posed by agentless devices and how orchestration can strengthen your defenses. Pandian shares key findings from Ordr’s 2024 "Rise of the Machines" report, highlighting the risks of overlooked agentless devices. He covers the rapid growth of these devices, strategies to manage vulnerabilities, and how automation can strengthen your defenses.   Impactful Moments: 00:00 - Introduction 04:15 - Why agentless devices dominate the next decade 06:30 - Insights from Ordr's “Rise of the Machines” report 08:50 - Hidden risks: 42% of devices are agentless 11:15 - Solving the "Swiss cheese" problem of security gaps 14:30 - Prioritizing vulnerabilities with business context 18:10 - Orchestration vs. automation: The harmony difference 22:00 - Why visibility is the foundation of security 27:30 - Ordr’s unique approach to securing the attack surface Links: Connect with our guest, Pandian Gnanaprakasam: https://www.linkedin.com/in/gpandian/ Check out Ordr’s Rise of the Machines report here: https://ordr.net/resources/rise-of-the-machines-report-2024 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Jan 38min

How a Game Turned a Watchmaker into a Cybersecurity Pro with Simeon Kakpovi

How a Game Turned a Watchmaker into a Cybersecurity Pro with Simeon Kakpovi

What if cybersecurity training could be as engaging as your favorite game? In this episode, Simeon Kakpovi, founder of the KC7 Foundation, shares how his gamified approach is changing lives and reshaping the cybersecurity pipeline by making cybersecurity education accessible.  From his journey as a threat hunter to building a free online game that teaches real-world blue team skills, Simeon joins Ron to show how creativity and inclusion can unlock potential in unexpected places. Plus, listen to the remarkable story about how a watchmaker with no cyber background landed a dream job at Microsoft—all thanks to KC7.   Impactful Moments 00:00 - Introduction 01:11 - The evolution of cybersecurity 03:03 - Cybersecurity Mergers & Acquisitions 05:38 - Meet our guest: Simeon Kakpovi of KC7 Foundation 06:00 - KC7 wins “Team of the Year” at the SANS DMAs 8:43 - Founding the KC7 Foundation 10:00 - Lessons from Lockheed Martin’s Cyber Analyst Challenge 11:46 - How KC7 gamifies real-world cybersecurity 14:52 - Bringing KC7 to high school and middle school students 16:52 - Expanding access to cybersecurity careers 25:09 - A watchmaker’s journey to Microsoft 34:00 - How to get started with KC7     Links Connect with our guest, Simeon Kakpovi on LinkedIn: https://www.linkedin.com/in/kakpovi/ Check out the Cybersecurity M&A Roundup Article here: https://www.securityweek.com/cybersecurity-ma-roundup-37-deals-announced-in-december-2024/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

22 Jan 35min

Managing and Mitigating Cyber Risks For Your Assets with Jerich Beason and Wes Wright

Managing and Mitigating Cyber Risks For Your Assets with Jerich Beason and Wes Wright

What’s the key to mitigating unseen cyber risks? In this episode, Wes Wright, Chief Healthcare Officer at Ordr and Jerich Beason, CISO at WM uncover the complexities of attack surface management (ASM) and its impact on cybersecurity.  Together with Ron, they explain what constitutes an attack surface and introduce practical frameworks like See-Know-Secure, emphasizing the need for complete visibility and data-driven risk mitigation.  Impactful Moment: 00:00 - Introduction 03:00 - Defining attack surface management 06:13 - See-Know-Secure framework  09:05 - Analogies for explaining ASM to stakeholders 15:33 - Building an inventory for asset visibility 20:42 - Convincing leadership: Budget strategies 25:00 - Tools and methodologies for ASM 36:57 - Managed services vs. in-house approaches 43:00 - Starting your ASM journey   Links: Connect with our guests – Wes Wright: https://www.linkedin.com/in/4kidwes/ Jerich Beason: https://www.linkedin.com/in/jerich-beason/ Learn more about Ordr: https://ordr.net/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

14 Jan 44min

The Year of the Agent: AI, Bug Bounties, and Cybersecurity Insights with Marco Figueroa

The Year of the Agent: AI, Bug Bounties, and Cybersecurity Insights with Marco Figueroa

How will AI redefine cybersecurity in 2025? According to Marco Figueroa, Program Manager for Gen AI at the ODIN Bug Bounty Program, this year is set to be the "Year of the Agent," where AI systems and integrations take a central role.  In this special New Year bonus episode, Ron sits down with Marco to discuss the transformative role of AI in solving cybersecurity challenges. Marco breaks down AI jailbreak techniques, the impact of bug bounty programs on securing AI systems, and why 2025’s fast-evolving tech landscape demands creative thinking. Learn how tools like ChatGPT and Gemini 2.0 are reshaping the industry and why staying adaptable is essential.   Impactful Moments: 00:00 - Introduction 02:14 - Speed vs. safety: AI system challenges 05:30 - Why experience matters more than information 07:45 - Legal stakes for deepfakes and AI 18:36 - Marco’s creative journey in cybersecurity 28:00 - Jailbreaks: Risks and surprising AI findings 37:13 - 2025 predictions: The rise of agents 41:00 - Closing thoughts and the power of community Links: Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/ Chuck Brooks' 2025 Cybersecurity Predictions article: https://www.forbes.com/sites/chuckbrooks/2024/12/24/cybersecurity-trends-and-priorities-to-watch-for-2025/ Focus Areas for the FaccT Conference News: https://facctconference.org/2025/focusareas “Unreasonable Hospitality” by Will Guidara Book Link: https://www.amazon.com/Unreasonable-Hospitality-Remarkable-Giving-People/dp/0593418573 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

10 Jan 41min

Populärt inom Utbildning

bygga-at-idioter
historiepodden-se
det-skaver
rss-bara-en-till-om-missbruk-medberoende-2
alska-oss
nu-blir-det-historia
svd-ledarredaktionen
harrisons-dramatiska-historia
johannes-hansen-podcast
allt-du-velat-veta
roda-vita-rosen
not-fanny-anymore
rikatillsammans-om-privatekonomi-rikedom-i-livet
rss-max-tant-med-max-villman
sa-in-i-sjalen
sektledare
i-vantan-pa-katastrofen
rss-sjalsligt-avkladd
jagaren
handen-pa-hjartat