The Cyber Mettle Podcast with Alyson & Omar

How Networking Actually Builds Cybersecurity Careers | Arielle Cireseanu-Acevedo, Esq. S1E27

Most cybersecurity career advice focuses on technical skills. This episode explores the skill that often determines long-term success: building genuine relationships. What does it take to build a successful cybersecurity career when your background isn't technical? In this episode of The Cyber Mettle Podcast, Omar Sangurima and Alyson Laderman sit down with Arielle Cireseanu-Acevedo, Esq. to discuss career growth, networking, leadership, mentorship, storytelling, and the power of authentic relationships in cybersecurity and beyond. Ari shares her journey from healthcare operations and legal work into cybersecurity leadership, proving that career transitions are possible when organizations invest in people and individuals remain committed to learning. Topics include: Transitioning into cybersecurity without a technical background Why networking is really about relationships, not business cards Career development and internal mobility  Building trust and professional credibility The value of mentorship and sponsorship Storytelling as a cybersecurity and leadership skill Soft skills that accelerate career growth Why kindness is a competitive advantage Creating opportunities through authentic human connection Whether you're early in your career, considering a transition into cybersecurity, or leading teams, this conversation offers practical advice for building a career that lasts. Subscribe for more conversations at the intersection of cybersecurity, leadership, business, law, and resilience. #Cybersecurity #CareerDevelopment #Leadership #Networking #CyberMettle #InfoSec #ProfessionalGrowth #SoftSkills CHAPTERS 00:00 – Introduction & Meet Arielle Cireseanu-Acevedo 02:15 – Ari's Career Journey Into Cybersecurity 08:13 – Why Organizations Should Invest in Their People 12:22 – Career Growth, Retention & Boomerang Employees 16:21 – What Networking Actually Means 20:23 – Networking Beyond Business Cards 23:21 – Food, Community & Building Connections 26:15 – Toastmasters and Public Speaking Growth 31:08 – Storytelling as a Career Superpower 36:33 – How Lawyers and Non-Technical Professionals Enter Cybersecurity 40:36 – Why Relationships Matter More Than You Think 46:23 – Gatekeeping vs Mentorship 50:11 – Building Authentic Professional Relationships 56:32 – Supporting Others Without Expecting Something Back 01:00:25 – Final Thoughts on Cyber Mettle

Data Brokers, Doxxing & Digital Privacy with Yael Grauer | The Cyber Mettle Podcast S1E26

What happens when cybersecurity, investigative journalism, hacker culture, and privacy rights collide? Pulitzer Award-winning journalist Yael Grauer joins  ⁨@TheCyberMettlePodcast⁩  [https://studio.youtube.com/channel/UCyf4TYnc-0AKW79TbxfK3zw] to unpack data brokers, surveillance tech, OSINT culture, online privacy, hacker paranoia, and why your personal information is far more exposed than most people realize. In this episode of The Cyber Mettle Podcast, Dr. Omar Sangurima and Alyson Laderman sit down with journalist, cybersecurity educator, and privacy advocate Yael Grauer for a wide-ranging conversation covering: * The reality of modern data brokers and why removing your information online is so difficult * The overlap between hacker culture and investigative journalism * Doxxing, OSINT, digital privacy, and online safety * The ethics of public records and personal information * Surveillance technology and the expanding privacy landscape in the United States * Why journalists and hackers often misunderstand each other * Social engineering, trust, and online investigation culture * MMA, jiu-jitsu culture, and surprisingly relevant cybersecurity lessons   Yael also shares insights from her investigative reporting career, including collaborative reporting work tied to award-winning journalism projects and her experience helping people better understand how exposed their data really is online.   This episode blends cybersecurity, law, journalism, privacy, and human behavior into a candid and practical discussion about the digital world we all navigate every day. If you work in cybersecurity, privacy, journalism, tech, law, investigations, OSINT, or risk management — this conversation is packed with insight.   Subscribe for more conversations at the intersection of cybersecurity, business, law, technology, and human resilience.   #Cybersecurity #Privacy #DataBrokers #OSINT #DigitalPrivacy #Journalism #CyberMettle #InfoSec #HackerCulture #onlinesafety CHAPTERS 00:00 — Intro & Meet Yael Grauer 01:05 — From MMA Journalism to Cybersecurity 03:24 — Jiu-Jitsu, Injuries & Hacker Culture 07:30 — Why Hackers and Journalists Clash 10:41 — Trust, Sources & Media Relationships 15:14 — Building Credibility in Cyber Journalism 19:08 — Award-Winning Investigative Reporting 23:47 — Surveillance Tech & Data Brokers 24:51 — Getting Doxxed & Why Privacy Matters 27:52 — The Legal & Ethical Gray Areas of Data Collection 30:10 — Public Records, Online Exposure & Digital Footprints 35:50 — OSINT, Investigative Skills & Ethical Boundaries 38:08 — Online Dating, Trust & Digital Verification 39:52 — Why Human Instinct Still Matters 42:02 — Upcoming Speaking Engagements & Future Work 44:26 — Jiu-Jitsu Hygiene, Essential Oils & Closing Laughs

The Future of Cybersecurity Jobs in the AI Era | James McQuiggan S1E25

“AI won’t take your job” is comforting. But, James McQuiggan explains why that’s not entirely true and what cybersecurity professionals must do next. In this episode of The Cyber Mettle Podcast [https://www.youtube.com/@TheCyberMettlePodcast], Dr. Omar Sangurima [https://www.linkedin.com/in/dromars/] and Alyson M. Laderman, Esq. [https://www.linkedin.com/in/alysonladerman] sit down with cybersecurity veteran James McQuiggan [https://www.linkedin.com/in/jmcquiggan/] to discuss the uncomfortable reality of AI disruption, workforce resilience, human risk, deepfakes, and the future of cybersecurity careers. James brings more than 25 years of experience across cybersecurity, IT, SCADA systems, incident response, security awareness, AI, and cyber threat intelligence. Formerly a CISO Advisor at KnowBe4 and now founder of Apparent Security [https://apparentsecurity.com/], James shares candid insights on:  * Whether AI can actually replace cybersecurity jobs * Why repetitive work is most at risk * The rise of “vibe coding” and AI-generated software * Why human oversight still matters in cybersecurity * Lessons from Stuxnet, SolarWinds, ransomware, and Change Healthcare  * The cybersecurity challenges facing schools and educators * Human risk management and security awareness * The importance of community, mentorship, and paying it forward * Dad jokes as a cybersecurity branding strategy The conversation blends serious industry insight with humor, career advice, practical AI guidance, and a reminder that cybersecurity is ultimately still about people. If you're navigating AI disruption, building a cybersecurity career, or trying to future-proof your skills, this episode delivers practical perspective without the hype. ABOUT JAMES MCQUIGGAN James McQuiggan is the founder of Apparent Security, cybersecurity educator, speaker, and longtime security advocate with experience spanning IT networking, SCADA systems, incident response, AI security, and human risk management. He previously served as a CISO Advisor at KnowBe4 and teaches Cyber Threat Intelligence at Full Sail University. Subscribe to  ⁨@TheCyberMettlePodcast⁩  [https://studio.youtube.com/channel/UCyf4TYnc-0AKW79TbxfK3zw] to hear human conversations at the intersection of cybersecurity, business, law, AI, and human resilience. CHAPTERS 00:00 – Intro & Welcome 01:19 – James McQuiggan’s Cybersecurity Journey 03:56 – Can AI Take Your Job? 06:41 – Repetitive Work vs Human Judgment 09:39 – Why Humans Still Matter in Cybersecurity 11:11 – AI Mistakes, AWS Stories & Empty Databases 13:52 – Vibe Coding & AI-Generated Software Risks 16:34 – “Ship It Now, Fix Security Later” Returns 17:40 – Do We Need a Cybersecurity “Chernobyl”? 19:10 – Stuxnet & Critical Infrastructure Wake-Up Calls 20:21 – Retail Breaches, PCI & Ransomware Economics 22:32 – Why Some Organizations Still Ignore Cybersecurity 24:36 – School Systems, Human Risk & Teacher Targeting 27:56 – OT, SCADA & Availability in Critical Systems 28:46 – The Story Behind Apparent Security 29:27 – Dad Jokes, Presentations & Security Awareness 31:44 – Theater Background & Public Speaking 33:04 – Why the Company Is Called “Apparent Security” 34:35 – Wrestling, Branding & Memorable Gimmicks 37:18 – AI Career Advice & Paying It Forward 40:23 – Conferences, Community & Cyber Networking 41:58 – “The Most Secure Woman in the World” Joke 43:20 – Final Thoughts & Closing   TOPICS COVERED AI and cybersecurity careers, Human-in-the-loop security, SOC analyst evolution, Deepfakes and generative AI, Cybersecurity education, Security awareness training, Supply chain attacks, Stuxnet and critical infrastructure, Ransomware economics, Vibe coding risks, Community and mentorship in cyber    #CyberSecurity #ArtificialIntelligence #AI #CyberMettle #HumanRisk #Deepfakes #CyberCareers #InfoSec #SecurityAwareness #CyberPodcast #GenerativeAI #SOCAnalyst #Ransomware #CyberLeadership #KnowBe4 KEYWORDS: James McQuiggan Apparent Security Cybersecurity AI jobs Will AI replace cybersecurity jobs AI in cybersecurity Human risk management Cybersecurity careers 2026 Deepfake cybersecurity SOC analyst AI Generative AI security Cybersecurity podcast Cybersecurity leadership Cybersecurity education Vibe coding cybersecurity KnowBe4 cybersecurity AI workforce disruption Cybersecurity mentorship Cybersecurity community Ransomware discussion Stuxnet cybersecurity

Why Cybersecurity Hiring Is Breaking the Talent Pipeline: Pete Strouse on AI, GRC & Recruiting S1E24

AI is changing cybersecurity hiring faster than most companies are prepared for. Recruiter Pete Strouse joins  ⁨@TheCyberMettlePodcast⁩  [https://studio.youtube.com/channel/UCyf4TYnc-0AKW79TbxfK3zw] to explain why entry-level roles are disappearing, how GRC is evolving, and what professionals must do to stay relevant. In this episode of The Cyber Mettle Podcast, Omar Sangurima and Alyson Laderman sit down with Pete Strouse, founder of InfoSec Connect and widely known as “The GRC Recruiter,” for an unfiltered conversation about the future of cybersecurity hiring. Pete shares what he’s seeing firsthand across GRC, compliance automation, MSSPs, consulting firms, and cybersecurity startups, including: * Why companies increasingly want senior talent without building junior pipelines; * How AI and automation are reshaping GRC and SOC analyst roles; * The hiring biases most companies won’t openly discuss; * Why networking matters more than ever in cybersecurity; * The growing importance of GRC engineering and AI governance; * How transferable skills can outperform “perfect” resumes; * Why culture and motivation matter more than compensation alone; and * The hidden long-term risks of eliminating entry-level opportunities. The discussion also explores private equity’s impact on cybersecurity organizations, recruiting realities behind the scenes, and what cybersecurity professionals should focus on now to remain competitive in an AI-driven market. If you work in cybersecurity, GRC, compliance, governance, audit, risk management, or are trying to break into the industry, this episode delivers practical insight from someone who sees hiring trends every single day.   ABOUT PETE STROUSE: Pete Strouse is the founder of InfoSec Connect and a longtime recruiter specializing in Governance, Risk, Compliance (GRC), information security, audit, DFIR, MSSPs, and cybersecurity startups. Known online as “The GRC Recruiter,” Pete has spent more than a decade helping organizations hire cybersecurity talent while advising professionals on career strategy and market trends. Chapters:  00:00 – Introduction and disclaimer 01:11 – Pete Strouse’s background in GRC recruiting 02:04 – Why GRC platforms now need actual practitioners 03:02 – AI, automation, and the disappearing entry-level role 05:09 – The cybersecurity hiring market reality 06:43 – Why companies only want experienced hires 08:17 – Experience requirements and hiring bias 09:29 – Where entry-level cybersecurity talent can still gain experience 11:34 – Networking strategies that actually work 14:13 – Why human connection matters more in the AI era 15:25 – Hiring biases companies rarely admit publicly 17:20 – Private equity’s growing influence in cybersecurity 18:54 – Market consolidation and compliance automation 20:25 – Personal branding and standing out in cybersecurity 22:31 – Transferable skills hiring managers value 24:41 – Why recruiters fight for candidates with strong intangibles 26:15 – Can resumes communicate intangible skills? 27:36 – Do cover letters still matter? 29:38 – Technical skills worth learning right now 32:01 – Why portfolios and proof matter more than resumes 34:50 – The cybersecurity talent pipeline problem 36:12 – Why MSSPs should hire more junior talent 38:32 – Understanding employee motivators 40:19 – Leadership, culture, and retention strategies 44:24 – Loyalty, layoffs, and short job stints 46:09 – How Pete developed his recruiting philosophy 48:31 – Pete’s advice for fixing cybersecurity hiring 49:12 – Final thoughts and closing   #CyberSecurity #GRC #AI #CyberJobs #InfoSec #CyberCareers #GovernanceRiskCompliance #CybersecurityLeadership #Compliance #RiskManagement #CybersecurityHiring #AIinCybersecurity #CyberMettlePodcast   KEYWORDS: cybersecurity hiring, GRC careers, AI in cybersecurity, cybersecurity recruiting, Pete Strouse, InfoSec Connect, cybersecurity jobs, entry level cybersecurity, GRC engineering, cybersecurity workforce, cybersecurity talent shortage, AI automation jobs, compliance automation, cybersecurity leadership, cybersecurity recruiting trends, governance risk compliance, cybersecurity mentorship, private equity cybersecurity, AI governance, cybersecurity networking

Cert Corner | CISM Explained: 2026 Exam Changes, What It Really Means, and Who Should Get It S1E23

Thinking about the CISM? The exam is changing, and most people misunderstand what it actually tests and validates. Here’s what ISACA really expects, plus how to think like a manager (not an engineer) to pass. In this Cert Corner episode of  ⁨@TheCyberMettlePodcast⁩  [https://studio.youtube.com/channel/UCyf4TYnc-0AKW79TbxfK3zw], Dr. Omar Sangurima and Alyson Laderman break down the Certified Information Security Manager (CISM) certification: what it is, what’s changing on November 3rd, and whether it’s actually worth your time. This isn’t a surface-level overview. We get into: * The new exam structure and domain weighting * Why CISM is considered a “gatekeeper” certification * The critical mindset shift: thinking like a manager, not a practitioner * How CISM compares to CISSP and CRISC * Real-world value: how it helps you connect security functions and lead programs We also cover test-taking strategy, remote proctoring realities, and why many candidates struggle. It's not because they lack knowledge, but because they answer from the wrong perspective. If you're aiming for mid-to-senior level cybersecurity roles, managing teams, or moving into leadership, then this episode is for you. ⏱️ CHAPTERS 00:00 – Welcome to Cert Corner: Why CISM Still Matters 01:45 – Big Change: New CISM Version Coming November 3 03:20 – Experience Requirements & “Gatekeeping” Reality 05:10 – New Domain Weighting: Program + Incident Management 07:00 – Who CISM Is REALLY For (Manager-Level Focus) 08:30 – CISM vs CISSP: Which One Should You Get? |10:15 – The Certification Gap Above Manager Level 11:30 – Exam Format: 150 Questions, 4 Hours, No Adaptive Scoring 12:45 – KEY TIP: Think Like a Manager, Not a Technician 14:30 – Incident Response Example: Why “Follow the Plan” Wins 16:00 – Distractors and Test Strategy Insights 18:00 – Remote Proctoring: What to Expect (and Fear) 22:00 – Real Talk: Proctoring Horror Stories & Test Anxiety 26:00 – Cost Breakdown: What You’ll Actually Spend 27:30 – CISM vs CRISC: Risk vs Program Leadership 29:30 – CISM vs CISSP Deep Comparison 33:45 – Career Impact: How CISM Changes Your Thinking 37:00 – Breaking Down Silos Across Security Teams 39:00 – Why Companies Misuse Certifications in Job Reqs 41:00 – Final Thoughts: Should You Get the CISM? 42:30 – Outro and What Certs to Cover Next Keywords: CISM certification, ISACA CISM 2025, cybersecurity certifications, CISM vs CISSP, CRISC vs CISM, cybersecurity management certification, security program management, ISACA exam changes, cybersecurity leadership cert, cyber career path #CISM #CyberSecurity #ISACA #Certifications #CISSP #CyberLeadership #GRC #InfoSec #CyberCareers #CyberMettle