![Jon Good](/img/default-banner.jpg)
- Видео 1 105
- Просмотров 3 782 751
Jon Good
США
Добавлен 4 окт 2019
Cyber Security career advice, expert interviews, threat intelligence, and training content! Click for info ➡️
MY MISSION:
Jon Good (me) is a cybersecurity industry leader passionate about helping people break into cybersecurity jobs and helping those in the field accelerate their career journey to reach their ultimate goals. Jon holds a bunch of industry certifications (CISSP, CISM, CISA, GCIH, GWAPT, plus more) and has held a variety of jobs, including Cloud Security and Compliance Manager, Cybersecurity Architect, Engineer, Analyst, and Consultant.
If you like what you hear so far, why not subscribe to the channel?!
Want training or career services? Visit ➡️ www.cybertrainingpro.com/
Looking to start a career in Cyber Security? Visit ➡️ jongood.com/getstarted/
Interested in having your product or service reviewed, sponsored content, or other brand partnerships? Visit ➡️ www.jongood.com/sponsor/
MY MISSION:
Jon Good (me) is a cybersecurity industry leader passionate about helping people break into cybersecurity jobs and helping those in the field accelerate their career journey to reach their ultimate goals. Jon holds a bunch of industry certifications (CISSP, CISM, CISA, GCIH, GWAPT, plus more) and has held a variety of jobs, including Cloud Security and Compliance Manager, Cybersecurity Architect, Engineer, Analyst, and Consultant.
If you like what you hear so far, why not subscribe to the channel?!
Want training or career services? Visit ➡️ www.cybertrainingpro.com/
Looking to start a career in Cyber Security? Visit ➡️ jongood.com/getstarted/
Interested in having your product or service reviewed, sponsored content, or other brand partnerships? Visit ➡️ www.jongood.com/sponsor/
Cyber Threat Intel - June 25, 2024 - Ep 56 // Cyber Security News
Cyber Threat Intel - June 25, 2024 - Ep 56
Visit the Cyber Threat Intel website ➡️ www.CyberThreatIntel.com/
Join us as we dive deep into the world of cybersecurity, uncovering the cyber threats of today that affect us all.
From ransomware attacks crippling businesses to phishing scams targeting the unwary, no threat is too big or too small for our expert analysis.
Cyber Threat Intel arms you with the knowledge to protect yourself in the digital age. Whether you're a cybersecurity professional or just curious about the threats lurking in the digital shadows, this podcast is for you.
Subscribe now on RUclips or your favorite podcast listening platform, and join us on the front lines of cybersec...
Visit the Cyber Threat Intel website ➡️ www.CyberThreatIntel.com/
Join us as we dive deep into the world of cybersecurity, uncovering the cyber threats of today that affect us all.
From ransomware attacks crippling businesses to phishing scams targeting the unwary, no threat is too big or too small for our expert analysis.
Cyber Threat Intel arms you with the knowledge to protect yourself in the digital age. Whether you're a cybersecurity professional or just curious about the threats lurking in the digital shadows, this podcast is for you.
Subscribe now on RUclips or your favorite podcast listening platform, and join us on the front lines of cybersec...
Просмотров: 108
Видео
Cyber Threat Intel - June 24, 2024 - Ep 55 // Cyber Security News
Просмотров 1552 часа назад
Cyber Threat Intel - June 24, 2024 - Ep 55 Visit the Cyber Threat Intel website ➡️ www.CyberThreatIntel.com/ Join us as we dive deep into the world of cybersecurity, uncovering the cyber threats of today that affect us all. From ransomware attacks crippling businesses to phishing scams targeting the unwary, no threat is too big or too small for our expert analysis. Cyber Threat Intel arms you w...
Cyber Threat Intel - June 20, 2024 - Ep 54 // Cyber Security News
Просмотров 16612 часов назад
Cyber Threat Intel - June 20, 2024 - Ep 54 // Cyber Security News
Cyber Threat Intel - June 19, 2024 - Ep 53 // Cyber Security News
Просмотров 15914 часов назад
Cyber Threat Intel - June 19, 2024 - Ep 53 // Cyber Security News
Cyber Threat Intel - June 18, 2024 - Ep 52 // Cyber Security News
Просмотров 14416 часов назад
Cyber Threat Intel - June 18, 2024 - Ep 52 // Cyber Security News
Cyber Threat Intel - June 17, 2024 - Ep 51 // Cyber Security News
Просмотров 16619 часов назад
Cyber Threat Intel - June 17, 2024 - Ep 51 // Cyber Security News
Cyber Threat Intel - June 13, 2024 - Ep 50 // Cyber Security News
Просмотров 257День назад
Cyber Threat Intel - June 13, 2024 - Ep 50 // Cyber Security News
Cyber Threat Intel - June 12, 2024 - Ep 49 // Cyber Security News
Просмотров 149День назад
Cyber Threat Intel - June 12, 2024 - Ep 49 // Cyber Security News
Cyber Threat Intel - June 11, 2024 - Ep 48 // Cyber Security News
Просмотров 17914 дней назад
Cyber Threat Intel - June 11, 2024 - Ep 48 // Cyber Security News
Secret Lessons Learned From My GRC and Cyber Security Career
Просмотров 45114 дней назад
Secret Lessons Learned From My GRC and Cyber Security Career
Cyber Threat Intel - June 06, 2024 - Ep 47 // Cyber Security News
Просмотров 11714 дней назад
Cyber Threat Intel - June 06, 2024 - Ep 47 // Cyber Security News
Cyber Threat Intel - June 05, 2024 - Ep 46 // Cyber Security News
Просмотров 11314 дней назад
Cyber Threat Intel - June 05, 2024 - Ep 46 // Cyber Security News
Cyber Threat Intel - June 04, 2024 - Ep 45 // Cyber Security News
Просмотров 14221 день назад
Cyber Threat Intel - June 04, 2024 - Ep 45 // Cyber Security News
Cyber Threat Intel - June 03, 2024 - Ep 44 // Cyber Security News
Просмотров 16121 день назад
Cyber Threat Intel - June 03, 2024 - Ep 44 // Cyber Security News
Cyber Threat Intel - May 30, 2024 - Ep 43 // Cyber Security News
Просмотров 17921 день назад
Cyber Threat Intel - May 30, 2024 - Ep 43 // Cyber Security News
Cyber Threat Intel - May 29, 2024 - Ep 42 // Cyber Security News
Просмотров 14921 день назад
Cyber Threat Intel - May 29, 2024 - Ep 42 // Cyber Security News
Cyber Threat Intel - May 28, 2024 - Ep 41 // Cyber Security News
Просмотров 18228 дней назад
Cyber Threat Intel - May 28, 2024 - Ep 41 // Cyber Security News
Cyber Threat Intel - May 23, 2024 - Ep 40 // Cyber Security News
Просмотров 204Месяц назад
Cyber Threat Intel - May 23, 2024 - Ep 40 // Cyber Security News
Cyber Threat Intel - May 22, 2024 - Ep 39 // Cyber Security News
Просмотров 195Месяц назад
Cyber Threat Intel - May 22, 2024 - Ep 39 // Cyber Security News
Cyber Threat Intel - May 21, 2024 - Ep 38 // Cyber Security News
Просмотров 179Месяц назад
Cyber Threat Intel - May 21, 2024 - Ep 38 // Cyber Security News
Cyber Threat Intel - May 20, 2024 - Ep 37 // Cyber Security News
Просмотров 110Месяц назад
Cyber Threat Intel - May 20, 2024 - Ep 37 // Cyber Security News
What is Risk Management? Improve your GRC program with this tool…
Просмотров 600Месяц назад
What is Risk Management? Improve your GRC program with this tool…
Cyber Threat Intel - May 16, 2024 - Ep 36 // Cyber Security News
Просмотров 190Месяц назад
Cyber Threat Intel - May 16, 2024 - Ep 36 // Cyber Security News
Cyber Threat Intel - May 15, 2024 - Ep 35 // Cyber Security News
Просмотров 160Месяц назад
Cyber Threat Intel - May 15, 2024 - Ep 35 // Cyber Security News
Cyber Threat Intel - May 14, 2024 - Ep 34 // Cyber Security News
Просмотров 222Месяц назад
Cyber Threat Intel - May 14, 2024 - Ep 34 // Cyber Security News
Cyber Threat Intel - May 13, 2024 - Ep 33 // Cyber Security News
Просмотров 168Месяц назад
Cyber Threat Intel - May 13, 2024 - Ep 33 // Cyber Security News
Cyber Threat Intel - May 09, 2024 - Ep 32 // Cyber Security News
Просмотров 164Месяц назад
Cyber Threat Intel - May 09, 2024 - Ep 32 // Cyber Security News
Cyber Threat Intel - May 08, 2024 - Ep 31 // Cyber Security News
Просмотров 107Месяц назад
Cyber Threat Intel - May 08, 2024 - Ep 31 // Cyber Security News
Cyber Threat Intel - May 07, 2024 - Ep 30 // Cyber Security News
Просмотров 141Месяц назад
Cyber Threat Intel - May 07, 2024 - Ep 30 // Cyber Security News
Cyber Threat Intel - May 06, 2024 - Ep 29 // Cyber Security News
Просмотров 183Месяц назад
Cyber Threat Intel - May 06, 2024 - Ep 29 // Cyber Security News
Keep growing buddy
I have been hearing this for years, it's time to start addressing the vaunted HR Gatekeepers and unrealistic entry level descriptions 😅😂
Federal Reserve is important alright, important for screwing over the economy and allowing inflationary spending.
Good or bad decisions doesn't directly mean they are less important in the broader picture of things.
Thank you!
You're welcome!
Hey, i have just started my journey in IT, and i really want to pursue CyberSec. Can you provide with something like a roadmap. I have been researching about this for the past 2 days and haven’t got any specific path. Thank you
The good news is that you've found my channel! Visit my Getting Started page ( jongood.com/getstarted/ ) and download my free eBook. You'll have a roadmap of skills and certifications to pursue and a lot of additional information to help you in your journey.
Hey Jon great video....can you tell me ....is there a cost for giving the CISM exam? If yes....how much is it?
You can find all the pricing information in the CISM Exam Candidate Guide ( www.isaca.org/credentialing/cism ). As of today, it says ISACA Members pay $575 (USD) or Nonmembers pay $760 (USD).
Amercian police departments have also been using XAVER to see people inside their homes through walls without search warrants .
That wouldn't be the first time that we've seen governments go right up to the line of legality or even potentially cross the line.
What do you recommend as a person who has no prior knowledge of cybersecurity?
Very informative 👍
Glad it was helpful!
I have upcoming interview scheduled this week. Can you share basic interview questions that can be asked in splunk Siem tool for security analyst position (2+year)
@@ishwaryanarayan1010 I have several videos on the channel for interview preparation and this Splunk tutorial that you should watch. Also, make sure to let me know how the interview goes and to help other people in a similar situation!
@@JonGoodCyber sure will share:)
I truly disagree with this. Completing A+ core 1 & 2 shows your knowledge in basic IT. I would agree if you already have your bachelor degree focus on IT.
You are completely welcome to disagree, but remember that just because that's your assumption doesn't mean that's the reality or that the numbers actually support it. Too often these days, beginners aim way too low using that mindset, and then they wonder why they struggle to land jobs competing against candidates at the same experience level yet are considered far more qualified than themselves.
@@JonGoodCyber it is my opinion. I wouldn’t just get A+ and think I’m going to land a IT gig. But I would get them to combine with whatever direction I choose to go into. Thanks for the reply. But I’ll take my chance doing my way. Plus the way the jobs environment is set up, being a black female in IT is my advantage along 😊 good day
Suggest me a road map for knowledge in cyber security as I'm non IT
It's all documented in my free eBook: jongood.com/getstarted/
Great I am 47 trying to make the switch.
Excellent, and welcome to your new journey!
Honestly you’re right about the not touching hardware, yet some interviews I’ve been to make it seem like I will touch on it and it’s usually HR and nobody else from the department they hiring from on the interview panel.. so I feel like I should just self study and get this cert just to be safe
The only time the knowledge may come into play is on the help desk or IT Support. Most repairs that company staff do is very basic because companies rely heavily on vendor support, or they hire contractors to do repair for them. It's very uncommon for companies to essentially have a Geek Squad type team on staff.
Thanks for your honesty. Too many influencers hawk these courses and I'm glad you called it out. Whenever someone shoves a course in my face, I click away from the video.
Glad it was helpful! It's not that somebody creating a course is somehow inherently bad, but in the wider landscape of the Internet, it's gotten really out of control with garbage information/training.
I was well into my 40s when I started working as a Soc Analyst.
Excellent, and thank you for sharing! I think it's always beneficial for people to know that it can be done!
Enjoy your videos. It's very helpful
Glad you like them!
hello Sir first of all thanks for providing this content I had one question if I purchase One course for 1 month and not completed within it does my course expire?or does it asks for another Payment?
This is just like any other subscription fee where if you don't pay, you won't have access.
I think google course serves it's role perfect. It won't land you a job, but it probably the best intro for a newbie in cybersecurity, and is good prep leading into the first real cert that holds some weight, sec+
The primary goal of certifications is to get you an interview/job, plain and simple. If somebody wants to take the program, that's completely fine, but at least after this video, they'll be aware of the problems with the program. Additionally, going from this program to the Security+, doesn't resolve significant knowledge/skill gaps and isn't a path I would endorse. Too often today, beginners are looking for a single program that gives them everything they need immediately instead of doing the things that actually work and will prepare them for the career field.
Could you please guide me on the cybersecurity domain for a career change..how to contact you on this ?
I recommend visiting my Getting Started page ( jongood.com/getstarted/ ) first, where I've included lots of resources and information to answer many of your initial questions. Additionally, if you would like coaching/mentorship directly, you can schedule a session on Cyber Training Pro ( www.cybertrainingpro.com/p/career-coaching ).
Jon, Got a question for you. I might be over thinking this, but I'm wondering if I can rightfully add "Incident Response" to my resume. Basically my day consists of reviewing alerts, closing out the false positives, from the ones that need further attention. And this usually means that I identify the malicious activity, identifying steps the client can take to address the issue and escalating the issue to the client. Does this fall in the realm of "Incident Response" and can I rightfully list it in my resume, or would it be misleading if I did so? Thank you.
Based on what you've explained, it sounds like you have some early involvement in the identification of possible incidents, which if identified, would start the Incident Response process. Although this does have a connection to IR, you need to be cautious about how you label that. When most people think about Incident Response, they are thinking about the people who get called if something suspicious is identified and will dive deeper into an investigation about it. If you are doing the investigation, I think it's reasonable to assume you are involved in IR, but you need to make that determination.
How about KQL and / or it's AWS and Splunk equivalents?
I have several videos talking about AWS and Splunk so I'll leave those videos to speak for themselves. KQL, like many things, is useful for specific situations but certainly isn't the first thing I would run out and tell people to learn.
@JonGoodCyber I had never heard of KQL until our Soc moved on from Alienvault to using Microsoft. We mostly work from Sentinel and use KQL a lot.
I disagree. To start almost any career in cybersecurity you must pay your due and work IT Support/Help Desk. A+ teaches fundamentals and helps to start said career.. Poor advice in my opinion...
You're certainly welcome to disagree, but to say that somebody has to "pay their due" and spend time in a specific job unnecessarily is a very gatekeeper mindset. In fact, that mindset is what's making it so difficult for people to get into cybersecurity, both with and without prior experience. Don't be a part of the problem-be a part of the solution.
Hey I get the problems you listed here are quite substantial and worth taking in consideration while looking for a course as this one. Please recommend good courses at a reasonable price that get the job done.
Thanks for watching! You can find all my recommendations in my free eBook ( jongood.com/getstarted/ ).
I didn’t understand that much
I recommend watching the full interview to get more context.
👍
Thanks for watching!
It's not only hardware. I also had the same outlook until I actually did the certification.
I never said it ONLY focused on hardware as it's easy to look at the exam objectives and see that's not the case. The fact is though, that hardware is a major part of the certification and the jobs that it's really targeting. Just because we can learn something, doesn't mean it brings enough value, if any, for it to actually make sense to learn.
It degree I am from another country 25 years old, looking for a job since 3 months in IT, nothing yet
I always recommend looking at my free eBook's roadmap ( jongood.com/getstarted/ ), which provides a ton of information to help you be successful. In most cases, if you aren't getting calls for interviews, it's because you don't have the required skills/knowledge, you aren't the most qualified candidate meaning you need more skills/knowledge to stand out, or your resume needs work.
Wait are we talking about ants or computers?
Which do you think?
muy bueno el video explica lo esencial :)
I'm glad that you enjoyed it!
@JonGoodCyber Hey John, there is a associates program at my community college for Information Systems, Cyber Security. I have no experience in this field but i would like to know if you have any advice on a certification I could try first to see if it’s something viable for me? Any advice would be appreciated! I’m also 28 and have two under two so I cannot go full time to school.
I always recommend beginning with my Getting Started page and eBook ( jongood.com/getstarted/ ). Additionally, if you are interested in a university/college program, I highly recommend sticking to the NSA's Centers of Academic Excellence list ( www.nsa.gov/Academics/Centers-of-Academic-Excellence/ ).
What do I do if I've been compromised?
Changing your passwords is the first step in securing your accounts. There are lots of tutorials out there on how to respond.
As always great vid/stream, and thanks for the insight. An enhancement for future could be adding chapters for each article to the timeline, but it's nice that these are not long anyway.
I'm glad that you enjoyed it! I will consider it if the shows become popular enough, but I wouldn't count on it for these daily episodes while I'm a one man show.
You need as many certifications as possible if u got computer degrees.
Quantity over quality is a misconception that many new professionals have, and although there can be some benefit to that early on, it is rarely the BEST approach.
3 years!
Such a long time!
I have my cybersecurity college degree and network cable, information technology specialist certification. But i haven't landed a job yet. I'm thinking getting A+ just to get a foot in the door.
I recommend checking out my Getting Started page and grabbing my free eBook ( jongood.com/getstarted/ ), which includes a roadmap of skills and certifications to pursue.
@@JonGoodCyber that doesn't help me at all.
Hi I'm m in the process of obtaining the following for 3 certifications from SANS ... SEC275 Foundations & GFACT Certification... The second course you will take is SEC401 Security Essentials & GSEC Certification.... The third and final course you will take is SEC504 Incident Handling & GCIH Certification ... I have zero IT experience and just wanted to know upon completion of these certifications what type of job can I get?
No certification will guarantee you a job but GIAC certifications are certainly beneficial to possess. The GFACT isn't really going to do much but the GSEC and GCIH are absolutely certifications that employers like to see, especially in SOC (Security Operation Center) staff. The GIAC certifications will absolutely give you a good security foundation but you won't get some of the IT foundation that you should have in the career field. I recommend also looking at the roadmap in my free eBook ( jongood.com/getstarted/ ) to identify and resolve any gaps in knowledge/skill that you might have. From there it will be about how well you present yourself to employers and your ability to find an opportunity matching your skill/knowledge level, which in theory should be plenty for an entry level security role.
What if i just absolutely love fixing broken things and $40 an hour is good enough for me? Thats what it specialists are making in my area. Avg of 39. A+ definitely “really matters”
If you just want to work break-fix issues all day long, more power to you! The issue has nothing to do with the pay. Obviously the higher jobs that you go, the more pay that you get...but really it's about aiming higher than the most entry level position that exists. The people that really succeed in both IT and Cyber Security are the ones who aren't willing to accept the traditional mindset or the bottom level jobs just because somebody says to do it that way. My advice might not always be "easy," but that's also why my students shoot to the top of the pile and corporate hierarchy quickly!
How do i qualify for the CISSP exam? Like without having a work experience? Can there be a possibility where I just do the certs and waive off my 5 year requirement?
To clarify, there are no requirements for the exam, just to be certified. All the requirements for the CISSP, including possible waiver options, can be found on the ISC2 website: www.isc2.org/certifications/cissp/cissp-experience-requirements
Pretty sure our adversaries in the world are engaging in an invisible cold war against us via hacking. Creepy. We got to protect our nation from these bad actors.
There are breaches happening every day that we don't know about and may not know about for some time.
1:28 _WHAT YEAR IS IT??_
You found an Easter egg…way to pay attention!
Nice one bro
Have to disagree, I never would’ve broken into the tech market if I hadn’t. My first tech employer straight up told me that I wouldn’t have been hired without it and it made me stand out
First of all, congrats on your job! It is completely your option to disagree, but remember that you are speaking based on your single experience, which rarely tells the story for the entire career field...and I am speaking regarding well over a decade of personal experience in the career field, years of work experience outside of the career field, and having helped countless professionals break into the industry. Additionally, my advice is geared at getting people into higher level positions than what the A+ will allow, which is generally more lucrative but comes with a different mindset and professional requirements.
Thanks that answer my question
Happy to help!
Thank you Jon for this video.
You're welcome!
What's the most lucrative specialty?
Lucrative means different things to different people, but overall, the pay is very similar across all positions so it really comes down to the company if that is your major driver. GRC and Cloud are where the greatest opportunity exists in the current job market.
"mah-yor-ka" =) What is an organizational CSec training resource you like? Fun story: /sar/ My first introduction to CySec was a SIM swap by a Best Buy insider threat back in 2012.
Thank you! Honestly, there are so many great resources out there depending on the subject, so it would be difficult to pick just one.
Thanks always love hearing you
Thanks for listening!
This is a great video, but a suggestion would be to lost clearly which versions are vulnerable, cropping for shorts is hard.
Thanks for the suggestion! That said, these shorts are not meant to cover a topic entirely as that's what the full show, Cyber Threat Intel, is meant to do if people want to know more about it.
@JonGoodCyber Awesome! Didn't mean to come across anything else than positive, it made my day coming across something that I'm interested in like this! Keep up the hard work, there is definitely a need for good quality short content like this! (Subbed)
@@joshxwho No worries. I always appreciate the feedback. Welcome aboard!
I earned my IT SUPPORT SPECIALIST CERTIFICATION. Almost done with Data Analytics, continues with cyber and other's. Hope those steps helps me more . But rally don't like t see people comments , yeha short time this that .... maybe . But those people learned anything on skills ? .... anyways. !! Thanks mate
I'm glad that you are enjoying the content!
I have Cysa++ but I don’t have experience. Which title I should looking for on search?
I highly recommend working through my free eBook's roadmap to make sure you have the knowledge and skills that employers are going to expect. If you only have a CySA+, you definitely have some glaring gaps in your foundation. Common job titles include Information Security Analyst/Engineer, SOC Analyst/Engineer, etc. but you really need to look at the experience/skills listed and see if it's a good fit because titles mean relatively little.
Great respect for your honesty. Thanks.
My pleasure!