The journey to become a cybersecurity consultant
Manny had an unconventional start to cybersecurity. He took a creative approach to his learning and was primarily self-taught. We were hugely impressed with his abilities and he successfully passed our interview and practical testing and was offered a job in April 2019. Since then Manny has taken advantage of one of the benefits of working with us — our learning and growth scheme — to gain his OSCP and OWSP qualifications among many others.
Manny’s current focus is product security, specifically in large enterprises. In the interview, he explains that, “I really enjoy working alongside product engineering teams to really understand what it is you’re trying to accomplish and then apply an attacker’s mindset to determine the best way to break it.”
Emerging cybersecurity trends
I asked Manny about emerging trends and about security considerations for tomorrow. He sees the two biggest risk areas as the growth in the cloud and IoT devices. Cloud adoption has risen dramatically over the past few years and he believes we’re eventually going to get to the point where most organizations are going to be on the cloud versus a traditional type of infrastructure workload. But cloud security is different, and knowing the difference can help your business meet the twin challenges of modernizing your infrastructure and staying secure.
IoT devices are seeing an exponential growth across many industries at the moment, but particularly in the medical sector. Managing the ongoing security beyond deployment is a significant challenge. Are businesses able to support and manage the device as well as deploy it in a secure way? For many of these devices, functionality is the primary aim with security a secondary consideration. Manny sees a growth in the requirement for experts to identify weaknesses and vulnerabilities in smart devices across all industries in the coming years.
Mentoring the next generation
Outside of Security Compass Advisory, Manny founded the charity Hackers for Change. It’s a non-profit based out of Toronto that provides free offensive cybersecurity services to charities and other non-profits. One of the primary reasons for setting it up was to help people who don’t have qualifications get started in the industry. They offer students, people from marginalized communities, or anyone from any walk of life the chance to collaborate with experienced senior cybersecurity experts. They would collaborate with the team and have the chance to do guided penetration tests from reconnaissance to reporting. He added in the interview that “not only do charities and nonprofits get secured, we also help gear up the next generation of cybersecurity.”
So if you’re a charity looking for security services, or if you are looking to volunteer in the cybersecurity industry or start a career in penetration testing, check out their website for full details.
After watching the interview with Manny, you may have questions about our advisory services, including penetration testing, and how we customize our assessments according to your specific requirements, technology, compliance frameworks, and processes. Security Compass Advisory has deep expertise in penetration testing, partnering with clients and delivering actionable findings.