#TeamSimplyCyber #TeamSC WoooooWeeeee!!! GRC, BABY!! Looking forward to this one!
@robertschmid3086Күн бұрын
do you know if they are many fully remote GRC jobs? Or have you found most positions are in office?
@nyamze29Күн бұрын
I have a Bachelor of Commerce degree in Law. Completed the Google Cyber Security Certificate. This was great video to guide me into where or career path I can take. That is not very technical
@susys8501Күн бұрын
I want to study CyberAccouting… doing research. 🧐. Is it worth it?
@chaseelder27584 күн бұрын
I created a fabric plugin for Obsidian, find it in the community plugin list under “unofficial fabric integration”
@mansourjibrahim4 күн бұрын
Great video & awesome conversation Steve! I'm fortunate to say I've successfully pivoted from helpdesk / customer service to GRC end of last year! My aim is now to do GRC work (perform assessments, audits, etc..) while still learning (foundational) technical knowledge. All the best to you!
@cpatocybersecurityКүн бұрын
Kudos! Great place for breadth of exposure to learn lots.
@Bryghtpath12 күн бұрын
Really inspiring to hear how people from diverse backgrounds, like accounting, can successfully transition into cybersecurity GRC roles.
@cpatocybersecurity11 күн бұрын
Thanks for watching and the comment.
@Will-Reed13 күн бұрын
Hey Steve. You did such a great job of providing a summary of risk management for businesses from the lens of the GRC practitioner. You also did an excellent job of conveying the mindset that should be underlying a GRC practitioner's approach to identifying, communicating, and managing risk. Keep doing what you're doing!
@cpatocybersecurity11 күн бұрын
That means a lot coming from you @will-reed. Thank you!
@LiamMcConnellCG13 күн бұрын
Love the championing of GRC within security. Such a crucial role for all businesses!
@cpatocybersecurity11 күн бұрын
Agree! Do it well and it can add a lot of value, eg by being a compass to navigate and make prioritization decisions.
@cyber_salih16 күн бұрын
Thanks for your time Steve, really enjoyed this conversation! 🎉
@cpatocybersecurity16 күн бұрын
Right back at you dude! And keep up the inspiring work!
@AndresVerdana-gx3wn18 күн бұрын
Hi steve, hope you're doing well! I am an aspiring grc professional currently in university, I am clueless about the different roles in GRC, could you explain it a separate video?
@cpatocybersecurity18 күн бұрын
Hey thanks for the question. I touch on it in lesson's 3 and 5 of my free email course here: www.cpatocybersecurity.com/c/break-into-grc. It could also be a good topic for Study GRC on Aug 28 or another time if you can make it studygrc.org/home
@CipherOne20 күн бұрын
How are you a cybersecurity specialist but you weren’t comfortable with the command line? That doesn’t even make sense.
@cpatocybersecurity19 күн бұрын
I do a lot of business administration type work to support the blue and red teams from GRC. People, process, policies, procedures, reporting, auditing, budgets, security awareness etc and always working to get more technical.
@neighborhoodphysicaltherap494311 күн бұрын
Cybersecurity is a much broader field than just penetration testing. There are a wide range of roles with varying requirements for technical knowledge and expertise.
@JustAGrl00725 күн бұрын
This was a really good roadmap breakdown. Thank you!
@cpatocybersecurity25 күн бұрын
Thanks for watching and the comment! Let me know if you have any questions.
@thesukhster25 күн бұрын
For some reason, I cannot find the link to getting the GUI up and running. Grateful if you can share it.
@cpatocybersecurity23 күн бұрын
If you have the fabric client installed, in the terminal, type fabric -gui. If you don’t have it installed, there’s a QuickStart guide in the GitHub project Readme file. Does that answer your question?
@pSicadeLio266 күн бұрын
@@cpatocybersecurity having issues too, did someone removed the GUI?
@zheli24176 күн бұрын
@@cpatocybersecurity is it still there? I get unknown flag gui error when run the command. Fabric works fine here if without gui
@cpatocybersecurity6 күн бұрын
@@zheli2417 I did a fabric -u update and the gui still works. They did migrate Fabric to Go recently which was noted in UL 446 danielmiessler.com/p/ul-446
@cpatocybersecurity6 күн бұрын
@@pSicadeLio26 I did a fabric -u update and the gui still works. They did migrate Fabric to Go recently which was noted in UL 446 danielmiessler.com/p/ul-446
@KamikazeStrikeATKАй бұрын
Even I noticed that the description was created using Fabric. I loved it.
@cpatocybersecurityАй бұрын
Hey that for watching and the comment. A human did review and refine the output! But of course a handy utility for generating a description.
@HyperdriveRecruitingАй бұрын
Could you show me how to use this feature sometime? Or point me towards a video? Daniel said there would be a nice gui available soon, but I think learning the basics of CLI would be a good idea.
@cpatocybersecurityАй бұрын
Hey you bet. Step 1 is to install the fabric client, where I have Feb 2024 instructions here - the key is to reference the GitHub project README file. My understanding is that it’s smoother on a Mac if you happen to use or have access to one. If you run into installation issues you can see or create an Issue in the GitHub project, or let me know and I can do my best! www.cpatocybersecurity.com/p/fabric. Network Chuck recently did a video that I think covers the installation as well. Once you have the client (or if you do already) let me know and we can talk custom patterns which Daniel has a video on and I have a quick reference blog post.
@dukeofearl8078Ай бұрын
It seems to me that Fabric is perfectly suited for Docker containerization.
@gritred5500Ай бұрын
Ok, so the job postings will name Isaca certs but job postings seem to always say “or other equivalent” so I decided I should (and I did) get the CCSK certification and open book or not it was difficult do pass. Note the questions where written (maybe Europeans communicate differently than US and therefore it adds a language disconnect?). Also, i took two udemy classes for cloud and got through the AWS practitioner certification previous to the CCSK and this was great because the CCSK material is in there and CCSK reaffirmed (shared responsibility model etc). The cloud knowledge was key in helping me get straight all the tech involved such as monitoring, backing up, least privilege, siem, edr… HINT: You missed software as a possible route such as becoming an admin for something such as Service now or Archer?? I feel that after the AWS cloud Practitioner and CCSK I was ready to see the practical workaday stuff and took the GRC masterclass which his stream of consciousness way of instructing was perfect to let me see how a seasoned GRC professional completes audits and risk assessment etc.
@gritred5500Ай бұрын
I believe you missed OCEG as a good resource and with a discount code the pro membership looks to be a good bargain as it includes live streams and classes and certifications…lots of support. Do you believe OCEG is a good organization as well?
@cpatocybersecurityАй бұрын
I have them as a “runner up” for Intermediate I
@cpatocybersecurityАй бұрын
Sounds like you’re on a good path - great stuff! And good note about software admin being an entry point.
@FayobiАй бұрын
hi, thank you for your video. I am based in the UK, I have no experience in cyber security and/or IT, but I want to change careers and I believe i have transferable skills for GRC roles. Is this roadmap suitable for UK residents? if not, could you please advise on a road map for uK residents, thank you.
@dakshinabeykoonАй бұрын
Hi I'm an attorney-at-law from Sri Lanka with an LLB from the UK and currently in my second year of a BSc in Cybersecurity. Could you recommend a career pathway for me to pursue in two years after I finish my degree? Additionally, could you suggest some relevant cybersecurity certifications?
@cpatocybersecurityАй бұрын
Great stuff! Anything of interest or any questions on my GRC cert roadmap here? It could be applied to your questions. www.cpatocybersecurity.com/p/certs
@adzbeatz5106Ай бұрын
Is this also valid for the CISSP exam in the UK?
@cpatocybersecurityАй бұрын
Yes. It’s the same content and exam structure globally.
@francis2k48818 күн бұрын
CISSP is the same anywhere in the world.
@Harris4141-lx1iuАй бұрын
Thanks a lot, i really appreciate, i am beginer, i have a doubt, when i reopen, what should i do , "fabric --gui" or anything else
@DallasFort1857Ай бұрын
just curious to know why did you not just transfer over into data analytics with your professional background and credentials
@cpatocybersecurityАй бұрын
Both great options. And there’s a Venn diagram here of overlap.
@skysummer6429Ай бұрын
Very Valuable, thank you.
@cpatocybersecurity25 күн бұрын
Thanks for watching and the comment. If you have any questions, just let me know.
@AtifKhan-ff4fe2 ай бұрын
Hello sir! Can degrees like Bachelor's in Computer Science and Master's in Cybersecurity offer an experience waiver for certs such as CISA, CISM, CRISC, and CISSP?
@aimademerich2 ай бұрын
Phenomenal
@stateportSound_wav2 ай бұрын
I was going to say I didn’t notice this pattern, but now looking I don’t see it. I wonder if it was removed?
@cpatocybersecurity2 ай бұрын
I think you’re right. The closest I see currently is create_video_chapters. This one though would still be in the commit history if you look around the time I made this short. And you could copy pasted the prompt from that into a custom pattern.
@stateportSound_wav2 ай бұрын
@@cpatocybersecurity Thanks for confirming. I thought to grab the prompt text from your clip, I’ll look into the commit history too, to learn how to check that 🙏
@stateportSound_wav2 ай бұрын
I hope you keep making some form of these fabric videos, I’m learning things about it and Python through this learning experience 🙏
@cpatocybersecurity2 ай бұрын
Hey that's great to hear! I'm pivoting back to GRC for the near term but my fabric playlist is up to 41 videos and it's such a great project I'll certainly be back in some form or another
@stateportSound_wav2 ай бұрын
@@cpatocybersecurity 🙏🫡
@JohnDoe-rg6jn2 ай бұрын
Hi there! I am just playing around with the GUI and its dope!! I was wondering if you have had problem with the adding a document feature? I wanted to have a pdf summarised but somehow nothing happens - not sure if I'm doing something wrong or its a bug.
@cpatocybersecurity2 ай бұрын
Hey sorry I haven't but if you ask in the GitHub discussion the developers can help answer your question github.com/danielmiessler/fabric/discussions
@DevonAIPublicSecurity2 ай бұрын
Hey Steve, great work and great channel keep up the good work my friend.
@cpatocybersecurity2 ай бұрын
Thanks dude!
@SimplyCyber2 ай бұрын
Hey Steve. This is great! Love the work you're doing to empower students to be successful and transform!
@cpatocybersecurity2 ай бұрын
Thanks so much! #TeamSC #TeamGRC
@Cyber2a2 ай бұрын
Thanks again, great info. I've previously purchased the course. Is there a way I can pay for the notes separately?
@cpatocybersecurity2 ай бұрын
Thanks for watching and the question! I’m looking for course beta testers and testimonials. Perhaps if you subscribe to my blog and reply to the welcome email it sends, we can figure out a win-win? Or DM on another platform.
@Cyber2a2 ай бұрын
@@cpatocybersecurity Done, thanks! I actually subscribed to your blog on May 23 but hadn't checked my email to confirm my email.
@QompleteFreedom2 ай бұрын
Great info. I'm a new sub to your channel as I'm looking into transitioning into cybersecurity from a management background. You said you took Gerrys course over a year ago and I'm also subscribed to his channel. Did you take his course to transition into cybersecurity?
@cpatocybersecurity2 ай бұрын
Great stuff and thanks for subscribing! I did a mid-career transition in 2020 and have absolutely benefitted from Simply Cyber training and content since I discovered it. If you’re looking for ideas I have a bunch of 70-20-10 experience-relationships-education Career Development Plan ideas in a template on my blog. Also an email course about breaking in.
@QompleteFreedom2 ай бұрын
@cpatocybersecurity definitely will check that out. I want to transition into GRC.
@ZiRo8152 ай бұрын
Cybersecurity KZbinr that’s never cloned a repo in the terminal. 2024 🎉
@cpatocybersecurity2 ай бұрын
I look forward to crowdsourcing answers to these questions at GRC Study Hall tonight, with Chris Whitlock from the Simply Cyber community. Here's another one I received: "I want to pursue my career in GRC Auditing. But I am confused about the certifications in Auditing. I have knowledge of cybersecurity and penetration testing and also have experience in that. For Auditing we have iso27001 LA but if I go with PECB or BSI, then the certification is costly. But there is one more provider SKILLFRONT, which is cheaper. Can you tell me if I can go with skillfront certification or not."
@mauricecioccato98183 ай бұрын
Nice video,thanks for the video,after sec and Net+ Comptia and GRC certification,which roadmap Do you suggest for becoming Data loss prevention analyst?
@cpatocybersecurity2 ай бұрын
Hey thanks for watching and the question! While I work closely with the InfoSec team for their DLP controls I’ve not performed or hired that type of role before. Have you seen the Simply Cyber community on Discord? I’m sure you’d find more Blue Team people there who would have good experiences and perspectives to share to help you determine a good training path.
@dwmichaels3 ай бұрын
I think this is where Windows really separates itself from the Mac. This process was so easy to follow and trouble-free. Absolutely nothing like the cluster-f*** that is Windows. And it's not the individual applications so much as trying to get them all to work together on a Windows OS. I became best friends with co-pilot for 3 days trying to get everything installed. It was a frustrating and miserable experience. The best I could get was "it worked, but probably want to fix it at some point before regular use". And that was just trying to get to "fabric -h", not even at the API level where it might be helpful. If you code and you have these tools already setup, you've probably been through this hell before and likely know which obstacles to avoid, but if you are not a coder, then you just run into one obstacle after another. Path statements being a huge hurdle (so many times one app doesn't realize where it is installed or the charming pipx problem with not wanting a space in the path name). This really seems like an awesome project, so I'm watching to see what others with Windows are doing, and doing some research now that I know where the biggest problems lie.
@cpatocybersecurity2 ай бұрын
I think there’s also a python theme here and they might be switching to a different language.
@bryan48233 ай бұрын
I know it's not security, but would having the CCNA cert and a little experience in networking be a not too difficult of a transition to GRC , instead of the networking career path? Sorry if the question is too vague.
@cpatocybersecurity2 ай бұрын
Networking is an above average, awesome entry point! Similar to how I used a T-Shaped skill strategy with deep knowledge of system integrity controls with access and change management, your strong domain to get a foothold and add value from day 1 can be networking controls.
@cyberaddict10103 ай бұрын
is experience in cloud security important?
@cpatocybersecurity3 ай бұрын
I think so given the scale and growth of cloud serivces. In Finance a lot of SaaS financial systems need cloud security for SOX Compliance. And although SOC2 is for any Service Organization and not just cloud services, some really important Cloud Service Providers need GRC practitioners for assurance work on both the vendor and customer sides. I had AWS Certified Cloud Practitioner on an early version of GRC Cert Roadmap 1.0. I ended up cutting it though to keep it simple and to not have to add more for Azure or GCP shops etc. If you're interested in more info on "Cloud Native Compliance," definately check out the GRC Engineering youtube channel.
@cyberaddict10103 ай бұрын
@@cpatocybersecurity since the cisa and iso certs require work ex do you recommend sec+ instead of the cloud certs like sc-900?
@cpatocybersecurity3 ай бұрын
No right answer here but some thoughts to consider: writing the CISA or another widely recognized cert can be worthwhile before meeting the experience requirement because: you gain knowledge, demonstrate commitment, show that you can follow through on hard things, get an ATS hit with your resume that says it’s in progress. Cloud training is also great to get a better understanding of the underlying technology that needs assurance.
@cpatocybersecurity3 ай бұрын
It really depends on the job you’re targeting. If it’s an Azure shop with a cloud compliance need, Azure cloud certs would go a long way.
@cyberaddict10102 ай бұрын
@@cpatocybersecurity great! thanks for the clarity!
@umunnaugochukwu88243 ай бұрын
I currently want to pivot into grc cybersecurity.i am a banker right now what certifications can i do
@cpatocybersecurity3 ай бұрын
Security+ might be a good target. I just posted a GRC Certification Roadmap video you are welcome to check out. If you have any more questions, just let me know.
@mandelafoggie93593 ай бұрын
D 0es the GUI works on windows ?
@cpatocybersecurity3 ай бұрын
I wasn't able to find the answer from searching so I asked your question in the GitHub project discussion #421 github.com/danielmiessler/fabric/discussions/421
@user-tz7jq9sw4d3 ай бұрын
You may be able to get it to work using WSL (Windows Subsystem for Linux). I say may because at this rate I may upload all the source files to Gemini 1.5 and ask it to write up some decent documentation. The Readme's in the github repo are sparse and I learnt about the GUI by reading through the filenames in an effort to figure out what's what. Actually, I like my Gemini idea. Point Gemini to the folders and unleash the Kraken
@carsonjamesiv25123 ай бұрын
Good intel!
@cpatocybersecurity3 ай бұрын
Glad you think so!
@Mahobbotali3 ай бұрын
your presentation along with expression, is truly commendable. If you promote your video in your targeted audience and targeted locations, you can expect very good results day by day. It's proven as a digital marketer. Your videos need to have good organic traffic and engagement. However, after conducting a comprehensive analysis, I noticed there is room for improvement for your KZbin channel to get more visitors and subscribers. Your videos need to be well search engine optimized (SEO) for organic traffic and engagement.. Your video views are very low Compared to your competitors' channels. so you need to do organic video promotion So, what do you think about your channel issues? Or, what is your opinion about your channel issue? Or do you agree with me?
@rishabrao99473 ай бұрын
is CISA having more value than CISM ?
@cpatocybersecurity3 ай бұрын
It’s ranked higher on Cyberseek but I don’t think it’s a binary question. It depends on the specific job you are targeting and whether you have something else like the CISSP. CISM is very popular for GRC and I had it as a runner up.
@kazi13 ай бұрын
Thanks, great info.
@cpatocybersecurity3 ай бұрын
Thanks for watching!
@Cyber2a3 ай бұрын
Thank you for this wealth of information, I will be using it. I completed my Security+ training in February and afterwards completed a GRC mastery course by Unixguy on youtube. I was looking to take the IT Risk Fundamentals exam by ISACA as it seemed like a cert I qualified for as someone with no IT experience. Do you think it will be worthwhile to pursue?
@cpatocybersecurity3 ай бұрын
Great start with Sec+ and a GRC course! Before pursuing the next Education related task in your Career Development Plan, are there Relationship or Experience related goals/stretch assignments you think might be a higher priority? I have a CDP video and template on my blog you’re welcome to check out. Also I’d be happy to continue this discussion to more directly answer your question.
@user-sp8wu1lp1j3 ай бұрын
That's one of the great things about security - there's always opportunity and room to grow! Just don't get overwhelmed...
@cpatocybersecurity3 ай бұрын
Great tip! And mentors, networking, collaboration, structured learning, prioritizing areas of interest and realistic goal setting can help with the overwhelming scale and pace!
@toddwatts21783 ай бұрын
I'm a developer and I've customize fabric with advanced data piping with BASH coupled with custom Fabric patterns I wrote, mind blowing results.
@cpatocybersecurity3 ай бұрын
Awesome!
@tleonard75254 ай бұрын
Nice work Steve. You are also a wonderful member of the UL community. Thank you!!
@cpatocybersecurity4 ай бұрын
Hey the thanks is in this direction! You and company are pretty inspiring.
@MattGuenther4 ай бұрын
Great work, as always!
@cpatocybersecurity4 ай бұрын
Thanks Matt and great AI mentor conversation with Kevin Rose on your channel