welcome to the Cyber rants podcast where we're all about sharing the Forbidden secrets and slightly embellished truths
about corporate cyber Security Programs we're ranting we're raving and we're
telling you the stuff that nobody talks about on their fancy website and trade show giveaways all to protect you from
cyber criminals and now here's your hosts microtondo Zach Fuller and Laura
Chavez hello and welcome to cyberance podcast this is your co-host Zach Fuller joined by microtondo and lauro Chavez
and today we have a special guest Camas Freeman Camas thank you for joining us appreciate you uh you joined us on the
show today yeah thanks so much for having me we are going to dive into how
to find and more maybe more importantly retain cyber security and I.T Talent
this is canvas is an expert in this we're going to dive into that we talk about that off and on throughout the
various episodes in our show show because it is so important and so many companies are struggling with it this is
the first time we've had somebody who's truly an expert and helped many many many companies in this area so we're
going to dive into that here shortly but before we do Mike Will you kick us off with the news good morning and welcome
to the news uh T-mobile if you haven't don't recall they had a data breach uh they're about to cough up 500 million
dollars over the 2021 data breach just under a year ago T-Mobile admitted a data breach after personal information
about its customers offered for sale on the dark web at the time Vice magazine claimed to have communicated with the
hacker behind the breach fly online chat and have been offered T-Mobile USA full customer info that is social security
number phone numbers names physical addresses IMI IMEI numbers driver's license
information motherboard has seen samples of data and confirmed they contained accurate
information on T-Mobile customers apparently more than 75 million people were affected the breach though with the
standard payout listed by router routers at 25 per person but the letters get 105
million so you know that makes it all fair Kansas MSP shuts down cloud services to fend off Cyber attack a U.S
managed service provider net standard suffered a Cyber attack causing the company to shut down its my apps
anywhere cloud services consisting of hosted Dynamics GP exchange SharePoint and CRM Services while the company says
that only the my apps anywhere services are affected the attack appears to have a broader impact with the company's main
side shutdown as well fishing attacks Skyrocket with Microsoft and Facebook as most abused Brands big surprise phishing
attacks resume in Earnest with criminals doubling down on Fake Messages abusing popular brands compared to the year
prior Microsoft Facebook and for some reason French Bank credit agricole are
the top of used brands in attack according to a recent study according to the report by researchers at vaid which
is a cyber security research company phishing attacks abusing the Microsoft brand increased by 266 percent in the
first quarter of 2022 and fake Facebook messages are up 177 in the second quarter
the study by analyzed unique instance of phishing URLs used by criminals carrying
out phishing attacks and not the number of phishing emails associated with URLs the report tallied the 25 most commonly
targeted companies along with the most of these industries in days of the week of phishing email
dovetailing off that LinkedIn phishing target employees managing Facebook ad accounts a new fishing campaign code
named ducktail is underway targeting professionals on LinkedIn to take over Facebook business accounts that manage
advertising for the company The Operators of ducktail have a narrow targeting scope trying to find people
who have admin privileges on their employees social media accounts third actor reaches out to employees on
LinkedIn who could have Facebook business account access for example people listed as working in digital media or digital marketing as part of
the conversation with the potential Target the threat actors use social engineering and deception to convince
them to download a file hosted on legitimate Cloud hosting servers like Dropbox or iCloud Windows Adobe zero day
used to deploy Subzero malware Microsoft has linked to threat group known as notweed to an Austrian spyware vendor
also operating as a cyber mercenary outfit named d-s-i-r-f I don't know if that means
something in Austrian that targets European and Central American entities using a malware tool set dub Sub-Zero
dsirf promotes itself as a company that provides information research forensics and data-driven intelligence Services
corporations however it has been linked to the development of subzero malware that customers can use to hack targets
phones computers network and internet connected devices
um the primary Subzero payload has many capabilities including key logging capturing screenshots
excelling data and running remote shelves and arbitrary plugins down from the CNC server real quick digital
security giant entrust breach by ransomware a little scary giant interest and
confirm that suffered a Cyber attack where threat actors breach their Network and stole data from their internal systems interest is a security free firm
focused on online trust and identity management depending on what data was stolen this could this attack could
impact a large number of critical and sensitive organizations this list includes U.S government agencies
Department of energy Department of Homeland Security Department of Treasury you get the idea hacker scan for vulnerabilities within 15 minutes of
disclosure this means a lot to any uh Network admin out there system admins have less time to patch disclose
security vulnerabilities that pre than previously thought as a new report shows hackers are constantly monitoring
software vendor bulletin bulletin boards for new vulnerability announcements they can leverage for initial access to a
corporate Network or perform remote code execution the 2022 attack service
management threat report found that attackers typically start scanning for vulnerabilities within 15 minutes of a
cve being announced then within hours the First Act of exploitation attempts are observed often hitting systems that
never had a chance to patch Palo Alto uses unit 42 as one to compile
this report presents the recent F5 big-ip product flaw that was announced
in May apparently within 10 hours there were 2500 plus scanning and exploitation
attempts so with that uh Laura what do you got man good stuff Mike I appreciate the
news it reminds me of a time when we built a Sandbox Network at a location and put a Windows Server a Windows 7
system online to the internet and it was compromised in 47 minutes so stuff
happens pretty quick out there um pretty quick so speaking of remote code execution if you are one of the
engineers out there that is that is using the remote procedure called python Library you might want to get off a
version of 4.2 all the way to six because there is a remote code execution for that Library
file so if you're out there you've got a remote procedure called being being powered by python make sure you're
upgrading to something Beyond version six and for everybody out there who
likes to do the Smart Homes and the Internet connected Internet of Things
Schneider Electric space Logics C bus home controller 5200 has a remote code
execution so if you've used the Schneider Electric space logic in any capacity in your home or your office
make sure that you're taking a look at that and upgrading off of version 31 because the current version that's been
recently released and previous versions are susceptible to this remote code execution so you could suffer arbitrary
code into some of your Internet of Things devices and possibly even denial a service or turning off things turning
on things like your air conditioner turning it off and hopefully you didn't hook your gas range to this SMART bus so
with that is exploits for this week Zach we're talking about how to keep your
professionals and how to attract professionals I'm excited we are I I'm just blown away by some of the news here
it sounds like cyber security is still a thing I guess huh it sounds like it and and you know before we dive in I did see
something this morning that didn't make it to Mike sheet that apparently an MSP has been compromised and a hacker is
saying that he's compromised the MSP and has access to over 50 clients that the
MSP provides services for nice yeah that's the first time right that's
first time that's happened probably this month sorry Michael are you saying well there was one that a big one that was
based in Florida that was over 3 000 clients so it's a it's a big deal it happens out there yeah um one of the
other things I didn't talk about which is in the headlines that we're going to post is that um one of the number one attack vectors is now fintech you're
getting a lot of very sophisticated phishing attempts from B of A City Corp uh Chase Bank that all look very
realistic be very careful about what you click on sorry I shouldn't have reset my password from that email yeah I wouldn't
have but you know as long as it's not the sound sector accounts that you're on your own right here oh you don't care
about my money just the silence like no not at all your good friend Mike I appreciate it yeah that's interesting
and I've also learned that we are the complete wrong business if those attorneys got 105 million from the
Verizon case um we're doing something wrong guys T-Mobile case T-Mobile case I'm sorry
let's move on let's get into something let's get into some constructive discussion here see if we can help those
organizations out there that are struggling finding and just as
importantly or maybe more importantly maybe more importantly retaining their talents and we have expert Candace
Freeman here of Stack Rock talent this is her bread and butter she is knows
this stuff inside and out and has a lot of very interesting Insight that I have
not heard from anybody else so I would like to introduce canvas canvas thanks
again for joining us we're gonna we're gonna bring you on in just a moment after a quick commercial break one even
more cyberance be sure to subscribe to the Cyber rants podcast get your copy of
our best-selling books cyber rants on Amazon today this podcast is brought to
you by silent sector The Firm dedicated to building world-class cyber security programs for bid market and emerging
companies across the U.S silence sector also provides industry leading penetration tests and cyber risk
assessments visit silencesector.com and contact us today and we're back with
Freeman Camas thanks again for joining us on the show glad to have you today yeah absolutely I'm excited to be here
hey would you mind start uh starting off by just giving the audience the millions
and millions of listeners I'm sure out there just some background on how you
know on not only what you're doing now but what was your kind of path and and finding that passion to doing what
you're doing today sure yeah I think uh probably like most
recruiters I didn't actually start out going into recruiting it's not like there's a college degree of recruiting
um I actually started out as an I.T project manager working at Hewlett Packard and kind of got connected with a
I.T Services Tech startup and as I was working with them I was the 20th
employee and as we grew and expanded I just kind of naturally became a really
good interviewer and identifier of good people but also had a talent for getting
those tech people interested in joining us um mostly because I really truly
believed in the company and what we were doing and it was just a really great experience so fast forward through uh
some other kind of Ventures uh in marketing and operations and Human
Resources uh the last job I had before I started my own I was head of Global
Talent strategy for kind of a bigger company 3.2 billion dollar travel
technology company where we were hiring about 1800 people a year and that really
uh kind of propelled me into this kind of Niche area where I just really fell
in love and and figured out that I was really ding good at which was
employer branding and recruitment marketing and how that impacts the ability to attract and retain great
talent particularly in Tech so yeah and then three and a half years ago
um I started went out on my own kind of with that same passion to help other companies really I love the
tech space I love Boise and that was kind of my I guess part about it was let
me take what I've learned on This Global level and how the companies hear locally
but of course since then it's expanded outside of Boise outstanding well that's um that's
excellent I mean and in 1800 or 1800 employees did you say a year right one
time that's that's a yeah that's a big lift so yeah there was a call center component which is high volume too so
that's part of how that kind of was such a big number yeah wow well so we we talk
a bit off and on in the show about uh uh just the struggles out there with cyber
Security Professionals especially and and a lot of I.T as well I mean you look at their LinkedIn profiles and their new
at a new job every 12 to 18 months um what are companies doing wrong
you know I mean there's I don't honestly a lot of companies
um are doing it right I think because of the demand for the tech town I mean they are just in demand so they're getting
hit up by people like me all the time right um what I always kind of say is is a
company's first best recruiting strategy is their retention strategy right like
we don't want to recruit more we want to keep the people we have longer I never
think of it like we're gonna keep them forever because that's just unrealistic but if you just as you pointed out if
the average is 18 to 12 to 18 months how can we keep them 24 months right how can
we keep them a little bit longer that's going to save the company money you're going to have a better result because
they're working on the product longer um so figuring out what is going to keep
them and it's it's different for companies it's different based on whatever they're working on but it's
really up to the company to figure out what that is and the biggest I think fail I think companies have is not
finding out directly from their employees what that is what is a important to them they kind of all sit
in a room as a leadership and guess what employees want and try to put together what if we did this and I said wait a
minute did you actually ask the employees what they want and they're like no I mean couldn't tell you about
99 of the time that's the answer that I get and it's it's kind of one of those
things where it's pretty easy to ask the employees directly what it is they're looking for and I think what companies
find out is it's not often anything that's super expensive it's just
meaningful work challenging work I think companies miss that as an
opportunity to keep their top talent engaged is just giving them opportunities to do exciting challenging
work whatever that is and then of course other things too but those those are
kind of the the things that always stand out to me that are easy and free right you can ask a question and get a pretty
you know uh uh solid response or answer to the problem you're trying to solve
do you have any kind of um methodology or any tips you would share for those organizations when
they're going to ask their employees collect that information do you have any
any uh method of going about that so you make sure that you're getting the honest answers not the I you know some
companies may be too far down the wrong path and their their people may just tell them what they want to hear what
what's your advice on going about doing that to get the best possible insight yeah you know what what my Approach has
always been is to talk to the kind of core key teams direct
supervisor because they typically have that better insight about what they're
hearing from the employees um that's one place I go um and then I always think of okay who's
who are my best employees who are the people if I had 20 of them like we'd be killing it and I go ask them
um so for me it's a lot of direct communication larger organizations you
know they're probably going to run surveys and some of that data and that process is good but you have to actually
talk to people like it's it's you're not going to get that information and then also the other is having a third party
actually ask those questions like myself we do that too because that we're going
to get information that they're not going to get that we can get at because we're a third party right so there's
kind of multiple things it's not just one thing there is a uh test so you know
NPS and marketing right net promoter score well there's also a e net promoter
score which is an employer brand metric that you basically ask your employee
base one question would you refer our company as a place to work to your friends or family
and the second question is just like an open-ended like why or why not but that
score uh is very telling about specifically your employer brand as a
place to work both internally while you're asking your employees so from your internal employee base
so that's an excellent question to ask I mean whether you're using a system to do it or not just to ask you know and and
get that information that's really uh really good um what um what else can companies do to
kind of help themselves retain employees along especially in the tech World
um what other types of things because I mean it's money's great but as we see it's not all about the money right there
are a lot of com a lot of people that we talk to every day that make a ton of money and are miserable at their jobs so
what else would you recommend you know the number one thing that I hear uh and
I I mean it's not going to be a surprise is investing in good leaders and making
sure that whoever's managing those developers that you want to keep better
be really dang good because that is the biggest impact as to whether someone's
gonna want to make a move or not um and I think it is in my 20 years
whatever it is the most overlooked opportunity to do better retain
employees um that is not taken and I and also
even when you're placing people into those roles uh probably you've maybe
seen this in your career as someone's an outstanding individual contributor and they're like great you're so amazing
let's put you into this team leader leadership role with no training then they're expected to interview potential
new people they don't know how to interview I mean it's just a a like really missed opportunity that is one of
the number one causes of people wanting to make a change it makes a lot of sense I I heard it
reminds me of quote um the uh most people don't leave their jobs they leave their managers yeah would you say that's
accurate I I would say absolutely I mean there's other factors too but
um I think consistently that's the number one thing and if I was a company
um one of the areas where I feel like people do not interview or consider for
when they're putting people into those leadership positions is uh self-awareness like the number one thing
in my 20-year career of what makes someone a poor leader is like lack of
self-awareness around their leadership or or their ability and we don't
interview for that right we just are like oh you're you're good you're whatever these you know kind of
charismatic aspects but we don't interview for that and that's something that I've seen really
cause a lot of problems do you do you have a a method or
something that's worked well I mean do you like the EQ scores or anything like that that you would recommend if you're
an organization looking for leaders what do you what do you need to look for yeah you know that's a great question I
get asked that a lot about assessments and these things and I'm probably not
the best person to ask because I've never used an assess at one time in my entire career because I just figured out
how to ask really good questions however not everybody has 20 years of experience
of asking figuring out how to dig out stuff right and so there are
um tools out there I just I don't haven't used them personally so I don't
know God yeah that makes sense but I I think they're worth I mean I think there's value in them I think what I've seen
people mistake is put a hundred percent weight in them and not consider anything
and I think that is also a mistake yeah and I could see you know it's a lot
easier to send out a link and say hey fill out this form than it is to actually sit down and talk with somebody
for an hour so um I could I could see that you know why a lot of companies lean so heavily on
them yeah um but um yeah that that that makes a lot of
sense I mean I think um there's there's there's it does seem to just be
a big disconnect and kind of what what employers I think a meet you know certainly Mike and Laura bring this up a
lot in some of our other episodes about what employers think that their team wants versus what they want especially
on the technical side um and I'd be curious to your thoughts because we we have
um a lot of times what we hear is the HR team is doing is trying to do the hiring
but they don't understand the job that they're hiring for at all in in most
cases and so it can be a real disconnect from what they're putting out there in in the the job market the ads and all
that stuff and what they're actually looking for in a person whereas when that person gets in to the technical
team they're not necessarily a fit or don't have the right skill set or whatever the case may be um are any recommendations anything that
people could do to better align their their search for technical people
specifically because I believe they're not it's not really a one-size-fits-all kind of approach
yeah I mean really just in general um the approach should be more like a
marketing lead generation effort right like we're we're kind of outwardly
um talking about things that we know our ideal candidate cares about so if I was
a CTO or a senior leader I would be posting content I would be talking about
things that that ideal candidate cares about because the number one thing we we
see is they want to know who that leader is that they're going to report it to
because that's what matters to them however a lot of tech people more now
don't post a lot of content they're not on video they're not accessible in fact
I see a lot of them I think because maybe they're getting hit up some by so many people like me they block their
ability to connect with them but what they're also doing is blocking potential candidates to connect with them too
right and so um I think you know from the HR perspective
actually going out and sourcing or pre-screening people things like that yeah I mean there's definitely ways to
work with the hiring manager uh to understand if they're going to be doing
that job what it is that they're actually looking for and what that sounds like what that looks like I mean
I don't know every technology I I mean we we're fairly new to cyber security
and so it's been but we know how to dig in to get what we need from the hiring
manager if the hiring managers aren't giving that time to their recruiting team that's a problem because I have to
understand like who you really are great a job description is great I don't even look at it I just ask the questions like
what are you really looking for what are those top three things you have to have um you know what does that look like
what kind of experience have they done what kind of projects have they done like it's just all this really in-depth
information so you don't have to be super technical to be able to get someone assessed
you know in that first round but what I also often see is the hiring manager is so busy they're not giving that time uh
to those people so that that's one um I guess kind of aspect of what could be
done better that I see consistently to help them get that first round of candidates that's better aligned
you mentioned um going touching on the LinkedIn portion and blocking people one of the
things I I know that you do differently is help leaders technical leaders and
Technology people in general brand themselves better so that the so that
candidates are attracted to them and I think that's that's interesting because going back to the people don't leave the
company they leave their managers and in many many cases probably the majority of cases people want to work with good
people and we've we've heard that as well from um people that we've hired
kind of on an intern basis and right emerging technologists they say you know
I really want a good Mentor I really want somebody who can help me grow in my
career and that is so so important to them so let's let's talk a little bit
about that about kind of that personal branding versus the corporate branding
and and why that helps people stand out yeah I always say if you're a good
leader and you're good company you don't want to be the best kept secret in this market right and what I find is there
are some really great people there's great companies but they're not talking about it so how would anybody know and
when these type of roles are so in demand um you're basically compelling someone
to leave the job they haven't come work for you so you have to be talking about things that are compelling to that
people right and how I find out about what's compelling is I again say who are
your top people like if you had more of those what would I go talk to them I say where do you spend your time online what
are you doing what do you care about who do you follow all these things and we target how we talk about things in that
way so what we've done in the past is we had a shy CTO we had to ramp up a tech
office in a very short amount of time and I we did the work to figure out and
we basically ran a campaign and made video video clips a long-term video but
it was all about him talking about his vision and where the technology was
going what that looked like how he ran his team um how he engaged with people what he
was looking for and it worked like we basically saved the company two hundred
thousand dollars in recruiting costs just by quitting you know that was part
of it but getting this guy out in front so that people could really see feel
connected to him to want to consider joining now they may have seen something
five six seven eight times you know kind of the marketing rule you know eight touches to conversion right eight to ten
touches it's the same thing with um hiring so the mistake is companies go
we need this role post a job well where's the eight to ten touches before that because your big going directly to
conversion without everything before it so those are the things that that these
leaders and the thing is they don't have to be great copywriters and all these
things because there's people that do that like we do that right like I get it like it's not comfortable I mean you and
I talked about that right like it's it's not everybody's skill set it's not even my skill set I mean figured it out but
there are ways to accomplish that and the thing is all these companies are always going to be hiring always going
to be hiring Tech Talent you need to constantly build that pipeline it's not a we need a job now everybody freak out
and we're gonna you know reactively go look for this person it's something you
do all the time so when you do have that role they've already seen you multiple times and they're like that that
person's awesome that's somebody I'd want to work for now I see they're hiring I want to know more
so those are kind of the strategies that you know I've used to to kind of hire
people in tough markets um for different companies and but
companies can do that on their own too
what I always found when um I mean this is all very interesting and I actually was scrolling through and we actually have a chapter on this in our book
um that we wrote when we talked about this but you know coming up to the ranks one of the things that I I always
found that caused me to move jobs was you're talking about management management does not have your back
is immediately jump why not why not take another 10 grand from somewhere else because
you know why why not um the other thing was that companies don't tell you out front what they
provide for you and they don't really take care of the employee and reinvest the employee and one of the key things that always was important as someone who
self-funded all of his certifications is pay for your people to get trained pay
for them to get educated pay for them to be able to advance their skill set but you have to keep go hand in hand and
keep their pay commensurate with their skill set because I find there's a lot of times you just got pigeonholed but
he's in you know infrastructure engineer for this is his pay range you know and and it's not nope not taking any account
skill set or anything of that nature so a company seems to be more flexible and understand cyber security Talent is
different than you know the exchange admin or whatever but it Talent is different than the accountant in the
clerical and those kind of resources so um you can't treat everybody the same
and I find that in a lot of big companies are that way um so I mean that's that's what I found and you know a lot of things I get the
early point in my my career you know company felt if they gave us pizza every day and you know had power beers in the
stock fridge we'd work ourselves to death well that's not really the case anymore so um you know I can buy my own pizza
thanks uh there's nothing like a skivvy Lumberg
non-technical good old boy network manager to make you leave your job like that is by far one of the number one
reasons that Mike and I I mean I could call I wouldn't even give you the um I wouldn't give you the
podium of populous to call out your dirty name sirs but we work for some we've worked for some terrible managers
and um I have a question for you so you know for for all of you Lumberg managers
out there on Cyber Seekers reporting 714 thousand
548 available cyber security jobs in the United States today
and Kamas my question is with the great resignation kind of this this
um this this new age kind of work walk out idealism and it's picked up a lot of steam with the Reddit uh subreddit uh
anti-work how do you how do you what message would you have for managers that
are kind of in that danger space of being so completely clueless they're
about to lose their team yeah so one of um
and it's it's starts so easy there's a lot of things but one of the best uh
ctOS I worked with um what it was about him is he cared
about people as human beings first and that was the foundation of it all and
that created a sense of loyalty and wanted to be a part of that I mean it's
just so crazy right like it it really is that easy
um and I think what what you said Mike was about um you know standing up for the employees I
mean you know managers are in a tough position because they're getting hammered on to deliver in different
things um but they their team just like any
team right you have a basketball team whatever you know whoever that person that leader is they they have to
have your back every single person has to feel like you are part of something that
um and they care about you as a person not as a worker and I I think just that
shift in mindset going from of course you know HP some of these um older
School mentalities of you should be lucky to have a job and how you get ahead as you you know work a million
hours a week and then maybe you're going to get this thing like that mindset is out the door that is no longer going to
work particularly coming the younger Generations coming up um they those people will lose
yeah if they don't shift that and it's there's a kind of an idea that they
think oh they just want all this free stuff and stuff and it's really not I mean are there people like that sure but
it's really not that they just want to be cared about as human beings first and what goes along with that
oh I I agree with that you know although um a generational difference here I'm older than Zach and lauro and I remember
managers hello how are you doing was a perfunctory um conversation they couldn't care less
just get your job done so um but that's old Generation stuff um that's when I was growing up so
um but yeah no I 100 agree with you there's a lot of well there's a lot of that going on still Mike you know I think I think
that's probably one of the most beautiful messages in this whole podcast is just treat your people like humans
and not like some statistic to get work done and I I see the um the common theme
on you know this anti-work you know kind of um you know uh uh uh movement I guess
is what you would call it is that that is the the foundational core message of why all of these individuals post up
their two-week notices and their correspondence with their bosses and their text messages with their bosses all of these managers are causing these
people to quit simply because they're not caring about them as humans first they're saying I don't care that your grandmother died you need to come into
work tomorrow you're scheduled to work and it's like how how can you be so
clueless in a in a world like we have today right but I mean it obviously it still happens in in
um it's obviously your loss will be some other company's great gain right right well yeah and that's the other thing is
that there are you know there is the mentality and I took this I was a mercenary when I started um I knew there was another job out
there so if I didn't like it manager took me off on Friday afternoon I'd go find a job on Monday not a big
deal just do it and then in this environment especially it's like that
um politics are also a big deal you don't want your technical people being involved in politics that's the manager's job he needs to protect your
technical people from that um so that's one of the big things as well although you know to talk about
caring for people you have to you can't swing so far as um I I read something about you know the
whole Twitter deal where you know they have a day of rest and Reconciliation every month you know or every week where
they the entire company takes a day off to be de-stressed you know that that's taking a little too far in my
perspective you should be able to handle five days a week so yeah there's definitely a balance
yeah or four tens is good too but during the Summers when you're yeah on the
weekends yeah it's really just about like flexibility that's the number one thing I hear they just want some
flexibility the rigidity of of you know kind of the the old ways the eight to
five button seat thing is no longer yeah and that's actually one of the things that we talk about in the
book as well is that um you know you get people that you know mid mid you know in
their late 20s early 30s that are starting family they want to go pick up their kid at school at two o'clock fine
let them do that let them work from home from three to seven you know or whatever if they you know you've got a millennial
who likes the game until two o'clock in the morning or whatever the generation after them is
um don't usually really need to come in and eight can you come in at ten you know that kind of thing there are those
those flexibility pieces because I mean honestly most of the work that I do especially documentation is done after
seven o'clock at night you know simply because that's when I feel like writing so yeah well I think the I think the
interesting thing is that you know we've had the capability for remote work since the early 2000s yeah
um we've just you know managers never wanted to allow it because they always believed that they had to have physical
access to the human to make sure they were doing their work and then we had the pandemic and now we've got this 20
year old technology all of a sudden that's letting everybody work remote and now nobody wants to come back to the office and you can't blame them right I
mean because now we've proven that we can be efficient and and handle priorities and and do project-based work
not having to be at the office yeah well um there's a lot of great stuff came
came out of today and one thing that struck my attention to is canvas when
you mentioned just the sheer cost savings I mean even if you're just a you know heartless heartless human being at
least look at the numbers you know yeah and just just look at what it costs you
to replace people and the the self branding I know a lot of technical people don't want to do the self brain
they don't want to step into that leadership role um you know improve their capabilities
there but there's so much power and again cost Savings in that just just do
it if you're out there listening to this and and you're not um I I think there's gold in that
approach Candace and there's I never really hear people talking about that at all so
um I appreciate you sharing that and um we're coming up on time here but any
last um words of wisdom for for the listeners out there or anything anything you would
leave them with yeah I mean uh I think I mean this is an
amazing space to be in and I think um if if you are a leader these are
all important things uh that we've talked about to focus on uh to retain
your teams and I don't really see it changing so it's kind of
um let's kind of get on board with doing the right thing and ultimately everyone's gonna be better off the
company the manager the employees so I think it's it's really important and the
hope is that when I reach out to people they say uh no I don't want to make a
move because I'm really happy but I'll tell you right now it's about 10 percent of the time so let's uh let's move the
dial on that I mean I'm saying that but I I know it can be better and I do care
about the employees and the candidates um so I think we can all do better yeah
and I think just uh that's not enough that throwing money at the situation is not the answer if you're in a miserable
working environment then it doesn't matter the amount of money that they're going to pay you you know it's why stay and be miserable
yeah yeah absolutely I um in the Army I got to work with a huge
number of people different leaders and I I came to the conclusion that there's two types of leader I you know my simple
mind kind of boiled it down to two types of leaders and there's the one type of leader is the leader that you really you
know you push hard for because you don't want to get crushed you're there's there's a Fear Factor there there's uh
you don't want to get in trouble because that can be painful the other type of leader is the leader that you don't want
to disappoint because you have so much respect and and gratitude and admiration
for that leader and then I I put them on one side of the the coin or the other and it makes a lot of sense because I
think those leaders that you do anything for because you don't want to disappoint those are the ones that those are the
leaders that people will stick around those are the ones that care about their people so um excellent excellent message canvas
how can people find you get a hold of you you people that need help in this area which there are a lot how can they
reach out yeah I'm on LinkedIn I spent a lot of time on there
um come to our website Stack Rock talent or email me directly canvas stackrocktalent.com
outstanding and we will paste your information in the web page show notes
for this episode so those of you listening jump on our website cyberancepodcast.com check out the show
notes there you'll have links and canvas information to connect so thanks again for joining
us hope everybody uh enjoyed this episode of the cyberance podcast I certainly did and
um there are just some great great takeaways from today so if you like the podcast please rate US share it around
get this information out there share it on social media whatever platforms you might be on and uh help us get the word
out I mean our goal here is really to protect the backbone of the American economy and our way of life and uh that
starts with the right information so that's our objective here is to get that information out that said yeah at
cyberancepodcast.com you can submit your requests for topics that you want to hear about in the future or questions or
anything of that nature check us out there and have a great day we will see
you on the next episode pick up your copy of the Cyber ads book on Amazon today and if you're looking to
take your cyber security program to the next level visit us online at www dot
sign Island sector.com join us next time for another edition of the Cyber rants
podcast [