Marketing, personal branding, and networking for cybersecurity careers with Gary Piper

Tom introduces a delayed Cybersecurity Recruiter Podcast episode with Gary Piper, Marketing Director at Black Talon Security, and outlines Gary's career from graphic design and creative leadership into cybersecurity marketing.

Gary discusses the growing need for clear cybersecurity marketing, emphasising the importance of understanding a company's story, purpose and differentiators, while learning technologies well enough to communicate them effectively.

He also shares lessons from a layoff in 2018, including the importance of keeping your CV and portfolio updated, staying aware of market opportunities, and continually building relationships with recruiters and your network.

For personal branding, Gary recommends understanding what motivates you, highlighting what makes you different, and being willing to experiment with new platforms and approaches. He also discusses the importance of emotional intelligence, mentorship, communication skills and face-to-face networking.

Reading/learning recommendations from Gary:

• Crucial Conversations: Tools for Talking When Stakes Are High by Kerry Patterson, Joseph Grenny, Ron McMillan, and Al Switzler which is a program focused on handling difficult conversations, conflict resolution, and communication.
• Situational Leadership by Ken Blanchard, a leadership course about adapting leadership styles to different people and situations.
• Co-Active coaching training developed by Henry Kimsey-House, Karen Kimsey-House, Phillip Sandahl, and Laura Whitworth focused on active listening and professional coaching skills

00:00 Late release intro

00:49 Meet Gary Piper

02:14 From design to cyber marketing

03:36 Explaining cyber to buyers

06:03 Breaking into security

07:12 Networking that pays off

09:20 Staying job market ready

12:42 Personal branding basics

17:39 Brand building takes time

25:10 Healthy conflict at work

26:54 Communication over tech

27:42 Scaling team leadership

29:25 Should you lead?

31:00 Managing personalities

33:10 Remote work reality

36:37 Active listening coaching

38:06 Finding great mentors

40:12 Industry community vibes

41:50 Events and cyber risk

45:19 Recruiting meets marketing

47:01 Security marketing pitfalls

48:19 Final wrap up

Craig Adams on Building Security Products: Why Me/Why Now, AI-Driven Remediation, and Extreme Ownership

Tom chats with Craig Adams, Chief Product Officer at Rapid7 and Board Member at Peak Metrics.

Adams describes himself as a builder, focused on driving revenue growth through technology by avoiding innovation that isn’t leveraged and by anchoring product strategy in “why me, why now,” plus strong execution.

They discuss how AI has improved risk identification and verdicting (e.g., faster pen-test-like assessments) but has worsened alert volume, shifting cybersecurity’s center of gravity to remediation and response, including granular, agentic actions beyond traditional SOAR rules. Craig discusses how rapid industry change shortens roadmap planning to roughly nine-month increments, and he shares hiring priorities: attitude, work ethic (intensity), and intelligence defined as curiosity. They cover mission-driven teams, repetition in culture, EQ over IQ in leadership, and Craig recommends the book “Extreme Ownership,” emphasizing ownership paired with action and learning.

00:00 Welcome and Friday Vibes

01:06 Craig Adams Background

01:51 Builder Mindset and Growth

03:05 Why Me Why Now

05:39 AI Finds Risk Faster

07:19 From Detection to Remediation

09:53 Completing the Workflow

13:36 Roadmaps in Rapid Change

15:52 Hiring for Curiosity

20:24 Humans Still Do Analysis

22:56 Disruption and Services Future

25:41 Mission Driven Teams

30:32 Repetition and Culture

33:19 EQ Over IQ Leadership

AI’s Impact on Cybersecurity: SOC Automation, GRC Limits, and the Rise of Boutique Advisory

Tom welcomes cybersecurity veteran Dave Cronin, founder of Mission Security and vCISO/Head of Cyber Services with CyberTrust Massachusetts, who recounts his path from technical roles and teaching ethical hacking to senior leadership and nuclear compliance work across U.S. power plants.

They discuss AI as a pivot point in cybersecurity, accelerating both defense and attacks, including uncovering long-standing vulnerabilities. Dave argues AI is rapidly replacing repetitive SOC/MDR Level 1 triage tasks, contributing to consolidation, while human judgment remains critical for response actions and for gray-area domains like GRC where politics and control tradeoffs matter.

They cover market pressures from private equity, ROI scrutiny, workforce cuts, and CISO role changes, alongside increased demand for go-to-market, customer success, and relationship-driven services. Dave advises embracing AI, learning prompting, specializing skills, and he describes helping small organizations and municipalities with compliance needs such as CMMC.

00:37 Dave Cronin Background

02:10 Nuclear Compliance Stories

04:51 Ethical Hacking Roots

06:10 AI Finds Old Flaws

06:31 SOC Automation Impact

11:12 Human Relationships Matter

13:23 GRC and AI Limits

14:59 AI ROI and Cost Cuts

17:37 CISO Role Shifts

20:56 Future of MDR Vendors

22:37 Anthropic and Legal Disruption

23:28 AI for Legal Tasks

24:51 Who AI Disrupts Next

25:08 Future Proof Security Roles

26:21 Go To Market Surge

26:49 Human Service Comeback

28:24 Career Advice Embrace AI

29:36 Prompting and Learning Tools

31:27 AI Clones and Trust

33:54 Day Job Mission Security

35:04 CMMC Compliance Reality

38:42 Small Teams with AI

40:15 Layoffs and AI Washing

42:09 CISO Pay Compression Risks

43:02 Closing Thoughts