Michael Bishop Jr.: Good, bad or indifferent. [Security] [Career Notes] - CyberWire Daily

Summary4 min read

CyberWire Daily Podcast Summary

Episode: Michael Bishop Jr.: Good, Bad or Indifferent. [Security] [Career Notes]
Host/Author: N2K Networks
Release Date: January 11, 2025

Introduction

In this episode of CyberWire Daily, host N2K Networks delves into the career journey of Michael Bishop Jr., a seasoned cybersecurity professional. Michael shares his transformative experiences transitioning from a military background to a pivotal role in cybersecurity at the Centers for Medicare and Medicaid Services (CMS). This in-depth conversation offers valuable insights into career resilience, the importance of mentorship, and strategic advice for aspiring cybersecurity experts.

Michael Bishop Jr.'s Military Background

Michael Bishop Jr. begins by recounting his extensive military service, which profoundly shaped his character and work ethic:

“I was in the army for 12 years. Joined right out of high school. I literally graduated on a Friday and then that Monday I was in basic training.”
[01:32]

He highlights the rigorous discipline and leadership skills acquired during his decade-long tenure as an infantryman, including a deployment to Iraq in 2005. These experiences instilled in him a sense of resilience and adaptability, essential traits for navigating the challenging landscape of cybersecurity.

Transitioning to Cybersecurity

The transition from military service to civilian life posed significant challenges for Michael. He candidly discusses the initial struggles he faced upon returning home:

“It was rough when I first got back. I, you know, resorted to the, to drinking a little bit and then eventually kind of sought help on it.”
[03:10]

A pivotal moment in his career trajectory was the mentorship he received from a military officer. This mentor recognized Michael’s potential and guided him towards the field of cybersecurity:

“He said, you need to look into doing cybersecurity. I was like, computers are cool, but I don't know.”
[04:00]

Encouraged by his mentor, Michael enrolled in a rigorous cybersecurity training program at the University of Maryland, Baltimore County (UMBC) Training Center. Despite initial self-doubts, his performance impressed the instructors, leading to his acceptance into the program.

Overcoming Challenges and Personal Growth

Michael speaks openly about the personal hardships he endured during and after his military service, including a divorce and substance struggles. These adversities, however, catalyzed his personal growth and newfound appreciation for his career:

“The things that I've gone through, good, bad or indifferent have made me or gotten to me to where I am today. So I don't think I would change anything.”
[06:00]

His journey underscores the importance of perseverance and seeking support during tough times, ultimately leading to a fulfilling career in cybersecurity.

Advice for Aspiring Cybersecurity Professionals

Drawing from his diverse experiences, Michael offers strategic advice for individuals aspiring to enter the cybersecurity field:

Define Your Path:

“Figure out which route you want to go, because you can get all the certifications you want if you don't know which route that really you want to go in.”
[05:20]

He emphasizes the necessity of identifying a specific area within cybersecurity—be it security, help desk, or networking—before pursuing relevant certifications. This focused approach ensures that efforts are aligned with career goals.
Leverage Certifications Wisely: Michael mentions COMPTIA certifications as valuable credentials that can bolster one's expertise in chosen specialties. For instance, certifications like CySA+ can be instrumental for those targeting security roles.
Embrace Continuous Learning: Recognizing the ever-evolving nature of cybersecurity, Michael advocates for ongoing education and adaptability to stay ahead of emerging threats and technologies.
Value Mentorship: Michael’s own experience underscores the profound impact that mentorship can have on career development. Seeking guidance from seasoned professionals can provide direction and support during transitional phases.

Current Role at CMS

Today, Michael serves as a Senior Security Officer at the Centers for Medicare and Medicaid Services, where he is responsible for safeguarding sensitive data and ensuring the integrity of digital assets. His role involves:

Account Management: Overseeing user access and permissions to maintain secure systems.
Incident Response: Quickly addressing security breaches to minimize impact.
System Monitoring: Continuously observing network activity to detect and prevent potential threats.

Michael’s military-honed skills, coupled with his cybersecurity training, make him adept at managing complex security challenges in a high-stakes environment.

Conclusion

Michael Bishop Jr.’s narrative is a testament to the power of resilience, mentorship, and strategic career planning. His journey from the military to a pivotal cybersecurity role offers invaluable lessons for professionals across industries. Aspiring cybersecurity experts can draw inspiration from his story, understanding that with determination and the right guidance, transitioning into and excelling within the cybersecurity field is entirely attainable.

Notable Quotes:

“I was in the army for 12 years... that kind of made me the person I am today.”
[01:32]
“He said, you need to look into doing cybersecurity. I was like, computers are cool, but I don't know.”
[04:00]
“The things that I've gone through, good, bad or indifferent have made me or gotten to me to where I am today.”
[06:00]

Key Takeaways:

Resilience is Crucial: Overcoming personal and professional challenges can lead to significant personal growth and career success.
Mentorship Matters: Guidance from experienced mentors can be pivotal in navigating career transitions.
Strategic Planning: Clearly defining career goals and pursuing relevant certifications can enhance professional development in cybersecurity.
Continuous Adaptation: The dynamic nature of cybersecurity necessitates lifelong learning and adaptability.

For those interested in learning more about Michael Bishop Jr.’s career and insights, tuning into this episode of CyberWire Daily is highly recommended.

Loading summary

Transcript4 lines

[00:02]
A
You're listening to the Cyberwire network, powered by N2K.
[00:12]
B
And now a message from our sponsor. Zscaler, the leader in cloud security. Enterprises have spent billions of dollars on firewalls and VPNs. Yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Zscaler Zero Trust plus AI stops attackers by hiding your attack surface, making apps and IPs invisible. Eliminating lateral movement. Connecting users only to specific apps, not the entire network. Continuously verifying every request based on identity and context. Simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@zscaler.com Security.
[01:32]
C
My name is Mike Bishop and I am a senior security officer at Centers for Medicare and Medicaid Services in the high glass accounting sector. I am a army brat. You know, growing up watching my dad, I always wanted to be in the army. And then of course my granddad was an army veteran as well. That's what I became when I graduated high school. I was in the army for 12 years. Joined right out of high school. I literally graduated on a Friday and then that Monday I was in basic training. I was an infantryman for at least 10 of the 12 years in which I deployed to Iraq in 2005 for a year. So that was an interesting time in my life. It kind of made me the person I am today, though I don't fear as much as I might have when I was younger. I don't know the people that I did get to meet, the younger kids or even though we didn't always talk the same language, we had an interpreter, you know, you still got to meet other people in the villages. I buy, you know, Cokes or candy bars from the young kids. It was definitely different. It was rough when I first got back. It was a rough time. I, you know, resorted to the, to drinking a little bit and then eventually kind of sought help on it. So it kind of helped me out. It's hard to explain, you know, I just, it was rough for me when I initially came back. And of course I went through a divorce too shortly after I came back. So that didn't help, you know, that was. Man, that was a long time ago. So I've grown because of all that experience. Though it was hard going through deploying and transitioning back. I've grown more of an appreciation for the world and the things that I do. So I try to make the best out of everything now. It took me over a year before I finally got a job, but in between that, I had a very good mentor that I had met in the military. He was an officer, and I was one of his enlisted guys, and we had a good relationship. I actually taught Army ROTC at Johns Hopkins with him, and he knew that I was kind of struggling after I got out. So he said, you need to look into doing cybersecurity. I was like, computers are cool, but I don't know. So through him being my mentor and just being a great guy, he pretty much got me into this cybersecurity training or at least forced me to at least apply. So that that kind of helped me to transition to where I am today. It was a challenge, but I saw it as a challenge that I wanted to take on, and I wanted to be the best that I could at it. So when I went to UMBC Training center, they actually, since it was an intense program, they had us take like 11 different tests to judge us on if we were able to actually succeed in this course or have the ability to. And after I took it, I was like, man, I think I did horrible at these. I didn't even know what I was doing. And then of course, they talked to me later and said, you actually did pretty well, that the ones that you didn't do well on is kind of expected because you had no IT knowledge or any idea, but the stuff that you really did do well on were impressed. So they accepted me into the course. My advice is to figure out which route you want to go, because you can get all the certifications you want if you don't know which route that really you want to go in. So you got your security, you got your help desk, you got networking. You got to figure out what you want to do and then go for those certifications or in that route. COMPTIA has, you know, list if you want to go security, which security? Plus CYSA plus you got to figure out which route you want to go. It's sometimes hard for me to describe it because I normally just tell them, hey, I create counts, reset passwords, and I make sure that people aren't supposed to get into the system that should get into it. The things that I've gone through, good, bad or indifferent have made me or gotten to me to where I am today. So I don't think I would change anything. Foreign.
[07:07]
A
Supply chain attacks and zero day exploits can strike without warning, leaving your business's sensitive data and digital assets vulnerable. But imagine a world where your cybersecurity strategy could prevent these threats. That's the power of the ThreatLocker zero trust endpoint protection platform. Robust cybersecurity is a non negotiable to safeguard organizations from cyber attacks. ThreatLocker implements a proactive, deny by default approach to cybersecurity, blocking every action process end user unless specifically authorized by your team. This least privilege methodology mitigates the exploitation of trusted applications and ensures protection for your organization. 247365 IT professionals are empowered by ThreatLocker application allow listing, ring fencing, network control, and EDR solutions, enhancing their cybersecurity posture and streamlining internal IT and security operations. To learn more about how ThreatLocker can help mitigate unknown threats in your digital environment and align your organization with respected compliance frameworks, visit threatlocker.com.