In this episode of Cyber 909, host Den Jones introduces the podcast as a source of wit and wisdom in cybersecurity. He highlights the unique insights and stories brought by various guests. This episode features Mandeep Khera, who has a rich background in Silicon Valley, having worked at HP and various startups, and has been in the cybersecurity space for over two decades.
Mandeep Khera has been a senior global Enterprise Software/SaaS GTM and Technology executive for over twenty five years spanning various market sectors, including the last two decades in Cybersecurity. Winner of a top 100 marketer award, he provides a great combination of out-of-the-box marketing with a data driven approach. He has been a contributing editor for online security publications and was a chapter leader for the OWASP Bay Area chapter for a number of years. He is a board member of IDPro, a leading global non-profit industry association focused on digital identities, an advisory board member of R6 Security, focused on AMTD, and a board member of Gift of Adoption, a non-profit focused on helping parents adopt vulnerable children.
Narator:
Welcome to Cyber 909, your source for wit and wisdom in cybersecurity and beyond. On this podcast, your host, veteran chief security officer and Cyber Aficionado Den Jones taps his vast network to bring you guests, stories, opinions, predictions and analysis you won't get anywhere else. Join us for Cyber 909, episode four with Mandeep Khera.
Den:
Hey everybody. Welcome to another episode of Cyber 909, the podcast, which talks a little bit about cyber and life and leadership and all the other good stuff that help us make ourselves well-rounded professionals. We always have great guests. And today's episode I've got an amazing guest is Mandeep Khera. So Mandeep, why don't you introduce yourself just before I absolutely butcher your intro.
Mandeep:
Hey, no, thanks Den, and thanks for having me and it's been a pleasure to talk to you even before this. So I'm looking forward to our conversation. My background at a high level, I've been in Silicon Valley for a long time. I was a GM at HP for a software business unit, then moved into startups and then really, I've been a CMO moved into the cybersecurity space about 22 years ago. And so I've been A CMO for the most part for those two, two and a half decades. In between I've done iot and also I did some CRM software as well as A CMO. So it's been quite a journey.
Den:
Awesome. Yeah, I was going to say, so from a journey perspective, what do you think was the game changer that got you into the security space and ended up getting you here?
Mandeep:
Yeah, no, that's an interesting story. So my career started in finance, interestingly enough, so I'm a next CPA, moved into marketing and then like I said, I was a GM at HP and then did some CRM applications. And then after nine 11, actually 2001 timeframe, I knew that cybersecurity will continue to be a bigger and bigger piece over the years coming years. And that's where the trend was. So I actually wanted to, this was a very deliberate move. I wanted to move into cybersecurity and really joined IGN at that time and took a couple of lower roles or a couple of levels below what I was used to. But that was okay because I wanted to get into cybersecurity. I'm not that worried about titles. It is as long as you get the job done and you're passionate about something, it happens. So that's how I joined. And then after that, I've done all aspects of security from managed security services to identity and authentication, application security number of years in application security, network security, cloud security, email security. So I've covered the gamut at this point,
Den:
And you actually just touched on a really important little nugget for I think people going through their career, which was you decided at some point to take a role that was lower than the role you normally are used to because you're shifting over to a different industry or because from a reboot perspective, it just is a good opportunity. That's exciting and makes sense. So do you want to explain the mindset on why does it benefit some people in the industry to take a lower role? I got an opinion on it, but I'd love to hear yours.
Mandeep:
Yeah, I think anytime you want to make, if you are pivoting kind of dramatically, so in my case I was pivoting from a business application like A CRM into a cybersecurity, it's hard to go at the same level because people are going to say, well, you don't have any experience in cybersecurity. Why would I trust your, yes, it's transferable because it's all marketing, but everyone wants domain expertise. So I think from a career progression perspective, you have to be very conscious and you have to say, look, I'm going to take a hit here. I know, and it can be frustrating when you join initially because you probably are a lot more experienced than your bosses. And so that interaction can be frustrating sometimes because you're like, he's not understanding or she's not understanding. So that part is, so you have to go mentally prepare yourself and say, when I'm getting into this, I'm going to face those challenges, swallow your pride and go with it and just do your best as you can. So I think it makes a lot of sense if you want to dramatically change the industry to go into a lower level because it's easier to enter that way, but also because you're learning from the ground up and it'll help you longer term.
Den:
Yeah, I'm excited. We're four minutes in and already we've hit what I think of as one of the big career gems. A lot of people don't realize this, but you might be stale in the company you're in, so you could be a director or a senior manager or whatever, but you could be stale. You could be in a company that's not going anywhere fast,
And you could be one of those people that keeps talking about leaving and you never leave, and then you start looking at jobs and you're not seeing a job that's got the right title or the right pay. But I would say sometimes, and I've done this in my career, if you jump to another opportunity that is fun, invigorating, and with a great bunch of people, sometimes that's worth more than the money you're getting. I mean, I know we all need money to survive and stuff, but sometimes in your career you rebuild and you rebuild. And I've done that a few times. I love how you got there. So marketing and technology, there's a couple of things about your career. There's marketing and there's channel marketing. And from an outsider who's really just been on the purchasing side, I've been a practitioner buying stuff and having stuff marketed to me. I never knew the difference until I joined Banyan. But do you want to share first thing in tech? So in marketing, what do you think is a top challenge you've faced or that you think people are facing now?
Mandeep:
Yeah, no, that's a really good question, Jen. And I think obviously it's evolving and it's changing and a lot of it depends on the state of the economy as well, frankly. But CMO role specifically has become very turbulent over the last few years. It's in the middle of everything. Expectations extremely high, and budgets keep getting cut, especially in bad economy. And I think a lot of people frankly don't understand the impact of marketing and the depth of marketing. So the first line that people look at is, look, let's cut the marketing budget because that's the variable costs. That's where most of the variable dollars are. We want to improve our ebitda, let's cut that down. And then, hey, by the way, we still want the same amount of pipeline, same amount of booking coming from marketing. And that's not practical. And so sometimes you have to walk through the exercise with the CEO and the CFO and the board to explain why that's not going to work, but people are not willing to accept that. And I think that is the biggest challenge, which is how do you manage, prioritize things in a way that you can work for the lower budget and yet try to deliver as much of the pipeline and bookings as possible, but don't set unrealistic expectations because it's not magic. You can't just take a wand and say it happens. So
Make a challenge, especially right now in bad economy and good economy, everyone is fine. Hey, money's coming in. I think there's a little bit less pressure versus this economy.
Den:
I always say good leaders, you can't tell them between the shitty leaders under the good business economy, but when the economy goes downhill and there's a lot of stress on the business,
That's when you see the difference between a good leader and the rest of the crowd. Because I think a good leader knows how to sit with the CEO, sit with the board, sit with the CFO and explain how their business runs, and we can shave. Every C level I think is under that budget crunch when economies are negative. And I look at it like a good leader can explain and say, this is where we spend the money. We can pull these levers, and if I were just spend here, this will be the impact of that spend.
Den:
So
Den:
The reality is if you want pipeline to be good, and I watch this at banging a lot, if you want pipeline to be good, getting those meetings is because we've done five things before. And if you know the consistency and if you know the formula that's working for you, every business is different, then you know how to have that conversation and you can see the evidence. Hopefully you've got enough data coming in
Den:
That
Den:
Enables you to show the evidence to that board and the CEO.
Mandeep:
Yeah, it has to be data driven. And I'm sure, like you said, you can relate to this Dan, right? I mean, you've been in CS CSO positions. I think CSO positions are very comparable to CMOs in some ways because you guys have the same type of pressure, limited budget, but everyone expects you to stop all the attacks. If you get a tag, you get fired. So you guys are also under the same pressure, I would think.
Den:
Yeah. Well, it is funny when you start by saying about CMOs are under this pressure. I'm like, yep, that sounds just like a cso. The interesting thing is, I guess less CISOs are being fired because of a breach, because I think more CEOs understand that it's not a matter of if, it's a matter of when. I think more people understand that the ability to get breached regardless of how much you spend is always there because people in your company click links every day. If you're clicking links every day, then you're just playing Russian roulette. Now the interesting thing is we also have a legal obligation, which I think some CISOs, especially in public companies, that's where their job becomes very nerve wracking because maybe there's a possibility of being in front of some lawsuit or the probability of being threatened with CORE or whatever. So I think there's that pressure, but I've got to be honest, I just think at the executive level right now, the last five years with the economy being the way it is, it's just been increasingly hard to apply your trade in a way. You're not getting what you need to do the job,
And I think that just makes it frustrating. So for those who don't know, do you want to explain the difference between the channel marketing versus marketing to regular prospects?
Mandeep:
Yeah, no, absolutely. Channel is what is a channel. So channel is basically another way to sell indirectly, and it's a term that's been adopted, but if you think about direct sales, that's also a channel. I mean, it's basically, it's a sales channel, marketing channel, and channel channel, which is partner channel. So I think now channel has been associated with partners, which could include distributors, wires, resellers, MSPs, MSPs, and then if you want to throw in alliances in there, or you can have alliances separately depending on how you define it. But basically the idea is to sell indirectly versus through your direct Salesforce. And really the configuration changes, the parameters change, and how you go through those, that channel is very different. So in regular market direct marketing, you're trying to get prospects through events and webinars and digital marketing and all of that stuff, which is fine.
And then your direct guys are getting commissioned, your BDRs are qualifying the leads and all of that stuff happens with channel. A lot of those things happen except you are working very closely with the channel to enable them in lot of large, especially large customers, but a lot of mid-size, they work very closely with different channel partners, some big ones, some mid-size, some small ones, and their channel partners are considered your trusted advisors. So a lot of customers prefer that because channel partners can provide not only a specific vendor solution, they can combine multiple vendor solutions, provide integration services, provide support, all of that. So it's extremely important for vendors, software vendors and hardware vendors to work closely with the channel partners in the sense of not only, obviously you need to give them margins so they can make money, offer them new alternative ways of making money through professional services, for example, provide them support, enable them, train them, because if they know your product well and understand their value prop, they'll be able to sell much better for you. So they become an extension of really of your organization to go. So more feet on the street.
Den:
And I think as well, if you're selling to enterprises than you're selling directly to the architects, the engineers and the CIOs and the C CSOs and stuff, whereas the channel side of it is you're selling to businesses and enabling businesses to then sell to those customers. When I was at Adobe and stuff, quite often we'd go via VAR or si. Sometimes we'd go direct to the vendor. We'd usually, if it was a software vendor, we'd want to go direct for the paper for the legal side of it. But when it comes to the resale value or the discounts and stuff, sometimes it's about where we could get the best deal. You don't want to pay through the nose. Now, last marketing question, love to talk a little bit about that cybersecurity business, but in marketing. How do you think it's evolved over the last five years? I mean the pandemic hit us all and every industry got some level of evolution. So what happened in the marketing space?
Mandeep:
Yeah, been, like I said, it's been pretty turbulent last five years I think in every function, but marketing more so because the pandemic, a lot of people who used to do marketing at events, for example, all the trade shows disappear, so we had to pivot immediately to online. The messaging completely changed because everyone was working from home and remotely, so the security overall vectors went up. So everyone was rushing to basically change the messaging on that. And now we're starting to get back to normal, although you still have a lot of hybrid type of environment, which increases the security posture level as well, right? Security threats. So that's one aspect of it. The other aspect I think is marketing has become a lot more quantitative. So I always say quant versus qual. So you need both to be successful in marketing and stand out. The quantitative piece has gone up tremendously.
I think it's much more data driven. It's very ROI focused now. Everyone wants to say, what have you delivered every dollar you spend in marketing? Show me if you can deliver me at least six, $7 in final bookings, 15 to 20 times pipeline, that kind of stuff. So I think that pressure is there and now it's changing even more dramatically with the AI coming in. So now maybe a little bit too much hype, but the fact is that AI can provide a lot of content, which even though might not be perfect the first time, you can do chat GPT now to write white papers, first draft. So that's putting a lot of pressure on the headcount for marketing. So because people are saying, Hey, okay, I can use AI to improve productivity of my team, which is the right thing to do, but at the same time, people are also thinking I can do everything, which is a mistake. So I think we are going through that evolution now, which is a lot of extreme hype around ai, which is putting more pressure on marketing, and the budgets are still pretty low.
Den:
And one of the observations we had was in-person conferences after the pandemic were slow to return. But what was interesting was the regionalized conferences seemed to be pretty successful. And I think that's because a lot of travel budget got cut up from a lot of the big companies during the pandemic. They realized, we don't need to spend all this money on travel. We can still have a successful business. But for training your employees, I look at it, if you don't train your employees, if you don't look after them, they're not going to hang around. So training for me has always been a huge thing for the teams I've built, but these regionalized conferences, they seem to be doing well. And then the big ones, like the black hats and the RSAs and stuff, it seems like they're all getting back to normal. So I think some of that stuff is beginning to pick up, but what we really heard how people market and sell to customers is evolved. I'm not going to the conferences always buying stuff. I'll go to the conferences to network. I go to conferences to meet my peers and learn organically through that network. And sometimes I'll do some classes, but generally speaking, a lot of the classes you can do online anyway. So why wouldn't you do that? So in the security industry, I want to hear something positive, man. Can you tell me what excites you right now about the industry and where we're going?
Mandeep:
Yeah, look, I think there's a huge potential for security industry over the next decade or two decades because frankly, the attacks are not slowing down as we all know, and they're going to continue to increase. But what I'm really excited about is the impact of AI from a positive side. I mean, there's also an impact on the negative side, but I think from a security industry point of view, the vendors, the security professionals, we can leverage AI so much in terms of protecting ourselves. That's the exciting part. And I think, but again, not use as a buzzword but truly have a solution that's going to make a difference in the customer's environment in a very productive way. I think that is the exciting part that's coming. I think we'll be able to see a lot more new solutions that will come out that people will start pushing out. And I'm already starting to see some of those come out that I think will help the industry grow. I think it'll help solve the customer's real problems. So I'm very optimistic about AI in the overall security industry.
Den:
Yeah, no, that's awesome. I was going to say, I totally agree with you. One thing I still on, I'm going to say I'm on the fence in the sense of I think there's a lot of companies that are building AI solutions looking for the problem. I think there's a lot of companies that are solving problems in the background, they're using AI to solve them better, but I think there's a lot of funding, VC funding going into companies that they're still figuring stuff out. But I am really excited about where it goes. And as an example, when we produce this show, we use an AI tool to actually do all the transcription. So we let it listen to the thing and then it'll come up with the text and this the that. So I don't think the accent trips it up too much, but sometimes my accent doesn't help these tools, but they're getting there. Okay, so conversely, what concerns you the most?
Mandeep:
I think just the buzzwords, right? I think vendors are using all kinds of buzzwords just to get through to the prospects. And when I talk to CSOs, their one number one frustration with vendors is if you go to their website, if you talk to their sales reps, they all say the same thing. It's like, and then they have these gigantic promises. We'll help you protect the entire environment. What does that mean? You have a magical solution. That I think is the unfortunate part. We have lot of 3000 security cybersecurity companies now. If you walk through RSA or Black Hat, they all have the same message. We'll help you stop attacks and stop malware. We'll help you stop ransomware. Well, you haven't told me anything. I mean, every single website is saying the same thing. So what are you specifically doing to solve my value props?
I think vendors have to get rid of the buzzwords, really be very clear on to how you're going to solve the problem. So that I think is one of the downside. The other one is, I'll flip the same thing, AI again. So we know hackers are actually already on top of all the AI technology to produce tools that they can use to hack. For example, for passwords, the past GPT was one of them. So that's going to proliferate. I mean because hackers, that's what they do. I mean, that's their full-time job, so they're going to continue. So that's why I think the industry has to jump on it much faster, come up with the solutions to counter that because otherwise we're in trouble.
Den:
And we're actually, I think it's interesting. We've always played cat and mouse in the industry,
So I think we're still going to play cat and mouse with the advent of AI because the bad actors are jumping on it. Our vendors are jumping on it as practitioners, we're jumping on it, but the reality is still the game where they're going to try and attack us or going to try and defend, they're going to use more tools, they're going to get creative with their tools, we're going to be creative with ours. So I think the game just continues as the game always has. I don't see any magical change in the game other than the tools we're all using continue to evolve. They have always evolved, and our budgets have always been getting smaller and smaller. So the game never seems fair buzzwords. You mentioned buzzwords a few times now. Give me the one buzzword you're sick of hearing and why.
Mandeep:
I think as a CMO, there are multiple buzzwords that are not necessarily the best ones to use, but one is clearly AI ml, right? Everyone is using that without substance behind it. A lot of times that is obviously it creates a negative perception about it among prospects because they say, oh, I know the AI ml, right? It's like there's nothing behind it. So that's one. I think the other one is everyone uses NextGen right Now. In some cases it might be true, you are producing something NextGen and innovative, but I would say 80% of the cases it is not NextGen and it's like the old product new release and they're calling it NextGen. And that's such an overly used term that it doesn't mean anything anymore.
Den:
Yeah, I agree. I always love this question. I hate buzzword bingo. And literally, and you picked up on this and said it was just tell me how you're solving the problem, the problem you actually solve. You don't need to tell me you protect my whole company. We know that's bs. Just get straight down the brass tacks. What do you really do? And I think the problem, it became very evident to me at Banyan, which was I knew that our marketing team were explaining our stuff very well. I knew the sales pitch was very good. The problem is we just sounded like every other vendor out there. We do some zero trust, we do secure remote access, we do posture, we help with all the things that we do and help with, but at the same time, you could listen to 20 vendors all say the same thing. So what made us different? So that was always a struggle.
Mandeep:
Zero trust is something that you mentioned real quickly. I think that's another pet peeve of a lot of CISOs because a lot of these vendors come in and say, Hey, I have a zero trust solution for you. Well, zero Trust is not a product. It's an architecture. It's a concept that involves multiple things. And when you go into the CISO pitching that, it makes you look foolish. And I think a lot of CISOs are about that piece as well.
Den:
Yeah, and I always said, I've been doing this zero trust thing since 2017. My team at Adobe, we'd done a deployment, then we called it Zen, and then we refreshed in 2019 using Banyans platform. And then I went to Cisco and we used the DUO platform. And the thing is is you last 10 people, what they mean by zero trust? And you'll get 15 answers. And actually I speak with Chase Cunningham, Dr. Zero Trust, you could follow his podcast. He is always a sparkly character. He is no BS and he knows his shit and very smart. And I plan to have him on the show soon, and I was on his the other week. And I think the thing is, it's like I say, I've deployed zero trust, but the reality is you can speak to 10 people and they'll be like, no, Dan, that's not zero trust.
And I'll be like, okay, cool. It's kind of what we meant. So what I used to do when I'd go on stage and talk about it is I'd start off by defining what we meant by this thing and acknowledging the fact that it might not be the same as what John Kender actually said. It is not the same as what Google done at Beyond Carp. It's what we need to solve our business problems. So I'll always go back down to the whole thing, which is practitioners are paid to solve problems. Were not paid to deliver buzzwords and acronyms.
Den:
Exactly.
Den:
So I kind of leave it there, but I think from a marketing perspective, like you say, all these vendors just need to calm down a little bit and get back down to the basics of what do they do now. Okay. I think in the world right now, I hear a lot about problems that need more attention and why or what do we think the biggest problem is? I guess our biggest risk, there's identity, there's software development and the whole supply chain, and then there's API security, these three. Which one do you think is the most concerning and what brings you to that conclusion?
Mandeep:
Yeah, I would say probably identity. And the reason is I, so I spent a few years in identity. I'm also on the board of an association called ID Pro. The reason I say, I mean all three of those are important. I can touch on each of those, but identity about roughly 70 to 80% of attacks are happening at the credential level right now. So that alone should be a big alarm. And the reason for that is because it's easy. It's easier for hackers because traditional passwords have been vulnerable forever. I mean, we're still using sixties technology. I mean, simple text passwords started back in the sixties. And then even with PKI and multifactor authentication, it's still not working. You have MFA fatigue, so people are doing MFA bombing and exploiting. We introduced at SecureAuth when I was there, passwordless authentication, which obviously is the biggest trend because why do you want to use passwords if you know who the person is?
So I think identity can get much stronger. I think people have to go out and implement those solutions in their companies, and that has not been happening. It's like less than 15 or 20%, even MFA, forget about passwordless and everything else. So that will continue to be the most vulnerable piece of the pie here. I think software development lifecycle clearly, and I was doing application security back in early to mid two thousands, and it was a big issue, and it still continues to be a big issue. I mean, the problem is it's easy to find vulnerabilities with these tools. You find them, but no one has the time to fix 'em because you have hundreds and hundreds of vulnerabilities you've got to prioritize and all of that. And then APIs is also now becoming a big part because a lot of third party APIs, which are well, and that is like a Trojan horse, but hackers can come in.
So I think all those three are important and people need to stop looking at the older solution, look at ai, but also look at more newer technologies, as I would call it. For example, A MTD, automated moving target defense. I'm on the board of a company called R six Security, and they offer a MTD solution, which basically is a proactive way of managing. So you're changing the configuration on the servers. So no one can, hackers cannot figure that out. So I think we just have to get more creative as an industry to think of a better solution.
Den:
And the API thing, so I look at identity. I mean, I've been in the identity game since the early nineties of recovering novel admin. So for me, I learned through the novel world, and I look at this, how come 30 years later, we're still struggling to secure identities. It is the fundamentals and the basics of security and running IT services. So it baffles me that people still struggle with this. And when we were doing, and go back to our zen stuff at Adobe, the device has an identity. The user has an identity machine accounts have identities, APIs and identities. It's all identity and access management. And then you get the privileged identities. And when you use some security intelligence, you'll notice that these identities don't deviate from their behavior very often. So. So one thing, and we're getting a bit of noise in the background.
Mandeep:
Yeah, unfortunately my gardeners have come at the wrong time.
Den:
Oh, that's awesome. Well, we've got a couple more things. How do you see the role of the CISO evolving over the next couple of years?
Mandeep:
Yeah, I think CISO's job, as we talked about earlier, it is become more stressful than ever because of the pressure. I think the job is going to take more of a business role more and more, meaning you want to make sure the CS CSOs are involved in the business decisions. They have a seat at the table in terms of, for example, when you're as a company, you're looking at digital transformation. CISOs need to be a critical part of that because you can't do digital transformation without worrying about cyber attacks and how to streamline it so you don't inconvenience the user, but at the same time, you're protecting your environment. So I think that's how CISOs will have to think differently in terms of not just a technical executive, but business executive. And I think that's already happening, and I'm sure you saw it in your role, but I think it's going to happen more and more.
Den:
Yeah, I think anybody with a C title should be participating in the business decisions. If you are the executive, if you report to the CEO O and I think CSOs or CSOs should report to the CEO, if they're serious about security in the company, then it is a business role because ultimately you're still responsible as an executive to help the business move forward. Not just worry about security, but how do you also help go to market? How do you help with the partner with the CFO and what prudent looks like within your spend for the organization? So I think there's a lot of opportunity and why not grow your career and become a business leader that has a security background and that other responsibility. I'll rephrase it. Primary responsibility, security, secondary support, the business, I dunno, somewhere in the middle there, intermingled. Yeah. And I mean, they are really intermingled roles, but if you don't see yourself as a business leader when you're the c-suite, then you're probably not in the right role roll. Okay. So we're up on time, but I want to wrap up with a couple of audience takeaways. So if you had one piece of advice for tech founders, what would that be?
Mandeep:
Just simple one word. Resilience. I think as startups are really raising a baby from the movement they're born. So I think it's resilience, patience, learning are all part of all of that stuff. And I think you have to be tough as a nail and know that it might take 2, 3, 4 years before you're successful. And don't be afraid of failures because you have to and ask for help. I think a lot of people are willing to help. People are afraid to ask. And don't be afraid. Ask anyone. I help multiple companies even when I'm not involved with them. I think ask for help and just get tough basically.
Den:
Yeah. Yeah. It's not for the faint hearted. And then, okay, marketing people, if they could stop doing one thing, if they could start, if could do one thing differently, what would it be?
Mandeep:
Yeah, I think they need to prioritize like crazy. Especially in a tough environment. You can't do everything. You have to manage within the budget and be more productive. So stop going after chasing everything and everyone know your target very clearly. And then have very focused strategy. Use channels. Do customer marketing for install base, but stay focused and don't get distracted with all the shiny objects because that's going to take you down the wrong path. So that would be one advice for sure. And then second would be leverage AI where it extends in practical way. Don't waste your time, but it can help you make productive.
Den:
Yeah, certainly start learning where AI can help you. Right. I mean, that's a good one. Okay. I'm going to wrap up with the last one for you. I talked to a lot of junior security people in their career, give them mentoring and guidance. What would be one bit of advice for a new person in the security world? What do you think they need to think of?
Mandeep:
Yeah, I think there's so many different areas of cybersecurity. So my advice would be to pick the area that you're passionate about, whether it's application security or email or cloud or network, or if I were them starting now, I would go after the AI piece of it. How do I focus on that as much as possible while broadening my skillset in terms of all the security terminologies and paths. But I think that's just pick one area that you can double down, triple down on while covering the other areas broadly, but really and focus on that and learning. And again, continue to evolve and continue to work on projects and help out different companies, get on advisory board or help startups even for free, that gives you a lot of valuable experience that you can never get.
Den:
Yeah, I think that's awesome. I would also add that'd be, hey, network, network and network. Start building your network. I look at it like we never achieved success alone. And you mentioned that about people reach out, be helpful, and don't be scared to ask, right? So the reality is you got to build your network.
Den:
Hey,
Den:
So mane, I really appreciate your time. Thank you very much for coming on the show. I guess if people want to get in touch with you, what would be the best way?
Mandeep:
I think probably LinkedIn is the easiest way to get hold of me. I'm on there and always posting things and interesting things, so you should check it out and just reach out. But I really appreciate you taking the time and this has been, I really enjoyed the conversation, so thanks for the opportunity. Thanks.
Den:
Thanks Mandeep. We'll catch up soon. Take it easy. Take care. Thanks everybody.
Narator:
Thanks for listening to Cyber 9 0 9. Subscribe wherever you get your podcasts, and don't miss an episode of your source for wits and wisdom in cybersecurity.
.svg){kind=icon}