Jack Koziol, Founder & CEO of Infosec – Cybersecurity Interviews

Jack Koziol, Founder & CEO of Infosec, they specialize in fortifying organizations and their employees against security threats with award-winning security and privacy education. Recognizing cybersecurity is everyone’s job, they provide skills development and certification training for IT and security professionals while building the entire workforce security aptitude with awareness training and phishing simulations. Recognized as a Gartner Peer Insights Customers’ Choice for Security Awareness Computer-Based Training, Infosec is also a Training Industry “Top 20 IT Training Company” and the Security Training & Education Program Gold Winner in Info Security Products Guide’s Global Excellence Awards.

You initially began working cybersecurity at Harris Bank back in 2003, what did your work entail and how has the industry shifted since?

I was the only cybersecurity professional working at the bank in 2003. We had other cross-functional roles at our corporate parent, BMO, but I was the only full-time employee dedicated to cybersecurity at that time. Changes in technology — and their associated risks — have dramatically impacted the industry since my time at Harris Bank. Cybersecurity budgets and team sizes have increased by at least tenfold to keep up with the cybersecurity threats targeting the financial services industry. What I was assigned 15 years ago as an individual contributor is now likely managed by a team of over 100 cybersecurity professionals.

While you were working at the bank you published “The Shellcoder’s Handbook”, one of the first books on ethical hacking. What was your mindset at the time of writing this book?

When I wrote the book, the primary forum for exploit-related information sharing was a mailing list called BUGTRAQ. The Shellcoder’s Handbook made this somewhat arcane information more accessible by sharing it with a much wider audience in an easy-to-understand way. So many people at that time wanted — and needed — to learn about exploit writing. I knew I could teach others how to write software exploits with hands-on examples from my own experience. Selfishly, I also wanted to get out of working for the bank and take my career in a different direction.

Could you share the genesis story behind Infosec?

It all started after I published The Shellcoder’s Handbook. Its popularity drove needed interest and awareness of ethical hacking and software vulnerabilities, leading to multiple requests to teach boot camps on the software exploits covered in the book. I used vacation time to teach a few courses but eventually ran out of PTO, so I quit my day job at the bank and spent the next couple of years traveling around the world teaching people with corporate jobs how to hack. It was quite fun.

During that time, the software industry exploded. New tools and platforms introduced more security risks, which lead to an even larger need for cybersecurity training. And as cybercriminals expanded targets from software to include software users, the demand for role-based, scalable cybersecurity education skyrocketed.

It was at that point Infosec scaled our educational services via software as a service, and developed the world’s largest cybersecurity education platforms, Infosec Skills and Infosec IQ. Both platforms provide role-relevant, hands-on training to the entire enterprise to empower employees with the knowledge, skills and confidence to outsmart cybercrime. Today, more than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent and teams, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness and phishing training.

Could you discuss some of the more popular cybersecurity certificates and courses that are offered by Infosec?

Infosec provides role-based cybersecurity education for the entire organization — from the accounting department to the SOC team. Since Infosec is…