AI or Not
Welcome to "AI or Not," the podcast where digital transformation meets real-world wisdom, hosted by Pamela Isom. With over 25 years of guiding the top echelons of corporate, public and private sectors through the ever-evolving digital landscape, Pamela, CEO and Founder of IsAdvice & Consulting LLC, is your expert navigator in the exploration of artificial intelligence, innovation, cyber, data, and ethical decision-making. This show demystifies the complexities of AI, digital disruption, and emerging technologies, focusing on their impact on business strategies, governance, product innovations, and societal well-being. Whether you're a professional seeking to leverage AI for sustainable growth, a leader aiming to navigate the digital terrain ethically, or an innovator looking to make a meaningful impact, "AI or Not" offers a unique blend of insights, experiences, and discussions that illuminate the path forward in the digital age. Join us as we delve into the world where technology meets humanity, with Pamela Isom leading the conversation.
AI or Not
E014 - AI or Not - Tony Carrato and Pamela Isom
Welcome to "AI or Not," the podcast where we explore the intersection of digital transformation and real-world wisdom, hosted by the accomplished Pamela Isom. With over 25 years of experience guiding leaders in corporate, public, and private sectors, Pamela, the CEO and Founder of IsAdvice & Consulting LLC, is a veteran in successfully navigating the complex realms of artificial intelligence, innovation, cyber issues, governance, data management, and ethical decision-making.
Ready to gain a wealth of knowledge from a seasoned expert in cybersecurity and consulting? We've got Tony Carrato, Board Member, Board Advisor, Independent Consultant, a trailblazer whose career spans from the United States Air Force to influential roles at SAIC, EDS, and IBM, sharing his incredible journey. He reveals his evolution into independent consulting, the importance of participating in user groups and standards organizations, and his international adventures, including a unique stint with the Hong Kong Jockey Club. Currently embracing semi-retirement, Tony’s insights on serving both for-profit and nonprofit boards are invaluable, offering a master class in balancing passion with professional responsibilities.
Continuous learning is a cornerstone in the fast-paced world of cybersecurity, and Tony uncovers essential strategies for staying ahead. From self-assessment to defining career objectives, flexibility is key to thriving in roles like security architecture, management, or consulting. Tony’s advice on building a diverse skill set, understanding the nuances of corporate versus nonprofit boards, and the critical role of military service in professional growth provides listeners with a robust framework for career development in cybersecurity.
Ever wondered how to bridge technical prowess with business savvy? Tony dives into navigating various cybersecurity career paths, understanding AI’s risks and benefits, and reevaluating hiring practices. He underscores the importance of effective communication with non-technical stakeholders and the balance between technical skills and business acumen. As we explore AI's dual nature, Tony’s perspectives on skill-based hiring and personal branding will reshape your approach to career advancement in the tech industry. Tune in for a treasure trove of insights and practical advice that’s bound to elevate your professional game.
[00:14] Pamela Isom: This podcast is for informational purposes only. Personal views and opinions expressed by our podcast guests are their own and not legal advice. Neither health, tax, nor professional, nor official statements by their organizations. Guest views may not be those of the host. Hello and welcome to AI or not, the podcast, where business leaders from around the globe share wisdom and insights that are needed now to address issues and guide success in your artificial intelligence and digital transformation journey. My name is Pamela Isom and I'm your podcast host. So we have another special guest with us today, Tony Carrato. Tony is a board member and advisor. He's an independent consulting architect. We know one another from our IBM days, which we're going to talk about. And there's more. So Tony, welcome to AI or not.
[01:27] Tony Carrato: Thank you, Pam, great to talk to you.
[01:30] Pamela Isom: All right, so to get started, I'm going to ask you to tell me more about yourself, your career and journey, how you got to where you are today. I'm really curious about independent consulting and how that's working out. And then I have one more thing, if you can remember. Tell me about your experience serving on boards. What's all this like? Tell me more.
[01:55] Tony Carrato: Okay, so that's a bunch of things. I got started when I graduated from New York University with a degree in electrical engineering, to be specific. And one of my professors back in the day when I was taking my first computer course, said, you know, we've really kind of already got all the computer people we're ever going to need. So I'm not sure you should go into this. Thank goodness I did not listen to him. And I came out and went directly into the United States Air Force as a second lieutenant. Did seven years there. And I will have to say that shaped me in a lot of ways that still are with me today. Left worked for a few different companies and thats where I got my consulting start. I was with SAIC for a while, with Eds for a while, which of course is now a completely different company. Worked for a small business, building software for the construction industry, and eventually they were doing well. But I got the opportunity to go ahead and turn my full time employee role into a consulting role with them. I'd always wanted to do that and gave it a go and hit a period after doing my assignment with them for a month or so where things are quite quiet. And then things picked up and this goes back to, well, a long time ago, the late eighties, things picked up. One thing I'd always done has been being involved in user groups and standard organizations and back in the day, there was this thing called a Decvax, which some of us remember, and I was very active in their group. Slid from there over to open systems and Unix, which brought me to Hong Kong, where I lived for six years, working on a consulting basis for the Hong Kong Jockey Club, which is a huge business, running racecourses in China and wagering from there. Went to at and T because I wanted to play with big Internet backbone things. Then to IBM, where you and I got to know each other. I was in IBM Australia for about eight years, and then IBM us for a dozen retired out of there in 2019. And my LinkedIn title says semi retired independent consultant. And to be honest with you, I mostly take the attitude that if I wouldn't do it for free, I won't do it at all, because my wife and I have arranged our life so that our lifestyle matches our income and allows us to do things we do, for example, an international trip every year and not in economy. When I left IBM, I was pretty much, I am done with international long haul in economy class. We were just in Scotland about ten days ago, where I spoke at open groups conference on AI and cyber. Had a great time. So that's what I do these days. I'm on a couple of boards. One is a for profit, a small business here in New Mexico. One is an open source project. And yes, those do have boards, too. And you do learn a lot about being on. About what you do on a board of director, probably honestly, through doing it, really listening to people around you. And one of the things you learned, you asked about that is, especially if it's a for profit organization, you have to look at liability. So one of my rules is if I'm on a board of directors and it's for profit, they better have officers and directors insurance, because sometimes that are completely out of your control could happen, and you look around and go, what, me? And that's not a good feeling. So you don't want that. You learn that a board director is not a manager. So while, as you know, I'm pretty technical, I'm not there as the CTO on either of those boards. I'm there to advise the people, and I'm fairly active in both of them. I participate in a bunch of stuff. But, you know, you really have to keep in mind what your role is and is nothing. So that's the first thing about being on a board, I'd say.
[06:53] Pamela Isom: I asked those. I asked those questions, and I thought it would be good for you to share that, because I work with a lot of people, myself included, I sit on a nonprofit board, but I work with quite a few people that desire to be on board. So that's why I asked that, because you being a technical person like myself, we have to remember that on the nonprofit board I am there and I'm providing technical guidance, technical expertise. But on the for profit, where I like to go and be, I think they still need that technical expertise so that I'm providing AI oversight and things like that. So there. But is that an oversight perspective, not a management perspective? But I like what you said because it's important that we understand that. And it's intriguing to me to know that you have a technical background and that when you're on the board, the way that you're evaluating things. Right, so, and that, and we don't always understand that. So I think that's really good insight that we should understand.
[07:59] Tony Carrato: You're welcome. I mean, one of the things I do as a board member is ask difficult questions. Have you thought about is part of it? So for example, on the for profit, I'm regularly the one pushing on. I understand you guys know this stuff. That doesn't make it intellectual property. Intellectual property is what adds value to a company along with of course sales and a revenue stream. But if somebody's looking to acquire you, they're going to want to understand what ip you actually have. And the fact that Joe or Alice knows a bunch of stuff doesn't convert it to IP until Joe or Alice write it down, turn it into real documentation, which may involve copyrights, it may involve patent filings or whatever. But that's an example of something I push on. The other thing is I think you and I both spent a lot of time actually selling things at companies like IBM and Della. And so yes, I do stick my nose into sales processes to some degree. I don't typically make sales calls, but I do stick my nose into those.
[09:13] Pamela Isom: That's good.
[09:14] Tony Carrato: We could do another discussion sometime if you want. On how does one go about getting on a board?
[09:21] Pamela Isom: Yeah, I think that would be good. I think that would be really good.
[09:24] Tony Carrato: I've been experienced that and I think a lot of people would like to understand that because I get us the same thing you do, which is how do I get on a board?
[09:32] Pamela Isom: Yeah.
[09:33] Tony Carrato: And will that come with, you know, the Mercedes and the very large expense account? It's like, yeah, probably if you're on Mercedes board, but I'm not sure about too many others.
[09:42] Pamela Isom: I do, I do. And I get asked about what is the difference between a corporate board and a non for profit board, I get asked those types of differences and I only know from the nonprofit side of things. Cause I'm not on a corporate board yet, so. But I do get asked those types of questions. So we can save that for another discussion. But I still think it was important and I think it's very valuable that that's a part of your background. I want to say thank you for your service. So I don't want to bypass that because I appreciate your service. I think that's so important. And as I always say to our military and our veterans, you are the ones that keep us safe. So thank you so much.
[10:23] Tony Carrato: You're welcome. It's amazing to me the number of people even today who want all those freedoms but don't understand there is a price somebody has to pay.
[10:34] Pamela Isom: Yeah, well, yeah, yeah.
[10:36] Tony Carrato: There you go.
[10:37] Pamela Isom: Okay, so. So we're going to move on here. Thank you for your background. You have an intriguing background and I can see that you've been to various countries and that's exciting as well. You just have an interesting background. So I should tell you that I was at eds as well. So we go back. We really, and I was at digital, so I know the Vax and that's why I learned ops five. That's why I learned AI. Is that digital? So I know that vax and I know the alpha well, I remember the Vax and the alpha, so that's interesting. So let's go on to maintaining your cybersecurity skills and knowledge. So that's kind of the thing that we want to talk about today, even though we got into some other discussions. Let's talk about that for a little bit. So I'm actually going to start out by let's talk a little bit more about the skills and how do you keep yourself up to date and how do you keep your skills sharpen in the day and time of disruptive technologies and emerging tech like AI?
[11:48] Tony Carrato: So the words disruptive, emergence and AI are all really important. If you're working in cyber today, you have generally got the experience of, oh, my goodness, things are changing so fast. So the first thing I tell people to do is look in the mirror. What are you doing today? What experience level are you at? Are you a senior person? Are you mid career? Entry level? Be honest with yourself. What? And you've been an architect for a long time. Especially broad architects carry the requirement of stretching across things while maintaining reasonable depth and at least a few things. So step one, look in the mirror. Think about yourself. Step two, what, what are your objectives? Do you want to be growing into, say, a security architecture role, maybe even from there into an enterprise architecture role? Want to become really, really strong at the application of technology to offensive cyber or possibly defensive cyber. So you have to understand those things. Where are you trying to go and recognize that some of us want to move into management? I can tell you I tried that, didn't like it very much. Went to my then boss and said, you got to get me out of this role. I want to be back to being an architect. But, you know, you may find that out by trying it. You may want to go into consulting, you may want to grow your career in an organization. And those two are quite different things. The way a consultant has to think about the world, and you'd know this really well, is very different than the way a full time employee has to think about it, measured differently, you relate differently, you perform differently, and so on. So you have to understand those things. So with that said, then you have to say, given I've thought about who I am and I've thought about where I'm trying to go, and by the way, where you think you're trying to go today doesn't have to be where you're going to also want to try and go five years from now. People grow. We evolve. I had some fairly major changes in my life when I left the air force to go into civilian things. When I moved from Colorado to Hong Kong, when I moved from Hong Kong to Australia, when I moved from Australia back to the US, those were all fairly significant step functions that change a lot of things about your life. When I went from consulting to product architecture, building actual products to tech sales, those things all different. So my point here is what you think you wanted to do now, go for it. But recognize that may change over time. You may get an opportunity and it may turn out to be just so good. You can't turn it down, but it may require change. Don't worry about it.
[15:15] Pamela Isom: So you're saying be flexible and be agile.
[15:19] Tony Carrato: I agree. One of the things that's important is you put more tools in your toolbox as you do things. Well, they may enable you to do something different. But having a set of tools rather than I've got a screwdriver, I have a set of tools, means I can take on more things, be flexible, be agile, as you just said, and have.
[15:40] Pamela Isom: A set of tools and create a toolbox for yourself.
[15:44] Tony Carrato: Yeah. And you know another thing I would encourage everybody do I do encourage everybody to do is recognize we all have a brand. The brand is when people think about Tony Carrato, what do they think about? And you're going to have one. Whether you think about it or not, other people will essentially attach that brand to you. You should always ask yourself, what do I want my brand to be? Are the things I'm doing reinforcing and growing that brand, or are they detracting from it? So be aware that that's there. So if your brand is. I'm a broadly based technical expert. I've got experience in a bunch of different things, and I've got a bunch of tools in my toolbox. Great. Do things to show that off and reinforce it. Brand is. I am the best defensive cybersecurity person you're ever going to run into. Great, reinforce that. But think about what your brand probably is. Test it with people. What do they think your brand is? And that feedback can be really helpful.
[16:56] Pamela Isom: You said test it with others. That's interesting.
[16:59] Tony Carrato: Yeah, well, again, hold up the mirror to yourself, but go see what other people say. It's easy to fool ourselves. And I wanted to play power forward for the New York Knicks. My problem was I'm about eight inches too short and not that fast, so I had to go up. Nope, that's not where you're going, dude. Okay, so with that said, you've got a notion of where you'd like to go, then you have to look at what are you doing to improve your skills and knowledge. And I would encourage people, especially in entry level and mid career, don't just read stuff, do stuff. It's very, very easy to bring up virtual machines on whatever computer you've got handy and try things out. There are surprising numbers of cloud services you can get on either incredibly inexpensively or even free. But put your hands on stuff. Try things out as you get more senior. Maybe it's a little less of requirement, though. I've got at least one good friend who's an IBM fellow who is very much a hands in the grease kind of guy.
[18:14] Pamela Isom: I know that guy.
[18:16] Tony Carrato: Yeah, you do. I sent some code from him the other day.
[18:19] Pamela Isom: Yeah, yeah.
[18:20] Tony Carrato: You know, but look at building. So people were like, well, doesn't that cost a lot of. No. So first of all, there's loads of learning you can do for free. You can get it from. LinkedIn has their learning. You've got things like Coursera. One I'm kind of a fan of is Udemy. Udemy. Their courses are not free, but they're insanely cheap. Lots of vendors offer training. And one question you should always ask in your organization when you buy things, are training credits included in the deal? Many cases, the answer is yes, and in a surprising number of cases, nobody uses them. So that's a talk to your management kind of discussion. But, you know, if they were included, somebody should use them. The company or department or whatever's effectively paid for them. Don't throw them away.
[19:20] Pamela Isom: Okay, so let me ask you real quick. Thinking about what you said so far, just kind of putting all that together. You described, like, if you describe architect, you described architectural thinking. You talked about how we want to not try to do everything but know your brand and find out what you're good at. So use discovery to discover what you're good at. You also kind of indicated that there are many paths when it comes to cybersecurity roles and responsibilities. So kind of find that area that is interesting to you. And I want to point out that I was talking to one of my colleagues not too long ago, and he specializes in red teaming. So he's, he's doing the ethical hacking. He's vulnerability and penetration testing because there's a difference. But he's focused on that and adversarial emulations and all that. And that's his sweet spot. But we talked about the fact that there is a cybersecurity architect, there is a cybersecurity engineer. There's many different paths. There's the governance leaders and all those in the cybersecurity area. So I thought it was interesting that you reminded, reminding me today to make sure that we kind of think about our brand. What area do we want to focus on? Use some discovery and then work on that. And then I heard you mention defensive versus offensive tactics when it comes to cybersecurity responsibilities, which I think is good as well. So I appreciate the well roundedness. When I think about architectural thinking, I think about a bunch of different components and looking at how those components intermingle together and then figuring out how they operate independently as well. So I'm connecting dots and then I'm pulling one out and going deeper into that to understand the mechanics behind it, but always keep an eye on the bigger picture. So you described that when you were talking. So I appreciate that. That's what I. Yeah, I appreciate that.
[21:40] Tony Carrato: And I think the way you put it's very good. The other thing, especially for architects, we need to do is remember that at the end of it all, cyber is about protecting the organization. And that means you've got to be able to have the discussion with people who are not, first of all, security specialists, second, it technology specialists. So kind of bridge into first, one area you bridge into fairly quickly is governance. And yes, architects have some amount of role in governance. But don't get confused, there is a lot more to governance than just picking which vendor you like. It moves as well into risk. And again, as technologists, I am in an amazing number of discussions like this on a regular basis, people get focused on the technical risk elements, they dont understand that, for example, the one that took down bearings bank, there was not a technical thing, it was a financial trader who made crazy bets in the market out of Singapore. And a bank that had been around for a few hundred years went away, those kinds of things. So you have to be able to relate to people who are going, yeah, yeah, that's good, but I got this other stuff. And to be able to draw the bridge between the two.
[23:21] Pamela Isom: Yeah.
[23:21] Tony Carrato: Be someone that they're willing to talk to and even welcome. And I think you've been successful, especially as an architect, is when people, and this is true, I think as a consultant too, when people ask the question. So what does Pam think? Maybe we ought to get on the phone and get her to come over and have a coffee and talk this idea through with her. And that's happening on a regular basis. And knowing you, it probably already is.
[23:49] Pamela Isom: Yeah.
[23:50] Tony Carrato: Then you know that you've made that bridge to the thing we usually call the business side.
[23:57] Pamela Isom: Yeah.
[23:58] Tony Carrato: You have to deliver on the technical side, but you've got to connect to and relate with the business side.
[24:05] Pamela Isom: I agree, I agree, I agree. And I think that this is such a good discussion. I know this was, I suspected this was going to happen, but on the business side of the house, and that's why you're here, because you are a technical person by trade, but you really aren't. So that's why I asked you, that's why I curled into the board seat, because you have to be able to relate and you have to be able to connect. And the architectural thinking side is the ability to connect. And so I love how the business side, I mean, we have to think about things. We can be ever so technical, ever so cybersecurity, affluent. But the business doesn't understand the jargon. So we have to know how to relate to our business stakeholders and our customers. And our customers don't always understand the jargon either. And so I think that that's really important that you brought that up, and I can't stress that enough, can't stress enough how important that is. So I appreciate you bringing that up in this call, because it's a very serious subject that can get overshadowed, right? So that connecting with the stakeholders within the organization and helping them to understand their priorities, so then we can help them to understand where the risks are and how to go about mitigating those risks and those vulnerabilities.
[25:36] Tony Carrato: And I'll sump those risks. Let's pivot just a tiny bit over towards AI. AI brings both wonderful things to help us and risk. And I think especially if you happen to be growing in the direction of architecture, you need to be trying out AI. There's plenty you can do for free. You need to be learning and understanding where people are already doing things. So for example, if you're in a even moderately large organization, you're probably getting your front door knocked on by bad people a lot. And there's a lot of signals, but there's a lot of noise. AI is starting to help us, and if you look at the major vendors, they're all bringing out offerings on this, starting to help us pull the signals out of the noise and act upon them. You can't do that if you pick the wrong AI solution, if you don't understand how it's applied, if you don't learn where you trust it, where you supplement it, where you don't let it play. And you should also start having some sense of where the, the bad people are using AI. Your friend who's on a red team probably is spending a fair bit of time thinking about that. Yeah, that's an area where people need to learn and consider. So we have to ask, what are people doing with AI? That is a problem. So first of all, we've all, if we've been around cyber, heard about the script kiddies, the people that download a script and try and run it against you, augmented by AI, and also, by the way, by business models. Where you can get ransomware as a service is a term that's starting to get used, where people effectively will sell you some things. Those are augmented by AI. What else, though? The whole business of socially based attacks is getting augmented more and more with aih, ranging from phishing being supported by AI, getting social engineering based in a number of ways. Things about AI, yeah, social engineering in.
[28:05] Pamela Isom: General is basically elevated because of AI. Not because AI is the culprit, but because it, because of the acceleration of information and the speed that the innovators from a adversarial AI perspective is grabbing a hold to. We have to keep up. But go ahead, finish your thoughts.
[28:35] Tony Carrato: Yeah, so the other ones, deep fakes, are starting to show up more and more. Audio fakes, audio visual fakes. The election is putting that in more focus. Yeah, but, you know, just because people are using it fool you into who they think they want you to vote for is not. This is different than them getting you to send their money away, your money. So there's a bunch of things where the ability to turn loose and automated assistant against data is another one. These very, very large data dumps that happen on a weekly or maybe more frequent basis. How do you analyze something with gigabytes of records? Well, one way is you throw it at an AI.
[29:22] Pamela Isom: Yeah.
[29:24] Tony Carrato: Which means you need to start understanding what can be done. So I think there's a lot to be said there, so.
[29:32] Pamela Isom: Well, let me just. Let me just say a couple of things. So, from an AI perspective, those are good points, and I get it, and I think it's really important. What I try to do is I try to help those that are learning and those that are more mature in the cybersecurity realm, and you're trying to maintain your skills, you're trying to survive and thrive in this digital transformation era. I try to help people understand, businesses, individuals, all of them. I try to help us understand that there is risk and there are benefits, and really start to process what that means. Sometimes cybersecurity folks can come across as the negative folks because we're concerned about the issues, we're concerned about the risks, and we're pointing it out. But cybersecurity folks are also very positive. We care about innovation, we care about emerging tech, we care about solving the problems of the organization. So I like to see, and what I do is I try to help us understand the good characteristics of AI, the value proposition behind AI, and how best to use it so that the impacts are not adversarial. And in my training classes, that's what I do as well. So I think what you're pointing out, and I appreciate it, is that you have to understand those risks. You have to understand what they really mean. You have to understand the threat vectors, the landscape, that whole surface area, and how it's broadened when it comes to artificial intelligence and dig deeper into understanding what some of those threats really mean. I use the example of deepfakes. I like people to see that when it comes to deepfakes, that there are good use cases. A good use case of a deepfake is me speaking to you today. And then artificial intelligence converts that to a different language so that it can be carried forward internationally. So when we think of deepfakes, we think of it from a risk perspective and what are the risks that it introduces? But there's also good use cases. So I like to talk to folks about understanding that there are two sides to the equation, because sometimes some of the adversarial conversations can really take over. But I appreciate what you said, and I want to go a little bit deeper into skills. So we were talking earlier about the White House and the recent legislation, or actually the memo that came out about skills building and the need for skills and like that. So I would like you to talk some more about that. But I know they were talking about degrees and whether they're necessary and all that. Tell me your perspective on that.
[32:38] Tony Carrato: So it stems from a couple basics. One is anywhere you look, people will say there's a real shortage of cybersecurity skills. And that's true. Or maybe I should say skilled people. You look then at organizations hiring practices, and in many, many cases, bluntly, they're terrible. They will describe what they call an entry level job where they want four or five years of cyber experience and a master's degree. It's like, excuse me, it doesn't sound like an entry level job to me. And there are interesting and somewhat artificial roadblocks that organizations put in their own way. So some years ago, IBM, followed fairly quickly by Microsoft, started initiatives for what the term that got used and still does get used is new collar people that have built skills that don't have necessarily a four year degree, or maybe they have one, and it's in some orthogonal thing. A memo was released by the White House. You can find it on WH dot gov from the office of the national Cyber director, talking about the fact that the recommendation now is to move from degree based hiring to skill based hiring. So what you see, if you look is someone who may have a bachelor's degree in, I don't know, english literature or no degree at all, if they've spent the time and effort to build their skills. And I would encourage, if you're looking at hiring people like that, you want to understand what skills you're really trying to hire for and how you'll evaluate them. But the government is trying to very strongly encourage moving away from an arbitrary roadblock of, you must have a four year degree in computer science or electrical engineering, or we won't talk to you. So then you ask the question, how does one build skills? What I'm seeing is there are a number of often it's at the community college level where they're doing. For example, here in New Mexico, the largest of the community colleges, which is based in Albuquerque, where I live, runs what they call boot camps in these areas, which are typically eight to twelve week certificate kind of programs where you build concrete skills. And the company I'm on the board of has hired half a dozen people with these kinds of credentials and experience and been delighted with the results. One of them is now a director as an example. So I think the point I make is, if you're a hiring organization, ask yourself, do my criteria make sense for the outcome I'm trying to get? And if you're someone seeking a role, first of all, look to people that have got their mind switched on in their hiring practices. That's still, frankly, not the majority. And are my building my skills in that direction? And again, how do you do that? It's the next question. And you may find in one of the post secondary education, we're even seeing this going into secondary education where high schools are trying to build skills. I think you and I are both old enough to remember when they had votech classes in high schools where you. I remember, yeah, well, vo tech now is not just can I run a lathe or a drill press, but can I operate, you know, for example, a porch scanner? So look for places where that's being done. Look at your key vendors in your current organization. They probably have a lot more education available than you are aware of, and I'll bet an awful lot of it's available for free. Look at your network. Is your network helping you? Do you need to grow work? We probably all need to grow our networks over time, but all of those are good things to do.
[37:16] Pamela Isom: Yeah, no, I think that's great. I have a couple points that I want to make pertaining to this whole business about whether a degree is going to be a fundamental for hiring or not. So I like the fact that the degrees are not the essential requirement, but it's more skills based. But here's the advice that I give to those that are considering higher education. You should still do it. I don't think, I don't want communities to feel as though just because this is coming to pass that perhaps the higher education is not necessary. And I know that that's not what the government is saying, but I always reiterate this point to my peers and my, to the young people, to the younger people that the higher education to get your bachelor's, to get your associates, to get your anything higher than that, it's still important. It's just that there are skills that you can acquire. And if you have acquired some skills, that we want you to go ahead and be able to qualify for positions, because an education alone won't qualify you for positions. You need experience. The skills give you the experience and the skills need to be valued. So the emphasis behind this for me and what I convey to people is those skills are important. They can be applied on the job. And that's what's needed in the corporations and in the companies is the skills. And so education helps you get skills if you can. Right. Education can help you, but education alone doesn't do it. But what I don't want, and particularly in communities, you don't want to think that this is now an opportunity to, to not be concerned with higher education because I think we still need it. And so that's something that I always emphasize to my peers, to my colleagues and to the communities, to my communities and to those coming along. So I do think this is important. I think that is very valuable. I do think that it's about time that we are not excluded because we don't have higher degrees and things like that. I don't think we should be excluded, but I don't think that we should go to an extreme and think that now I don't need it. Because, look, that rule could change tomorrow, and then what will you do? Right. So that's what I say to my communities and I want to get that out because we're talking about that on this.
[40:15] Tony Carrato: It's important for people to distinguish between education and training. Training builds skills to do a particular task.
[40:25] Pamela Isom: Yeah.
[40:25] Tony Carrato: Education stretches your mind. It teaches you to take on new information, turn it into something useful, and very importantly, communicate it.
[40:36] Pamela Isom: Yeah.
[40:37] Tony Carrato: I can't tell you how many engineers I talk. Why do I have to take English and history? Yeah. Because they're necessary as you expand those people you're talking to.
[40:48] Pamela Isom: Exactly. So that education is still important. So that's a good point. All right, so we are about at the end of our talk here. So there are just a couple more things that I'd like to know from you. First of all, do you have any, is there anything you want to talk about before I ask you about the words of wisdom? Is there anything else that I missed? No, go ahead, talk about. Okay, so I'd like to know from you, do you have words of wisdom or experiences that you'd like to share or leave with the listeners?
[41:23] Tony Carrato: So a couple of things. One is the business about your own brand. Remember, you have one. Does it stand for what you want it to stand for? What are you doing to reinforce it and maybe change it? The second thing is you're only, however smart you are, but you can control how hard you're prepared to work. I think President Obama had some very important things to say there. And if you think about, okay, you may be smarter than me, have a PhD and so on, are you going to work harder than I do?
[42:00] Pamela Isom: Mm hmm.
[42:02] Tony Carrato: And then the other one is, remember, people think about how they interact with you. Did they come away feeling like it was valuable and they felt good about it? Be careful that you are creating the impression in people that you mean to. You want folks that are glad they had the opportunity to engage with you.
[42:27] Pamela Isom: Okay. So we started our talk by communicating and saying that we would keep our focus on maintaining your cybersecurity skills and knowledge. And so to wrap things up, your main message to the listeners is pay attention to your brand, maintain your work ethic, watch your people skills, and be mindful of how people are feeling when they conclude a conversation or experience with you. And then I think, overarching. You were saying that your brand is important, but know what you want to do, know what you can do, but be willing to stretch. I heard you say that throughout the talk as well.
[43:23] Tony Carrato: Those are all spot on. And of course, you do have to have technical skills if you're in a technical world, but that covers you. Great to talk to you, Pam. I enjoyed it. I hope we do it again.
[43:37] Pamela Isom: All right, well, thank you very much for joining the podcast, AI or not. And I do appreciate the discussions that you had on AI as well. So I appreciate your insights there. And we're going to go deeper at another time on the boardroom speak. So I do appreciate that and the leading into that, because I do think that others will be very interested in that, but we'll save that for time.