Val Vask is the Commercial Technical Lead at Bridges Consulting, a Maryland-based cybersecurity firm specializing in national security and commercial vulnerability challenges. Before starting work at Bridges, Val spent 20 years in the private sector working with federal and government agencies.

He recently enrolled in four InfoSec Institute training courses to refresh his incident response skills and deepen his understanding of supervisory control and data acquisition (SCADA) security:

  1. Incident Response & Network Forensics
  2. SCADA/ICS Security
  3. Reverse Engineering
  4. Advanced Ethical Hacking

We sat down with Val to discuss his student experience and learn what he has to say about the value of training with InfoSec Institute’s experienced team of instructors.

Why Did You Select InfoSec Institute as Your Training Partner?

Val: When I first started working in the public sector, I took some training with other providers, but it wasn’t quite what I needed. I wanted something more technical and decided to give InfoSec Institute a chance.

Before picking a training provider, I weighed three key factors: student testimonials, training reputation and price. I recognized my SCADA instructor’s name, Keatron. He is really well known in the industry and wrote a book about chained attacks called Chained Exploits. I’ve done a lot of pentesting, so that got my attention.

I didn’t enroll to just take a test and pass. I wanted to really understand the course content and speak intelligently about it with my clients. When I was younger and had less experience, the certifications were much more important to me. I enrolled at InfoSec Institute to address a few knowledge gaps and refresh my skills.

How Did Training With InfoSec Institute Compare With Your Past Experiences?

Val: Training courses from InfoSec Institute were better than anything I’ve taken in the past. Most of the training I received in other roles was through internal programs, which varied in terms of quality. InfoSec really stood out from my other experiences because the instructors had a lot of practical experience and were really knowledgeable. Some of the topics we covered in class were pretty dry. The fact they could keep everyone engaged and attentive says a lot about their abilities as instructors.

I had Keatron for my SCADA class and Jeremy for my Incident Response course. They both did a really good job. You can tell when someone has actual experience in the field. There’s a major difference between “textbook smarts” and actually having practical experience. My instructors at InfoSec had both.

What Was it Like Taking the Training Online?

Val: I was very skeptical about online courses. I’ve taken them in the past and I didn’t like them. I didn’t want to take an online training course with InfoSec at first, but decided to give it a try. The course not only met my expectations, but exceeded them. I was surprised how interactive the course was. It was the most engaging online training I’ve ever had.

We used the chat feature and microphone to ask questions during class. We’d share stories about past experiences and crack jokes. It was fun, but not distracting because questions and comments were relevant to the course material.

Each day included question and answer segments. Some of us got them right, some of us got them wrong. The instructors went through each question to make sure we understood why. The experience felt really personal. By the end of the week, instructors knew us by name and even understood our personalities.

Instructors were extremely responsive with all communication channels — email, chat and voice. It wasn’t what I expected — it was much better than that. I was surprised.

What Did You Like Most About Your InfoSec Institute Courses?

Val: For me, it was the instructors. Each student in class had a different background and level of experience. The instructors dealt with this really well. They could answer any type of question with really informative answers. You could tell they had real, practical experience and weren’t just reading answers from a book.

I also liked the SkillSet labs. They were a big part of class, especially in my SCADA Security course. The labs let you use real tools in a virtualized environment. You get access to labs for six months after your course, which lets you get really familiar with the tools.

You need to have practical experience in most cybersecurity roles. If you don’t, the next best thing is practicing in a lab. This was a big deal for me.

Has InfoSec Institute Training Helped You Professionally?

Val: Yes, I started working at Bridges in a technical role, but am now helping develop their commercial arm. I still do technical work, but, lately, I’ve been focusing on marketing and business development.

Brushing up on my technical skills helps me better communicate with clients and understand their needs. I have already applied things I’ve learned from class in conversations with my colleagues and my clients.

In my incidence response course, Jeremy talked a lot about legal processes like how to investigate someone for exfiltrating data to help prosecutors build their case. He tied it all to his own personal experience, which really helps make it interesting. Legal stuff can be very boring; when you tie it back to personal experience and give examples of case studies, it brings it home for any student.

Would You Recommend InfoSec Institute Training to Your Peers?

Val: Yes, I would.