Hiring and Staffing in the Privacy and Security Space

Intro  0:01  

Welcome to the She Said Privacy/He Said Security Podcast. Like any good marriage we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.

Jodi Daniels  0:22  

Hi, Jodi Daniels here. I’m the founder and CEO of Red Clover Advisors, a certified women’s privacy consultancy. I’m a privacy consultant and Certified Information Privacy professional, providing practical privacy advice to overwhelmed companies. Hello, Justin

Justin Daniels  0:38  

Daniels here I am passionate about helping companies solve complex cyber and privacy challenges during the lifecycle of their business. I am the cyber quarterback helping clients design and implement cyber plans as well as help them manage and recover from data breaches.

Jodi Daniels  0:54  

And this episode is brought to you by Red Clover Advisors. We help companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields, including technology, ecommerce, professional services in digital media. In short, we use data privacy to transform the way companies do business. Together, we’re creating a future where there’s greater trust between companies and consumers. To learn more, and check out our new best selling book data reimagined building trust when bite at a time, visit redcloveradvisors.com. Ready for a fun discussion their matching person?

Justin Daniels  1:36  

Well, I think so. But why is this such a special week for you?

Jodi Daniels  1:41  

Wow, why is this? Why is this special? Wow, you

Justin Daniels  1:44  

had to think about it.

Jodi Daniels  1:46  

I had to work hard. Jared. I’m

Justin Daniels  1:48  

already I’m already ready to vote it in here.

Jodi Daniels  1:51  

So we’re recording when it’s our 15th wedding anniversary. Oh,

Jared Coseglia  2:01  

graduations.

Jodi Daniels  2:03  

Thank you. Thank you. Thank you. I do average average. Okay. Well, let’s get into a really fun discussion. We have a good friend am Jared Coseglia, who is the founder and CEO of TRU Staffing Partners, as the global go to for hiring managers and job seekers in need of staffing solutions or career guidance in management. He has placed more than 3500 professionals at the fortune 1200 and throughout the global consultancy service and software provider community, including our firm red clover, his ability to identify, deliver, mentor and help retain talent is informed by his unique style of representation. vast network of relationships, subject matter expertise, and just nice all around

Jared Coseglia  2:58  

that guy. Thank you.

Jodi Daniels  3:01  

You are so welcome. We’re so excited to have you here today. It’s gonna be a really important discussion for companies.

Jared Coseglia  3:06  

Thanks for having me. Excited to be here. Happy to share all my knowledge. Love the show. Can you start laughing at me? Why not? It’s fun. Your turn.

Justin Daniels  3:17  

All right. So let’s begin. So Jared, um, how did how did your career evolved to this point? Yeah,

Jared Coseglia  3:26  

so I’ll try to I’ll keep this part as short as I can. I went to NYU undergrad Tisch School of the Arts to be a theatre director and graduated in May of 2001. And then we all know what happened about three months later, which pretty radically shifted the theatrical community and found myself doing some staffing in E discovery for someone I’d worked for in college. I fell in love with that community in particular, which is a great intersection of legal technology just as privacy and cyber art, and started my own company a few years later. So true, is having their 13 year anniversary this year, not quite 15 but close. And we’ve, we’ve we’ve grown a lot, so we started doing ediscovery and then a few years later, around the time of the Sony hacks in 2014 right around Thanksgiving, I remember because the movie had just come out right where the Seth Rogen movie had just come out write about about North Korea. And I was like wow, this is this is where we’re gonna go next. Immediately dove into cyber about six months into cyber really realized what we were even more passionate about was data privacy. And because I do think though they are brother and sister they are separate disciplines and and can be separate career paths very much so they’ll obviously very intertwined which we’ll talk Got that. And so we’re triple discipline now cybersecurity ediscovery data privacy? No, I love it. We’ve been an Inc. 5000 fastest growing company three, the last six years. Our staff is the biggest it’s ever been. And we’re both going to be getting people jobs

Jodi Daniels  5:17  

in the space. Well, congratulations on making it to teenagehood.

Jared Coseglia  5:22  

Yes, we are no longer toddlers, we are running, defying our parents.

Jodi Daniels  5:30  

Well, experienced privacy people are in high demand. These days, companies are of all sizes are trying to figure out what to do to staff for privacy. So what should companies be doing to attract new talent? And then what should they be doing to retain the actual talent that they have?

Jared Coseglia  5:52  

Great question, you’re attracting talent in this space really requires a couple of things, right? The first of which is having a clear posture, even if you’re not pleased with it. I think privacy professionals that are experienced when they go in interview at other companies want a company that has a sense of self awareness around what their privacy posture is, was and Kotor should be. And I think the companies that go in and just demonstrate complete chaos tend to tend to not attract customers who want to come and work with them, candidates don’t want to come and work with them. I also think that having transparency and simplicity as part of your cultural identity, and articulating that really is attractive to privacy, people privacy, people are looking for those key words, whether it’s those words, or other words like it to be articulated on the interview process as a way that they will be able to get buy in for their practice. And those words come up a lot when we coach customers on how to articulate what they’re looking for, or what they stand for sometimes. And then the last thing I would say when it comes to attracting people is know the market, right? Know what you’re up against know what they’re probably getting or going to get from other companies. You know, and obviously, we provide a lot of that intelligence, that intelligence is out there through through other channels like the IPP, a lot of times customers are a little shell shocked at what privacy professionals can command, particularly the more experienced ones. So have an appreciation for that in terms of compensation. And in terms of culture, I think those are really critical in terms of keeping the people that you have, you have to keep giving them opportunities to learn. I think that’s the number one reason why people want to leave their jobs is usually because they don’t like their boss, or they just feel like they’re stagnant. And they’re not learning or that the company isn’t looking to evolve or grow their privacy program. Privacy professionals who are out there seeking opportunities are generally looking for what I would call an impact opportunity, right? Which is very different than how a lot of people running businesses grew up as working professionals, which was more of I’m looking at a home that I can go stay at forever. And I think a lot of privacy professionals are far more interested in, well, what can I do for the next three to six months? And how am I going to impact the business? Rather than how will the business impact me in my career and my stability over six years? I think they care a lot less about

Jodi Daniels  8:24  

I hear that all the time how I want to keep learning, I think it’s kind of innate and privacy people they want to just they’re curious, they keep asking questions. It’s a really important, important piece for any company.

Jared Coseglia  8:38  

And they know there’s so much out there to learn, right? It’s not like no shortage, right? It’s the wild wild west in this industry right now. So I think people are looking for like minded leadership, whether they’re part of the privacy program or not, that value continuing education in a pretty rapid tick, right? Not like every year or two, but like every three to six months they something else, something else, something else.

Jodi Daniels  9:01  

And apparently, the latest is always dropped at five o’clock. So you have to really enjoy evening reading.

Justin Daniels  9:08  

Right? It’s funny you say that, if I didn’t do the different things that I do, my job would be very boring. But between blockchain and cyber and drones and other things we talk about from data privacy and cyber protection. keeps it interesting. So, you know, listening to this conversation, Jared, I have a kind of a follow up question, which is, I’m actually going to be speaking to an MBA class at Virginia Tech on Wednesday, on a topic and one of the things I want to ask you is, you know, as people are getting through school and they might want to transition or think differently about a career. Do you see the skill sets in cybersecurity candidates versus privacy candidates? Do you see a lot of overlap because when I think of the two professions I like to call privacy and cybersecurity the peanut butter and jelly of the the technology industry, they taste great together, but they’re not quite the same. And just when I talk to young people, what is your perspective on the on the skill sets around these two similar but not completely related? subject matter expertise is?

Jared Coseglia  10:16  

Well, I agree with you they are the peanut butter and jelly and that they are inseparable, and they go together and they taste the best when they’re together. Got me there, right. Having said that, from a hiring perspective, I will tell you this. Cybersecurity hiring managers are far less willing to hire on attitude, aptitude and self trained skill sets. Whereas privacy professionals are very willing to hire on attitude, aptitude, and self education. Meaning if I’ve got somebody who does not have a bachelor’s degree in cybersecurity, and they want to move into cybersecurity from some tertiary discipline, and they go out and they get a certification, but haven’t had practical application of that certification, there’s no way they’re getting a cybersecurity job that involves technical acumen, they’re not going to It’s a chicken and egg, right? How do you get the experience to be really technical and hands on with you’ve never had it and it’s all educational and self self training are, you know, getting certifications without actually having the applicable skills? Privacy, totally different, totally different. The problem with security is, in my mind, more and more, it’s becoming less a legal technology discipline. And it is becoming more and more a technology discipline for the jobs that are out there. When we talk about that two to 3 million headcount gap of open cybersecurity positions versus available talent. Those aren’t CISOs, right? We’re not talking about CISOs, right, somebody comes to me for a C, so they’re gonna have five resumés within 24 hours, somebody comes to me for a mid market cybersecurity consultant with two to three years under 100 grand, and now you’re looking for what every single person in the entire country wants the price point they want. And all the candidates want to be paid 150. So there’s a dissonance out there, I think in the cybersecurity world around skill set, what it should pay, and who’s actually available to fill a lot of those jobs. On the flip side, we’ve had tremendous success taking people who have gotten their CIP, or their CIPM. And they went and did all the one trust training, even though they’ve never been inside one trust or used one trust, actually, and they’ve been well read on data privacy, they can talk intelligently about their core values of privacy and why they want to move into the space on an interview, we can get people like that jobs all day long. If you don’t have the tech skills, to roll up your sleeves, and put fingers on a keyboard, it is far harder to break into cybersecurity than it is to break into privacy.

Justin Daniels  12:52  

Interesting, I wonder if that has to do with the temperament or something in security versus privacy.

Jared Coseglia  12:58  

100% it also has to do with the ratio of men and women in leadership positions between the two disciplines. Privacy we found is about 50-50. And cybersecurity is about 80-20.

Justin Daniels  13:07  

So to kind of further what you’re saying there, from a gender perspective, what do you know, and I sit here next to the expert of experts when it comes to ad tech. from a gender perspective, what do you think that women are bringing to the equation that is kind of a blind spot for men that maybe tilts the field differently? Well, look, there’s

Jared Coseglia  13:32  

just not enough of them out there. Right, we need to see more women get promoted into positions of leadership we need to see I mean, look, it’s a whole ecosystem, right? We need to see more women get into positions of leadership, they need to be incentivized to hire a more diverse ecosystem of talent underneath them, so that there’s continued promote ability, regardless of any kind of bias, whether it’s gender, racial, or otherwise, we need more women to get into STEM at an early age, we need more of those women to move into bachelor’s and master’s degrees for cybersecurity, of which there is also a disproportionate ratio of men to women that are taking those, you know, undergraduate and graduate degree courses. So you know, it’s like, again, it’s chicken and egg, like, it’s got to happen at the top, it’s got to happen at the bottom, and then it’ll slowly happen everywhere in between. And I think what the women are bringing that’s a little bit different, that I see in privacy. You know, I think this is gonna sound controversial, but I think a lot of women in privacy are very successful, where some men in cybersecurity are not at seeing things in gray, and not in zeros and ones. And often a lot of men who come from a holistically technology background are artsy things very black and white, and they interview people very black and white, which means they’re coming in and they’re asking questions, looking for a right answer. And that is something that trends in gender interview process, we often find that women ask interview questions that are looking for aptitude and attitude as opposed to do they have the skill set that I need right now to plug them into my cybersecurity career?

Jodi Daniels  15:13  

Go ahead. And you have another question.

Justin Daniels  15:16  

Jared, I have one more question that I want to ask you about. And it’s technology related, I just got done working on my first deal around a global implementation of artificial intelligence tool for hiring. And obviously, I’m sure this is something you pay a great deal of attention to, because AI is only as good as whatever you put into it, and the biases that may have and you’ve just identified one interesting thought, you know, talk to talk to us a little bit about how this technology is going to start impacting how people get hired, and in ways that maybe people don’t think about because, you know, this is what you do.

Jared Coseglia  15:58  

So, stepping outside of my specialization in privacy, security, discovery, as an expert in the hiring process, and in staffing, I would offer this there are some companies out there that are using AI in the hiring process, to sift through large volumes of applicants, in order to get to ones they feel are most relevant for the positions they are looking to hire. And they’re using algorithms to do that. And that is where bias is coming into play. And this is where people get into lots of trouble. And it’s also creating all sorts of compliance issues as well, for companies, rightfully so. There are other staffing agencies like mine, were much more interested in using AI to find ways to create more open, transparent and frequent communications with their constituents and the people that they’re represented, that don’t require the same intensity of human interaction, in order to expand their ability to service more customers and actually improve the representation experience. Here’s the difference. For a staffing agency like mine, what you’re really advocating is the participation from the people you represent, to be a part of those automations to be a part of that AI to actually contribute to it, because in the end, the value it provides to them is a more enhanced representation experience. What it doesn’t do is whittle them down from a million other resumes and say, Oh, the machine tells me that this person is right for this job. And that’s how you’ve got it as a job seeker. And I think as a hiring manager, start thinking about how you’re using technology in the hiring process to improve the experience. And if you’re using technology just to try to find a needle in a haystack, and that you’ve got to be very thoughtful about a number of other policies that you’re looking to implement that are unilaterally equal to that agenda. Like, we are looking to create diversity within the company. And that effort from an algorithmic perspective becomes just as critical in programming, as we’re looking to find the right person that we think has the best skill set match for this job. And if those two agendas are misaligned, and are not unilaterally equal, you’re probably using technology the wrong way in the hiring process. Does that make sense? Is that a good answer? I thought was very interesting.

Jodi Daniels  18:37  

So if we unwind a little bit outside of technology, going back to the human part, what can the people do to help make sure that they’re standing out amongst the crowd? What are some of those? We talked a little bit about some of the skills like, you know, learning and certifications, but what else are you seeing in the market that is helping XYZ person actually get seen, interviewed and land the job that they want? Yeah, so

Jared Coseglia  19:07  

I mean, look, I wouldn’t dance around it. I think there are a lot more people hiring for privacy professionals that have no idea what they’re hiring for, and have never hired privacy before. And so they’re a little bit lost. And so the first thing that they look for are certifications. And as much as I know some people, it’s very controversial. Yeah, I got a lot of customers that are like, you don’t have your CIP or you don’t have your CIP and we’re not going to look at your resume. So having certifications really matters. And I’ll say this for entry level people on the technology side, and it goes back to my earlier point, even going out and getting one trust or trust Ark or big ID or wire wheel or any of them, most of them have certifications that you get self guided online. Even having those really do make you stand out because it says two things. One, you got some knowledge corpus, but two, you got self investment. And again, I still think privacy professionals are looking for people who are Like them, who invest in themselves, who were excited about being self taught, were ferocious about getting more knowledge, and are demonstrating that through the pursuit of certifications or the achievement of them. So there is a lot of that out there. Having said that people stand out most on interviews, when they are articulate about what they want, what they’re looking for, and what they’re able to do. And when privacy people tend to fail on interviews, is when they talk about what they know, as opposed to what they’ve done. And this can be where people get confused, right? Well, what do you mean, like what I know is a value to them, like, but not on an interview, right? Because anybody can talk about stuff. Right? I could talk to you about Hollywood all day long. I’m not in Hollywood, I don’t work in Hollywood, you know, I watch a lot of movies and TVs and I got a lot of opinions. You know, but what have I actually done? And so I always give the candidates that redirection when I ask them questions in our prep calls, and they start telling me how smart they are and everything that they know. And I’m like, okay, great. So how did you actually apply that to something that you’ve done, you can move it out of the hypothetical out of the theoretical into the into the practical and the actual, and that’s usually where candidates tend to stand out. Even the most experienced people like to talk about what they know.

Jodi Daniels  21:17  

So my other question for you is thinking about candidates and companies? Where are you seeing? Do we have a lot of entry level people trying to break in a bunch of mid level people trying to switch to privacy, a whole bunch of senior level people, because companies are also trying to fill this gap. And I think it’s important for them to understand the who is out there.

Jared Coseglia  21:38  

Yeah, it’s all of the above, I think there’s a huge corpus of people that are trying to move from one discipline into this. And the challenge with that is the compensation, because their skill set and privacy may not yet command the same salary that their skill set in eDiscovery, or cybersecurity, or information governance, or just being an attorney and commercial contract litigation or whatever, it may not be you, you know the same. And so that dissonance has to be overcome with either the customer or the job seeker willing to compromise. And most of the time, it’s on the onus of the job seeker, take less in order to break into the business. But I’ll say this, people are getting 22 to 40% increases in salary at the point of hire, even now in this downturn and data privacy. And so the likelihood that you’re going to be able to get back to where you were at in the two to three year window is, is strong, if not your current employer that helps you make the transition somewhere else, you know, the market is is generous and has been for many years. So I see a lot of that what I don’t see as many opportunities coming down the pike. This year, as we did the last several years or CPO spots, a lot of companies have their CPE O’s, you’re not going to see a lot of those jobs in the Fortune 2000, you’re going to see them more private venture private equity venture capital backed companies that are looking to build privacy for the first time or disrupt their existing practice, which isn’t sufficient, those will be more finite. And the candidates out there looking for those roles will be very abundant. CPAs are always looking for the next big thing if they can move to another company. So I think where the struggle is gonna lie mainly in the market is in the middle, right? There’s gonna be high demand low supply still in the middle, and both candidates and hiring managers having to compromise because, you know, it’s not going to be 10 out of 10. Every time, you know, it’s going to be like, let me hire the seven and ramp them up. Let me hire a six and groom them, because that’s the price point I can pay. And having that awareness I think helps everybody in the process.

Jodi Daniels  23:35  

For that sweet spot for companies thinking about where that middle is, what’s a good budget that they should be planning for? Yeah, so

Jared Coseglia  23:42  

if it’s a privacy analyst, somebody more technical, you know, not an engineer, but really an analyst or a specialist, somewhere between 80 and $120,000. Us on the base plus bonus incentive. If it’s what we would call a program manager level, probably somewhere in that 120 to 150 range maybe a little bit higher, depending on the industry vertical, it’d be a lot higher if it’s tech, maybe a lot lower if it’s healthcare. And then for the director level, it’s going to be 150 to two and a quarter. Again, depending on the industry, vertical and CPOs. Replacing anywhere from 225 250 all the way up to almost 500 on the base just depends on company vertical, it gets really helpful. Those are more rare those that topic. So,

Justin Daniels  24:34  

again, back to kind of comparing privacy and cybersecurity for comparable kinds of jobs, if you’re in one or the other. We’re looking to be one of the other industries is the compensation, pretty similar disparate

Jared Coseglia  24:47  

is not similar. And there is a much wider funnel of jobs in the cybersecurity ecosystem than there is currently in privacy. So for example, A privacy program that has three people probably does not have a cybersecurity division that also has just three people, but it’s probably twice to three times to four to five to 10 times the size of that privacy program. So there’s just a lot more roles and jobs, and they’re a lot more compartmentalized, which in some ways is good, because it means that somebody can come in with a specific skill set and fill a need in cyber, but can also be difficult because cybersecurity people want to be paid a lot of money and they’re in high demand, and there’s still a 2 million person headcount gap between supply and demand and the United States alone, forget about the rest of the world. And so no, I mean, a CISO at a fortune 1000 is probably making significantly more money depending on the company than a CPO. Yeah. Well, one

Justin Daniels  25:45  

thing I wanted to follow up and, you know, we talked about this, in our pre show, which is, in the private equity world, at least what I’m seeing is there still seems to be a significant gap between what companies say about security, privacy as well versus what they do. And I’d love to have you kind of talk a little bit about how some of the economics work in terms of the hiring, what they’re gonna get paid, what they’re willing to do and how it impacts return on investment for those companies. And I’d love to hear you talk about what we discussed in the pre show. Yeah, so

Jared Coseglia  26:19  

So we at TRU, we have a private equity partnership program, and we service a number of different portfolios. And the value proposition for that is really to be able to be a strategic consultative partner, and looking at the portfolio from a holistic perspective as to where they are in their staffing as it relates to cybersecurity and data privacy, and then how we can fix it holistically as well as independently on a per company by company basis. It’s a great program. But it’s also given me eyes and ears that have allowed me to have the following opinion, which is, I think that the private equity firms really value having strong cybersecurity policies practices technology, same as data privacy, they definitely prioritize the privacy or the cybersecurity over the privacy, right? Sometimes they’re intertwine, but usually only equalized when the business’s product is data. So if it’s a company who makes their money on data, more or less the buying, selling moving, aggregation use of it, maybe the value them similarly are the same, not always, but most companies put tremendously more value in cybersecurity, because at the end of the day, they don’t want to be hacked. And depending on the sophistication of the industry vertical, you know, if you’re looking at industrials, versus technology, companies that are private equity funded, technology companies are looking at it much more than just I don’t want to get breached. But the companies that are you know, cutting down trees in New Zealand, you know, that’s really what their focus is. So the commitment level of the company is somewhat industry specific. But I think the buy in from a lot of private equity is uniform. I don’t know that private equity companies are in the business of enforcing aggressively uniform adaption of policies and best practices amongst all their companies across all industry verticals, I do think they sort of stay out of the way and allow these companies to run their businesses and provide opportunities, guidance and resources for them to make smart, healthy decisions. A lot of them do. But when we talk about the economics of these things, a lot of them struggle with getting what they need at the price point they’re willing to pay. And that’s because a lot of private equity firms still need doers. And thinkers, we need somebody who can be strategic and help lead the business. But we also need them to roll up their sleeves and put hands on a keyboard. And that duality is really difficult to find, in general, because a lot of cyber security professionals, as I’m sure you will test, once they hit a certain point, they don’t wanna put their hands on the keyboards anymore, right? They see their value as strategic consultative, and they want to get out of that. And so to ask them to come back in in order to move their career up into a leadership level becomes challenging, because they want to be paid, you know, like combat pay, to be forced to go back into the trenches and put their hands on a keyboard. And so that complexity often makes it difficult to find fund somebody that really should probably be two or three people in the ecosystem, but don’t have the budget for it. You

Jodi Daniels  29:22  

know, Jared, we’re at the beginning of 2023. It’s been an interesting beginning of the year, what is your crystal ball for this industry and what we’re seeing

Jared Coseglia  29:34  

so the first quarter is going to be unlike the rest of the year. First quarter of this year is going to be an aggressive augmentation in contract and contract to hire hiring in privacy, and to some extent in cybersecurity as well. We’re already seeing a huge shift in the marketplace in the fourth quarter of last year, which was a radically different quarters in the first three busiest the company’s ever been busiest I’ve ever seen hiring and data privacy, busiest I’ve ever seen any of the conferences in terms of attendance. And lots of people change jobs in the first three quarters that kind of fell off the cliff after Facebook, Twitter and big tech started laying off 10s of 1000s of people, I think we’re north of 125,000 layoffs in big tech alone, just in the last three or four months. And that spooked the nation. So the job process, the hiring timeline, the volume of opportunities, people pulled headcount, but there’s still work to be done. And so what they’re doing is turning to contract resources to come on make an immediate impact, which as I said before, is what privacy professionals want like to do come in make an impact. Maybe you stay forever, maybe you don’t. Here’s opportunity, right now, there’s tons of that out there. And a lot of these companies are doing it because they’re being trepidatious. About Oh, well, there’s all this talent coming onto the market, all these layoffs, maybe I can try and buy and, you know, test them out first to see if it’s the right fit. The reality is the candidates feel the same way. Because most of the people who’ve been rift are not your low and underpaid frontline workers. Those are the people who kept their jobs. Because people got rift in big tech to create more margin for profitability. They didn’t get rift because the company saw them as poor performers. They got rich, because they were really expensive. They were costing a lot of money. So when somebody gets fired, because they were making a lot of money, I think there’s this false perception in the marketplace that they’re just gonna like, take a job because they want to be gainfully employed, and they’re afraid of stability. But if you’re making a lot of money, you can sit on the bench for a while. So we’re finding that most of the candidates who were laid off from these risks were not low paid workers. They’re very high paid workers, as companies wanted to create margin. So what are these high paid workers doing to being really picky about where they go next, because they just came out of a trauma. And that degree of trauma is very different depending on the job seeker, if you got ripped from Meta, because you were one of 10,000-11,000. That’s one form of trauma. If you left Twitter, because of a social and cultural dissonance with the new CEO, that’s a whole other level of trauma. And job seekers take that trauma with them, when they go out looking for jobs. And if you’ve been traumatized from your last departure from your last employer, you’re going to be much pickier and look under the hood of the car of your next employer with a lot more specificity and attention to detail. Not the other way around, which is what I think a lot of hiring managers misinterpreted in Q4 is oh, they’re out of work, I’m gonna go be able to grab them at a discount. None other than these people are not willing to give away their skill sets for discount. And if they are, it’ll be in a contract capacity to see if the company is the right fit for them as much as are they erected.

Jodi Daniels  32:44  

Really fascinating. Date. Thank you so much for sharing, I find that incredibly interesting. Psychology.

Justin Daniels  32:55  

That’s you if you ask Jared, what the number one trait for success in his line of work is? It’s got to be emotional intelligence.

Jared Coseglia  33:04  

Well, I always say the thing that my recruiters and account managers and business development professionals have the unilaterally across the entire organization here. Great judgment of character. They’re just really good judges of character and integrity and other people and each other. Maybe that’s emotional intelligence. I don’t know. But that’s kind of our cornerstone. Yeah.

Justin Daniels  33:29  

So Jared, as someone who spends a lot of time in both the privacy and security space, what is your best privacy or security tip? And it can be a consumer one business one?

Jared Coseglia  33:42  

What if I’m a consumer one, just because I spent five hours doing this this weekend, man, start scrubbing your data from data brokers, right? Like the biggest, if you ask me what the biggest disruption to my business was in 2022, it was spam. I get hundreds and hundreds of emails a day, from people who have bought my data from some source. And, you know, I just had a whole conversation with Inc 5000 and zoom info and all these other companies that I know are selling it or claimed to not be selling it, you know, they got to get a hold over this. I mean, as a consumer, holding all the people that we do business or that benefit from our individual brand reputation accountable for what they do with our data is our responsibility as consumers. So if you’re in the privacy space and the security space, take a stand with your own data. First, it will make you a better evangelist for your customers that you’re servicing them in the future. Right?

Justin Daniels  34:36  

Did you use colorful metaphors in your conversation?

Jared Coseglia  34:40  

It’s very colorful metaphors in my conversation. How do you not have an unsubscribe button on your website at this day and age if you’re a company that is a household name, that everybody knows the brand name and I have to make three to four phone calls to have my data deleted and asked to have my data delete it, I can just click a button. I mean, look, this is somebody who’s brand I benefited from that I wanted to go and Help, because this is not good policy. I also said to them, like, what are you doing to try to adjudicate people that are out there selling data, I get emails every day saying, Would you like to buy a list of all the Inc 5000 CEO winners, and I’m like, Well, my name is on that list. And so it’s all my data, get it off. And you know, you guys should be upset about this, right? Like this is this is a real problem, how companies are dealing with data, it’s why we’re so passionate about the space, forget about the opportunity that, you know, we have from a business perspective, you got to really care about the space. And that’s how you’re going to break into the space man, I just hired a new town Scout here. True, his name is Al he’s fabulous. He found me because he’s so passionate about privacy. And like, that’s so attractive to me, because other people in the space will, you know, be attracted to him, you know, you’ve got to really love this space and care about it as a consumer as much as you do a business.

Jodi Daniels  35:47  

So you’re saying, I’m not the only one who when you see something wrong goes to the company. You need to deal with this, like, there’s a particular email that I get, click the link, you can see the recipes, the cookie banner shows up. And if you hit decline, you’re sent to the terms of service, and you can’t get out of that. And you can’t get back to the recipe. Or the other one where the you know, it’s a new technology, you get the we want to hear everything you have to say about us, here’s the CEO, and you go in there privacy notices a little Oh, it needs a little help. So sir, I’m really excited to use that technology. And here’s everything else that you need to fix.

Jared Coseglia  36:25  

How about I mean, you love that. How about a privacy notice that says that doesn’t clearly say if we’ve been breached, we will notify you? Right? And you’re like, Okay, you’re claiming not to bind so my data, but you can get breached? And never tell me according to your policies, and maybe never even know. So what are you doing about that? Yeah, I mean, I’m having those kind. I’m not a lawyer, I’m having those kind of, you know, we’re not all lawyers. So, you know, we’re having those conversations all the time with people that, you know, in terms of business, I’ll say this. My advice for cyber security and data privacy people is, you know, look, it’s been a candidate market for a really long time, employers are making lots of compromises, the number one of which, and I think it’s probably impacted the job market the most is the ability to work remotely. And this was a real struggle for companies over the last two years, most companies really held on tightly for a really long time, trying to get people back in the office, those days are open. If you’re a company, and you’re requiring people to come in three or more days a week, the amount of people that are going to be willing to come and work for you is three quarters less than it would be if you shifted it down to two days a week. So there’s a massive gap between job seekers willing to come in three days a week, and then two days a week or less. And obviously, if you’re hiring fully remote, you’re gonna get the broadest swath of candidates available. Having said that, to job seekers, don’t get greedy. It’s not going to be a candidate market forever. It’s been a candidate market for nearly 24 months, we saw that shift occur in q3 where it’s now really kind of even playing field. And you’ve got to go in looking for more than just a lot of money, especially cybersecurity people. Because if if an employer smells that you’re only money motivated, this excludes salespeople who can smell like that all day long. That’s what they want. If you’re somebody who’s only looking for a raise, only looking to increase your comp, and you’re not really motivated by making an impact, or continually learning or bettering the business or helping them evolve or using all of these things, is what’s really driving you people are gonna smell that and they’re gonna smell risk, and they probably will

Jodi Daniels  38:29  

keep interviewing. Jared when you’re not running a staffing company, what do you like to do for fun?

Jared Coseglia  38:36  

Well, we talked about this earlier. I’m an avid boxer. I don’t actually box with those guys. My wife gave me those as a anniversary gift a few years ago, but I am an avid boxer. I’m also an avid gardener. just built a huge Dutch garden, my backyard like 6000 bulbs. My back still hurts. It was awesome. I love growing things. And I love hitting things. So it’s a good it’s a good hearing

Jodi Daniels  39:07  

when the growing doesn’t work. Anyway. Well, Jared, this has been so much fun. Where can people connect with you and learn more about TRU.

Jared Coseglia  39:18  

Yeah, so the best place is on our website, trustaffing partners.com. You can also find us on LinkedIn and you can find me on LinkedIn too. Those are great venues to get a hold of anyone at the company. And there are lots of ways to stay in touch with true lots of automations. We want you to participate in those. We have weekly newsletters for job seekers. We have weekly newsletters for our hiring managers that are seeking contractors. We have a quarterly newsletter if you just want updates, visit our hot jobs on our website. If you want to be able to just free reign search all the jobs that we have open. We do quarterly survey reports that we send out to our constituents asking them to tell us when they’re looking for work. Is it three months? Is it six months? Is it 12 months? participate in these things with us because then we will bother you when you don’t want to be bothered. And when you’re ready, we’ll know about it. Be able to anticipate your needs, prepare for you to enter the job market give you the guidance you need to be successful and make it as short, deliberate and beautiful process as possible.

Jodi Daniels  40:16  

Well, thank you so much for sharing so much great wisdom. We really appreciate it. And I know our audience will as well.

Jared Coseglia  40:23  

Thank you for having me. Super fun. Great questions. Thank you.

Outro  40:31  

Thanks for listening to the She Said Privacy/He Said Security Podcast. If you haven’t already, be sure to click Subscribe to get future episodes and check us out on LinkedIn. See you next time.