In this episode, I sit down with Mike McPhee, a principal solutions engineer at Cisco, to explore his expansive career in cybersecurity. We delve into his early experiences in the US Navy, his journey through multiple degrees and certifications, including the prestigious GIAC Security Expert, and the lessons he learned from challenging roles in the defense sector. Mike emphasizes the importance of combining passion with career goals, setting boundaries to avoid burnout, and the value of continuous learning and curiosity. He also shares insights on public speaking, managing stress, and the importance of authenticity in solutions architecture. 00:00 Introduction to Mike McPhee 01:46 Mike's Family and Upbringing 04:36 Military Service and Lessons Learned 13:39 Transition to Civilian Life and Career 24:34 Navigating Career Challenges 45:34 The Ongoing Negotiation with Your Employer 46:28 Navigating Career Changes at Cisco 50:22 The Journey to Specialization 53:43 The Value of Certifications 56:22 The Importance of Passion in Cybersecurity 01:13:37 Tool School and Continuous Learning 01:16:01 Public Speaking and Storytelling 01:24:44 Final Thoughts and Advice People mentioned:

• Jefferson Fisher - a Texas board-certified personal injury attorney, law firm owner of Fisher Firm, and communication expert
•  Moses Frost - Senior Instructor at SANS Institute
•  John Strand - Senior Instructor at SANS Institute, owner and security analyst at Black Hills Information Security
•  Heath Adams - also known as The Cyber Mentor, CEO and founder of TCM Security
•  Tim Medin - a Principal Consultant and Founder at Red Siege
•  Rachel Tobac - a hacker and the CEO of SocialProof Security
•  Deviant Ollam - a physical penetration specialist, author of Practical Lock Picking and Keys to the Kingdom, and a member of the Board of Directors of the US division of The Open Organisation Of Lockpickers (TOOOL)
•  Ben Macintyre - a British author, historian, and columnist known for his engaging narratives about espionage and historical events

Organizations mentioned:

•  NATO - or the North Atlantic Treaty Organization, a political and military alliance of 32 countries from Europe and North America that guarantees their security and cooperation
•  US Department of Defense - provides the military forces needed to deter war, and to protect the security of the United States
•  National Aeronautics and Space Administration (NASA) - independent U.S. governmental agency established in 1958 for the research and development of vehicles and activities for the exploration of space within and outside Earth’s atmosphere
• Cisco - a global tech giant known for networking equipment. They also offer well-respected networking and cybersecurity certifications (like CCNA, CCNP, CCIE) and solutions for enterprise security, networking, and infrastructure.
•  TCM Security - a cybersecurity company known for affordable, hands-on training and certifications, especially the PNPT (Practical Network Penetration Tester). They focus on realistic, practical red teaming and pentesting skills.
•  Black Hills Information Security - a well-respected cybersecurity firm offering penetration testing, red teaming, and defensive services. Also known for free, high-quality webcasts, training, and community resources through Antisyphon Training.
• Red Siege - a boutique offensive security firm specializing in real-world adversary simulation and penetration testing. Known for producing solid tools, blogs, and educational content for red teamers and defenders.
• SANS Institute - one of the most prestigious cybersecurity training providers globally. Offers in-depth training and certifications through GIAC, covering blue team, red team, incident response, management, and more. Known for their rigor and quality.

Certifications mentioned:

• GSE (GIAC Security Expert) - GIAC’s most prestigious certification, proving deep mastery across multiple security domains. Requires other GIAC certs first. For elite-level professionals.
• GSEC (GIAC Security Essentials Certification)- foundational cert covering general cybersecurity principles. Great for those starting out or in roles requiring broad security knowledge.
• GCIH (GIAC Certified Incident Handler) - focuses on detecting, responding to, and resolving cybersecurity incidents. Ideal for SOC analysts and incident responders.
• GCIA (GIAC Certified Intrusion Analyst) - specializes in network traffic analysis, IDS/IPS, and detecting intrusions. Good for intrusion analysts and blue teamers.
• CCNA (Cisco Certified Network Associate) - entry-level cert for networking fundamentals, including routing, switching, and basic security. Good for NOC and network-focused roles.
• CCIE (Cisco Certified Internetwork Expert) - Cisco’s expert-level certification. Deep technical networking knowledge, often with specialization (e.g., Security, Data Center). Highly respected.
• CCDE (Cisco Certified Design Expert) - expert-level cert focused on designing complex network architectures and infrastructures.
• CISSP (Certified Information Systems Security Professional) - industry-leading cert for security leadership, policies, and management. Ideal for mid- to senior-level professionals, especially in governance and risk.
• GSP (GIAC Strategic Planning, Policy, and Leadership) - focuses on security leadership, risk management, and business alignment. Great for management roles in security.

Mike McPhee's Socials:

• Mike's LinkedIn

K.O.'s Socials:

• K.O's Instagram
• K.O.'s LinkedIn
• K.O.'s TikTok
• K.O.s Youtube

Watch this episode on Youtube:

• K.O,'s Launchpad: An Infosec Podcast

Listen on the go:

• Apple Podcasts
• Spotify

Follow our socials:

• Instagram
• Facebook
• LinkedIn
• TikTok
• Youtube

Visit our Website:

• Astro Information Security