Greg Schaffer:
Thank you. Hi, I’m Greg Schaffer and welcome to the episode forty-three of season seven here on the Virtual CISO Moment. Today we have Wesley Widner joining us. He is the founder of White Hat West Cybersecurity. Wes, thank you so much for joining us today.
Wesley Widner:
Yes, sir. Thank you for letting me be here and get to talk to you.
Greg:
So I got a little bit thrown off while we were starting the recording of the music and everything, because, you know, I can’t remember if this is the same way to set up for the guests, but I can see like the two screens like of whether we’re in the recording studio or not. I could see like they call it the green room. And usually what I do, like right before getting started, I situate myself like like that. And I noticed that you and I did that exactly synchronized. Got to get that posture and professionalism going.
Wesley:
Absolutely.
Greg:
And it just threw off my thought process. So I’m like, oh, yeah, that’s right. I’m recording a podcast. So anyway, thank you so much for joining us today. I appreciate you taking the time.
Wesley:
Yes, sir. I’m very excited to be here. It’s something I’ve been looking forward to.
Greg:
Well, I would love to hear your story. I know a lot about your story. And I don’t get a chance to connect to my guests as much in person as I’d like to, but I was very happy that we actually connected in Huntsville. It was B-Sides Huntsville in May-ish or something, right?
Wesley:
Yes, sir. I believe so. I know it was B-Sides, but I must kind of drift in a way. I’m guessing that’s about what it was because I think it was the same month, almost the same time that B-Sides Nashville was. And I was coming back from the Southeast Cyber Summit in Birmingham, Alabama. And I decided, well, since I’m having to drive back up to Nashville, I might as well stop by.
Greg:
But tell us your story, Wes. Start from the beginning. I mean, you don’t have to start with, well, I was born, you know. So let me hear your story.
Wesley:
Yeah. So prior to being in cybersecurity, I was a law enforcement officer for the Huntsville Police Department. And so once I met my wife, currently my girlfriend at the time and the admiration to always have a family, I kind of made the conscious decision that, you know, law enforcement isn’t always best for the home life. It can cause a lot of stress. And so I called one of my former coaches, Garrett Martz, and asked him, hey, I’m thinking about doing something different, whether it be a backup plan or something that I take immediate action on. And he very clearly just said, get your security plus and start learning a lot about information assurance and cybersecurity. And from that point on, it was a daily grind and a privilege to be able to go through that process of learning any aspect of IT, both technical and non-technical.
And so for me, the biggest catalyst was networking on LinkedIn. I had posted on LinkedIn asking for an internship. I wasn’t asking for money. I was just wanting experience and exposure. And I was fortunate enough to have you repost that. And I got to meet my very good friend, Stephen Jones, who ultimately got me my first job as a cybersecurity analyst.
Greg:
So I wanna just stop on that for a second and I’m so happy that that happened because I love hearing success stories… I’ve heard people say, why do you like, comment for visibility or share for exposure or whatever, those sorts of posts? And I’m like, because occasionally it actually does get the right person in front of the right employer or organization and magic happens. It doesn’t happen all that often, but it will never happen if you don’t try it. So I encourage folks on LinkedIn, please share those things. So much of success in our field is exactly that – networking. It’s not what you know, it’s not who you know, it’s about making those connections because it does bear fruit.
Wesley:
It does a hundred percent. And like you said, it doesn’t always lead to a job, but being able to network and meet people in and outside the industry that can provide different perspectives is always a benefit. I’ve learned so much from following people on LinkedIn, messaging them, and just coming with a mindset of, I don’t want anything from you. I just want to know what you know, through your posts and build a real human connection. And I think that’s more important than saying, “Hey Greg, can you get me a job?” It’s more like, “Hey Greg, you’re smart, you’re a good human being, I want to get to know you.”
Greg:
And I hate to keep interrupting your story, but you bring up another good point. I’ve mentioned this on LinkedIn, too. What does not work is reaching out and saying, “Hey, can I have 15 or 30 minutes of your time to pick your brain about cybersecurity?” That never works if we don’t have a relationship. Our time is valuable. I’d love to do that for everyone, but I have to provide for my family and my future. We’re not free resources.
Ask questions in DMs, comment, engage. That’s a relationship. And if you say, “Greg, I know you said A, B and C, but can I ask about this one confusing thing?” – now we’re connected. But if you just come with “Hey I got my Security+, how do I get a $100K job?” – I’m like, not like that. That’s not going to work.
Wesley:
Yeah. And I agree completely. There’s so many ads out there – “Take this two-week bootcamp, land a six-figure job.” Certifications are helpful, but people don’t talk about the work it takes. For me, the hardest part was getting the job. But my end goal wasn’t the job, it was the journey. There’s no finish line in cybersecurity. New threats, new tools, new learning every day. So it’s about building relationships and coming in saying, “I’m here to build with you, not take from you.”
Greg:
Yes. Yes. I think that’s so important. So I interrupted twice – I promise I won’t again. Please finish your journey.
Wesley:
So in October, on October 21st, 2024, was my first day at R3. Having no IT background in 2018 – if you’d asked me anything IT related, I’d have laughed – and now to be in this role, it’s been a journey.
And R3 has been amazing. I have access to the CEO, CTO, COO. They’re all encouraging, honest, and want you to grow. They don’t just want box-checkers. They want expansion, exposure, and growth – both technical and non-technical.
That continuous learning is critical. Just because you get the job doesn’t mean you can relax. You need to keep growing – for yourself, not just the company.
Greg:
Exactly. And companies should take note. We’ve always mentored vCISOs into their roles. You can’t mentor people just starting out all the time, but you can grow them. And don’t be afraid that mentoring will make you lose employees. You’re going to lose people anyway. But mentoring makes them better while they’re there – and it builds your culture.
Wesley:
Yes. And I’ll say this – R3 didn’t hire me for my technical knowledge. It was my passion, eagerness, and honesty. In my first interview, Stephen Jones asked a question about email security. I didn’t know the answer. I said, “Sir, I don’t know, but I’ll find out and get back to you.” That honesty mattered.
Greg:
That’s the exact right answer. Don’t fudge your way through – people can tell. We want honesty and authenticity. If you fudge an interview, how can I trust you during a threat report?
Wesley:
Exactly. And Stephen said that too – he wanted someone who could be trusted when they say, “Here’s what I know, here’s what I don’t.” That honesty builds trust. If I’m wrong, I’ll update and move on. That humility and authenticity are key.
Greg:
Love that. So let’s pivot to White Hat West Cybersecurity. I know you started that last year. Tell us the why, the what, and maybe how people can help.
Wesley:
Sure. I started White Hat West in October 2024. Originally it was just a portfolio – a place for me to post projects and things I was learning. But then I thought – I’ve been fortunate to get support and opportunity, so how can I pay it forward?
I want to create a platform for others to share what they’re learning – blog posts, YouTube videos, insights – and give them a platform they don’t have to manage.
Now I also post news updates, summaries of big cybersecurity events like Stuxnet and SolarWinds, and try to break them down without opinions – just facts and insight.
And I don’t want people to feel like they can’t access resources because of money. If I can’t provide something, I’ll find someone who can. I want folks to come as they are, no judgment, and find a community to learn, grow, and connect.
Greg:
That’s fantastic. So you’ve gone from a personal project to community resource. And this is all pro bono?
Wesley:
Mostly, yes. Some services may need small fees to cover business costs, but I don’t want money to be a barrier. If someone can’t afford much, that’s fine. I’ll still help. No judgment, no gatekeeping.
Greg:
That’s wonderful. I’d like to offer something – I have a book called Information Security for Small and Midsize Businesses (third edition). If it fits your mission, I’d like to donate 50 copies. Just give people a code to download it, no strings attached. And I’m happy to answer questions too.
Wesley:
I’d love that. That would be phenomenal. Thank you.
Greg:
Great. After the recording, stay on and I’ll get your info – I just love saying that: “the producer will get your info” – because I am the producer. 😄 So, how can people get involved?
Wesley:
Visit whitehatwest.com. You can also find me on LinkedIn under Wesley Widner. There’s a contact form – even though it says “client,” you don’t need to buy anything. Just reach out. Or message me on LinkedIn. I’ll respond.
Greg:
You’ve discovered the secret sauce, Wes. Serve others. If you serve first, success follows. We need more of that. Evan Francen from FR Secure always says, “Focus on the mission, not the money. The money will follow.” And I’ve found that to be true.
Wesley:
Yes. Everyone wants more money, sure. But if that’s your only goal, you’ll never be satisfied. Focus on impact and you’ll be fulfilled – connections and community matter more.
Greg:
Yes! And time is our most valuable resource. I don’t give that away lightly either. But you’ve earned it. So how do you decompress from all this stress?
Wesley:
I used to struggle with this. But my wife has helped a lot. After work, I shut my office and spend time with my daughter and wife. My daughter’s joy is contagious.
Also, recently I’ve started reading my Bible again, and that’s helped immensely. It grounds me. If my family is happy and my faith is strong, I’m blessed.
Greg:
Amen to that. I lead a men’s Bible study on Fridays – we meet at 6:30, do coffee, prayer requests, and dig into Scripture. It’s not about reading fast. Sometimes you sit on one verse for a week – and that’s beautiful.
Wesley:
Exactly. It’s about the moment and what we’ve been blessed with.
Greg:
Except for Leviticus. That’s definitely about just getting through. 😄 So – any future plans?
Wesley:
I’ve always joked with R3 – they’ll have to fire or retire me. I hope to be there 20 years from now. They give me growth, support, and time with my family. I want to be a mentor and be there for people, regardless of title or role.
Greg:
I love that. Maybe the pendulum is swinging back – from jumping jobs every 1–2 years to finding purpose and building deep relationships. I love your story. You’re an inspiration and a great service to the infosec community. Thank you for joining us.
Wesley:
Yes, sir. Thank you for having me on. I’ve been excited for weeks and telling all my friends and family.
Greg:
That’s awesome. Looking forward to seeing you again in Huntsville.
Wesley:
Yes, sir.
Greg:
And everybody, stay secure.
Wesley:
Thank you.