The Video: How To Find YOUR career path in Cybersecurity - 2023 (Live) Ed.
hosted by: @monicatalkscyber & @mikemillercyber | Streamed live on Feb 8, 2023 | https://www.youtube.com/live/ikzsvxR0T5Q
“He who has a Why can endure any How.” ― Frederick Nietzsche
I wanted to pivot from my promised discussion on Burp Suite to discuss the purpose of having a path (based on a video I watched). It was about an hour or so discussion on a wide range of Cybersecurity themes around the topic of "getting started", namely how. Here's what I learned:
1. Know Your Why
As I discussed in my previous post, having a "why" is essential to the journey. When you know the purpose of what you are doing you can go about taking the necessary steps to make it happen. I won't belabor the point of the "why", but I know why I want to get into Cybersecurity. My question now is how to get where I'm going. It can be easy to get lost in the noise. There are so many things that are cool to know and do.
2. Find A Niche That Aligns With Your Passion
Reigning in the varied interests has been the hardest part my learning so far. I know I need to know about Networking, but it gets boring. I know I need to pay attention to Security+ topics, but understanding tooling is just as important. Then there's topics like Threat Modelling and Threat Hunting that speak to me. As someone with a background in testing, the foundation is in place, but deciding what to choose is tough when everything speaks to me. I'm still on the fence between actual Pen Testing or Threat Hunting.
3. Know How To Communicate
Another key topic in the video that was greatly emphasized was communication skills. Rather than call them "soft" skills, it was stressed that this should be regarded as a required skill.Being able to discuss complex topics to non-technical individuals, reporting findings, or selling the need for a particular tool is essential to the job.
4. Have People Skills
Along with solid Communication skills are "People skills". Knowing your audience is a talent. Making friends and influencing others is truly an art that is also essential to the job. People skills can mean anything from knowing whom to approach when an incident occurs, to knowing how to take initiative and deliver instructions in the event of a natural emergency. Cybersecurity is way more than just the 1s and 0s in a terminal.
5. Choose A Specialty & Expand Outward
Bringing it back to the topic of a specialty, the hosts of the video recommended choosing a specific specialty, learn it, and work to expand onto other fields. It's not far fetch to imagine someone starting out as an Auditor and eventually pivot to Risk Assesment, or "Blue Teaming". The take-away: there is no linear trajectory.
6. Work On Your Brand
The hosts - Monica & Mike - mentioned the idea of selling yourself as a "brand". A brand - a product or service - consists of a recognizable name and a reputation. I have a hard time with this as I am actively working to repair my reputation from previous instances of past mistakes and what-not! The brand that is me is long overdue for a revamp. And orienting myself towards this new endeavor is a great way to start. As someone that needs to get started in Cybersecurity, being a service to the company implies adding value and being indispensible. That's the goal. Answer the questions, "who are you?" and "what can you do for me?"
7. Showcase Your Knowledge
When you have an established brand, and set of skills, the next thing they mentioned was "selling your knowledge." The dichotomy of showcasing your talent is coming off like you need attention. You have to highlight what you know, but do it in a manner that doesn't appear vain. Personally, I prefer being the "silent option" - get in, do the job, get out .. no need for accolades or glory.
8. Network, Network, Network
As stated earlier, along with the need to build a brand is exposure. Getting started in Cybersecurity is equal parts what you know and who you know. The hosts in the video stressed the idea of networking as the key to get started. Follow companies, interact with posts, promote your own knowledge, even attend meet-ups and the like. Anything to interface with professionals in the industry is fundamental to getting noticed and even bypassing the traditional HR routes. This is something I'm actively working through.
9. Get Certified
The topic of certification is somewhat contraversial. On the one hand, it's not about the paper certification but rather the experience. On the other hand, certification is proof of competency. One thing is certain, there are definite certifications I plan to pursue and when money get's good, they will happen.
10. Pay It Forward
Paying it forward was not discussed in the video, but it is something I promised myself I would do when I get proficient in my craft. As I have been mentored, I have also done a lot of self-paced education and marking down the things I have learned. If nothing else, this has helped reign in the many many ideas I have to want to learn. It is important to know where you are going and why. I would love to pass on this knowledge to the next person who decides they want to pursue this career.
Conclusion: Your Path Is Not A Straight Line, But Rather A Long Windy Road!
Overall it was a great video. There was a lot I already know, and a couple of new things I learned. The greatest take-away of all was the idea that there is no linear path. There is no explicit time-table for getting started. There is nothing to hold you back from your passions except you. You have to know your why and you have to grind. There will be times when doubt creeps in. When Imposter Syndrome rears it's ugly head. Those are the times you have to get your mind right. When you now your why, you can endure any how. You can get after it! And I plan to get after it.
No comments:
Post a Comment