Having a career in cybersecurity can be extremely difficult when starting off. Where can you turn for allies? How can you relate your knowledge to non-technical employees? To find some answers to these questions, I found numerous experts in the field of cybersecurity who answer the following question: “If given the chance, what advice would you give yourself when you first joined the industry?” Their insights help to reveal a number of resources that they wish they would have drawn on early in their careers. Provided below are their responses.

Martijn Grooten | Researcher, Writer and Security Professional | @martijn_grooten |

Security likes “rock stars”, that is, people who have very good technical skills or who are loud, very present, and can tell a good story. When you’re new in the industry, as I once was, it’s tempting to look up to them and try hard to be liked by them. This might give you a short-term career or confidence boost, but in the long-run, I have learned it is much more important to look out for people who are kind and who have a good moral compass.

Jason Lau | Chief Information Security Officer, Crypto.com | @JasonCISO |

Like many others, my cybersecurity career didn’t really have a clear path, and it was through many side- channels and industry events that I met peers who ultimately gave me some great advice. Looking back, I would have told myself much earlier on to focus on the human element of cybersecurity. I was one of the earliest to dabble with eLearning in the days when the Internet was first gaining popularity before the Dot Com boom. This was when it was being used and tested in university courses where I was teaching engineering. Given the success of eLearning, I would tell myself to continue in this space since there was already so much focus on technology, systems and software in the early days of cybersecurity and not enough on the “people” side of things, which is the initial cause of many incidents. Focusing on this topic could have made a much bigger impact on the early days of the security awareness training industry.

Phillimon Zongo | Chief Executive Officer at Cyber Leadership Institute | @PhilZongo

There’s certainly things that I could have done better. Now that I have spent a lot of time mentoring people, I would say it would have been better if I had looked for a highly experienced mentor from day one. That would have accelerated my career trajectory in those five years that I’ve been pushing myself. I wouldn’t say it’s a big disadvantage. The path that I took was of self-discovery. I trained myself, I bought books and I scribbled everywhere. I just studied over time. But it’s true that persistence and resilience and never giving up are important because writing is very frustrating. For my first article, it took me about three and a half months to write a three-page article. That’s when I was aiming for quality. Eventually, I got it published in an international journal.

Ambler T. Jackson | Senior Privacy Subject Matter Expert

If I had an opportunity to go back to the beginning of my career, I would have dedicated some additional time to learning about the technical considerations of data governance first. While I later studied data governance, what you learn from databases, data models, and data management helps to provide the big “forest-from-the-trees” picture for understanding why and how organizations capture data and how data elements move throughout the data lifecycle. I wish that I had obtained the formal education at the outset, as it would have helped to set the stage for fully understanding the lifecycle of a data element early on.

Mo Amin | Independent Cyber Security Culture Consultant | @infosecmo |

If you can, try and find a mentor. There are more avenues and channels now than when I was starting out. When you find someone, make sure that you play your part in the relationship. You need to put the effort in, too. Also, remember to be patient with yourself. You can’t know everything at once. Pick an area that interests you and try to become the best that you can be in it.

Katie Moussouris | CEO of Luta Security | @k8em0 |

If I were to go back and give my younger self advice, I would probably aim myself towards early ventures that accumulated a lot of capital, a lot of cash. And the reason for that is not that everything comes down to money, it’s just that money makes a lot of things easier, such as making your ideas come to light and to fruition.

When you’re a minority woman in any industry, I think it’s a challenge for us to be taken seriously early in our careers, mid-career or late in our careers. I think that having access to capital and the means to make some of our ideas come true is important. That would have been the advice I would have given myself back then.

Source: blogs.Cisco.com