In my previous article “Becoming a CISO,” one of the core pieces of advice was to stay curious and always learn. In the cybersecurity space, learning and development is crucial to progression. Cybersecurity as an industry has a tendency to breed a passion for continual learning. There are new technologies and threats emerging almost daily, and thus there is always a level of excitement – and apprehension in some instances – about what could be coming round the corner.
For newer cybersecurity professionals, it can often be daunting looking at the mass of resources available for learning and development, so I wanted to outline a few key areas that I believe as a recruiter are the best ways to improve your skills and knowledge. It should be mentioned that although these may be particularly pertinent to new professionals, there is always space to develop even at a senior or C-Suite level. It is this attitude that creates amazing cybersecurity professionals.
Get a Mentor
Cybersecurity is one of the most communal industries I have come across. There is a great sense of collaboration among individuals in the space, and getting a mentor (or even mentors) is one of the first things I recommend to people joining the world of cybersecurity. Mentors are not only for bouncing practical questions off of, but can be critical in helping you progress your own career: mentors can often give references in job interviews or give you recommendations on what career move may suit you. In some circumstances, they can also advise on what career moves you shouldn’t be making (which sometimes is more helpful!).
How do you go about finding a mentor?
- Ask senior cybersecurity professionals in your current company.
- Reach out to people on LinkedIn who are in the same space you want to be.
- Attend networking events and get chatting (probably best to do this virtually for the time being).
- See if a recruiter can recommend anyone for you
Certifications
Certifications are a hot topic in the cybersecurity world. In my opinion, certifications can help solidify your existing knowledge, highlight areas for improvement and act as a stepping-stone into your desired career path. They are also good achievements to have. Certifications aren’t easy to obtain, and anyone with one should be proud of undertaking one. Do I think they should be the only tool in your toolbox? No, but they can give you great foundations.
Certifications like the CISA are great for individuals already in or aspiring to move into the audit space, whereas CEH is really only relevant to those in offensive security. Learning Cybersecurity Fundamentals is a component of ISACA’s new ITCA certification, which is geared toward newcomers to security and other IT professions. Look into which credentials will be best for you.
Media
The internet is a weird and wonderful place, and although probably filled with cyber threats I can’t begin to comprehend, it is an excellent resource for learning and development. I’ve listed below some points that I think are essential sources of advice, info, training and more:
- LinkedIn: The hub of most professionals, LinkedIn is filled with specialist cybersecurity groups, events and news. Follow everything relevant to you in the space and engage with the community!
- Newsletters: There are so many options for cybersecurity newsletters but they are perfect for giving overviews of cyber news, products and key issues currently facing cybersecurity.
- Events: Most events will likely continue to be virtual, or at least hybrid, for a while longer, and while you do miss human interactions, virtual events mean you can attend more from the comfort or your own home. They provide training, opportunities to meet like-minded people and ask questions – it’s a win-win.
In a security industry that is constantly changing, don’t be afraid to ask for help or advice, and make sure to take full advantage of all opportunities to develop yourself – it’s the key to success.