August 31, 2017 By Kevin Beaver 3 min read

As an independent information security consultant, I am often asked what it takes to forge a positive cybersecurity career path and stand out in the field. I tell people that working for yourself is not for everyone. An independent security professional must constantly seek out new business, unsure where that next bit of income is going to come from. It’s not for the faint of heart. An independent cybersecurity career requires motivation, continuous learning and a bunch of stick-to-itiveness, especially when things aren’t going well.

Don’t Be a Know-It-All

Due to my youth and stubbornness, I spent a lot of time early in my career trying to figure things out by myself. I thought I knew it all. However, about midway through my career, I discovered that pretty much every problem that I was working on had already been solved. Effectively recreating the wheel was a poor use of my time and resources.

The hard part was finding out who had the answers I needed. I soon learned that I all I needed to do was consult other people who were older and wiser than me for guidance and answers to the issues for which I had no insight or experience. I have met and worked with several of these mentors throughout my career. If you are looking to kick-start a successful cybersecurity career, you need to find some mentors to guide you.

Forging Your Cybersecurity Career Path — With a Little Help

I didn’t necessarily seek out all the mentors who helped me; many just happened to appear in my life. I met them through networking events, friends and my personal hobby of racing cars. I approached these people as I would a parent, sibling or close friend and simply asked them what I need to do to accomplish certain goals in my work. They told me exactly what I needed to do — no fluff, no hype and, thankfully, no sales motivations on their part. It was just raw advice being handed down from a wiser professional to me.

Some of the best advice I have received from my mentors has been business-related. They’ve offered guidance on growing my business, building my personal brand and fostering important relationships. These things translated directly into my work as an information security professional. However, you may not necessarily need to seek out business advice. Instead, your mentors might show you the ropes on the latest technologies, or even old-school computer operating systems and networking concepts that you can still benefit from today. Regardless, it’s critical to take advantage of these opportunities to learn from people who have been there and done that.

Pay It Forward

The mentor-mentee relationship does not develop automatically. You need to nurture a level of friendship with these people and make it mutually beneficial. Many mentors will tell you that they want no favors in return. However, you should do something to show your appreciation for their advice, because it can save you literally years of mistakes made and lessons learned. If you don’t feel like you have anything to offer back to them, at least take them out to a nice dinner or provide them with a sizable gift card so they can go out for a bite.

Having been a mentor to a few budding security professionals myself, I can say that one of the things mentors love the most is when you come back to show them your accomplishments and ask more questions.

There’s that saying that you get what you pay for. That’s true for so many things. While a mentor relationship is essentially free, the advice, experience and wisdom you will gain is priceless. There’s no way to put a dollar figure on it, and it’s even hard to quantify years down the road. Just know that to forge a successful career in security, you must recognize the value mentors can bring to your professional life. If you do, like me, you’ll probably end up encouraging others to do the same.

Listen to the podcast series: A CISO’s Guide to Obtaining Budget

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today