August 31, 2017 By Kevin Beaver 3 min read

As an independent information security consultant, I am often asked what it takes to forge a positive cybersecurity career path and stand out in the field. I tell people that working for yourself is not for everyone. An independent security professional must constantly seek out new business, unsure where that next bit of income is going to come from. It’s not for the faint of heart. An independent cybersecurity career requires motivation, continuous learning and a bunch of stick-to-itiveness, especially when things aren’t going well.

Don’t Be a Know-It-All

Due to my youth and stubbornness, I spent a lot of time early in my career trying to figure things out by myself. I thought I knew it all. However, about midway through my career, I discovered that pretty much every problem that I was working on had already been solved. Effectively recreating the wheel was a poor use of my time and resources.

The hard part was finding out who had the answers I needed. I soon learned that I all I needed to do was consult other people who were older and wiser than me for guidance and answers to the issues for which I had no insight or experience. I have met and worked with several of these mentors throughout my career. If you are looking to kick-start a successful cybersecurity career, you need to find some mentors to guide you.

Forging Your Cybersecurity Career Path — With a Little Help

I didn’t necessarily seek out all the mentors who helped me; many just happened to appear in my life. I met them through networking events, friends and my personal hobby of racing cars. I approached these people as I would a parent, sibling or close friend and simply asked them what I need to do to accomplish certain goals in my work. They told me exactly what I needed to do — no fluff, no hype and, thankfully, no sales motivations on their part. It was just raw advice being handed down from a wiser professional to me.

Some of the best advice I have received from my mentors has been business-related. They’ve offered guidance on growing my business, building my personal brand and fostering important relationships. These things translated directly into my work as an information security professional. However, you may not necessarily need to seek out business advice. Instead, your mentors might show you the ropes on the latest technologies, or even old-school computer operating systems and networking concepts that you can still benefit from today. Regardless, it’s critical to take advantage of these opportunities to learn from people who have been there and done that.

Pay It Forward

The mentor-mentee relationship does not develop automatically. You need to nurture a level of friendship with these people and make it mutually beneficial. Many mentors will tell you that they want no favors in return. However, you should do something to show your appreciation for their advice, because it can save you literally years of mistakes made and lessons learned. If you don’t feel like you have anything to offer back to them, at least take them out to a nice dinner or provide them with a sizable gift card so they can go out for a bite.

Having been a mentor to a few budding security professionals myself, I can say that one of the things mentors love the most is when you come back to show them your accomplishments and ask more questions.

There’s that saying that you get what you pay for. That’s true for so many things. While a mentor relationship is essentially free, the advice, experience and wisdom you will gain is priceless. There’s no way to put a dollar figure on it, and it’s even hard to quantify years down the road. Just know that to forge a successful career in security, you must recognize the value mentors can bring to your professional life. If you do, like me, you’ll probably end up encouraging others to do the same.

Listen to the podcast series: A CISO’s Guide to Obtaining Budget

More from CISO

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

The CISO’s guide to accelerating quantum-safe readiness

3 min read - Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.A future cryptographically…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today