Risks of a cybersecurity career
Cybersecurity is one of buzz-words promising the la-la land these days. Everyone is running towards it. However, it will help if one is aware of the 2 big risks.
Cybersecurity is the buzz-word promising the la-la land, these days. Everyone is running towards it. However, it will help if one is aware of the 2 big risks.
They are,
Burn-out, and
Not knowing the “why cybersecurity” ?
Burn-out is real, more so in cybersecurity. While regulation is driving it, & the field is maturing (Anant Srivastava has more to say on this, in his Diversseccon Keynote), it hasn’t yet reached a scale similar to other allied branches in IT (e.g., system / network administration).
As a result, There are many moving parts in a day and juggling them can take a toll on one’s physical and mental health. Not recognizing it is a recipe for disaster.
But burn-out is not the biggest risk.
The biggest risk is not knowing why you want to get into cybersecurity.
Is it becoz you like the glamour associated with the way attackers compromise machines?
Is it becoz you think there is lot of money involved?
Is it becoz you want a future-proof job?
It is becoz you like the way ppl catch cyber-criminals?
etc.
Cybersecurity can be a paradigm shift (if you choose offense — aka pentesting — for example) or a-run-of-the-mill-job that you get better at, by acquiring a skill. Acquiring that skill, however, will take many days and nights (away from family, friends, that party, etc). There will be times when you won’t understand whatever is going on, and will question your sanity quotient (on) the day you chose this field.
That’s ok. It happens with everyone who wants to acquire any skill.
What’s not ok, however, is forgetting that “why”.
That “why” will be the only thing that could guide you from darkness to light, from “being naked” to “running naked with eureka”.
So get that “why” sorted out. You’re gonna need it.
A few months ago, I decided to learn a new language—not a programming language, but Japanese. After researching how I could learn it, one piece of advice I kept hearing was the big question of “why.” They said if you don’t have a strong why, you’ll never learn it. I thought a lot about my why, and it came to me: I wanted to talk to my friends in Japan. Not just that, but one day I will to visit and explore Japan. Now, from there, I want to drive my point. The reason I’m doing cybersecurity is because I have tried different fields, and the one thing I lacked when it came to those fields was the desire to work hard even when there is no motivation. This kind of drive I feel for this field—from offensive security to SOC and GRC—is surreal, and that’s my “why.” It keeps me going for weeks and months.