Techniques to start your career in cybersecurity

Posted by

I’ve been listening to the work of Tim Ferriss (The 4-Hour Workweek, The 4 Hour Body, The 4-Hour Chef) and was impressed by the DiSSS technique to mastering any skill. By mastery, Tim Ferriss defines this as being in the Top 5% of anything. This guide can help start your cyber career in a powerful way!

To save you the time, here is my concise version with a heavy cyber slant:

Applying the DiSSS (Deconstruct, Selection, Sequencing, Stakes) Technique to your cyber career

DECONSTRUCT

Nearly any valuable skill is made up of multiple smaller components.

In Cybersecurity, I’d consider these the smaller components.

  • Windows Fundamentals
    • I start with Windows because most jobs will use Windows heavily and many attacks are targeted against Windows. To satisfy this requirement you’ll need to be comfortable with the Windows command line and various advanced settings. My formal computer science degree gave me the proper knowledge, but reading Mike Meyer’s CompTIA A+ Certification Passport will be helpful for most.
  • Networking
    • Nearly all attacks are delivered via the network and data is stolen via the network. Understanding networking is crucial to cybersecurity. Reading Mike Meyer’s CompTIA Network+ Certification Passport is an easy read and has been extremely helpful in setting up my career properly.
  • Security Fundamentals
  • Unix/Linux Knowledge
    • Nearly every non-windows machine used by IT professionals today is going to be based on Unix in some way, some examples include:
      • Apple’s Mac OS X is explicitly Unix.
      • iOS (iPhones, iPads, etc) are a variant of OS X and therefore Unix.
      • Android phones use the Linux Kernel (the kernel is the lowest level of easily removable software that interfaces with the device hardware).
      • Most web servers run on a Unix-based platform.
    • To stay consistent, it wouldn’t hurt to read Mike Meyer’s CompTIA Linux+ Certification Passport to build up your Linux knowledge.

Achieve this foundation and you’ll quickly notice how thinking about cybersecurity comes naturally. Additionally, I can’t ignore programming since it’s probably one of the most resilient skills you could ever develop. People seem to be so afraid of programming, but trade your Netflix and Facebook time for several months and even you can learn how to code. Code Academy is an amazing resource that’s both free and well-structured. It took me painfully long to understand programming, but looking back I just wasn’t focused on it.

For your own career, think about what smaller skills the best in your field possess.

SELECTION

Selection involves focusing on the 20% that yields 80% of the outcomes. To build on the previous section, I’m suggesting that just 4 BOOKS (linked above) and their associated certifications make up the building blocks to one of the hottest career paths today in Cybersecurity. Many of you could finish these 4 books in less than a month (if willing to give up some of your leisure time). There is infinite additional material that you could read, but these address the critical 20%.

Examples:

  • In product quality control, 80% of problems were responsible for 20% of the defects.
  • In clothing, 20% of your wardrobe is worn 80% of the time.
  • In handyman work, 20% of the tools are used in 80% of the tasks.
  • In relationships, 20% of your human interactions (spouse, family, close friends) provides 80% of the value.

Find the critical 20% that yields 80% of your results.

SEQUENCING

Doing things in an intelligent order is also critical to mastering any skill. For Cybersecurity, I’ve recommended books in the order I consider valuable, but you need to define the order for your particular situation. Tim Ferriss thinks about this from a “reversal” perspective, since he advised that learning chess by practicing the endings (instead of the openings) is more effective. He also states that learning the tango (dance) is easier when studying the female role first, which is less complex than the male role.

Reversal thinking is harder for Cybersecurity, but I’ve found that my above-average programming ability has helped me standout in a cybersecurity organization filled with experienced cybersecurity professional. Programming isn’t your typical cybersecurity skill, but until I built up the other skills, programming is all I had. Developing custom code to solve various business challenges was unusual for a group that typically purchased solutions and helped me bring some unique value to the organization.

Carefully consider the order in which training is performed.

STAKES

In a career, the stakes are built-in since your career will quickly stale and your salary may reflect that. In other situations, you might need to put money on the line to raise the stakes. Many find that a high-cost weight loss competition within close friends is very effective. Additionally, announcing the goal publicly (all over Facebook, Twitter, Instagram, etc) puts social pressure on you to accomplish the goal.

Building skills is most effective when you have something (money, reputation, pride, etc) on the line.

Feel free to leave any comments and good luck on your journey to start your cyber career.

Leave a Reply

Your email address will not be published. Required fields are marked *