Stop doing certifications in Cybersecurity and do this instead !
Are certs the golden ticket to success in cybersecurity ?
Before you take out the pitchforks and start attacking me .. hear me out .. I have no issues with certifications in Cybersecurity
I think they are a great way to baseline your knowledge AND prove that you have the minimum skills needed for a position
If you are a fresher to Cybersecurity then getting a few certifications under your belt will definitely help
I DO have a problem with cybersecurity professionals who become certification factories doing one cert after another and thinking this is the path to career growth
Certifications are not the END-ALL-BE-ALL path to long term success in cybersecurity
Consider that we have a massive skill gap in the cybersecurity industry of good and qualified professionals BUT no shortage of certified ones.
Ask anyone who has conducted an interview recently for a senior cybersecurity position
Have certifications even caught up to the AI and Generative AI craze that has occurred within a matter of months and the new types of risks they have introduced ?
If you are already a certified professional then instead of focusing on the next certification path.. focus on these skills instead:
Develop Soft Skills
No certification is going to make you ready for the crazy, non-technical challenges you will face as you move up the cybersecurity ladder.
From senior management who have no idea about cybersecurity to bosses who want to cut budgets .. you need to have these soft skills ready to succeed in the long term.
1 — Learn Problem-Solving
Cybersecurity often requires you to deal with unexpected and unique types of problems that certifications will not cover.
Start cultivating a problem solving mindset that that helps you to see problems as opportunities rather than another issue to solve.
Problem solving improves with practice and is a skill that you need to develop over time
You can use problem solving frameworks like the 5 Whys or SWOT that give you a structured approach to problem solving and start applying them to cybersecurity problems.
You can even engage in group problem solving as it will help expose you to a lot of different perspectives and broaden your horizons about how different people approach the same situation
2 — Improve your communication skills
Easily one of the biggest issues with cybersecurity professionals at the starting phase is their lack of communication skills
I have seen SOC analysts who can breeze through multiple security incidents easily .. freeze up when ask to present the same problem to the CISO
Certifications are not going to teach you how to explain technical issues to non-technical people .. it is essential to be able to articulate these problems in a way anyone can understand
Start practicing with public speaking .. if you do not have an audience then create a YouTube channel or Udemy course .. either of these will greatly help you establish your presence and improve your speaking game
Be smart about technical skills
Cyber risks are evolving like crazy and certifications take their sweet time to update
What was a major risk a year back might not even be on the radar anymore .. can you image that no one knew about ChatGPT a year back ?!
Apart from learning about new technologies .. there is a major shift happening in cybersecurity due to AI and how much it will be able to take over cybersecurity tasks
Start harnessing these tools now by learning how to use Open AI API and create your own AI tools instead of waiting someone to do it for you
Start getting a basic understanding of Python and writing a few programs as that will open up a whole world of opportunity for you .. participate in open source projects and build a few things instead of reading about them !
I hope this was helpful in making you understand that while certifications are great they cannot substitute for good soft skills and hands on practical knowledge in the field.
Good luck on your journey !
Very interesting for me as I’m really interested in beginning a role in Cyber Security, specifically GRC. My main concern is that I’m 59 with zero experience or knowledge in this domain. My question is have I left it too late to transition to a completely different career?
I’m really keen to learn and acquire knowledge on this subject and take virtual internships and take certifications.
Simon