A series based on the original 10 step pathway
This industry will require consistent drive and a love for learning. The beauty of it all, is that most of what you need or want to know is available free or low cost on the “interwebz”. The flavors vary, including, organized training sites, traditional e-learning/e-books, publications, reading rooms, forums, etc. A few that come to mind, are as follows:
Cybrary - a platform providing access to high quality, exclusive cybersecurity and I.T. video learning resources;
Humble Bundle - a digital store front. Stay alert for when a bundle related to cybersecurity is available. You can snag a collection of great books for a fraction of the price;
Reddit - a discussion site with a variety of groups and threads available for intake, depending on your interest; “We know what reddit is, Q”, said the peanut gallery. But, just in case you didn’t, since I come from a world of no assumptions.
SANS Reading Room - a collection of published cybersecurity papers, mostly from current practitioners.
Medium - A platform where words matter…and one of my favs.
LinkedIn Learning - A platform for online courses taught by real-world professionals.
Read/Watch/Learn. Do.
I’m proud to be part of a community full of folk who are interested in contributing. There is always opportunity to learn from others, and in turn, provide your contribution.
There are several ways to reap and sow - some that come to mind are as follows:
Start or contribute to open source projects. To give you an idea of what others are working on, check out some Github repos below:
Security Showcase - open source projects to help build and operate more secure systems, along with tools for security monitoring and incident response.
Awesome Incident Response - a curated list of tools and resources for <drum roll, please> security incident response, aimed to help security analysts and DFIR teams.
Organize and/or participate in meetups
Do you even network? ...and I don’t mean on LInkedIn or Twitter. As an ambivert, most of the time, I rather go home than to an event, so trust me, I get it. But I realize the value and once I’m there…it’s on.
Review the security focused meetups, on, <drumroll please>….meetup.com. Meetups vary, based on your location, of course.
Publish papers/articles
What are you working on? It is probably interesting and we could probably learn from you. So, publish!
Jump into discussion board topics (oh, you can only do that on facebook/Instagram…hmmm, I see you, ok)
Submit a talk - You learn more when you have to present and/or talk about a topic. So pick one of which you connect and bring your prowess to the discussion.
Be open-minded.
There is always someone who can/will benefit from your experience. This is something of which I have to consistently remind myself.
Approach all situations with an open mind. There is always something to learn.
Seek understanding in areas outside of your discipline. For example, I’ve been working in Information Security for over 10 years. However, I find that studying psychology makes me a better responder, leaders, and mediator, amongst other things.
If you consider yourself to be a lifetime learner, you’ll remain in a position to be open and receptive to new ideas, perspectives, and opportunities. Security is a WE sport, and it is important that we continue to create, collaborate, and contribute.