Your Path into Cybersecurity: Mentor and be mentored (S1: Ep9)

A series based on the original 10 step pathway

To be a mentor and be mentored is an important part in securing your path. This doesn’t always need to occur in the traditional sense (aspiring professional seeks out experienced professional). While that is still a viable path, it isn’t THE path. In this digital age, if knowledge is what one is seeking, much of what we need and want to know is within reach. Whether it be books, online courses, workshops, forums, blog posts or other community channels -  this is the Information Age; and many successful people document parts of their journey which impart their experiences, wisdom, etc. 

These are not replacements for relationship building. However, mentorship can come in many forms. The older I get, the younger are my teachers. We can all learn from one another. A few years ago, I participated in a “reverse mentorship program”, where as a budding executive, I reverse-mentored a senior executive. He concluded one of our sessions with saying “I learned as much from you as you did me”.

So, next time you feel like you want a mentor, consider some core outcomes you are looking to satisfy by spending your most valuable asset with someone, and asking them to spend theirs with you. 

  1. Contemplate what you can provide to your prospective mentor - Conduct some preliminary research on your prospect, identify their strengths and possible areas where you can assist. Perhaps they have stellar expertise in a particular discipline, but a poor digital presence. Perhaps, you are diligent about yours and can offer assistance in this area. Wow - we’ve just discovered opportunity. While providing a need to your mentor, you will also be a sponge and soak up all that you find necessary. Your conversations will be different when you are offering a service. Remember the reverse-mentorship I mentioned above? You can be as much of an asset to your mentor as he/she is to you; and if he/she finds you to be an asset, you can surely 10x your growth opportunity vs the traditional mentorship model. 

  2. Go in with clear outcomes - Your mentor will be happy to know that you have a strategy and see this opportunity as a stepping stone. It’s simply not enough to say, “I would love to pick your brain” or “Can you mentor me?”. People like to help those who help themselves. You don’t need to have all the answer (none of us do), but at least a strategy. For example, if I admire someone’s leadership style and how they’ve built their business, I would be interested in understanding how they consider their people (this is huge for me), their business strategy, efficiencies they’ve built into their business, how they find growth opportunity, and measure success. With that in mind, I can easily develop questions and data points that could drive my focus with this individual. 

  3. Leverage the relationship - if your new mentor is connected with someone else you’d like to know for a particular reason, request an introduction. But again, be methodical in your approach. Recognize that you are now representing your mentor as well as yourself. A person of integrity values their reputation, thus will think twice when vouching for someone. Help them to see the connection as a fruitful gesture and one that will help make them look good as well.

The aforementioned list is not all encompassing, but should steer you in the right direction along the journey of securing you path; and always remember to pay it forward. 

“You will get all you want in life, if you help enough other people get what they want.” - Zig Ziglar.

Your Path into Cybersecurity: “PoC your Skills” (Series 1: Ep 7)

A series based on the original 10 step pathway

In my original post, I mentioned PoC’ing your skills as a necessary component to securing your path. So, bear with me while I break this down. 

PoC your Skills…and by PoC, I mean, 'Proof 👏🏽of 👏🏽Concept 👏🏽' 


Proof - evidence or argument establishing or helping to establish a fact or truth of a statement;

Of - expressing the relationship between a part and a whole;

Concept - an abstract idea; a general notion;

Skills - the ability to do something well; expertise

I listed the aforementioned terms, not in a comedic manner nor to discredit any reader’s ability to formulate words and their meaning, rather to dissect frequently used terms and the underlying value of conducting a PoC. 

On any journey, especially one embedded within Cybersecurity, educating oneself is a major part of that experience.

You can go to school (or back to school), read more books, listen to more lectures or podcasts, attend more conferences and meet-ups, and if you never actually turn any of that theory into practice, you DON’T HAVE SKILLS.

So make it a habit to merge the theoretical with the practical…and what better way of doing so than working on some sort of project that you can call your own (or partially your own). The InfoSec community is quite awesome and I’m really glad to be a part of one that welcomes all hungry, willing and smart participants. So, take advantage of it - soak up all that you can from the community and in return, give back. Perhaps, you sponge a great deal of knowledge for a year, work on some project(s) of your own and once your are comfortable, contribute to larger scale projects or offer your own to the community. 

Project based learning has been proven to be more effective than passive learning. Passive learning does not prepare one for the real world; project based learning does. So, work on a project of interest, based on a challenge you face; create the solution and share it. It also acts as an assistant to building a portfolio of knowledge assets. These assets compound, as you become more equipped. By working through or completing projects, you become more resourceful and you can demonstrate the theoretical knowledge you’ve amassed. This may be the tipping point in an interview process that leads an employer to choose you over your competition. Not only did this help me in landing my first internship, but it is also one that I use to this day in my interview process. I want to see what candidates have created, I want to know where you failed, how you used those lessons, how you regrouped and redirected the energy, did a new idea evolve out of the “mishap”? If one hasn’t made any mistakes or screwed up on the job or on a project, then you simply haven’t done enough. You’ve been playing it safe and I’m not impressed.

Napolean Hill said, “Tell the world what you intend to do, but first show it!”