They say you should never meet your heroes—often they will just disappoint you. But thankfully, there are also exceptions to this rule.
In this five-part series, I will be introducing you to five of my key cyber security/infosec heroes. These individuals inspire me to continuously strive for more, with one even motivating me to move across the pond. All five have given excellent advice along the way.
In part one, I interviewed Dr. Jessica Barker, who is regarded as an inspiration to many in our industry, including me. In part two of my cyber heroes series, we’re looking at one of my closest friends and the person who convinced me to make a career change to cyber security: David Prince. David and I met on Twitter back in December 2015 while I was looking for a job. Fortunately, David was looking to build out his team, and I seemed to fit (perfectly).
David was an inspiration the second we connected. He gave relevant advice and never once questioned my abilities. David is one of those people who are natural leaders and can see potential where others see only challenge.
Once we finally met in person, I felt like we’d been friends for many years. As a boss, David was my mentor and constant motivator for me to push further and do more. He supported the whole team during every bend and clarified things with which you didn’t even know you were struggling. He is able to show you parts of the puzzle while still allowing you time to learn and discover on your own.
When others ask how I was able to learn so much within a year of working in cyber security, I owe most of this to my mentor.
When was a time you failed or felt like you did, and what brought you back?
Firstly, failing is necessary. Coming to terms with failing and being able to keep pushing forward is what helps us achieve the seemingly unachievable. But in the interest of storytelling, one particular event may be worth sharing.
Like many of my friends in the industry, I often speak at various events on some topic or another relating to cyber security. For me, public speaking has always been a real challenge and something that doesn’t come naturally. The ability to perform in a way that is clear, cohesive and also engaging requires a lot of work, especially when trying to overcome the anxiety that can often be attributed to such events.
It’s not an issue of subject matter expertise or good content but rather the overpowering feeling that you might not satisfy the expectations set by the audience. Whilst less of an issue today, this is exactly what happened back in 2013 when I was the CISO at a large multinational organization and speaking at a big conference.
On this particularly ugly day, everything went from bad to worse and ultimately resulted in the audience losing interest – some even walked out. It was a brutal experience that I won’t ever forget. But as painful as it can be, in the face of defeat you can either spend all your time feeling demoralized or you can take a little time to heal your wounds, get back on your feet, and try again. The answer for me? Quite simply (in retrospect), a change in mindset: the determination to exceed my own expectations and not the expectations of others.
I rediscovered my style and my way of doing things by speaking as me and not mimicking somebody else or being wedded to a script. It can be easy to forget to be yourself sometimes. Be true to who you are, your values and your personality. This is what will bring you confidence and purpose.
What are your motivators?
My two cyber warrior children are my rock. They give me perspective and focus. I find the industry itself to be a significant motivator. I’m completely impassioned by it and consider myself very lucky to be working in an area that provides so much opportunity to contribute to something bigger than myself, my employer, or even my clients.
These opportunities include mentoring individuals and startups to help them thrive. On a day-to-day basis, I like to tinker and solve interesting problems. It keeps me on the happy side of [in]sanity.
Who’s inspired you?
To name one person, I’d have to say Dennis Ritchie, the father of the C programming language. Dennis demonstrated that you do not need to have the profile of a superstar to be recognized; you just need the determination to do good old fashioned hard work. Additionally, he followed through on his ambition to create a language that helped establish collaboration and a community at a time when licensing heavily prevented such crazy ideas. As Dennis’ experience shows, there are always opportunities to work with other people.
But whilst I have my own heroes who have made such a big difference to me personally, my inspiration is often drawn from those seemingly smaller achievements that I see on a more regular basis like seeing close friends break down new barriers or seeing people who I’ve helped mentor move from success to success.
What do you feel is your greatest achievement so far?
You can’t be an expert in everything, but I’m incredibly proud that I’ve been able to cultivate a broad range of experience with some substantial depth during my career. I’ve held very technical roles in ethical hacking and forensics, as well as senior leadership roles that couldn’t be further away from tech. Recently, I’ve stepped back into management consulting where I’m able to utilize both my technical knowledge and soft skills. One of my biggest achievements over the last few years was building a successful (and award-winning) cyber security practice.
With that said, on top of all of this is being able to use my knowledge and experience to mentor one of my closest friends, Zoë, takes center position, that is, despite the constant stream of never-ending questions.
What advice do you have for others starting out in Cyber Security?
Know what makes you different and embrace it. Don’t go in half-measure; our industry needs different perspectives and a broad range of disciplines. Don’t work too hard to mold yourself to the expectations of others, and don’t beholden yourself to set career paths put before you.
If you don’t have a degree or a Ph.D. in cyber security, that’s OK. There are so many opportunities to up-skill. For example, I’m looking at a degree that is entirely separate from cyber security, but I know what I learn will be immediately applicable to many aspects of life, including my career.
If you could go back, what advice would you give yourself when starting out?
Coding is difficult, but stick with it, you fool!
What advice do you have for others that may be are feeling stale in their career currently?
We all reach this point from time to time. It’s normal. My advice is to have a little patience and think about it positively and with a bit of pragmatism. Talk to people in the community and put a fresh spin on your role, your attitude and your approach, if you’re able to.
A lack of movement in your career is typically a symptom of something that may be in your control to change and it may not be as challenging as you might think. I always advise seeking 360 feedback, even when you think things are going really well. There is always room to grow.
Also, consider taking an inward look at yourself. Fundamentally, are you still feeling motivated about your work? Think about what gets you out of bed in the morning. For example, If I don’t do something outside my employer or my client work, I can get a little cabin feverish that affects me in all kinds of ways.
What do you think are some key development areas for the Cyber industry?
There are many great things about this industry, but I’d have to say there is still a distinct lack of diversity that needs more attention. The great work by Jane Frankland, Zoë Rose, Dr. Jessica Barker and Holly Williams are a real inspiration, but we also need more focus on this at an industry- and national-scale, too.
I believe the industry needs more of an outreach, as well. If we are going to create strong successors in our industry and encourage the next generation to explore this industry further, we need to be much more inclusive in how we engage with people.
Any final thoughts?
You can move mountains with a little positivity and the right attitude. It can be easy to forget to be yourself sometimes. Be true to who you are, your values and your personality.
About the Author: Zoë Rose is a Cisco Champion and Splunk architect. She helps clients secure their network infrastructure from data loss and cyber-attack. In addition to specializing in network security, Zoë also supports ethical hacking, incident response engagements, advice on best practice software development, and secure systems architecture.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.