Land the perfect cybersecurity role--and move up the ladder--with this insightful resource Finding the right position in cybersecurity is challenging. Being successful in the profession takes a lot of work. And becoming a cybersecurity leader responsible for a security team is even more difficult.
In Navigating the Cybersecurity Career Path, decorated Chief Information Security Officer Helen Patton delivers a practical and insightful discussion designed to assist aspiring cybersecurity professionals entering the industry and help those already in the industry advance their careers and lead their first security teams. In this book, readers will
Explanations of why and how the cybersecurity industry is unique and how to use this knowledge to succeed Discussions of how to progress from an entry-level position in the industry to a position leading security teams and programs Advice for every stage of the cybersecurity career arc Instructions on how to move from single contributor to team leader, and how to build a security program from scratch Guidance on how to apply the insights included in this book to the reader's own situation and where to look for personalized help A unique perspective based on the personal experiences of a cybersecurity leader with an extensive security background Perfect for aspiring and practicing cybersecurity professionals at any level of their career, Navigating the Cybersecurity Career Path is an essential, one-stop resource that includes everything readers need to know about thriving in the cybersecurity industry.
Ask anyone who works in information security, and they can tell you that they get many emails and calls from people interested in getting into the field. Drive down the freeway in Los Angeles, or walk through an airport terminal or subway station in New York City, and there will be signs about information security courses. Many of them proclaim how you can start your cybersecurity career in just six months.
But those looking to get into the cybersecurity field need a lot more information than they are going to get on a phone call with the cybersecurity professional. In Navigating the Cybersecurity Career Path (Wiley), author Helen Patton has written a go-to guide that fills two needs. It helps the technology novice who is looking to get into cybersecurity and the established information technology professional looking to break into cybersecurity.
The challenge of cybersecurity is that unlike professions such as accounting, law, or medicine – cybersecurity doesn’t have a professional requirement of college degrees, skills, or licensing. Cybersecurity as a profession is relatively young, unlike medicine, where Hippocrates goes back almost 2,500 years.
There are no generally accepted principles to learn about and follow when it comes to cybersecurity guidance, and there’s no specific set of security codes of contact. As to generally accepted security principles, I was part of the ISSA Generally Accepted Information Security Principles (GAISP) project some years ago, meant to great a GAAP-equivalent. But as a pure volunteer effort, it never was able to gain traction and forever languished.
There is an excessive amount of hype coming from many different areas regarding cybersecurity. The media hypes up many of the problems and spreads the incorrect notion that millions upon millions of cybersecurity jobs are open. As to that exaggeration, see what I wrote in The Fallacy Of The Information Security Skill Shortage.
So how does one start their path into cybersecurity? Try this book. Here, Patton has written a highly practical guide on navigating an approach that can often be quite difficult.
An important point the book makes early on is that there are very few truly entry-level jobs in cybersecurity. And most entry-level roles tend to be quite specific, focused on one part of the profession, and are not generalist roles. For example, hiring managers will want a network security engineer with knowledge of networks or an identity management analyst with experience in identity systems. They are not looking for someone who is interested in security.
In fact, security roles are often not considered entry-level at all. Hiring managers assume you have some other background, usually technical before you are ready for an entry-level security job. Without those specific skills, it is difficult for a candidate to break into the profession. Job seekers learn that entry-level often means at least two to three years of work experience in a related field. That should be a wake-up call for those who think they can get a security certificate and expect to have the industry welcome them with open arms and a six-figure salary.
Selecting a career is one of the most consequential choices a person can make. This is an excellent book that should be on the shelf of anyone considering a role in cybersecurity. In fact, I have it as one of the best information security books of 2021.
In Navigating the Cybersecurity Career Path, Helen Patton has written a book that can help people evaluate if a job in security is right for them. And if so, how to succeed and prosper. For your own benefit, please don’t start your career in security without reading this book first.
Good career advice for folks breaking into cybersecurity. Patton speaking from experience offers great mentoring on a broad range of topics from required technical/soft skills to resume writing, from training to thriving, from imposter syndrome to diversity, from building teams to managing up. There are nuggets of wisdom here for anyone at any stage of their career.
Full disclosure, I have known Helen Patton for many years now. Besides being a colleague, a thought leader in the industry, and an all around good person, she is a friend and I'm delighted that she has produced this fantastic book.
Most of the things that I read on the topic of cybersecurity tend toward the high level technical issues of the day. Rarely have I discovered wisdom in the form of a book that would actually help the people in the trenches that work, struggle, and thrive in the infosec community today.
That said, I have had hundreds of conversations over the years (in my office, at impromptu "lunch and learn" sessions, and just linked-in questions) from newbies trying to break into the field, mid-career professionals seeking advice, or senior leaders comparing notes about navigating the rough waters of the infosec community. At the end of each session, I always said to myself, I should write some of this stuff down. Well, that's no longer an issue. Helen has done it for us. She explains in articulate detail the soft side of cybersecurity; the habits, traits, and best practices that we should all follow to be the best security professionals we can be.
- Why security is great but asking if it's the right field for you. - The essential skills and training you need. - Resume writing for security professionals. - Assessing your progress and how to make adjustments for success. - How to stay up to date in an ever-changing field. - How to manage stress - something that gets little attention in this stress inducing field. - Navigating the diversity gap both as a minority and as a woman and how, as leaders, do we write job descriptions without bias. And, once we get a diverse team, how do we keep them. - The decision to stay technical or move towards leadership. - How to deal with imposter syndrome - OMG! I've been doing this for 30 years and this still hits me like a ton of bricks every once in a while. - The decision to pursue another job in maybe a different organization. - How to lead a security organization. Your team is a probably a mix of eclectic personalities. How do you think about getting them all going in the same direction? - Thinking strategically about infosec. Deciding what is important. - How to build a security team. - How to deal with senior leaders above you in the organization.
For me personally, at the end of every impromptu "lunch and learn" session in the future, I'm going to hand everybody a copy of Helen's book.
This book is the reason I got my first job in Information Security. Helen Patton talked about a lot of advice in the cybersecurity domain in general. In terms of a job posting, work experiences, studying, and writing a résumé. Patton also wrote a very practical guide on navigating an approach that can often be very hard. The challenge for cybersecurity is that it's not like professions like engineering, art, or law - Cybersecurity doesn't require college degrees, skills, or licensing. Cybersecurity as a profession is relatively recent.
There is something in this book for everyone. Helen Patton is a clear, impactful, no-nonsense thought leader who learns about the important and practical aspects of Cybersecurity.
I liked chapter six a lot. Helen Patton talked about many tips that promote acceptance in the career field of Information Security, and it was very useful. It took me a whole week to finish it, although its pages are very few, it was useful and full of rich information, and there are also many references and sources in the book. It helped me to improve my résumé and how to evaluate it and evaluate my cover letter.
Cover Letter: - It must be included with every application. - Use your knowledge of the company mission/vision/values. - Demonstrate a passion to work in the field of security and doing the job for this company. - Draw attention to the relevant parts of the résumé only.
Important Notes: - Basic Elements of a Résumé: - Explain why you are the right candidate for this job now. - Memberships, Capture The Flag's, conference attendance, home lab and security-related hobbies. - Degrees, training, boot camps, self-taught, professional certifications, conference attendance. - List the skills required, then the preferred skills from the job. Include soft skills such as (Communication Skills, Presentation, Writing Skills etc..) - Talk about what you did, the skills and techniques you used, and how they helped the business.
To be clear, I am very fortunate to read this book at the beginning of my career. It gave me all the advice I needed exactly at the beginning of my journey. This is an excellent book that should be on the shelf for anyone considering a role in Cybersecurity. I have it as one of the best information security books ever. Highly recommend it whether you are an expert in the domain or a beginner.
This book was a rather quick read. I would say that it covers a general approach to breaking into a new field. There is a minimum amount of cybersecurity details, but the book does cover various red and blue functional areas of cybersecurity. As an system architect, I have spent most of my career on the tangent of cybersecurity. The author makes it seam easy to move into this realm for someone with my background.
I think cybersecurity is an area where there people only become aware of your role when something bad happens. Maybe this is why a CISO only lasts about 2 years.
Fairly surface-level; doesn't go very deep into any topic. Gives advice on how to get an infosec job, grow in your career, and become a leader.
Notes Elements of a Résumé • Header and Summary: explain why you're the right candidate for this job right now • Work Experience: reverse chronological order; describe what you did, skills and technologies you used, how you helped the business (results) • Skills: list required skills, then preferred skills, from job post; include soft skills (optionally, include skills in Work Experience instead) • Education: degrees, training, boot camps, self-learning, certs, conference attendance • Extracurriculars: group membership, home lab, CTFs, conference attendance, security-related hobbies
Apply if you fit 60% of the job post.
No need to say, "References available upon request."
Cover letter • Include with every application. • Direct attention to relevant parts of résumé. • Show enthusiasm for working in security and doing this job for this company. • Mention any employees of the company you know.
Gained a-ha moment reading Helen E. Patton’s because it ingrains a framework of excellent career management despite helping you navigate cybersecurity career path in three phases.
Use it as foundation to successful career management. Explore technical or layperson options in cybersecurity career that has room for everyone who are gung-ho enough to embark on the journey.
This is an excellent book, so I highly recommend it to anyone who wants to start his Cybersecurity career journey. No words can describe how I learned everything about Cybersecurity from a very experienced Cybersecurity Advisor. Thanks to the author, it was a very good start to discovering everything about Cybersecurity.