What Type of Person Thrives in the Cybersecurity Industry, According to a Head of Cybersecurity and Engineering at Commercial Insurance Company
Malia, a Head of Cybersecurity & Engineering with over 10 years of experience, identifies passion, continuous learning ("you can't stagnate"), and a willingness to admit when one doesn't know something as crucial for success in the cybersecurity industry; the ability to embrace challenges, coupled with a "dark sense of humor," are key traits that separate those who thrive from those who burn out.
Passionate, Curious, Humble, Adaptable, Resilient
Advizer Information
Name
Job Title
Company
Undergrad
Grad Programs
Majors
Industries
Job Functions
Traits
Malia Mason
Head of Cybersecurity & Engineering
Commercial Insurance Company
University of Pittsburgh class of 2011
EMBA UCLA class of 2023
International Relations & Affairs
Insurance
Product / Service / Software Development and Management
Disabled, Took Out Loans, Worked 20+ Hours in School, Veteran, LGBTQ, First Generation College Student
Video Highlights
1. Passion and continuous learning are crucial for success in cybersecurity. The industry is constantly evolving, requiring professionals to stay updated with the latest news, technologies, and threats.
2. A strong sense of humor and the ability to work collaboratively are important assets in the field. Cybersecurity professionals often face challenging situations and need to be able to maintain a positive attitude and support one another.
3. Humility and a willingness to ask for help are essential. It's impossible to know everything, and admitting when you don't know something is a sign of strength and a key to continuous improvement. Mistakes will happen, but willful ignorance is unacceptable.
Transcript
How would you describe people who typically thrive in this industry?
You have to be naturally curious and passionate. You also need a sense of humor. We joke a lot in the cybersecurity industry. We may seem jaded, but we have a dark sense of humor.
We love our memes, but you really have to be passionate about cybersecurity. You have to keep up with the latest news and be very interested in it. You need to be willing to learn new things because you can't stagnate.
You can't just coast; you have to learn new technology as it comes out. Otherwise, you're going to be frustrated very quickly and burn out very quickly. I've seen people who thought, "Wow, cybersecurity, I can change careers and make a ton of money." Yes, but there's a lot of work that goes into that too.
You can't just cruise in this job. You really have to care about what you're doing and stay up on things, or else you could miss something. If you're in incident response, you could miss the latest threat or the latest IOCs.
That's where you see the people who last in this industry. You see the people, like me, who have been doing this for over 10 years and have gotten to leadership levels. It's about having that passion for learning and being humble.
Understand that you're not going to know everything. You're not going to be the subject matter expert because tomorrow, maybe that tool gets acquired, and it's gone. Or maybe the entire way we thought about application security suddenly changes. OWASP updates their top 10, which has happened.
You have to be able to recognize when you don't know something and be willing to ask for help. Don't pretend you know, because if you do, you'll get caught very soon, and things might get really bad. You don't want to make mistakes in this industry.
It's okay to make mistakes, but don't be willfully ignorant. Don't pretend you know, put something in place, and then there's a mistake. You will get caught. So, being open, honest, and willing to learn are the biggest things.
That's what I love seeing from entry-level and junior-level folks. I don't care how much experience you have; I care if you actually like this industry. Do you actually like this thing? Those are the people I want to work with, the people I want to chat with on Slack. They're just genuinely interested. That's what I would say.