Unpopular take: anyone deemed successful or in a leadership position today who started in “InfoSec” more than 15 years ago, likely has little actually useful specific career advice for people entering the space today outside of general “tenacity/curiosity” references (more...)
(Cont) Why do I say this? Because 15+ years ago, there wasn’t really an “infosec” space - there were hackers/professional dabblers who out other skills from network/Sysadmin/dev experience and applied some “security stuff” to it. No degrees/certain. Emergent field. (More)
(Cont) Now you can get a PhD in InfoSec, the field is fragmented in dozens of specialties and most entering the space have learning/educational opportunities 10000x than those who came up. So these new folks’ career arcs are NOTHING like those today.
(Cont) That’s not to say that people who have experience in the field can’t offer useful guidance, but be careful who you take advice from because it’s a very different world than it was was infosec was in its infancy. Many people you ask advice from couldn’t fill a role today!