- Novices probably should aim for at least one type of formal qualification. Be it CISSP or something else, it will be your key to unlock the IT Security market for you, and in the near future may become a formal requirement for the more senior positions. Start networking. If you do have a technical background, aim for managerial courses and possibly mid- to long-term for the proverbial MBA (Master of Business Administration).
- Experienced practitioners need to consider the direction in which they want to develop themselves. Get an advanced degree but stay focused. Are you a jack of all trades and a master of none? I hope not. If you havenít built a good network by now, itís high time. It doesnít matter so much where you get your benchmark from as long as you are in touch with your peer group. It will gain you a reference point and keep you sane.
- Senior IT Security people, you may be on top of your game but do you have an exit strategy for when the market matures? Will you be able to defend your role against younger incumbents? At what level can you function as a line manager or in another staff function?
In a nutshell, build your career plan on your strengths and ambitions. Decide early on whether you want to be a top expert or a good manager and stick to your strategy. Adapt and maintain it with reason, and donít confuse hedging your bets with keeping all options open. Progress requires focus.
On a related note, make a conscious decision to stay open-minded. More important than climbing the ladder fastest is the ability to grow as a person and take new perspectives.
The hallmark of a true leader is not just the ability to influence, but openness to learn from others. Good luck!
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.