Cybersecurity not only a massive field, its also a continually evolving subject that demands people like you and I keep current on the newest attacks and defences. As a result, sometimes even the most highly regarded cyber practitioners among us feel as though they lack knowledge or aren't competent enough.
It's called: Imposter syndrome.
Imposter syndrome is way more common than you'd imagine. And you're not alone if you're struggling with it. I've struggled with it myself. For example, shortly after passing the OSCP (first time I might add - top tips video here), I immediately looked to the nett exam in the chain, the OSCE. Like an addict seeking the next fix of knowledge. Then I realised that there were likely thousands of OSCE holders across the world, already leaps and bounds 'ahead' of me. Never mind the people who were so smart that they wrote the course itself! I felt like I'd achieved...nothing.
But I've come to realise, we're all just here, doing our thing, taking our individual journeys.
So, here are five suggestions to help you deal with your imposter syndrome and increase your self-assurance.
- Recognise that you're not alone. Imposter syndrome is a common experience that many cybersecurity professionals (and newcomers) face. You're not alone in feeling this way, and it doesn't mean that you're not good at what you do. Acknowledge that these feelings are normal and that many people have them; they just don't talk about it publicly.
- Reflect on your accomplishments. When you're feeling like an imposter, it's easy to focus on your perceived shortcomings. Instead, focus on your accomplishments and the value you bring to your team. Keep a list of your key accomplishments, skills, and areas of expertise. Writing this one reminded me of the lawyers and doctors who hang their certificates on their office walls. Time to find a picture frame for my OSCP cert!
- Ask for feedback from others. If you're feeling unsure about your skills or abilities, seek feedback from peers or management. This can help you to identify areas for improvement, build confidence in your skills, and set you off on new learning paths.
- Never stop learning. Cybersecurity is non-stop; there's always something new to learn. Embrace this! Think of all the people out there working in the same old robotic job with nothing new to learn. Being in cyber is an opportunity to continue to grow and develop your skills...until you retire! Get training, certifications, and other professional development opportunities to stay up-to-date with the latest trends and technologies. Plug: check out my news site TEARLINE if cyber news is your thing!
- Surround yourself with good people. Get closer to supportive and knowledgable colleagues. Teach each other things. I bet there are a ton of things you know that the person sat next to you doesn't. Attend industry events and conferences to network and build relationships with other cybersecurity professionals.
Most of all, remember that imposter syndrome is a common experience that many cybersecurity professionals face. You're not alone, and it doesn't mean that you're not good at what you do. By focusing on your accomplishments, seeking feedback from others, and continuing to learn and grow, you can overcome imposter syndrome and feel more confident in your abilities.
See you in the trenches!