Pursuing Excellence in the Digital Security Space

Posted on by James DeLuccia

Pursuing excellence and making a difference in your family, business, and profession requires the layering and extending of insight. It is more than simply going for the hot certification, attending the popular conference, or echoing the pundits like Bruce Schneier. We ALL need you to build upon these ideas, not follow them indiscriminately. It is the prudent intentional quality development of capabilities that apply to your current and next project. Today, we will answer how you do that and how you succeed. If you want to make a difference, then adopt the following: 

Virtuosity - the common done uncommonly well

Perform the common uncommonly well; beyond a doubt, improve your fundamental areas of your professional self. This includes all areas of your personal self, such as - communication, depth of knowledge on topical domains, visual creativity, emotional connections, internationally mature, and personal relationships. John Wooden’s pyramid of success is a popular starting place. 

Examples of what is common (professional areas):

  • How you communicate
  • What you use to communicate (powerpoint? email?)
  • How you analyze and measure financial information
  • Your presentation skills 

Each of these can be expanded to dozens of sub-elements that can be improved. For example, in my case I felt my presentations were becoming too wordy and not capturing the visual learners. I pursued a year-long venture of training myself in design, graphics, and building proficiency with tools that simplify the creation of more appealing and effective presentations. 

These professional areas at least include:

  • Threats and risks (current, emerging, and what are the intentions)
  • Interview / information gathering skills (nobody wants an interrogation)
  • Bits and bytes knowledge of technology - networking, hosts, base operating systems, etc.
  • Third party service depth - Cloud services, serverless technology, firmware hardware interfaces, autonomous components, etc
  • And beyond 

You must identify the areas of your profession that make up these areas -- and then find out how to improve your competency within each. A simple method is to take a piece of paper and write all of the roles you fill -- i.e., Risk Assessor, CTO, CXO, Product lead, Cybersecurity lead, Autonomous data, Architect, etc -- and then add sub-items that support that role. When I wrote out mine, I realized authoring the book, How Not To Be Hacked, was the culmination of those lessons and became a micro-event. These supports are then your areas to focus and grow. I also use this across my life, so for me my list includes:

  • Father
  • Digital technology
  • Cyber security strategist
  • Son
  • Mentor / Coach 

Too often, those new to the field of cybersecurity are attracted to the risk and appeal of originality in their specialties, at the expense of being great first on the basics. Developing virtuosity is supremely elusive, but is readily recognized by those of your team. There is a compelling tendency among novices to quickly move past the fundamentals and on to more elaborate, more sophisticated practices, but this is done at the risk of project failure, personal embarrassment, or worse -- an unrealized mistake in 2, 5, 10 years. 

Professional development in cybersecurity across the digital space of technology built upon a foundation and from lessons of the past and present will accelerate your value tomorrow. Learning should never be isolated to a 2 day cram session or a prescribed 100 hours of CPE. Instead, you can practice this education within every project -- incrementally improving, applying, experimenting, and leaping your skills forward daily. 

Take advantage of the great minds in tangential professional spaces, and build upon that knowledge base. What took one expert 30 years, may take only 5 years for you to match. Imagine what you’ll do with the next 5! Innovate, leap frog, experiment, tinker, and allow micro-fail situations with feedback by peers and trusted advisors. We are all on this journey and need these moments to build anything great.

James DeLuccia

Cybersecurity Cloud B2C & B2B, New Products, Honeywell

professional development & workforce

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs