featured.png
Categories: Cybersecurity
Tags:

The importance of specific focus

The importance of generalized knowledge

Wait, security dude, isn’t this talk about specific focus? Well, yes. However, I want to start off by saying that low depth or even medium depth knowledge in a multitude of topics is very valuable. Being generally good at many different things in cybersecurity has served me well. It has allowed for me to be capable in many topics and is valuable when interviewing for new positions. When you’re starting out in your cybersecurity career, it is important to first focus on generalized knowledge. Being able to at a minimum, superficially understand many different topics, is important. For example, as a SOC analyst, you may do log analysis, scripting, forensics, malware analysis, etc. Having said that, let’s move on to the core of this post.

What is specific focus?

The idea is simple, become highly knowledgeable in a single topic or in a small number of topics. The opposite would be generalized knowledge, knowing a little bit about many things.

Why is this important?

Once you’ve become a senior analyst or principal analyst, others also have that medium depth generalized knowledge. At which point, what sets you apart is highly in-depth knowledge and skills. It is then beneficial to you, to choose what to become an expert in.

What do I choose to expertise in?

You have two options, either what you love or what is safe. Sometimes, both are true, but often times, there’s just some overlap. For example, you may want to become a badass reverse-engineer, to the likes of Google Project Zero. However, that job market is highly limited, and highly competitive. In this scenario, maybe the better approach would be to train in threat intelligence and digital forensics. The job market for general TI/IR roles is much greater, it simply would give you better odds.

Does this mean I shouldn’t chase my dreams?

Absolutely not. Go after your dreams. I’m simply suggesting that you do so in a way that increases the probably of ascension. And if you’re in a personal position where you don’t care and you want to shoot straight for that position, all power to you. I remember seeing a college student go straight into a reverse-engineering role and deliver amazing public reports within just a year or two.

What’s the end goal?

For you to be an expert in something. For you to professionally say, I can do many things, but this thing here is mine. Maybe your thing is collecting data from dark web markets. Or maybe your thing is to reverse engineer ransomware encryptors. I am still on this journey myself. But I expect that when I’ve reached that point, it will be very satisfying as well as very rewarding for your career.