Paving the Way from Physical to Cyber Security

Provided the rising tuition costs in the United States, the need to carefully plan out university studies in a way that will benefit one’s career becomes an increasingly important questions for both those coming to the US for higher education as well as American students.

Quite honestly, I am one of those American students that studied more of what interested me (international relations) than what I ultimately ended up working in (cyber security). That said, both my undergraduate and graduate degrees focused on the aspects related to security – the first being in international relations focusing on the Middle East and the second, a masters in counterterrorism.

Not surprisingly, I struggled to find a role related to geopolitical security in my preferred location of Silicon Valley, a region dominated by the high-tech industry. At that point, it became a question of how I could apply security to an IT career, to which the answer was cyber security.

So I’d found my niche calling – how to proceed? Beginning work in contract roles at PayPal GSOC and Facebook spam operations, I gradually worked my way up, gaining technical skills such as Security+ certification. It was around this time that I interviewed with and accepted an offer in Information Security at enterprise cloud company ServiceNow, a role that would unexpectedly lead to a nomination for the Women in IT Awards.

As many physical security roles in the Bay Area are contract positions that tend to sport a maximum salary of $30/hour and the minimum cost to live reasonably in the Bay (one-bedroom/studio apartment) requires about $48/hour, it would behoove many physical security professionals such as those in law enforcement, corporate physical security and ex-military living in/moving to the Bay Area to consider cyber security. Many branches of cyber, including incident response and threat intelligence, involve many of the same front-of-the-line and preventative deterrence aspects that we thrive off from the physical security arena.

As someone who had no formal university education in computer science, I suggest those with similar backgrounds who consider cyber security to view the field from the perspective of two routes: Offensive (think penetration testing to see if a company’s network is vulnerable to threats) and Defensive (think incident response to threats like malware, phishing attack, etc, that are already underway). While you can choose which suits your preferences, getting that Security+ certificate under your belt is the first step.

You’ve got this!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s