Information security professionals have been conditioned to invest in their careers. Whether through traditional methods such as security certification courses or advanced degrees, you have expectations that by achieving these credentials, you will accelerate your career. By investing in yourself, you're on the right track; any investment that helps develop skills, expand knowledge and provide additional education is a good one. However, the expectation that a single common career investment will provide you a competitive advantage over others is unrealistic.
The CISSP certification is a prime example of this. When the information security industry was in its formative years, Certified Information Systems Security Professionals (CISSPs), were rare. Holding the CISSP certification provided a much greater advantage over peers who did not. Employers placed a higher value on this designation, and rewarded professionals with advanced compensation and accelerated career paths. Today, the CISSP is much more commonplace and does not serve as the talent differentiator it once did; (ISC)2, which governs the CISSP, reports on its website there are more than 60,000 certified professionals worldwide. Instead, CISSP certification training has become more of a requirement and the absence of this particular career investment could negatively separate you from peers.
When determining a career investment strategy, it is paramount to refer to your career plan and map your investments toward your intended result. Annually allocate and budget time and money to invest in your career. This should be akin to contributing to your 401K or insurance programs. Considering that your professional skills are the keys to generating current and future income, allocating money for your professional development provides you with better control over your future than any other investment that you can make.
Next, you need to figure out the best way to achieve maximum value for your investments; these costs vary greatly and can come in the form of a weeklong training course, a personal coach, or a conference to help you address a deficient skill. These environments generally will enable you to pinpoint specific needs and give you the opportunity to address them in a condensed time frame, under guidance from a recognized authority. Some examples are management seminars, sales training, or time management courses. Although these may be viewed as minor investments of time and money, they can provide a significant impact on your longterm professional development.
Another key component of a career investment strategy is the branding associated with the career investment. Considering the achievement will be on your resume and discussed during an interview or promotion process, you should feel comfortable with the external image it enforces and impression it portrays to others. One of the best examples of this could pertain to the perceived quality of an advanced degree, such as an MBA. The fact is: You can receive an MBA from many different schools; but top-tiered MBA programs carry a better brand than MBAs from distance-learning programs. If your career goal is to become a CISO of a Fortune 500 firm, chances are that someone on the interview team will hold an MBA from a top-rated school. By carrying a similar brandinto the interview process, you should give yourself a competitive advantage over others vying for the same role. In addition, if you have an MBA from a school that is not viewed upon favorably, the career investment could have an opposite effect, and could possibly eliminate you from consideration.
Probably one of the most overlooked factors in selecting a career investment is the value of knowledge and personal growth. Generally speaking, if you select to pursue a career investment for personal satisfaction, you are able to do so at your direction and without advanced expectation. Making yourself smarter, more effective and more complete has benefits in the workplace and beyond. As security professionals working in diverse environments, dealing with global issues, and multicultural workforces, gaining a broader understanding of relevant topics that have a personal interest can only be helpful. Although nothing is for certain, but if you decide to let this principle guide the direction of some of your career investments, you may be pleasantly surprised by the future impact it may have on your career development.
As the information security profession continues to mature and competition for information security leadership roles increases, it will become more important for information security pros to differentiate themselves from their peers. Developing a consistent pattern of logical career investments is one of the better ways to accomplish this. Information security professionals who are able to effectively map their personal career investments to their long term career goals, should have a much better chance of achieving them.
About the authors:
Lee Kushner is the president of LJ Kushner and Associates an information security recruitment firm and co-founder of InfoSecLeaders.com, an information security career content website.
Mike Murray has spent his entire career in information security and currently leads the delivery arm of MAD Security. He is co-founder of InfoSecLeaders.com where he writes and talks about the skills and strategies for building a long-term career in information security.
Send comments on this column to [email protected].