Problem solve Get help with specific problems with your technologies, process and projects.

Reviewing your information security career path plan for the New Year

The end of the year is the perfect time to review how your career has played out during the past 12 months and refine future goals. In this tip, infosec career experts Lee Kushner and Mike Murray explain the best questions to ask.

 As December rolls around, the workload tends to lessen for many infosec pros. We find extra time as so many people are on vacation, or we may even take vacation ourselves. While many of us end up spending that extra time shopping online for Christmas gifts or reading extra articles here on, this is the time of year where security pros should take a couple of hours to perform their own "Year in Review: Career Edition." The goal of this process is to review the good, the bad and, perhaps, the ugly, in order to prepare for career success next year.

While this may sound a bit hokey, such an exercise can really help you focus on what's important and, more significantly, remind you of all of the progress you've made in the past 12 months.

The key steps to this information security career path plan review are:


  1. Reorienting yourself to your career plan.
  2. Examining the year that was.
  3. Looking forward to the upcoming year.

Career plan reorientation
First, revisit your career plan. It's rare that anyone slows down enough during the year to review his or her plan, even if they're laid out. (You do have a career plan, don't you? If you don't have a solid career plan written out, this is the time to quickly write one. Career planning doesn't have to be long and involved, though it's most often better when it is.)

Start this year-in-review process by reviewing the following questions:


  1. What is your ultimate career goal? What do you consider to be the pinnacle of the mountain, career-wise, right now?
  2. What is your major goal for the next five years?
  3. What is your major goal for the next year?
  4. Has your career path changed radically in the last 12 months? If you had answered the previous three questions a year ago, would your answers have been the same?

Examine the past year
Once you've reminded yourself of the path that you're on and where you are planning to end up, it's time to really evaluate the past year. The goal is to spend some time understanding where you've been and to celebrate the successes and big moments in order to cement any lessons that you learned.

To do this well, the first step is to examine each month of the year. We've found that it often helps to pull out your calendar and email from each month as reminders of what you did. Then, for each month, answer the following questions:


  • What did I spend the most time on?
  • What were my major successes?
  • What were the major setbacks/disappointments?
  • What was the most important thing I learned?

Once you've finished that, answer a few questions that were inspired by blogger and entrepreneur Rajesh Setty:

  • What were my significant contributions to the world this year?
  • By how much has my ability to make a difference in the world increased as compared to last year?
  • What things have I accomplished this year that nobody other than me could have done?
  • What were the big things I learned this year that I didn't know 12 months ago?

 Once you've gone through all of these questions, you'll have a solid picture of your accomplishments and how you've really affected the world. While your job may be stressful or time-consuming (or even boring), quantifying how you're making a difference to others helps put things in perspective. You'll also better understand what you've learned and what you spent the most time on. (One thing you may notice: What you spend the most time on is rarely what brings the biggest successes, contributions or learning.)

Setting up next year
The final piece of the year in review exercise is to look forward to the coming year. In this case, the question is: According to your career plan, what should 2011 have in store for you? What things do you need to accomplish, learn and become in order to make this same exercise a really joyful one when you perform it again 12 months from now?

The final questions you need to ask to complete the exercise, and set up your goals for the new year, include:

  • Where do I plan to be a year from now?
  • What do I need to accomplish in the next year to stay on track with my plan?
  • What do I need to learn in the next year to stay on track with my plan?
  • What are the big industry changes that I see happening in the next year that will affect me (e.g., new technologies, trends, regulations, certifications, etc.)?
  • What big changes should I plan on making in the next year (e.g., job change, significant education milestones, etc.)?

Answering these questions should give you a solid handle on what you want to do in the next year. If nothing else, it can help you set up New Year's resolutions.

As the year comes to a close, it's a good time to consider the past 12 months in the context of your career plan and what you want to accomplish in the coming year. And it's especially important to use this time to think about what you've done, where you've been and stop to celebrate the successful career moments of 2010. It certainly is a more productive use of extra time than the surfing and shopping that many of us (Mike and Lee included) generally do.

About the author:
The columnists, Lee Kushner and Mike Murray, bring with them different perspectives on career related topics. Together Lee and Mike have advised many information security professionals in various stages of their career development and are regular speakers at industry conferences on information security career-related topics. Their blog can be found at

Lee Kushner is the President of LJ Kushner and Associates, an executive search firm that has been dedicated to the information security profession since 1999.

Mike Murray is an information security professional and career coach. Mike has held leadership positions in environments that include professional services, security product vendors, and corporate environments.

This was last published in December 2010

Dig Deeper on Information security certifications, training and jobs

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.