5 min read

5 secret confessions from cybersecurity professionals

We spoke to industry experts who anonymously shared their secret confessions of what it’s really like to work in the world of cybersecurity.

fileake

Jul 17, 2024

What's the biggest challenge you face when collaborating with teammates who have different levels of skill, experience, or motivation?
- Confession #1: Some teammates are not willing to learn
- Confession #2: Colleagues struggle to share their honest opinions
How do these skill and commitment gaps impact your and your team's overall performance?
- Confession #3: The "others will fix my problems" attitude
- Confession #4: Skill gaps tend to have a lesser impact on performance
Can you share an example of a time when a lack of practical, hands-on training impacted your team's ability to respond to a real-life security incident?
- Confession #5: Lack of practical and hands-on training can lead to panic
How Hack The Box supports you and your team

Cybersecurity is an industry that is often shrouded in mystery. But what is it really like for those of us working hard in the trenches, fighting cyber criminals, and securing our organization’s assets?

We gave the floor to some industry experts to anonymously share their biggest frustrations and secrets when working in the world of security.

🤫What would your cybersecurity confession be?

What's the biggest challenge you face when collaborating with teammates who have different levels of skill, experience, or motivation?

We wanted to dive into the challenges of underskilled teams and what this means for our cybersecurity colleagues.

Confession #1: Some teammates are not willing to learn

Feeling as though you’re carrying your team to success is one of the most frustrating feelings. It’s the same as being put on a group project with a team that expects you to do all the work.

AD_4nXe4C5KsGQvVV6eyC1eCyyh-maN0eGlomn7pIp7Dct9T8-GyU8foLr-Z13gTrB_wFvJJZi8tciKxhCtj3DvjDKfQu_VIp3Q-sHRYRFSR3wOC1N8Q40INigsf0Af39w8d0OxMurwPiteB1gFu-LPOnMZa-j0?key=BvCfLhmRDbygH04icwG0yA

But you’re not alone in this. Generally, cybersecurity professionals are in love with what they do and are always seeking to learn more. After all, you’re all hackers at heart, which comes with a natural curiosity to understand how things work, and not giving up until you break through.

Your colleague’s unwillingness to learn could be simply due to boring and outdated training practices.

Confession #2: Colleagues struggle to share their honest opinions

Picture this: It’s your first day as a penetration tester, you’re new to the field, eager to learn, and have upskilled hard to get here. A colleague overlooks a vulnerability that you recently did some cybersecurity training on.

What do you do?

Saying something will surely make you look big-headed, right? After all, what do you know?

Wrong.

Often, “inexperienced” colleagues have unique insights and fresh training under their belt. You should feel confident sharing your opinion, even if it’s wrong, at least you’re learning something new.

As our anonymous confessor put it: Your voice should be heard!

AD_4nXfw85kiNWsu0RgoePozoeatGvV2GKPfjmwM-489Pi96mN-lD5VdCJY66P_R9gu00xHjJeULrD8ATm9RCN1Uclcg9c9Fqc5-NAva7eYhGCHh1XdRhsbbDMm2FS432VUOQSmv0IzXdVQsQ8p4Iywn-pKLxsDq?key=BvCfLhmRDbygH04icwG0yA

How do these skill and commitment gaps impact your and your team's overall performance?

While it’s clear that skill gaps are a significant problem in the cybersecurity industry, we wanted to learn how this directly impacts our colleagues.

Confession #3: The "others will fix my problems" attitude

The problem with unmotivated employees is that they won’t be exposed to development opportunities because they simply aren’t interested.

AD_4nXfclBed3gKL1mKi_gqxNpFXfUlgZC6jIrwUwb7yvS4nK9y1LpdoxlmmXDDCgk6crVthAiVEeQZbQKL0Y1l7jVsnQJvDXHaRQe9IBH3TlzoDVLUcAFeygeZLxOMcSIj9741JF8zRdEfrCQ4VRjolnriT0xIG?key=BvCfLhmRDbygH04icwG0yA

This leads to a vicious cycle of talented employees getting all the experience and taking on more work, leading to burnout.

All while the unmotivated employees can coast by doing the bare minimum. This is something we can’t put up with in cybersecurity and we should all encourage our colleagues to learn.

💡Check out our latest report: Building a firewall against cybersecurity burnout, to discover why cybersecurity professionals are burning out and how we can put a stop to it.

Confession #4: Skill gaps tend to have a lesser impact on performance

On a more positive note, our anonymous source here sheds light on how inexperience is an issue that can be solved with the right support.

In the complex world of cybersecurity, everyone requires some level of commitment from their employer to get them up to speed. By investing in upskilling and development, skill gaps will shrink.

💡HTB Enterprise enables the entire team to upskill with personalization options for different skill levels, helping inexperienced employees to get up to speed quicker.

Toyota used Hack The Box to bridge knowledge gaps quickly:

Since implementing BlackSky Cloud Labs, the team has really bridged the knowledge gap between traditional security and cloud. The labs are both challenging and engaging, and we’ve definitely noticed an improvement in our cloud security posture.

Kell Rozman, Cybersecurity Lead, Toyota.

Can you share an example of a time when a lack of practical, hands-on training impacted your team's ability to respond to a real-life security incident?

Lack of practical skills is frustrating for our colleagues, but it becomes a real issue when we are unable to perform jobs properly.

Confession #5: Lack of practical and hands-on training can lead to panic

Completing a one-off degree or exam doesn’t necessarily prepare us for real-world incidents. Whether you work within the incident response team or as a pentester, it can feel overwhelming when the big bad incident actually happens in real life.

AD_4nXf9e4Gj2Ee6tJIk9RAtYdUYznKvymerfmSL-UvKmqRvmtG-5bgNxkADV69Vz97dNRpj9jEOaGyNpRh_6N9BGSlRKsHkXwTJplEGsws-N7u6g2TTP1vB5D3IsZfhQ4nYl4FV3SKQ2eNYOUP0LGiJF8KCVm0?key=BvCfLhmRDbygH04icwG0yA

But panic can lead to rash decisions, mistakes, and even paralysis. Which is exactly what you don’t want to happen during a high-stakes incident.

Team members can feel better prepared to take on real-life incidents if they regularly upskill with hands-on, practical training that addresses the latest CVEs and tactics, techniques, and procedures (TTPs) adopted by threat actors.

How Hack The Box supports you and your team

You already know and love Hack The Box for your personal development, but what if you could boost the performance of your colleagues too?

From lack of experience to demotivated colleagues and missing practical skills: Hack The Box Enterprise platform is designed to supercharge your team’s performance.

Build your professional cybersecurity growth as a team, by unlocking:

Dynamic team exercises: upskill and reskill with your team by embracing challenges with Sherlocks, offering red and blue versions of Machines. Pentesters can try their hand at defending and vice versa, facilitating purple team learning and upskilling in areas you aren’t familiar with.
Joint learning: tackle scenarios with your team, helping each other when stuck, and learning valuable lessons during the process.
Private CTFs: practice, upskill, compete, and have fun with private CTFs amongst your team.
Role-based permissions: depending on your role, admins can grant you different permissions, allowing you to invite colleagues to complete different Machines and challenges. So you can upskill together, not just as one.

You’re only as good as the team you work with, transform your performance with HTB Enterprise Platform.

Upgrade to HTB Enterprise