Unfortunately, I don’t have space to take on more mentorship spots right now. And I don’t want to leave you with nothing. Look at the content below and pick a place to start.
Before you start in cyber, take a personality assessment. Just do it. It will help far more than you probably realize right now. Seriously. Here's a good one: 16 Personalities
If you’re not currently in the cyber security industry, start here. This will help you figure out where to start and which direction to go: https://www.linkedin.com/pulse/why-youll-fail-cyber-security-stephen-semmelroth-/
Know your adversary. Read Sandworm: https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405
If you’re getting out of the military, start here: https://www.linkedin.com/pulse/military-transition-cyber-focus-stephen-semmelroth-/
Cybersecurity Career Master Plan by my friends Dr. Auger, Jax, Jon Helmus, and Kim Nguyen. Read the book to help select your career: https://www.amazon.com/Cybersecurity-Career-Master-Plan-cybersecurity-dp-1801073562/dp/1801073562/
If you want an overview of the industry and the top technical frameworks to look at, start here: https://www.linkedin.com/pulse/how-learn-cyber-over-weekend-orientation-48-hours-semmelroth-/
If you have a question about cyber certs, go here: https://www.linkedin.com/pulse/how-pick-your-firstnext-cyber-certification-stephen-semmelroth-/
If you want to learn how to do technical malware analysis, start here: https://www.linkedin.com/pulse/how-build-exploits-reverse-engineer-semmelroth-mba-meng-cissp/
If you want to learn how the bad guys are attacking you personally, go here: https://www.linkedin.com/pulse/shame-security-stephen-semmelroth-/
Don’t just have an incident response plan, REHEARSE it (and learn from Equifax) - https://www.linkedin.com/pulse/learning-from-equifax-why-businesses-must-rehearse-plans-semmelroth/
CISO tools - Open-source cybersecurity policy templates that we open-sourced so you don’t have to build them yourself - https://github.com/ericiussecurity/ProjectKeystone (originally published open-source at StrataCore)
CISO tools - Open-source vCISO tools. The five phases of a security program build (roadmap) - https://github.com/ericiussecurity/vCISO-Tools
CISO tools – Carlota Sage has the industry standard roadmap and financial analysis tools. Use them. Give her feedback. She’s awesome - https://github.com/carlota/showmethemoney
People to follow (unordered)
- Kevin Apolinario
- Sean Eyre
- Adrian Tilston
- Rachel Arnold
- Paul Cummings
- Tom Pyke
- Chimeria Gonzalez
- Conor Sherman
- Stephen Semmelroth (blatant self-promotion)
Twitter to follow (unordered):
- @MalwareHunterTeam
- @malwarejake
- @tinkersec
- @MalwareUnicorn
- @haveibeenpwned
- @diodepack (blatant self-promotion)
- @brysonbort
News sources to watch:
- Dark Reading - darkreading.com/
- Bleeping Computer - bleepingcomputer.com/news/security/
- Tech Radar - techradar.com/
- Wired - wired.com
- C4ISRNET - c4isrnet.com
- Tech Crunch - techcrunch.com/
- CSO Online - csoonline.com/
- The Hacker News - csoonline.com/
Resume help:
- VetSec (Slack) - Veteran Security Group - Vets only
- Katia Dean - paid, this is not an endorsement
- Richard Drosin - paid, this is not an endorsement
Cover photo by Michael Dziedzic - @lazycreekimages
Editors Note: This article is shamelessly stolen (with permission) in its entirety from Stephen Semmelroth’s original article posted HERE. Stephen Semmelroth is an amazingly positive voice in the cyber community. I once attended a conference with him where he sat down for 2 hours red-inking resumes for free to help people looking for new jobs. He mentors transitioning veterans as well as people looking to transition into the cyber field. You should connect with him on LinkedIn HERE.
