Chapter 1Introduction and Motivation

I am an imposter.

Many people consider me an expert in cybersecurity, particularly software/application security. Yet, I have no degree in cybersecurity. I have zero security industry certifications. I have never been a cybersecurity practitioner for an enterprise or government agency. So I'm a phony, right? A fraud.

Wrong! Like many of us in this industry, I am mostly self-taught. I leveraged the education and experience I had to build the body of knowledge that has become my own—vast and broad and uniquely “Ed.” Nobody has the experience and education that I do. I have proven myself time and time again. I am a trusted advisor to my clients, I am a speaker at industry conferences, I am a cybersecurity talk show host, and I am a sought-after expert for that very knowledge and experience only I have. I belong.

Many of us in cybersecurity feel conflicted. We feel as if we don't belong because we haven't “earned our stripes” or we lack some technical degree, certification, or hands-on experience. Imposter syndrome is real. But I'm writing this to let you know that you don't need a technical degree or any particular certification or prior hands-on experience before starting your career in cybersecurity. Cybersecurity has hundreds of different types of jobs, both technical and nontechnical. I have many friends and colleagues in cyber (many holding C-level positions) who graduated with degrees in Spanish, finance, philosophy, and other nontechnical/engineering ...

Get See Yourself in Cyber now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.