10 Things I Learned In the First Year of My Career

I am extremely proud to say I have completed my first year of my cybersecurity career. This year has been full of great opportunities as well as challenges to overcome, but I am proud to say I am learning and growing everyday. I wanted to provide some takeaways from my first year as a cyber insurance professional to hopefully help anyone else looking to break into the industry. Here are 10 things I learned:

1. Insurance is cool!

   Who would have thought insurance would be such a rewarding career? Insurance is something I think is often looked down upon or seen as an unwanted expense when rather is an industry where I get to help people directly. Insurance is about managing risk and helping organizations continue to operate despite the everyday hardships they are bound to face. I get to play a part in helping organizations on their worst day when they have a cyber event in a very different way than many other cyber professionals. The insurance industry is also a relationship-based industry which I have found myself to thrive in regularly interacting with our carriers, team members, clients, and other partners.

2. “I don’t know” can be one of the most powerful answers

   There have been so many times I have received questions in meeting with coworkers or clients that I did not know the answer to. I received a great piece of advice that it’s okay to say “I don’t know.” I would get so nervous for these kinds of meetings where clients would ask all sorts of questions about cyber, and I would begin to doubt my knowledge and expertise in the space. However, being able to say “I don’t know” gave me the permission I needed to know it’s okay to not know everything. Especially in cybersecurity, the industry is so vast for one person to know everything. What matters is continually striving to learn, and when you don’t know the answer, going to seek out that information or resource.

3. Seeking feedback is important

   With a new role at my organization I am undertaking, I have gone out of my way to ask my colleagues for feedback on how I can best support them in cyber for their respective roles. I can take on all the projects in the world I think are going to help my colleagues and clients, but ultimately, I do not know what they need to help them better manage cyber risk unless I ask. Having this open line of communication is extremely important. If you do not fully understand the problem you are trying to solve, you are never going to come up with the most effective solution. 

4. Growth takes time

   The key to growth is building good habits and creating routine. Building expertise is not something that happens overnight, but rather in the small commitments consistent across each and every day. Through taking 10-15 minutes to study a day, reading a quick article about cybersecurity, or event taking the time to write a blog like this, I have been able to continue to sharpen my skills. With cybersecurity, it’s a marathon, not a sprint. Building any new skill requires discipline and stick-to-it’ness, even when things seem out of reach.

   Within the past year, I have become quite the houseplant collector. This is something I regularly think about when I think of growth. Just like growing a strong, healthy, beautiful plant, it takes time. There is not going to be a new sprout overnight, and propagating a plant can take weeks. Cybersecurity is something that with a small bit of growth everyday, can turn into something amazing.

5. Fall in love with learning

   Find what area of cyber really interests you, and focus in on that. Cybersecurity takes hours of study and dedication, so focusing it on something that brings you joy and you are genuinely interested in makes things so much easier. There are so many areas of cybersecurity to explore, and you will find the greatest success in the area that resonates with you.

6. Organizations of all sizes and of all industries are susceptible to cyber attacks

   Through the course of my year in cyber insurance, I have seen countless cyber attacks on organizations of all different industries and all different sizes. I have seen small nonprofits, large hospitals, small contractors, and everything in between be hit by cyberattacks of all different varieties. There is never a time I am telling an organization they do not need cyber coverage. Everyone is susceptible in some manner, even those that are outsourcing pieces of their infrastructure. Even storing all your sensitive data with third parties does not completely limit your liability as the data owner. If you are collecting information, it is ultimately your responsible to ensure it is safeguarded, not whatever third party you choose to store it with.

7. Effective communication can be one of the hardest skills.

   Something I have found to be the most difficult in my role is to remember not everyone within my organization is dealing with cybersecurity day in and day out. Being able to really break down not only the cyber risks for organizations, but the cyber coverage they need for these risks has been a challenge. This is an area I am continually looking to improve and find new ways people describe cybersecurity concepts I can adopt. 

8. Don’t be afraid to ask for help.

   When first beginning my job, I felt hesitant to ask others for help. I did not want to be a burden to my already busy cyber specialist colleagues in other regions of our organization. However, I have found everyone to be incredibly willing to lend a hand and provide some insight, I just had to get over my fear of asking. Starting a career in cybersecurity requires support, and there are so many people who are willing to lend a hand and share their knowledge if you are willing to ask.

9. Surround yourself with people who support you.

   I have found an amazing community of people both within the tech community and outside of it who have been extremely supportive as I have begun my career in cybersecurity. Especially being a young professional, it can be common to feel some imposter syndrome. It’s great to have some cheerleaders in your corner to cheer you on when you have a particularly challenging task come your way, are having a hard day, or just generally struggling with self doubt.

10. Taking a chance is a great way to find something you love!

    I took a large series of chances in starting my job in cyber insurance to begin with. I knew nothing about insurance and I had to get an insurance license for my job. It has really been learning an entirely different industry alongside continuing to sharpen my cybersecurity knowledge. While it was a chance in jumping into this role, it has been extremely rewarding and fascinating.