How community involvement shapes cybersecurity careers and mindsets

In cybersecurity, many of us are self-starters and self-learners. In a field that’s so vast, so competitive, and changing so fast, we may often feel that we’re competing against others.

But being constantly engaged in a race against others is not a sustainable way to build a career – or enjoy life.

The best experiences and the kind of learning that sticks don’t happen in a vacuum.

In fact, the most memorable milestones in life are those we share with others. Almost everything is better when you have people around you who support or challenge you to expand your thinking.

Thankfully, there are plenty of communities in cybersecurity where you can find them. They can be mentors to learn from, peers to share your journey with, and students who need to learn what you know. Being an active member of these communities will not only accelerate your growth, but also introduce you to lifelong friends.

Explore the perspective of 11 infosec rockstars!

To help you explore the significant ways in which community involvement can have a huge positive impact on your life, we asked 11 people whose deep commitment to cybersecurity goes beyond work to share their stories.

We hope their experiences will fuel yours.

  1. Jayson E. Street – “I would not be where I am today if it wasn’t for this community!” Read his community story.
  2. Amit Serper – “I’ve met some great people and forged amazing friendships with people from the infosec community.” Read his community story.
  3. Nikki Webb – “Community initiatives got me through some very dark times and they encourage more diversity and inclusion.” Read her community story.
  4. STÖK Fredrik – “Being a part of the cybersecurity community taught me how great it feels to help others, to give credit where credit is due, and not be afraid to ask ‘stupid’ questions.” Read his community story.
  5. Tanya Janca – “Through the community I have had significantly more opportunities to learn, find work, and expand my entire viewpoint on our industry.” Read her community story.
  6. Sebastian Paul – “Being part of the community was the opportunity to gain that broader view, to see different perspectives, and to be challenged to evolve my own points of view.” Read his community story.
  7. Valentina Galea – “Being an active part of the cybersecurity community helped me become a better professional, allowing me to provide the essential assistance for someone switching careers.” Read her community story.
  8. Robert Vulpe – “Many of the people I met online are my close friends.” Read his community story.
  9. Andra Zaharia – “The communities in cybersecurity gave me a way to contribute, to feel connected to people, and a chance to gain confidence when imposter syndrome crept in (and when it still does).” Read her community story.
  10. Ionut Popescu – “We have families and jobs but we did not forget how we started, how we were helped, so we still want to support others and raise the new generations properly.” Read his community story.
  11. Florina Dumitrache – “Cybersecurity has the power to bring to the surface the best in people – the passion, the ambition and the power to get involved in making the online world a better place.” Read her community story.

Jayson E. Street 

Author. Speaker, Scientific Hooligan, Chief Chaos Officer at @Truesec Also @defcongroups & @HackNotCrime Ambassador

“The one and most important thing I’ve learned about the importance of community and career is that being able to connect with and exchange ideas with the broad and diverse community is invaluable to any career! 

Your personal network of fellow Hackers & professionals will help you throughout your career and the friendships are even more valuable! 

I would not be where I am today if it wasn’t for this community!”

Amit Serper

Hacker, security researcher, musician, politics nerd. Director of Security Research @sternumiot. @BsidesTLV review board.

“I’ve been involved in the community for almost a decade now. It helped me to shape my career and mindset by actually knowing the people behind the research papers, blog posts, and tweets. 

I enjoy meeting people in conferences and “talk shop.” I believe that this is the best way to learn – by not only reading what people write, but also by talking to them and getting to know them and how they think. 

I’ve met some great people and forged amazing friendships with people from the infosec community. Knowing and talking to different people helped (and still helps me) to not only learn new things, but to develop my career into learning more technologies and getting to know new challenges.”

Nikki Webb

Channel manager for the global MSSP @Custodian360. Also part of the @TheBeerFarmers , @RespectinSec and @HelplineCyber #HariboHacker

“I think my career path was always shaped for me within cyber security as in I love my job and I have a deeply ingrained need to help people and encourage good behaviours, so this transfers to cyber security and managed services very well. 

My mindset though is a very different story, my job has always been customer facing and I need human interaction to thrive in all aspects of my life. When we were thrown into lockdown nearly two years ago now, I was suddenly grounded, and I went down a hole very quickly. 

I found The Cyber House Party and joined their very first one and realised I was not in this alone and there was a whole community of people feeling just the same as me. Suddenly I felt excited and most importantly realised I just had to pivot what I did and how I approached my role. 

I have completely shifted how I think about my career, there is no such thing as a dream job, your job is something that should evolve with you, and you must embrace that or move on. I have very much adopted an always learning ethos and at the very core of that now is my love of helping people in whatever way I can. 

Community initiatives from Cyber House Party to The Beer Farmers to The Cyber Helpline got me through some very dark times, and I like to think that they help other people in those same dark moments, as well as encourage more diversity and inclusion in the crazy wonderful and exciting world of cyber we find ourselves in.” 

As Nikki remind us:

“Knowledge is power, community is strength and a positive attitude is everything” – Lance Armstrong

STÖK Fredrik

Creates Cybersecurity Awareness / Educational Content and hacks all the things at @truesec

“Ever felt like an imposter, in way too deep, just waiting for someone to catch up to the fraud that you are?

Well, you are not alone. In this fast-paced, highly technical, and sometimes groundbreaking industry, it’s easy to feel… lost. 

You might ask yourself: “but how does everyone else seem to know EVERYTHING? Why can’t I keep up with all the news, latest tech, research, and releases?” The simple answer is: you can’t! And that’s ok. 

Being a part of the cybersecurity community I’ve learned over the years the importance of being curious and sharing what you learned. How great it feels to help others, to give credit where credit is due and not be afraid to ask ‘stupid’ questions. Sharing is caring, and who knows, it might open up doors you never thought existed!

But also remember: if you feel overwhelmed, take a break, get some off-screen time. And approach your next challenge the same way you would try to eat the world’s largest burger: one piece at a time.”

Tanya Janca

Best-selling author of Alice and Bob Learn Application Security. Learn to secure software with me & @WeHackPurple! #devrel @brightappsec 

“Without my involvement in the InfoSec and AppSec community, I would never have gotten to where I am today. I had several community members mentor me, introduce me for job opportunities, and encourage me. Through the community I have had significantly more opportunities to learn, find work, and expand my entire viewpoint on our industry. 

If I only had spoken to people at work, I would only learn what they know. By being a part of the community, I have been able to have a wide friend of the entire industry, and its best practices. 

Community involvement has been priceless for me.”

Sebastian Paul 

Interested in all things Security, Security Governance and AppSec. Occasional conference speaker. Opinions are my own, and not afraid to change them.

defcamp 2022 sebastian avarvarei“I’m one of the people who got into cybersecurity via the more traditional IT route. Before becoming exposed to cybersecurity, I started in software development and, with a twist of luck, in project management as well. 

It was already a rather vast field at the time, and it surely grew a few orders of magnitude since then. We’ve long past the point where one single person can understand, let alone master, all the various cybersecurity knowledge areas. Yet at the same time, everything is connected to everything, and we’re expected to be able to see the big picture. 

For me, being part of the community was the opportunity to gain that broader view. To see different points of view. And, not in the least, to be challenged to evolve my own points of view. 

I had the chance to join for a few years the crew of one of the large infosec conferences, as a volunteer. It is a significant time and energy investment, especially if you put your passion into it and want to ‘do it right.’ But it’s also highly rewarding. It’s an opportunity to meet great people and to have amazing discussions. And, at least for me, it gave a deeper dimension to that community feeling. Something that can only come from that unique sentiment of ‘we built this together!’”

Valentina Galea

Junior Ethical Hacker at BIT SENTINEL, Cyber Security Tournaments Manager & Security Labs Author at CyberEDU.ro

“My first job as a security professional was in the gaming sector, where I worked as a QA Anti-Hacking tester and eventually became a lead in the process of establishing protection mechanisms for mobile games that were compatible with the iOS and Android platforms. 

I made a complete transition to a profession in cybersecurity around four years ago, and I got my start in the field as a junior ethical hacker. My professional experience consisted of graphic design and other activities linked to gaming, so the first two years of my career were highly intensive and full of a wide range of feelings. Seeing how technically proficient my coworkers were made me incredibly nervous about making mistakes, but going to my first Def Camp opened my eyes to how kind and helpful the cybersecurity community is to those who are just starting out in the field. 

Many people in the business world have become my friends, and their support and encouragement have kept me going strong no matter how challenging the circumstances around me may have been.  As a woman who is both an artist and an expert in cybersecurity, I feel loved, welcomed, and nurtured by the community of cybersecurity professionals. 

As a result of all the people who have assisted me over the course of the last four years, I have decided to become an active mentor for #UNbreakable in order to provide the same assistance and motivation to other individuals who are considering a career in cybersecurity. 

In conclusion, I am pleased to announce that being an active part of the cybersecurity community helped me become a better professional, allowing me to provide the essential assistance for someone switching careers.”

Robert Vulpe 

Bug Bounty @Hacker0x01 | CTF Player @WreckTheLine

“For me, cybersecurity started with the community. At the time I started learning about this domain, there was no LiveOverflow to break it down simply. But there were a few highly active communities with incredible people. 

I started learning from each post, and helping out however I could. Since that time, about 15 years have passed and many of the people I met online are my close friends. 

In more recent years, I switched my community efforts to Twitter. This way it’s completely open, more global and everyone can chip in the conversation. There are incredible hackers across the world whom I wouldn’t have met otherwise.”

Andra Zaharia

Content specialist for cybersecurity companies. Host of the Cyber Empathy podcast. @hacknotcrime Advocate. @alt_mba alumna. 

“Being an active member of the cybersecurity community (or a pocket of it) created a virtuous circle in my life. 

It opened up my perspective by giving me access to diverse people I might’ve never met otherwise. 

It showed me the human side of security, which I’ve made my mission to highlight, support, and champion through my work. 

I’ll never forget seeing Jayson E. Street speak at DefCamp 2017 and how kindly he acted when I went to say thank you for his presentation. I was incredibly nervous and he took all that away with a big smile and a handshake.

The communities within cybersecurity helped me find conversations and stories that elevated my thinking, my understanding of the ethical issues involved in infosec, and my work as a result.  They also gave me a way to contribute, to feel connected to people, and a chance to gain confidence when imposter syndrome crept in (and when it still does).  

When you’re part of a well-rounded community, you get to experience it from 3 roles: you get to be a student, learn from peers, and also teach others. When this happens, you learn and grow faster, get a stronger sense of reward from your work, and also improve your decisions along the way. 

My life wouldn’t be as rich and rewarding without the people in DefCamp and a few other communities. They’ve changed my life for the better!”

Ionut Popescu

Senior Application Security Engineer. Interested in C/C++, ASM, Windows internals, reverse engineering, exploit & shellcode development and advanced web exploitation. GitHub: http://github.com/NytroRST

“I started my security journey a long time ago (more than 15 years) by discovering “underground” security forums. It was a time when technology was not so advanced, security communities were small and documentation was totally missing. It was the time when XSS was already well-known, SQL Injection started to become popular as web applications were not very complex and it was amazing to work on tools such as keyloggers or RATs. 

Starting my journey on forums helped me understand one core ‘hacking’ concept, little known nowadays: offer something back to the community. Since there was not too much documentation available we tried to figure ourselves how things work and how they can be exploited. We have been helped and we helped back. 

Another important difference from today was about money. It was difficult to make money out of both blackhat and whitehat. So we did not do it for money, it was pure pleasure to circumvent a system to behave in unexpected ways. We only improved our serotonin levels by getting community respect from our work. 

Finding a security career was also difficult, at least in Romania where it took many years for companies to build security teams. The situation is totally different today as there is an important lack of security employees. Communities also helped me land awesome jobs, just think about coming to an interview, being technically prepared and hearing: ‘Oh, I know you from the Romanian Security Team forum’ or ‘I saw your DefCamp presentation’, you know it will end well. 

I am sad that, presently, security communities are not so popular anymore. People are not getting together anymore to help each other. It seems like everyone is following their own path for a career or for money. What still makes me happy is that we became friends through the community. I have a lot of friends and I even worked (and work) with a lot of people I met in security communities. 

I still have hope that getting together online will become popular again and we will get together to share our common passion: security. This is why our old forum, RST, is still alive, although not very active. We have families and jobs but we did not forget how we started, how we were helped, so we still want to support others and raise the new generations properly. 

Until this happens, we will continue to gather at least one per year at the community that brought us together face to face: DefCamp.”

Florina Dumitrache

Co-founder at CyberEDU.ro, Strategy and Business Development Manager at BIT SENTINEL, Strategic Partnerships & Event Coordinator at DefCamp

“I entered the cybersecurity world almost 10 years ago when I joined DefCamp. I must say it’s been quite a ride but once I’ve got a glimpse of the industry and especially the people, I never went back to my old self. 

Why? Well, cybersecurity has the power to bring to the surface the best in people – the passion, the ambition and the power to get involved in making the online world a better place. Actually, that’s why my current job – as Co-founder of CyberEDU – focuses on cybersecurity education. Because I believe the world needs more infosec experts and CyberEDU provides an environment for learning and practicing cybersecurity. 

All in all, I am happy to be part of the local cybersecurity community and will keep doing my best to spread the word about the importance of cybersecurity – both for awareness and for acquiring skills.”

Find your people. It’s worth it!

As you’ve seen from these stories, being part of a community who sees cybersecurity as a way to improve the world serves everyone well. It creates bonding experiences, friendships, memories to last a lifetime, and it gives even more meaning to the work you love doing. 

And what’s better is to meet them IRL, to share a pizza, chat over coffee, exchange stickers, and generally have a good time. 

That’s why we love making DefCamp each year! There’s no better feeling that meeting you all, learning together, and bringing new people into the community. 

Wherever you are, we hope you find your people and feel that connection that’s worth cultivating and protecting. 

 

    Related articles​

    Cybersecurity may come in different shapes and ..

    BY Adina Harabagiu
    Since you’re working in cybersecurity, you’re most probably doing everything in your power to keep your ..

    Driving innovation while securing intricate ..

    BY Adina Harabagiu
    When scanning an extensive environment for vulnerabilities, there are lots of potential attack vectors hackers..

    IoT: how does interconnectivity alter the ..

    BY Adina Harabagiu
    The first things that come to mind when discussing “interconnectivity” are PCs, tablets, smartphones and ..