What to Do if You Make a Mistake in Cybersecurity
At some point in your career, you will make mistakes—small mistakes, big mistakes, even career-defining mistakes. I am writing this in retrospect because during the course of my job duties, I made a big mistake. This is what to do if you make a mistake in cybersecurity.
The details are irrelevant, but I wanted to share my experience with making mistakes in the professional world. Mistakes and human error in Information Security account for 70 percent of the initial intrusion vectors for attackers, states the 2023 Verizon Data Breach Investigations Report. This report suggests that, “basic security hygiene is what matters the most in terms of effective defensive countermeasures.”
Security starts with you. Understanding the impact of what a careless mistake could mean to the security of your organization and to your personal reputation as a security practitioner could very well be detrimental.
In one case, an employee working in the finance department of a wire and cable manufacturer was sent an email claiming to be from the company’s executive, demanding to have 40 million Euros transferred to a bank account in the Czech Republic. This is one instance where a mistake caused a company an incredible financial hardship due to human error.
When making mistakes, especially as a security practitioner, it is important that you look yourself as a brand. You are your personal brand—your brand is defined by your actions. If you have good actions, then your brand will sell very well. If you promote your brand, there will be a higher demand for it.
However, in the case of an event where you just made a royal mistake, it’s time to think about your options. If you are genuinely unsure if you made this error, it is important that you first seek clarity. It has been extremely important in my life to take ownership and accountability for my mistakes. But don’t be a martyr. Every mistake comes with a prolific opportunity to grow from it, but if it wasn’t your mistake, then you are hurting your brand without gaining the opportunity to grow.
My first suggestion to you if you are unsure of the mistake is to find the evidence. If in your search you do indeed find that it was entirely you and you are the problem, the second piece to the puzzle for is to accept ownership.
I have seen people go to vast means to deny, deny and deny. In all aspects of my life, this has never worked to my favor. You need to accept that you can, will, and do make mistakes in life. Taking accountability for your mistake comes with a price tag. There will be some level of consequences for your mistake.
We will call consequences “amendments” because to amend something is to change it, and that is exactly what you need to do. The worst thing that could ever come out of this is for you to be wrong once then continue to be wrong for the rest of your life, so call your consequences “amendments.”
You want to change the impact of your mistake. Changing the impact of your mistake could mean a lot of things.
However, it starts by asking those you’ve impacted, “How can I change things?” This seems simple but the magic in this is meaning it. I’ve done this enough to know that people will feel if you are sincere or not. Amending may very well be not behaving that way from that point forward; it may be a financial payment, it may even be jail time (let’s hope not).
Whatever it may be, I have learned that walking away with an action step is the only way to repair your brand. It starts with asking that question. Seek an agreement between you and those affected. Carrying out your obligation to agreement is the only way to repair your brand.
I must warn you that entering into this agreement and not carrying out the obligation to the full extent will demolish any credibility you might have beyond repair. It’s very serious and you must treat it so.
Handling mistakes this way has proven to be the most effective way to overcome and grow beyond any obstacle I have ever faced thus far. Remember:
Seek Clarity
Accountability
Amendments
And remember that security starts with you.
Tyler Wall is the founder of Cyber NOW Education. He holds bills for a Master of Science from Purdue University and CISSP, CCSK, CFSR, CEH, Sec+, Net+, and A+ certifications. He mastered the SOC after having held every position from analyst to architect and is the author of three books, 100+ professional articles, and ten online courses specifically for SOC analysts.
You can connect with him on LinkedIn.
You can sign up for a Lifetime Membership of Cyber NOW® with a special deal for 15% off with coupon code "KB15OFF" which includes all courses, certification, the cyber range, the hacking lab, webinars, the extensive knowledge base, forums, and spotlight eligibility, to name a few benefits.
Download the Azure Security Labs eBook from the Secure Style Store. These labs walk you through several hands-on fun labs in Microsoft Azure, leaving you with the know-how to create a gig in Fiverr or Upwork to start your cybersecurity freelancing.
Some of our free resources include the Forums, the Knowledge Base, our True Entry Level SOC Analyst Jobs, Job Hunting Application Tracker, Resume Template, and Weekly Networking Checklist. Ensure you create an account or enter your email to stay informed of our free giveaways and promos, which we often offer.
Check out my latest book, Jump-start Your SOC Analyst Career: A Roadmap to Cybersecurity Success, 2nd edition, published June 1st, 2024, and winner of the 2024 Cybersecurity Excellence Awards and a finalist in the Best Book Awards. If you enjoy audiobooks, I suggest the Audible version, but you can also get it in beautiful paperback, kindle, or PDF versions. The downloadable PDF version can be grabbed here.
Comments