top of page
Writer's pictureAnna Collard

Why it's ok to be an amateur in Cyber Security

Updated: Nov 24, 2021


Photo credit: Paul Grapendaal


When I was growing up I noticed that unlike a lot of my friends I never really belonged to any particular group or clique. I was friendly enough with everyone to be allowed in their circles from time to time but I did not get hung up about whatever it was that defined each group, the sport, the music, or the fashion (my first concert was the Beasty Boys but I also enjoyed Gun’s n Roses, and electronic music).


I was and still am easily excitable about a lot of things and I often end up getting passionate about something for a while only to replace it with something else in a few months or years. This allowed me to dabble in many different things but never become really good at any of them: I joined indoor and beach volleyball teams, got into mountain-biking, became an art teacher to elderly ladies, completed my Yoga teacher training, started trail running, and I can’t get enough of reading or listening to podcasts about everything and anything.


People who dedicate their lives to one thing, be that a sport, hobby, or career have looked at me before and judged it as scattered or unfocused. Because of this, I remember buying a book in my twenties “What Do I Do When I Want To Do Everything?” which helped me feel less weird about it.


One thing I find fascinating about working in the Security and IT industry – and probably why I’ve stuck around in it for so long - is the number of people who are like this too – people with a variety of skills, talents, and interests, that seem to change over time. Often the more unassuming the person appears at first glance, the more incredible their achievements are.

There was this networking engineer at Internet Solution who walked around in flip flops and shorts and who had 3 PHDs, one of which was in astrophysics. Today Melissa, who works in our software engineering team told me that in her past she was a tax attorney in New York with two law degrees.


My colleague Roger Grimes published 15 books, is into scuba diving, quantum physics, politics, and used to be a skydiver, BASE jumper, and sky surfer for 10 years. He was also a cave and wreck diver for many years.

Roger likes to immerse himself in topics for a few years at a time. Right now he is into quantum and particle physics.

I worked with Paul, a senior security engineer with a wicked sense of humor who in his spare time builds telescopes, with which he takes really cool space photos, restores a Pontiac Firebird 1981, goes surfing and mountain biking, and still finds time to be a good dad and husband.

Paul's Pontiac :-)


Charl a security pentester, entrepreneur, and researcher, is on the board of a children's charity and completed some grueling races in the deserts as well as in Antarctica.


Kerissa, the managing executive for Cybersecurity at a global mobile operator who is also spearheading the private-public sector collaboration group Cybersecurity Digital Alliance and is the president at WiCyS South Africa while juggling to be a mum is an incredible supporter of girls and women in the industry.


The Big 5 personality traits provide an indication of this tendency. People with high scores on Openness are inspired by all sorts of matters. They enjoy experiencing new things and going (deeply) into new issues all the time: they become bored otherwise.


That is why perhaps the security & tech industry suits people with that personality trait so well and why one feels “understood” by one’s peers. Also, there are many domains security touches on from networking to psychology to software engineering, to endpoints to cloud architectures, and many more. And each one of them allows for digging into very deeply.


Diversity of thought, cross-domain thinking, and knowing how to research something quickly are helpful tools in complex problem solving, a skill that is definitely top of the list for any security professional worth her salt.


The security landscape is constantly changing, requiring a lifetime of learning and adapting. Sometimes this everchanging field can become daunting or overwhelming, particularly when social media gets thrown into the mix, a distraction that can create a lot of noise without necessarily providing much substance.


Self-discipline to focus on finishing one task at a time is crucial to making sense of it all. Mindfulness and productivity hacks such as Inbox-Zero, master-lists, and Eisenhower's Urgent/Important matrix really helped me to focus my Dory-like attention span on what matters and getting stuff done.


Even after 20 years in security (20 000 hours?) I’m anything but an expert in any of the domains. But I’m ok with the fact that I’ll probably be forever a jack of all trades rather than a professional in just one. Having done many different things over the course of my career, most of which were security-related, I’m still an amateur. But the word amateur comes from the Latin word amare, meaning to love. So it describes someone who does something purely for the love of it. And isn’t that what it should all be about anyway?


642 views0 comments

Recent Posts

See All
Image by kylefromthenorth
Join My Mailing List

Thanks for submitting!

About Me
Anna 22 formal.jpg

I'm a creative security awareness content developer and founder with a demonstrated history of working 20+ years in the cybersecurity industry. Originally from Munich, Germany, I've been living in Cape Town, South Africa for the last 20+ years. Successfully grew bootstrapped startup Popcorn Training to US acquisition and scaled team in a hyper-growth environment under the new ownership as the regional MD of KnowBe4 Africa.

Since 2021 I've moved into an evangelist role at KnowBe4, driving cyber awareness across the African continent with a special focus on cyberpsychology, security culture, metaverse, Web3 security, and the intersection of mindfulness on cyber.

I'm a Member of the World Economic Forum’s Global Future Council on the Future of Metaverse for the 2023-2024 term as well as a member of the WEF Metaverse Initiative Governance Working Group and Security Skills Development Group. 

 

I'm a founding member and on the Mido Cybersecurity Academy advisory board, aimed at underserved communities in South Africa to bridge the cyber skills divide.

I'm a certified business analyst and have an MSc in Cyberpsychology from the University of Applied Sciences in Vienna. I hold multiple security certifications, including CISSP, CISA, CIPP/IT, ex PCI DSS QSA, ISO 27001 Implementer, and auditor.

Im also a Yoga Alliance certified Yoga Teacher Trainer (YTT 500) and certified Trauma Sensitive Yoga Facilitator.

Awards / Recognitions:

- Top 20  Women in Cyber of the World 2024 

- Top 100 Influential Women in Tech South Africa 2024
- Women in Cyber People’s Choice Award 2023
- IFSEC Global Influencer in Security for 2022.
- UK’s IT Security Guru 21 Most Inspiring Women in Cyber in 2021
- Top 100 Women in Cyber 2020 and 2021 globally by Cyber Defence Magazine.
- ISACA South Africa President Award for 2020
- Women in Tech Innovations Africa 2020 Award for Southern and Central Africa at Africa Tech Week
- Top 50 Women in Cybersecurity – Africa 2020

 

© 2024

  • LinkedIn
  • X
bottom of page