I'm a year and a half into my cyber security career and I will never forget what a colleague said to me during my first month. "Stop with this imposter syndrome thing, nobody knows what they are doing in this business and a lot of people just wing it." Words to live by!
Remember, there will always be someone else better. This applies not just in tech, but in other industries as well. It's nature. IT is an industry where we are constantly learning and getting better. There will never be perfection. It's impossible to learn it all. That's why we specialize in a field in IT. You can learn the other things as well, but we just have to start from the beginning. Cybersecurity is broad in itself, but we can focus in the subject whether coding, creating new software, pen-testing, etc. I'm doing CS to get the broad spectrum, and also learning Cybersecurity on the side because it uses our knowledge of IT, and we can use coding as well in Cybersecurity. Coding is such a strong skill to have in the field. Constantly learning new things is the industry.
This video has singlehandedly saved my choice to pursue Cybersecurity in college. Since the beginning I've always felt the imposter syndrome and thinking that everyone knew everything while I know nothing. Never knew how common it was
I remember taking a few college classes in IT and a couple of my professors would say : "If you don't know something, it's OK to say you don't know". It makes sense as it's entirely impossible to know everything, and your brain will forget things if it doesn't use it on a monthly basis.
@@coetaconec6831 I started with an Associates degree in Cybersecurity. Towards the end I landed my first IT job as a Helpdesk Analyst. I then transferred for a Bsc in Cybersecurity, graduating in July. I felt like I was ready for a cybersecurity job and started applying. I do not have any certifications yet. As far as jobs are concerned, I was looking to move beyond the helpdesk so I went for sysadmins and security jobs. I would say it depends on your location and your network. One thing I can tell you though is that there’s never a perfect candidate for a job. If you see a job post that requires 3-5 years of experience and you know like 3 out of 10 of the job requirement, apply!
Absolutely agree with you there Grant, I have been in Cybersecurity for 15 years, I have given lectures on Cybersecurity at universities & schools, I have presented at major Cybersecurity conferences to 100s of people and yet I still get bouts of imposter syndrome at certain times. I have recently changes jobs and with meeting all new cyber professionals, I currently going through some imposter syndrome feelings at the moment, however as I am finding my feet around the new place, I realise that everyone else is also in the same boat, I do not know their systems and tooling, however I have the cyber security foundation to build on. A good approach I have found is that if you are asked a question on something which I am lacking in knowledge of, the best thing is to be honest with your answer and say so, but also say that you will go away and find out the answer, instead of trying to BS your way through the answer and give the wrong advice. Cybersecurity is such a broad subject and is always changing, so there is no way that someone will know everything (although you will meet people who believe they know it all) and just treat this profession as a life long learning career. "Cybersecurity Is A Journey, Not A Destination"
Just got a big cyber security engineer internship. Kinda freaking out. I needed to watch this. It’s nice growing with you, been watching your vids for a while. Keep up the good stuff and keep your head up king.
Everyone feels this way. There will always be someone who knows more and has more experience. When I started in the industry I sat in meetings taking notes on all the jargon I had never heard before and later googled what they were talking about. 5 years later I am THE Information Security Engineer for an entire company and I still feel like an imposter. I know next to nothing about API security and yet I’m in weekly meetings being asked to provide security related advise. So I bought a book. Also working to secure our cloud environment and guess what what, bought a book and took training and now I’m one of the resident AWS experts but definitely don’t feel that way. A lot of times I feel like a professional Googler.
After your first year it gets better. When I first got promoted to an application security engineer, I felt imposter syndrome and was incredibly underwhelmed by the new responsibilities. We have a different expectation before getting into the role, but once you're finally in it can be a bit underwhelming which can lead to insecurities about your knowledge and abilities. Now knowing what I know, I can tell you that this feeling is to be expected because you have to work your way into learning and navigating the new responsibilities. In the same breath, the organization may need to keep you somewhat benched until they can utilize you to your full capacity. Either way, it's a win-win situation. My best recommendation is to stay patient and continue developing your knowledge and skills by learning where your organization has skills gaps and begin obtaining the skills to fill them. ✌
@@darkh8036 Better, thanks for asking! I’m constantly humbled when it comes to IT. I remember getting my first help desk job thinking I knew a lot about computers, I was wrong. I thought I knew a lot about security after getting my security+, I was wrong. It doesn’t really discourage me, but motivates me to learn more and keep growing. At the end of the day, I’m still a noob lol. Good luck and congrats on the SOC role! I’m sure it will be a great learning experience. We are all in this journey together.
Wow I really resonate with this, especially as a female in Cyber Sec and only in my position for 18 months. Sometimes I feel like a total fraud. And indeed, the more you learn, the more you realise there's so much more to learn!
Oh no worries, I have been software engineer for close to 8 years now and before that I was only studying in university (plus 3 years)... It really does never go away. :D
its like healthcare the higher you go the more you realize its impossible to know everything, that why there are specialist in Healthcare.. and why there are SMEs in tech. You get paid to specialize not to know it all.
Subbed because of this vid. I’ve seen some of your other videos and it seems every so often there’s a video that answers a very specific question I didn’t even know I had. I’m only 1 semester into cyber security and I feel this %100. Glad I get to learn from someone that just got done doing something I’m just now starting.
I felt the same way. Especially during the interview process. I went through at least 7 or 8 interviews within the past few months, all of which consist of a board like setting where 4 or 5 professionals just bombard you with any question under the sun. I felt really stupid after a few and really smart after the others. The amount of software, tools, techniques, frameworks and so on are so vast that theres really no way for you to know everything. Knowing that, youre totally right. Going back to the basics and studying is probably your best bet to regroup and reasses what you know vs what you dont know.
I’m a year into my journey of learning cyber security. It’s true that I’ve been feeling this more with the more I learn is how much I don’t know. Feels like I won’t get a job or will be under prepared for the job setting. Feels like what I am learning seems as like I will just be the novice will always be treated as so. But from last year I didn’t know what RAM or a CPU or even Linux was. I have learned a lot, but just feels like I’ve gone out on a boat and I can’t see land, and now I see how big the ocean is :)
So as some one who is trying to pivot into this and who has 30 years of experience in Emergency Medical Services take what I am about to say and use it how you want. I have had to deal with this in my current career. We call it the what if’s. Usually done after a bad call or when you question if you did the right thing for a patient. I always tell the rookies you can what if yourself into an early grave. So make yourself a sign and post it where you can see it. The sign should read “ Don’t let the what if’s get you.” No one is perfect and you will make a mistake. It’s how you react to that mistake that counts.
No capes! No one is a super hero, don't try to be one. Thinking you have to be an expert in all areas will kill your self confidence and passion. Then you burn out. Asking for help is always an option.
I have over 22 years of IT experience, of which 6 being directly in cybersecurity. I think a lot of it comes from a fundamental misunderstanding of what we do in cybersecurity. You're pretty much never going to actively hunt down a "hacker", like in the movies. Most will never do forensic investigations or be on a red or blue team. Thus it isn't going to be exciting in that respect. To make matters worse, you're providing a service that if done properly nobody notices. The job is non-stop "whack-a-mole" trying to remediate vulnerabilities where you find them, shore up the information system(s) because all of them have deficiencies as far as configuration or perhaps even architecture, coming up with ways if necessary to implement security controls (that part is fun to a degree), dealing with internal and external audits, etc. So much of the work we do is to make up for deficiencies elsewhere; non-stop software vulnerabilities, miss-configured servers, etc. That's why the "icky" part needs to be done. You're taking security measures, right? Well, what are those measurements? Metrics, KPIs, and KRIs. Have a dashboard that management and security professionals can see; such as on an intranet. This is where you will see if you are doing a good job or not. (in order to combat imposter syndrome) Even better this is what you show upper management in order to justify budget.
I'm 15 and work in the industry its my job, my income at a young age. I also have this sort of problem but with time when you succeeded in something E.g. Reporting a valid bug to a bounty program it goes away and you're full of joy, it comes back shortly. Don't worry. It's normal!
I know im late to the video but I definitely needed to hear this. I'm currently doing an IT internship and for the most part its very familiar. I graduate with my BS in Cybersecurity in december so I'm kinda scared for the higher tier jobs.
I respect how vulnerable you are in your videos. People are scared to say what your saying. Keep up the good work. You helped me and probably others with the anxiety attached to the field. Salute good sir 🫡
As a student trying to get into the Cyber Security Field, I can imagine Imposter Syndrome is very real. I try to gain specific certs to get into the Entry Level job, I KNOW for a fact staying in touch with everything happen (as best I can) etc - News, Tech, etc. The best I can is be confident and know in the back of my head, that I'm always learning and will continue to learn. But know learning the very basics of certs and learning a board variety if skills (even at basic to Adv lvl) is key, I can provide knowledge other colleagues might not have worked on when coming to the Cyber Security Industry. I know I have my work cut out for; but as long I stay positive, keep learning and stay in touch with the Cyber world as best as possible, the lessen of the Syndrome will be. I understand it will never go away.
I'd say it takes a minimum of 6 months at any job to learn a system. The more experience you have on the job the more confident you'll feel over time. Dont be so hard on yourself. It's ok to be wrong lol just bc you feel like you got hired as an expert it's all good you just graduated college nbd.
I’m so scare. I’m a Marine vet and I’m starting into the field. Currently studying for Comptia… it looks simple but I’m know this is just the beginning. I’m also new at Devry for Cybersecurity and I’m excited as well but at the same time like a lot of emotions
I think my current job (well, unpaid year long internship) is teaching me something very important All of the work we do for the customer, they could do themselves if they'd just Google And we often google things as well The difference is, our customers wouldn't even understand the info on Google because they know even less than we do Because we do know more than we think we do And that's why we ended up having the job, and not the person who hired us. Learning new things is part of the job. Having to adapt and use our previous knowledge and experience to do so is part of the job. And that's okay Nobody knows everything
Pretty sure that is applies to every self taught technology Jobs, you know what I think it applies to every thing in life. The way to get rid is to become really good at the skills.
Thanks for the reply Grant! I was chosen CS as my career and I started taking course in SIMPLILEARN platform and I need to know scope in CS and I need to learn from scratch can you suggest me that for a beginner how to start and what should I learn as pre requisite.
Sir please help me My Gmail was hack 1 month ago can't recover my gmail hacker also change my gmail name number password recovery number evrything change please help me
I'm a year and a half into my cyber security career and I will never forget what a colleague said to me during my first month. "Stop with this imposter syndrome thing, nobody knows what they are doing in this business and a lot of people just wing it." Words to live by!
Remember, there will always be someone else better. This applies not just in tech, but in other industries as well. It's nature. IT is an industry where we are constantly learning and getting better. There will never be perfection. It's impossible to learn it all. That's why we specialize in a field in IT. You can learn the other things as well, but we just have to start from the beginning. Cybersecurity is broad in itself, but we can focus in the subject whether coding, creating new software, pen-testing, etc. I'm doing CS to get the broad spectrum, and also learning Cybersecurity on the side because it uses our knowledge of IT, and we can use coding as well in Cybersecurity. Coding is such a strong skill to have in the field. Constantly learning new things is the industry.
Finally someone spoke about it...
This video has singlehandedly saved my choice to pursue Cybersecurity in college. Since the beginning I've always felt the imposter syndrome and thinking that everyone knew everything while I know nothing. Never knew how common it was
I remember taking a few college classes in IT and a couple of my professors would say :
"If you don't know something, it's OK to say you don't know".
It makes sense as it's entirely impossible to know everything, and your brain will forget things if it doesn't use it on a monthly basis.
I just experienced this today, 2 months into my cybersecurity job. I needed to hear this today. Thanks Collins!
If you don’t Mind me asking what degree/certification do you have if any and was it hard to find a job?
@@coetaconec6831 I started with an Associates degree in Cybersecurity. Towards the end I landed my first IT job as a Helpdesk Analyst. I then transferred for a Bsc in Cybersecurity, graduating in July. I felt like I was ready for a cybersecurity job and started applying. I do not have any certifications yet. As far as jobs are concerned, I was looking to move beyond the helpdesk so I went for sysadmins and security jobs. I would say it depends on your location and your network. One thing I can tell you though is that there’s never a perfect candidate for a job. If you see a job post that requires 3-5 years of experience and you know like 3 out of 10 of the job requirement, apply!
i have 2years of experience and the fun part is this is stiil in me....
Absolutely agree with you there Grant, I have been in Cybersecurity for 15 years, I have given lectures on Cybersecurity at universities & schools, I have presented at major Cybersecurity conferences to 100s of people and yet I still get bouts of imposter syndrome at certain times.
I have recently changes jobs and with meeting all new cyber professionals, I currently going through some imposter syndrome feelings at the moment, however as I am finding my feet around the new place, I realise that everyone else is also in the same boat, I do not know their systems and tooling, however I have the cyber security foundation to build on.
A good approach I have found is that if you are asked a question on something which I am lacking in knowledge of, the best thing is to be honest with your answer and say so, but also say that you will go away and find out the answer, instead of trying to BS your way through the answer and give the wrong advice.
Cybersecurity is such a broad subject and is always changing, so there is no way that someone will know everything (although you will meet people who believe they know it all) and just treat this profession as a life long learning career.
"Cybersecurity Is A Journey, Not A Destination"
Hey Grant thank you for sharing this, I had a breakdown last week thinking that I was the only one who feel this. Cybersecurity is so huge
You are not alone. Keep at it!
Just got a big cyber security engineer internship. Kinda freaking out. I needed to watch this. It’s nice growing with you, been watching your vids for a while. Keep up the good stuff and keep your head up king.
Everyone feels this way. There will always be someone who knows more and has more experience. When I started in the industry I sat in meetings taking notes on all the jargon I had never heard before and later googled what they were talking about. 5 years later I am THE Information Security Engineer for an entire company and I still feel like an imposter. I know next to nothing about API security and yet I’m in weekly meetings being asked to provide security related advise. So I bought a book. Also working to secure our cloud environment and guess what what, bought a book and took training and now I’m one of the resident AWS experts but definitely don’t feel that way. A lot of times I feel like a professional Googler.
After your first year it gets better. When I first got promoted to an application security engineer, I felt imposter syndrome and was incredibly underwhelmed by the new responsibilities.
We have a different expectation before getting into the role, but once you're finally in it can be a bit underwhelming which can lead to insecurities about your knowledge and abilities.
Now knowing what I know, I can tell you that this feeling is to be expected because you have to work your way into learning and navigating the new responsibilities. In the same breath, the organization may need to keep you somewhat benched until they can utilize you to your full capacity. Either way, it's a win-win situation. My best recommendation is to stay patient and continue developing your knowledge and skills by learning where your organization has skills gaps and begin obtaining the skills to fill them. ✌
Very well said. Thank you!
I have this all the time man. Thanks for making me feel better. Keep up the good work!
I really needed to hear this today. 4 days into my first cybersecurity job and I feel absolutely clueless. Thank you!
are you doing any better now mate? Starting my junior soc analyst role tommorrow. Same boat
@@darkh8036 Better, thanks for asking! I’m constantly humbled when it comes to IT. I remember getting my first help desk job thinking I knew a lot about computers, I was wrong. I thought I knew a lot about security after getting my security+, I was wrong. It doesn’t really discourage me, but motivates me to learn more and keep growing. At the end of the day, I’m still a noob lol. Good luck and congrats on the SOC role! I’m sure it will be a great learning experience. We are all in this journey together.
Wow I really resonate with this, especially as a female in Cyber Sec and only in my position for 18 months. Sometimes I feel like a total fraud.
And indeed, the more you learn, the more you realise there's so much more to learn!
Oh no worries, I have been software engineer for close to 8 years now and before that I was only studying in university (plus 3 years)... It really does never go away. :D
its like healthcare the higher you go the more you realize its impossible to know everything, that why there are specialist in Healthcare.. and why there are SMEs in tech. You get paid to specialize not to know it all.
Subbed because of this vid. I’ve seen some of your other videos and it seems every so often there’s a video that answers a very specific question I didn’t even know I had. I’m only 1 semester into cyber security and I feel this %100. Glad I get to learn from someone that just got done doing something I’m just now starting.
I felt the same way. Especially during the interview process. I went through at least 7 or 8 interviews within the past few months, all of which consist of a board like setting where 4 or 5 professionals just bombard you with any question under the sun. I felt really stupid after a few and really smart after the others. The amount of software, tools, techniques, frameworks and so on are so vast that theres really no way for you to know everything. Knowing that, youre totally right. Going back to the basics and studying is probably your best bet to regroup and reasses what you know vs what you dont know.
I’m a year into my journey of learning cyber security. It’s true that I’ve been feeling this more with the more I learn is how much I don’t know. Feels like I won’t get a job or will be under prepared for the job setting. Feels like what I am learning seems as like I will just be the novice will always be treated as so. But from last year I didn’t know what RAM or a CPU or even Linux was. I have learned a lot, but just feels like I’ve gone out on a boat and I can’t see land, and now I see how big the ocean is :)
So as some one who is trying to pivot into this and who has 30 years of experience in Emergency Medical Services take what I am about to say and use it how you want. I have had to deal with this in my current career. We call it the what if’s. Usually done after a bad call or when you question if you did the right thing for a patient. I always tell the rookies you can what if yourself into an early grave. So make yourself a sign and post it where you can see it. The sign should read “ Don’t let the what if’s get you.” No one is perfect and you will make a mistake. It’s how you react to that mistake that counts.
I stopped having imposter syndrome after learning TDD in sophomore year of college.
What's TDD?
@@MaZeR98765 Sorry. TDD is test driven development.
I feel like a imposter alit but sometimes I realize I know more than I give myself credit for too when I end up recalling more than I realized I know.
it makes me confident and realise it common to all it geeks thank you for this amazing vidio
No capes! No one is a super hero, don't try to be one. Thinking you have to be an expert in all areas will kill your self confidence and passion. Then you burn out. Asking for help is always an option.
Thank you for this video. Same struggle here.
Feels like Improv-cybersecurity sometimes...
Great job Grant!
Neeeeeeded this. Subscribed. Thank you!
This is a good topic to cover 👍🏼
I have over 22 years of IT experience, of which 6 being directly in cybersecurity. I think a lot of it comes from a fundamental misunderstanding of what we do in cybersecurity. You're pretty much never going to actively hunt down a "hacker", like in the movies. Most will never do forensic investigations or be on a red or blue team. Thus it isn't going to be exciting in that respect. To make matters worse, you're providing a service that if done properly nobody notices. The job is non-stop "whack-a-mole" trying to remediate vulnerabilities where you find them, shore up the information system(s) because all of them have deficiencies as far as configuration or perhaps even architecture, coming up with ways if necessary to implement security controls (that part is fun to a degree), dealing with internal and external audits, etc. So much of the work we do is to make up for deficiencies elsewhere; non-stop software vulnerabilities, miss-configured servers, etc. That's why the "icky" part needs to be done. You're taking security measures, right? Well, what are those measurements? Metrics, KPIs, and KRIs. Have a dashboard that management and security professionals can see; such as on an intranet. This is where you will see if you are doing a good job or not. (in order to combat imposter syndrome) Even better this is what you show upper management in order to justify budget.
Starting my first SOC role tomorrow, impostor syndrome has already set in
I'm 15 and work in the industry its my job, my income at a young age. I also have this sort of problem but with time when you succeeded in something E.g. Reporting a valid bug to a bounty program it goes away and you're full of joy, it comes back shortly. Don't worry. It's normal!
I know im late to the video but I definitely needed to hear this. I'm currently doing an IT internship and for the most part its very familiar. I graduate with my BS in Cybersecurity in december so I'm kinda scared for the higher tier jobs.
Great video
I respect how vulnerable you are in your videos. People are scared to say what your saying. Keep up the good work. You helped me and probably others with the anxiety attached to the field. Salute good sir 🫡
As a student trying to get into the Cyber Security Field, I can imagine Imposter Syndrome is very real.
I try to gain specific certs to get into the Entry Level job, I KNOW for a fact staying in touch with everything happen (as best I can) etc - News, Tech, etc.
The best I can is be confident and know in the back of my head, that I'm always learning and will continue to learn.
But know learning the very basics of certs and learning a board variety if skills (even at basic to Adv lvl) is key, I can provide knowledge other colleagues might not have worked on when coming to the Cyber Security Industry.
I know I have my work cut out for; but as long I stay positive, keep learning and stay in touch with the Cyber world as best as possible, the lessen of the Syndrome will be. I understand it will never go away.
Thank you for this video ❤
I really like your work :)
Thank you Ali!
Yeah man, I feel that. My entirely IT career is a sham...
I'd say it takes a minimum of 6 months at any job to learn a system. The more experience you have on the job the more confident you'll feel over time. Dont be so hard on yourself. It's ok to be wrong lol just bc you feel like you got hired as an expert it's all good you just graduated college nbd.
That's very true!
True. When I first started working with docker containers I had no idea what I was doing. Now it all makes sense. It took 1 year.
Thankyou bro
No problem!
I’m so scare. I’m a Marine vet and I’m starting into the field. Currently studying for Comptia… it looks simple but I’m know this is just the beginning. I’m also new at Devry for Cybersecurity and I’m excited as well but at the same time like a lot of emotions
I think my current job (well, unpaid year long internship) is teaching me something very important
All of the work we do for the customer, they could do themselves if they'd just Google
And we often google things as well
The difference is, our customers wouldn't even understand the info on Google because they know even less than we do
Because we do know more than we think we do
And that's why we ended up having the job, and not the person who hired us.
Learning new things is part of the job.
Having to adapt and use our previous knowledge and experience to do so is part of the job.
And that's okay
Nobody knows everything
Thank you.
I needed to hear this. You just made my day! Thank you!!!
Been at my sysadmin job for 2 months and feel like this constantly. 😭
Pretty sure that is applies to every self taught technology Jobs, you know what I think it applies to every thing in life. The way to get rid is to become really good at the skills.
GOAT
HAHAHAHAHAHAHAHAHAHA the real world hits hard don't it
Hi Grant I’m currently learning cyber security course in Simplilearn.
Could you please help on this course and career to move forward.
Hi, what do you need help with?
Thanks for the reply Grant!
I was chosen CS as my career and I started taking course in SIMPLILEARN platform and I need to know scope in CS and I need to learn from scratch can you suggest me that for a beginner how to start and what should I learn as pre requisite.
Among Us has ruined this thoughtful video for me 💀
thumbs up for your profile pic
👌🏻❤️
Sir please help me My Gmail was hack 1 month ago can't recover my gmail hacker also change my gmail name number password recovery number evrything change please help me
Hey grant, basically I have learnt python and was thinking if you can release a video on making a simple but efficient ransomeware using python. Thx
Get over it. Just throw some machine learning and deep neural nets to cyber security 🙄
: )
panda