Penn Medicine security consultant Michael Godfrey advises aspiring cybersecurity professionals, including Information Assurance Specialists (IAS), differentiate themselves by "doing more," which means keeping-up with not just security standards and regulations, but also with the business process management techniques for managing them effectively. “Doing so will enhance your understanding of the security space and how to manage it, therefore, making you more valuable to an organization,” explains Godfrey.
“There’s also inherent merit in diversifying your experience as a security professional— particularly if you’re interested in vertical career growth,” continues Godfrey. “Having transitioned from a technical architect role to a business-focused position in my career, the depth and breadth of my expertise now encompasses the technical and business sides of security. As such, I have a broader perspective and am able to lead security operations with a mind towards sustainability and effectiveness.”
“Complementing technical abilities with business experience will also allow you to speak ‘both languages’ within the field,” continues Godfrey. “In security, being able to speak technically from a business perspective is invaluable and, subsequently, will afford you greater opportunities.”