Adversity or opportunity?

Having unexpectedly found myself ‘between jobs’ (great euphemism) in the middle of a pandemic and on the verge of a recession, I’ve been thinking a lot about adversity. Adversity forces you to strive, to be creative, to think the unthinkable, and therein lies opportunity. Out of anxiety and opportunity, I’ve gone for the latter.

Rather than being angry about my situation, or anxious, I’m going to learn from it, and see it as a motivation for change (or as a friend succinctly put it “a kick up the arse”). As a great man once said;

There is no education like adversity.

Benjamin Disraeli

A time of change

Early last year, after a death in the family brought home to me just how short life is, as a family we decided we wanted to make a new life for ourselves. We prioritised the things that were most important to us ;

  • Sustainable living (shops and schools in cycling distance so use cars less and with a supply of local organic produce)
  • Spending time outdoors (in or near a rural area)
  • Being near water (rivers, lakes, the sea or all three)

That brought us to Dartington, and the job which made the move possible was in Plymouth. That job I took didn’t turn out as I expected, and that experience and my current predicament has forced me to think again about what I want to do. That led me to come up with the same list of priorities as we did as a family, but for my professional life.

My career path to date has been a fairly conventional one; Technical IT Support > Team Lead > Manager > Senior Manager. I’m told I’m a good manager (by the people who work for me), and a well-informed, thoughtful and constructive leader of change (by leaders I’ve worked for). However, my passion has always been information security, enabling organisations to achieve their aims without the risk of data loss, disclosure and interruption of service.

Calculated risk

Switching career paths in the current financial climate might be a risk, but a calculated risk. The pandemic has forced many organisations to enable home working en masse, which has been possible for years, but was prevented by the perceived risks, issues and costs. It’s also driven a significant rise in the consumption of cloud based collaboration services (most noticeably Microsoft Teams), and a proliferation of BYOD end user devices. This will force those organisations who haven’t already done so to adopt the zero trust model (with defence in depth, multi-factor authentication, better threat detection through logging and auditing and more granular and ‘Just In Time’ access control).

In that environment, good Information Security Managers who can communicate with board, the staff, and the customers will be in high demand, and that is the space I want to move into. I already have some of the qualifications (BCS Certified Information Security Management and APMG ISO 27001:2013 Practitioner) and I’m using my new found free time to refresh my cloud security knowledge (aiming for the Certificate of Cloud Security Knowledge or CCSK, and Microsoft Certified: Azure Security Engineer Associate).

It’s a daunting move, and whilst it’s a calculated risk it could still go wrong. I got it wrong once before, hopefully I’ve learned from that experience!

Leave a comment