In the ever-changing landscape of cybersecurity, professionals must constantly adapt and evolve to stay ahead of emerging threats. One individual who has successfully navigated this dynamic field is Tom Eston, the VP of Consulting and Cosmos Delivery at Bishop Fox. With over 24 years of experience in technology and 19 years in cybersecurity, Tom has witnessed the evolution of the industry firsthand. In a recent podcast episode of The Philip Wylie Show, Tom shared his insights on offensive security, management, and the future of the field.
Offensive Security: From Curiosity to Expertise
Tom's journey in offensive security began with a fascination for technology and a knack for fixing computers. His first job as a contractor at Anderson Consulting (now Accenture) allowed him to hone his skills in desktop support and help desk roles. However, it was during his time at a real estate company that he had his first encounter with penetration testing. Working alongside a skilled pen tester, Tom was captivated by the magician-like abilities of his colleague. This experience sparked his interest in offensive security and set him on a path to becoming a pen tester himself.
"I was just so inspired by this guy. And he let me sit next to him… I'm like, what tool is that? What are you doing in the command line?… I got to do this full time. This is amazing." - Tom Eston
Tom's passion for pen testing led him to join a Fortune 500 bank, where he had the opportunity to work on the internal pen test team. This role allowed him to further develop his skills in application security, physical security assessments, and social engineering. However, after several years in consulting, Tom made the transition to management, taking on leadership roles within the cybersecurity field.
The Shift to Management: Leading High-Performance Teams
Transitioning from a technical role to a management position can be a challenging endeavor. Tom's experience in managing pen testers provided him with valuable insights into the unique dynamics of leading technical teams. In his podcast episode, he shared his expertise on coaching, mentoring, and handling difficult conversations.
"One of the things that I've applied… is really geared towards how do you manage technical people?… Technical people sometimes just want to be left alone… And then there's others that are very outgoing and they need that human connection." - Tom Eston
Understanding the personalities and motivations of team members is crucial for effective leadership. Tom emphasized the importance of empathy and the ability to adapt management styles to suit individual team members' needs. He also discussed the challenges of having difficult conversations, both in professional and personal contexts. By providing practical tips and techniques, Tom's talk aimed to equip leaders with the skills necessary to build and manage high-performance teams.
Implications for the Cybersecurity Industry
Tom's insights into offensive security and management have significant implications for the cybersecurity industry as a whole. As the field continues to evolve, professionals must be adaptable and willing to embrace new challenges. The demand for offensive security expertise remains high, with organizations recognizing the importance of proactive measures to protect their systems and data. Tom's journey from pen tester to manager highlights the diverse career paths available within cybersecurity and the potential for growth and advancement.
Furthermore, Tom's emphasis on leadership and management skills underscores the importance of cultivating a strong cybersecurity workforce. As the industry faces a shortage of skilled professionals, effective leadership becomes crucial for attracting and retaining talent. By providing mentorship, coaching, and opportunities for growth, leaders can create an environment that fosters innovation and excellence.
Conclusion and Future Outlook
Tom Eston's career trajectory in offensive security and management offers valuable insights into the evolving nature of the cybersecurity industry. His journey from a curious technologist to a seasoned leader demonstrates the diverse opportunities available within the field. As cybersecurity threats continue to evolve, professionals must adapt and develop new skills to stay ahead. Effective leadership and management are essential for building high-performance teams and addressing the challenges of the industry.
Looking to the future, the cybersecurity industry will continue to grow and evolve, presenting new opportunities and challenges. As technology advances and threats become more sophisticated, professionals must remain vigilant and adaptable. By embracing continuous learning, fostering a culture of innovation, and prioritizing effective leadership, the cybersecurity industry can navigate the ever-changing landscape and protect organizations from emerging threats.
In conclusion, Tom Eston's insights provide a roadmap for success in the cybersecurity industry. From offensive security to management, his experiences offer valuable lessons for professionals at all stages of their careers. By embracing the evolving nature of the field and cultivating strong leadership skills, individuals can make a lasting impact in the cybersecurity industry.
September 14, 2023