Teach, don't just learn, to build your security career

Learning new skills is crucial for your security career. But so is teaching your job to others.

More than a powerful movie about war, We Were Soldiers reveals a key way to improve a security career while improving the organization.

During a training scene, Lt. Col. Hal Moore -- legendary on many levels -- is participating in the process of how a team gets off a helicopter as it swoops to the landing zone and hovers.

He steps back and watches the first team saunter out. As they hop off the helicopter, full of adrenaline and celebrating their abilities, Moore sees a problem.

[See also: Set expectations for a successful security career]

As the next helicopter lands, he runs to the door, grabs the officer (in front) and screams that he just got shot. The officer of the team is dead, and now they need to figure out what to do.

Stunned, everyone stammers and no one moves.

Moore screams over the sound of the rotor beating the air, "What are you going to do?"

More hesitation. Moore points to the next guy in line and yells, "He's dead." Now the first two in line have been shot.

Again, he screams over the roar of the engine, "What are you going to do?"

"Get off the chopper!" one of the team finally screams, making his way for the door.

"Get off the chopper," Moore repeats.

With that, the balance of the team scrambles to get off the helicopter as fast as they can.

Moore deftly proved his point.

As the men on the ground contemplate what they just experienced, Moore pulled them together and informed them that each of them is responsible for learning the job of the man above them, while teaching their job to the man below them.

For a team going into a war zone, this is brilliant. Making it an individual responsibility to build resilience into a team strengthens the entire team. More than a good strategy for war, this is a smart way to advance a security career.

The Hal Moore strategy for a successful security career

While the concept is simple, success hinges on execution. Making this work requires discipline and focus to actively develop the ability to teach effectively while consistently seeking to learn. This is not a one-time event; this is a different way of looking at how to build a successful career.

A common objection about this approach is that trying to learn someone else's job absent military structure creates friction while teaching your job to someone else makes you obsolete and less important. At a time when people are fearful for their job security and generally working in a hectic and compressed state, changes like these are sometimes scary. The concerns, however, are unfounded.

I've used this strategy throughout my career and shared some examples here. I never lost a job because I trained someone how to replace me. In fact, that generally lead to bigger and better opportunities and I'd do it again in a heartbeat.

Consider the implications of this strategy through the lens of an employer: a team member that gets their job done while learning how to do other jobs and teaching their job to others builds resilience. This ability to build teamwork into the organization is desired more than someone who knows a lot but refuses to share and resists learning.

Here are a few considerations to get started

This is a practice that takes some time to figure out.

Start small and incrementally improve the ability to teach and the ability to learn. In the event the current demands of the job are crushing (in terms of time), then the right place to start is probably thinking about how to train someone else.

Teach your job to someone else

Instead of taking the advice to "teach the man below you" literally, consider this an invitation to teach others. This is especially helpful for people new to the field of security, or those who have an interest in getting into security.

The first step is to be mindful of the steps involved in doing your job. More than just making a list, this involves considering why the steps matter, if the order is important and how each of the key components comes together.

"Forced reflection" generally reveals opportunities to streamline and work more efficiently. It also makes it possible to offload some effort on to others -- perhaps even interns looking to get a start in the security business.

When sharing these elements with someone else, the likely outcome is a dialogue with a lot of questions and back and forth examples. In the process of teaching someone else, they gain the knowledge and we tend to learn more about what and why we do what we do.

The act of teaching someone else your job prepares you to be more effective when learning how someone else does his or her job.

Learn the job of the person above you

After going through the process of figuring out how to teach someone else, learning from others gets easier.

Recognize that the person you seek to learn from is probably as busy as you are; the first step is to start with observation: what are they doing, what makes sense and based on what you see, what questions do you have?

The trick I've learned is to focus less on the "how" and more on "why" people do the things they do. As the process continues, consider if there is something you could or would do differently and any lessons that can be applied to your current role. Note: it might be wise to keep this feedback to yourself, at least initially. Consider how you'd like feedback from someone learning your job, then act accordingly. When you advance, you'll have time to make the changes.

In my experience, earning the respect makes it easier to learn the role. Follow Hal Moore's advice to teach, to learn and build a successful security career.

About Michael Santarcangelo: The author of Into the Breach and creator of the Awareness that Works System, Michael Santarcangelo is a human catalyst that advocates for individuals while advancing organizations. By connecting people to the consequences of their actions, he delivers results that reduce risk, increase resiliency and allow organizations to make better decisions and do more with less. Get more insights from his blog at www.securitycatalyst.com/blog or engage with him on twitter.com/catalyst.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitycareersIT management

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Santarcangelo

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts