Post

Cybersecurity - the longest journey

Posted Updated
Preview Image
By Natalia Glina
8 min read

Part One: The Calling

Ever since I joined the ranks of IT professionals, I’ve been constantly surprised by how patchy cybersecurity awareness is in some organizations. This unfortunately translates into uneven and often inadequate security controls. As much as one might be reluctant to admit it, securing organizational assets is an uphill battle—especially when there’s never enough budget to implement the right solutions in the right way. To make matters worse, when cybersecurity is treated as a liability, it often proves to be exactly that. A self-fulfilling crisis, if you will.

Let’s run a quick test, shall we? How many of you have seen login credentials for both test and production accounts stored in plaintext on an internally available website? How about the all-time classic—API secrets accidentally pushed to a repository (extra points if the repo was publicly available)? Yes, you can rotate the secrets and clear out the Git history so no trace of the mishap remains, but what lesson have you learned? And what can be done to ensure it doesn’t happen again to anyone else, including your future self?

I was introduced to good cybersecurity practices during my first gig as a budding quality analyst back in Poland (here’s to you, dear Sagiton folk). My team taught me the value of static code analysis and automated security checks even before I could fully grasp their significance in strengthening the security posture of a system. Many years later, I found myself regularly revisiting those areas that had always sparked my interest, but which I’d never really had the chance to fully explore. It was clearly something I was drawn toward, no matter my role in the past. Soon, I realized it was only a matter of time before I made the pivot. The only thing I didn’t know was when and how the pivot would happen. I admit I dragged my feet for months, waiting for a sign—even if I didn’t necessarily believe in the supernatural.

This is why, when I first heard of the WiCyS scholarship, I thought: Well, this is it. You’re not getting a better chance. Go for it. See what happens. So, that’s exactly what I did—starting with the initial Capture the Flag event back in November 2023, then somehow making it into Tiers Two and Three, and finally becoming one of the sixty-odd women who advanced to the final Tier.

Was it one of the most intense and challenging years of my life? Heck yes!

Knowing what I know now, would I do it all over again? In a heartbeat.

Part Two: The Company

You see, there are at least two choices when you find your calling and decide to act on it: you either try to go it alone, or you gather your party before venturing forth. I’m not a big fan of survival mode, so I wholeheartedly welcomed the opportunity to gain new skills and knowledge alongside some of the most talented and determined women I’ve ever had the chance to meet. Months of Tier 1-3 challenges had already brought us closer together, and even if we couldn’t compare all our notes (intellectual property struggles are real!), the sense of a unified community was definitely there. Weekly online catch-ups only strengthened the bond, with WiCyS alumni supervising our progress and offering help whenever it was needed.

And the best part? All program members were granted a scholarship to attend the annual WiCyS conference, which this year took place in Nashville, Tennessee. I wish I could offer a longer description of how electrifying the conference was or how everything about it felt like finally coming home after years of aimless wandering—but I can’t and won’t. The three days flew by so quickly that I could hardly catch my breath, let alone find everyone I’d made a solid plan to grab coffee with.

This is why I promised myself to go back as soon as possible—and plan it better this time, allowing enough time for both learning and making new friends. After all, both are equally important.

Part Three: The Quest

The main part of the scholarship included access to three cybersecurity courses developed by the SANS Institute, a world-renown resource for high-quality cybersecurity education. Each course concluded with two GIAC practice exams, and passing at least one of them with a satisfactory score (80% in our case) unlocked an attempt at the real exam. The linear structure of this main quest worked wonders for a busy brain like mine, making it relatively easy to focus on the three-part journey ahead.

Here are some lessons learned from each stage:

GIAC Foundational Cybersecurity Technologies (GFACT)

  • The course was a great introduction to IT, computing and security essentials, presented in an engaging way by James Lyne, the CTO of SANS. What stood out the most was James’ passion for every topic he covered, from hardware components to cyber forensics, along with his witty analogies that made seemingly unrelated concepts both entertaining and easier to grasp (e.g., why computer networks are like Rolo chocolates).
  • I had a few years of IT experience under my belt, so achieving a 96% score on my final exam was relatively easy. Was it completely effortless? Absolutely not! Since I’d never earned a computer science or IT degree, there were certain gaps in my understanding that the course helped me fill. Some gaps remained—hence the missing 4%—but that was an error margin I could definitely live with.
  • The main challenge of this stage was learning how to navigate the scholarship program and stay consistent with weekly Zoom check-ins. Due to time zone differences, these sessions fluctuated between 6–7 a.m., which gave me a newfound appreciation for earlier bedtimes. Once I found my rhythm, though, nothing could distract me from my goal of sitting the exam and passing it within the first two months of starting the course.

GIAC Security Essentials (GSEC)

  • If GFACT was a stepping stone, I would compare GSEC to a rabbit hole of the most intriguing kind—the depth and breadth of the course material were not for the faint-hearted. If that wasn’t enough, the course included multiple resources to explore in your own time. With the staggering number of areas covered, the author, Bryan Simon, did a fantastic job maintaining an even pace and high level of engagement throughout. I especially appreciated his anecdotes, which were a welcome break when the material became a bit too technical to stay focused for extended periods.
  • What I enjoyed most at this stage was the hands-on aspect of the course. As someone with an extremely practice-oriented brain, I need to get my hands dirty with something new before I can confidently say I understand its inner workings. The lab setup and tasks provided a fresh, practical level of insight that I’d been looking for, helping to sharpen my PowerShell and Bash skills well beyond the everyday basics.
  • I passed my final exam with a score of 89% in three months, which I was quite satisfied with. I’m fairly certain I performed better on the lab section than the practical one, due to a small mishap—three-quarters into the exam, I accidentally clicked the button to answer all the skipped questions, forcing me to speed-run through them and the remainder before I could even get to the hands-on portion. Despite the incident, my strategy to divide the four-hour exam into two halves almost worked, even if I felt like an internally screaming possum during the second half.

GIAC Certified Incident Handler Certification (GCIH)

  • The last exam was the biggest challenge—not because of the material (although its depth was truly impressive, and I thought nothing could surprise me after GSEC!) but because of my time blindness. Despite a planned trip to the U.S. to attend the annual WiCyS conference, followed by a 1.5-month family visit to Poland, and simultaneously juggling an Advanced Diploma of IT course, I decided to start my GCIH prep before the flight to the U.S. Mistake number one!
  • Unsurprisingly, I couldn’t maintain my focus on the course material during the first month. Even though I had all my printed course books with me, traveling with an extra five kilos of paper wasn’t always the most practical choice (mistake number two).
  • Mistake number three was assuming—based on my luck with lab questions on the GSEC exam—that practicing the course labs only once and simply rereading them for revision would suffice. It didn’t, and my final score of 87% reflected my poor judgment. Yet another lesson learned. :)
  • That said, I thoroughly enjoyed the prep and exam experience itself. Hats off to the course author, Joshua Wright, who managed to make it as engaging and entertaining as a conversation with a good friend, never losing momentum. Even if I never work as an incident handler, the transferable skills and knowledge I gained are already proving useful in my current areas of focus.

Part Four: The Future

Having completed both the security training scholarship and my Advanced Diploma of IT (Cybersecurity), I can confidently say I see myself thriving in this field over the next few years. I’ve already been fortunate enough to secure a position as an Identity Engineer, joining not one but two fantastic teams filled with kind and talented professionals.

As I continue this exciting journey, I’ll share more lessons learned and create guides in the hope that, one day, they might help solve your problems and make your lives easier.

Identity and access management is a cornerstone of every system you can imagine, so you’d better pack a good pair of walking boots.

Next stop: everywhere!

Lessons learned
GIAC SANS WiCyS
This post is licensed under CC BY 4.0 by the author.