
Lessons Learned from the First Month as a Cybersecurity Consultant
cybersecurityconsultingauditcareerlessons_learnedfirewallleadershiporganizational_dynamics
The author, now one month into their role as an Information Security Consultant at a state-owned company, found that written audit reports were more effective than verbal discussions for addressing security risks. They documented issues like an 'allow any-to-any' firewall rule, which gained leadership support after being formalized in reports. External validation from a national CERT-equivalent institute further strengthened their credibility. The post also notes that organizational dynamics, such as input being minimized in meetings, required shifting focus to letting audit findings speak for themselves.