Codecademy Team

Growth Mindset and Cybersecurity

In this article, you will learn how and why the growth mindset is advantageous to cybersecurity professionals.

What we’ll be learning

Mindset is crucial, especially in the field of cybersecurity. As technology advances, there will be advancements in cyber threats, software vulnerabilities, and malicious actors. To keep up, cybersecurity professionals and enthusiasts must be skilled at discovering where vulnerabilities hide, which threats require prioritization, and which risks to eliminate or accept. In short, professionals and enthusiasts will need to be ready, and this readiness starts with the mindset we choose.

The mindset we choose can determine how we approach and recover from cybersecurity incidents. Our mindset will influence our decisions, actions, and outcomes for us and our organization.

In this article, you will learn about two mindsets psychologist Carol Dweck coined, the fixed and growth mindset, and how both mindsets play a crucial role in your journey to becoming a cybersecurity professional.

What mindset is & why it matters

What exactly is mindset?

Mindset is our perspective of the world and ourselves. It is how we decide to approach a problem, a thought, a feeling, or a given situation.

In the case of a cybersecurity professional, it is how we think of a security or privacy threat. Do we think of it as a challenge to grow our skills and knowledge or as a threat that will determine if we are good at cybersecurity or not?

Two scenarios of Jess.

Why does it matter?

As mentioned earlier, the mindset we choose can influence our beliefs, confidence, thought-process, and creativity. It can also do the opposite and limit us from reaching our potential because of discouragement and fear.

Cybersecurity requires continuous learning and growth. Professionals and enthusiasts must adopt a mindset that encourages and embraces ongoing growth so they can stay one step ahead of new threats. Ransomware is barely 30 years old - what new attacks might be coming next?

Fixed vs. growth mindset

What is a fixed mindset?

Let’s meet Jack. Jack is a cybersecurity professional with a fixed mindset. Jack believes that we either get cybersecurity concepts or we don’t. Jack’s day-to-day job is usually doing network analytics, which he gets and does pretty well. However, when Jack encounters a network challenge he has never seen before, he begins to panic and doubts his knowledge and skills as a network analyst after a few hours of working on it.

Jack is panicking over an error

Eventually, Jack gives up on figuring out the solution and does something risky and dangerous. He categorized the issue as “Not Important” putting the company, and his job, at risk.

We believe that we are either born with or without specific skills or talents with a fixed mindset. In other words, we are good at it, or we are not. We either get it, or we do not. This mindset can limit individuals from exploring their potential. In Jack’s case, his mindset is risky in cybersecurity by preventing him from adapting to new problems. Malicious actors are constantly creating and discovering new problems, so Jack needs to learn how to adapt to them!

Now, let’s meet Anna, Jack’s co-worker.

What is a growth mindset?

Anna, also a network analyst, has a growth mindset. She believes that she can continuously develop new skills and talents as long as she puts her mind to them. When Anna noticed the network problem, she grew excited as she saw this challenge as an opportunity to develop her knowledge and skills as a cybersecurity professional. She embraced the challenge even though she never encountered this specific problem before.

Anna is excited about finding the solution

Anna did her research and communicated with others on her team about the network error occurring. After a few conversations and readings, she discovered the source of the network error, resolved the issue, all while improving her understanding of computer networking and strengthening the company’s security.

In Carol Dweck’s “Mindset: The New Psychology Of Success,” she states “the passion for stretching yourself and sticking to it, even (or especially) when it’s not going well, is the hallmark of the growth mindset. This is the mindset that allows people to thrive during some of the most challenging times in their lives.” By striving, we excel, and we accomplish great things by excelling.

Growth mindset & cybersecurity

Jack and Anna are two examples of how our mindset can determine or restrict success in a situation. Thankfully, neither mindset is permanent. In the case of Jack and Anna, Jack can develop a growth mindset in his job later on.

It is essential to know that a growth mindset is advantageous in the tech field, not only in cybersecurity. Technology is advancing, for example, think of the following fields:

  • Internet of Things (IoT)
  • 5G
  • Augmented/Virtual/Mixed Reality
  • Artificial Intelligence
  • Cloud Infrastructure

As technology advances, there will be a greater need for the security and privacy of those tools and technologies. To prepare for when that time comes, cybersecurity professionals and enthusiasts should strive to develop a growth mindset to better protect themselves, others, and their organizations from being victims of cyberattacks.

Tips for developing a cybersecurity growth mindset

To help with your growth mindset journey, here is a non-exhaustive list of ways to develop a Cybersecurity Growth Mindset:

  • Start believing that anyone can learn, including you. In Jack’s and Anna’s case, Jack did not have the determination to put in the time or effort to solve the network security error at his job, but Anna did. As a result, Anna resolved the problem while learning more about network security. She believed she could learn anything and put it into action. As a cybersecurity professional, there will be many concepts, tools, and techs we will need to learn to combat malicious actors successfully. It is crucial to adopt the confidence that we can learn these concepts, tools, and techs.

  • Practice, practice, practice. We are neither born with a growth mindset nor is it permanent once we have it. For it to become a daily routine, it needs to be practiced daily. The growth mindset is like any other skill or talent. That said, to become good at a skill or talent, we need to train. Take Anna, for instance. She developed a growth mindset because she places herself in challenges that require her to be a continuous learner. Those challenges are training for her to continue developing her mindset. Practicing is crucial to developing a cybersecurity growth mindset. In cybersecurity, there is a risk of potential cyber threats every day. To be ready to combat them, we need to develop our skills, including our growth mindset.

  • View failures as opportunities. There are days when we fail, especially in cybersecurity. Malicious actors can steal our information, our company can be victims of a ransomware attack, or someone gained access to our network because of a weak security password we created. It is essential not to let these shortcomings define us but help mold us to be better cybersecurity professionals and enthusiasts. Viewing failures as opportunities is a stepping stone in developing a cybersecurity growth mindset.

Remember, obtaining a growth mindset is a continuous journey that needs constant practice, persistent effort, and an understanding that you are a continuous learner.

Conclusion

Okay! So, let’s do a quick recap:

  • Mindset is our perspective of the world and ourselves.
  • With a fixed mindset, we believe we are either born with or without certain skills and/or talents.
  • With a growth mindset, we believe we can learn any skills and/or talents when we put our mind to it.
  • Cybersecurity professionals need to be prepared and having a growth mindset will help with that preparation.
  • Obtaining a growth mindset is a continuous journey that needs constant practice, persistent effort, and an understanding that we are continuous learners.
  • Technology is constantly advancing and with the advancement, there will be a rise in cyber threats, software vulnerabilities, and malicious actors.