October 16, 2017

My Cybersecurity Journey

Will Smith

My Cybersecurity Journey
By Will Smith
Cybersecurity Major
UT San Antonio, Class of 2021

I am a technologist. My passion is knowledge to make technology work for everyone. I have worked on more than 2,200 technology service projects.  I began in the 3rd grade.

I learned about computers, networks, cybersecurity and IT department capabilities in grade school.  I learned by studying the operating system and devices on my computer, my family’s computers and by studying computer operating systems and devices that were connected to my school’s network.  I asked our school’s IT staff many questions.  Their answers turned into longer discussions as IT staff became aware of and concerned about how much I had learned.

Teachers began asking me to fix their computers and make their other classroom technology work.  This helped me continuously learn more about how to properly configure devices.  As teachers began using more technology in their classrooms, they had problems keeping it working.  They were glad to let me help.  I began encountering situations where recommended action steps to restore computers and other devices did not work.  I learned that this was happening because those computers and devices were infected with malware and viruses.  At first, I could not understand why any computer or device could be infected when its owner was using an anti-virus or anti-malware program as was our school’s IT department.  Over time, through research, trial and error, I became an expert at removing the most stubborn malware and virus infections.  As I successfully restored and updated computers and other devices, my teachers referred me to others who were having similar problems.  This led to working on my friends’ and their parents’ computers, devices, and phones and expanded to business owners in my area.

During the 4th grade, people began paying me to make their computers, devices and phones work.  By the time I graduated from high school, I had removed malware and virus infections, installed new bios, and made firmware and other updates on more than 2,200 devices.

Along the way, I learned that almost every device with a digital operating system can be updated.  I became an expert at finding and installing updated bios, drivers and firmware for older technology.  People who had older computers, devices, calculators, etc. appreciated my ability to update their older systems.  As a service to my school, I once updated more than 400 calculators that had not been updated for several test cycles.  I did this to help support our school district’s annual state testing of its students.  I became a solopreneur by creating my own business cards and a website.  I learned how to exceed my client’s expectations.  I learned how important it is to maintain trustworthiness when a client gives me their credentials and access to their most important information.  I like being complimented for the professional way that I do this.  An indescribable sense of self-satisfaction comes over me each time I find and remove malware, viruses and successfully restore a computer, device or phone.

I was introduced to the concept of cybersecurity because many computers that I worked on had different anti-malware and anti-virus programs installed.  I began installing and using different anti-virus and anti-malware programs on my personal computer.  I studied how anti-virus and anti-malware programs worked by watching cybersecurity experts on YouTube and on podcasts.  I called companies that sold cybersecurity programs.  One of my most important lessons was discovering that cybersecurity experts are willing to share information after they learn that you want to help prevent cybersecurity threats.

Knowing that cybersecurity experts share information and offer advice helps me continue learning.  I attended the Congress of Future Science and Technology Leaders.  Nobel prize recipients, renown scientists, technology leaders and entrepreneurs spoke to us about how they overcame challenges as they worked on paradigm-changing research, leading-edge projects and new innovations.  These masters challenged us to envision our future careers and coached us about action steps we could take to reach our full potential.  They encouraged us to reach out to our chosen profession’s leaders with requests for advice and guidance that could help us continue moving forward to achieve our life goals.  I acted on their advice by asking cybersecurity leaders and experts to be part of my LinkedIn network.  Each day, I learn something new about cybersecurity by reading articles, posts and discussions that are presented by members of my LinkedIn network.  Members of my LinkedIn network generously share cybersecurity career advice each time I ask a question.  My LinkedIn network’s cybersecurity knowledge is exceptional.  Their advice and guidance is invaluable.  I encourage everyone reading this blog to create their own LinkedIn profile and begin developing your LinkedIn network.  Send a connection request to me at  https://www.linkedin.com/in/willtech/ and I will join your LinkedIn network.

I learned to use virtualization on my computer so I could compare how different anti-virus and anti-malware programs work.  I analyzed more than 40 anti-malware and anti-virus programs.  Setting up virtual operating systems and running multiple anti-malware and anti-virus programs helped me drill down to learn about the capabilities of anti-virus /anti-malware programs.  Acquiring a Dell workstation with an 8 core 16 thread Xeon processor with 16GB of ECC memory and 19.5 terabytes of hard drive space helps me use virtualization.  Each day, I learn something new about virtualization because it is a technology application that fascinates me and, especially, its potential uses in cybersecurity.  I use a VMWare workstation in an isolated environment to demonstrate an anti-virus’ effectiveness to detect and prevent zero-day viruses, exploits, and other types of malware.  I use the cloud capabilities of Azure to learn how an organization can help mitigate virus threat risk in an on-premise and cloud situation.

Using virtual OS to run different anti-malware and anti-virus programs at the same time helps me test and compare each program’s capability to address new cybersecurity threats.  Doing this helped me learned about cybersecurity threats and solutions by analyzing how different programs detected some but not all known cybersecurity threats.  I called each company with questions about their product.  I wanted to understand why it was or was not detecting a specific cybersecurity threat.  Often, my calls were forwarded to the company’s programmers and engineers.  Typically, they welcomed the opportunity to spend extended time discussing what I had discovered about how their cybersecurity programs worked and why I thought their programs were missing some cybersecurity threats.  I literally spent hundreds of hours talking to cybersecurity company engineers and programmers.  Talking to cybersecurity engineers and programmers was and is an empowering and productive part of my self-education.  I listened, learned and asked questions as they shared knowledge.  Cybersecurity engineers and programmers have been my best mentors to date.  They helped me develop a deeper understanding about how anti-virus and anti-malware programs work.  I learned that the experts who designed these programs can provide information and guidance that keeps me busy for weeks, if not months.  Cybersecurity programmers and engineers also helped me be invited to join beta testing and insider developer feedback groups.  Being part of these groups continues to help develop my cybersecurity and technology knowledge and skills.  It is always a special moment when something I discover or recommend is added to the next update.

Since grade school, I searched for opportunities to learn more about cybersecurity.  As an incoming high school senior, I had the privilege of attending the GenCyber Fundamentals and Advanced Cybersecurity programs at UT Dallas.  These programs were led by the Chief Scientist of a cybersecurity company.  He offered us 21 days of intense hands-on cybersecurity information, challenges and experience.  I came home with an 8 Terabyte external drive filled with cybersecurity information.  His company is hired by countries to test their cyber defenses.  Attending his GenCyber program helped me develop a much deeper understanding about cybersecurity threats and my ability to work in a cybersecurity career.  Every day, I refer to something that I learned in this scientist’s cybersecurity programs.

Attending GenCyber also helped inspire me to create a cybersecurity career map as an independent study class project during my senior year in high school.  This included watching more than 250 CompTIA Security+ videos and researching a massive amount of cybersecurity content.  This is the link to my Cybersecurity Career Map > http://www.xmind.net/m/97mJ.  I hope others can use it as a starting point to create their own cybersecurity career map.

Researching information for my cybersecurity career map helped me identify two programs that I attended where I learned about cybersecurity at a much deeper level.  Attending Intel’s Developer Forum gave me an opportunity to learn about IoT cybersecurity issues from IDF speakers and IoT ecosystem vendors.  Attending the Department of Homeland Security Cyber Security Division’s R&D Showcase and Technical Workshop, the federal government’s largest cybersecurity research and development (R&D) conference, introduced me to leading-edge cybersecurity work that is being done by exceptional companies and researchers.

Researching my cybersecurity career map also helped me identify where I wanted to go to college.  I discovered that the #1 undergraduate program in cybersecurity in the United States was at the University of Texas San Antonio.  UTSA has a highly respected faculty and a broad curriculum with 14 courses in the areas of digital forensics, secure network design, intrusion detection, and incident response. It is one of 44 institutions in the nation designated as a National Center of Academic Excellence (CAE) in Information Assurance (IA)/Cyber Defense (CD) by the National Security Agency (NSA) and Department of Homeland Security (DHS).  It was a great day in my life when I received a letter from UTSA notifying me that I had been accepted into their cybersecurity degree program.  I am in the Class of 2021 and have a plan to earn my degree earlier.  I am a member of the UTSA Computer Security Association, which is a student group of rising cybersecurity experts.  Our weekly meetings are one of the great benefits of attending UTSA.

I like to discover how cybersecurity evolves and changes.  As new cybersecurity threats emerge, our government, private companies and educational institutions must deploy more cybersecurity experts and resources to overcome these threats.  This also means that I, as a rising cybersecurity expert, must continually be adding to my knowledge and skills.  I work on this every day.  I am inspired and empowered by the challenges and opportunities that working in a cybersecurity career offer me.

Researching and analyzing cybersecurity programs and attending cybersecurity education programs helps me acquire skills and develop technology knowledge that makes a difference in others’ lives.  Some instances are directly related to cybersecurity and other instances are possible because of something I have learned about technology.  For example, in GenCyber, I learned how to rebuild a hard drive to recapture lost data.  Later, I applied this skill and knowledge to rebuild a failed hard drive for one of my teachers.  I was profoundly moved by the joy that she expressed after I recovered 20-years of digital content that my teacher thought was lost forever.  Another example, was applying my knowledge of networks, servers and connected computers and skills to give an organization’s staff access to their computers and operating information after a disgruntled employee did things that prevented anyone from accessing their computers and files.  I overcame many challenges to fix this problem.  Successfully doing this gave me a profound experience that my knowledge can be applied to help large groups of people.

I am certain that cybersecurity is the right career path for me.  I hope that some of my cybersecurity journey story helps others learn that cybersecurity is the right path for them.  I am profoundly grateful for the opportunities that I had to prepare myself for a career in cybersecurity.  I like knowing that I am on the front line of creating cybersecurity solutions which are needed in today’s world.