In partnership with

Table of Contents

• The Journey - 2 years of Securing Things

  • Progress

  • Challenges & Limitations on Progress

  • Lessons Learned

• My Recent Most Viewed Posts:

• My Asks

Hi Securing Things Community,

In this newsletter edition, I’ll be sharing my journey as an independent cybersecurity consultant / advisor, in celebration of 2nd anniversary of Securing Things (14th July), few achievements, challenges, failures, and lessons learned.

In case you are here for the 1st time, I’d humbly request you to have a look at all the previous 25+ editions in which I have focused on different IT and OT cybersecurity insights, topics, concepts, quarterly reports and more.

Dedication: To my beloved late mother - Your always in my heart.

The Journey - 2 years of Securing Things

2 years ago, I took a leap of faith, to go independent for an IT & OT Cybersecurity consulting & advisory business as a solopreneur (if there’s such a thing).

Well not intentionally, rather, I was forced in a situation, due to personal / family reasons in making this decision. Though, I’ve dreamt of starting one for more than a decade, but couldn’t find courage to take the first step.

I needed flexibility to work remotely in terms of location. After 5 months of continuous search, interviews, discussions and all - to my surprise, post covid (in 2022), apparently in APAC, finding remote cybersecurity job was still seemed almost impossible (maybe different for web/app dev) or perhaps I wasn't looking at the right places or didn’t had the right connections.

Had few great offers from great global companies - which were extremely hard to let go (as they didn't had remote options or HR policies).

My sincere thanks to those who showed confidence, trusted in me and offered. You know who you are.

Progress

Here's a time lapse; fast forward today:

• Securing Things was officially born on 14th July 2022.

• Since then, have delivered few international engagements on IT & OT Cybersecurity projects - from drafting cybersec strategy to implementing tools & everything in between:

  • my first win was a SMB for an IT cybersecurity assignment - while I was serving my covid quarantine period in a hotel.

  • my 2nd win was via friendly contact for a global OT cybersecurity project. Lasted a little over a year.

  • and few other wins e.g. via LinkedIn - CISO / other leads reaching out as they saw my posts and newsletter articles.

• Put a basic website and made it live in late 2022.

• July 2022-End of 2023 - was a blast, had double bookings.

• 2024 came and things haven't looked as good as they were in 2023. Long sales cycle, budget cuts, lay-offs, slow approval processes etc..

• Got lots of interests, direct from clients and from consulting service providers for partnership / collaboration requests, co-respond to few RFPs etc. and limited on-going discussions.

• Found a new home to Securing Things Newsletter ending 2023.

• Hired my first intern.

• Launched Security Awareness Training & Phishing Simulation Portal in 2024. (onboard the first SMB customer in Q1 2024).

• Published self-written 25+ newsletter editions.

• Posted 100s of social media posts on my, company LinkedIn and X page.

• Despite being inconsistent on Social Media or newsletter, still gained interests from few cyber enthusiasts:

  • >1200+ company page followers

  • >3800+ newsletter subscribers both on LinkedIn and newsletter platform

  • >16000+ followers on my LinkedIn profile

• Announced in early 2024 the intent for Securing Things Academy, (coming soon - yes sorry am late on my target dates).

• Attended several training courses, passed exams and gained few certifications (e.g. ISA/IEC 62443 end of 2023).

• Register Securing Things as a member of ISA ISCI.

• Became a member of CXO forum.

• Uploaded and activated the first 3 YouTube videos in 2024.

• Started writing a book about IT & OT Cybersecurity - Titled not disclosed as not finalized. Had >100+ pages and TOC drafted. Yes, this is the first time am sharing this publicly.

• Finished my 1st company audit.

• My target was to earn at-least the last salary or ideally the last best offer. Ended up with a better first 16 months, ending 2023.

• Exploring new leads and looking forward for new partnerships, friendships and new wins.

Challenges & Limitations on Progress

Running your own business, comes with its own sets of challenges, surprises, times of uncertainty and times of excitement. You’ve got to hop on the roller coaster to be able to enjoy the ride, even if you have to scream your heart out. Also, being an introvert, presented lots of challenges. No one’s perfect, neither am I. Fear of failure on executing on new ideas & imposter syndrome kicked in often, while making important decisions throughout.

Here’s to few limitations on progress:

• scale business & or generate enough MRR to expand and invest.

• finishing certain target goals set for 2023 & 2024. This doesn’t mean I’ve given up, it just means I need to do a bit more and or need a different strategy or additional help.

• Struggling to keep up the momentum like first 16-18 months in last quarter or so.

• I opted not to explore investments / external funding, as I didn’t had full grasp of how these things work and didn’t wanted additional pressure of investors.

• Achieve anything extra ordinary.

Lessons Learned

It has been no short of rewarding, exciting, challenging, stressful and lonely ride at the same time. I wished I had done this in my 20s/30s, rather in my 40s. Nevertheless, it’s never too late. I’d recommend any who have been thinking of doing it - to try it once and try it soon.

Being a founder, you need to have not only the technical skills but many other business and interpersonal skills as well. So be ready to learn new things that you may not like outside of your comfort skill sets e.g. doing sales, marketing, finance, forecasting, reading T&Cs / contracts, chasing and following up prospects, technical presales and more.

Building a personal brand is a thing now. Most of us don’t focus on this and I am guilty as charged. Reputation is important, so protect it.

Building a healthy pipeline in consulting services business is quite an important milestone to track. However, if you are in delivery all the time, you’ll find you are not selling enough. So you either needs to have a separate team to do that and or you’ve some digitally on auto-pilot to do that for you.

Fear and imposter syndrome, can paralyze ones thinking, and can block you on working towards achieving your dream. Fight it and fight it hard. So execute fast, succeed (or fail fast) and recover. Remember these words → I don’t exists, no one knows me. No one cares and I give a Damn.

There’s certainly a lot that I didn’t cover above. What’s more important if you have gone through the same. Comment below. If you need any help, feel free to reach out.

Do subscribe to ensure that you don’t miss out future posts.

My Recent Most Viewed Posts:

In case you’ve missed - here are some of my recent most viewed social posts.

• Poll on Crowdstrike / Microsoft BSOD incident causing widespread disruption to businesses worldwide on 19th July 2024.

• Chronicles of Cybersecurity Consulting - Shortest Consulting Engagement Ever - 2nd in series.

• Getting started in IT & OT Cybersecurity - a blueprint / framework to 2x / 5x / 10x your cybersecurity career. Links in comments of the above post.

  👉 Do share, comment and add your experience and insights - as this may help someone bring some clarity and make right choices in their career decisions and or progression. Our world needs more cybersecurity professionals.

  👉 I hope to make a difference & help at-least 100/> people in 2024 (ideally 1K/>) to give back to the community. Join me in doing the same.

• Internal Audit and IT & OT Cybersecurity Program - suggested approach for an internal audit team towards building their knowledge / skill base and be able to ask relevant questions towards an IT & OT Cybersecurity / transformation programs activities.

• AI Cybersecurity Policy & Reference Guidance - which covers; AI cybersecurity policy construction (key elements), steps for a policy build execution project and several reference standards, frameworks and guidance documents.

• Securing Things Academy Promo released or download below.

Become the Top 1% - whether it is Product, Growth, Design, Management, Business, Tech & Data - GrowthSchool is the place to learn from top experts in the field:

Become an AI-Powered Finance Decisions to get 10x ROI on your money (free AI masterclass) 🚀

More than 300 million people use AI, but less than 0.03% use it to build investing strategies. And you are probably one of them.

It’s high time we change that. And you have nothing to lose – not even a single $$

Join the most highly rated AI Masterclass! (free for first 100 users only) 🎁

Rated at 9.8/10, this masterclass will teach how you to:

• Do market trend analysis & projections with AI in seconds

• Solve complex problems, research 10x faster & make your simpler & easier

• Generate intensive financial reports with AI in less than 5 minutes

• Build AI assistants & custom bots in minutes

Register & save your seat now! (100 free seats only)

Whenever you are ready - I can help you / your organizations’ or your customers’, secure digital transformation journey through:

A - IT & OT Cybersecurity Advisory / Consulting services 

• vCISO / fractional CISO or CISO security advisor services, GRC, Assessments / Reviews / Gap Analysis, Advisory, Strategy, Security / AI Policy or standards development, ISO 27001, PCI DSS and other frameworks, architectural reviews, configuration hardening for IT & OT cybersecurity engagements. (few examples - IT & OT Cybersecurity - Strategy, Program, Execution and Management, for SME manufacturers - OT Cybersecurity Best Practices Requirements Specification OTCBPRS Toolkit, 3 step process for evaluating & implementing OT IDS / Anomaly detection / network security monitoring solutions → here; OT Cybersecurity Management System → OT CSMS and Cybersecurity SMB toolkits includes ISO 27001, etc.).

B - IT & OT Cybersecurity Trainings & Education

• General Security Awareness Training & Phishing Awareness Portal for SMBs. Start your cybersecurity journey with a free cyber heath check / questionnaire based review that would help in building a cybersecurity roadmap and security awareness program.

• Securing Things Academy (STA) - Training, Coaching and digital downloads for IT & OT Practitioners - pre-launch coming soon.

• Securing Things Newsletter - providing insights and educational content on IT / OT / IOT / IIOT cyber-physical and AI security.

Reach out at info[at]securingthings[dot].com or DM via LinkedIn.

My Asks

I invite #SecuringThings community to share their feedback.

Your feedback and input is invaluable to me as we work together to strengthen our cybersecurity defenses and create a safer and smarter digital society. Thank you for your trust and continued support.

Do register, validate your email, and request login link to submit poll to be able to enter a chance to win a future course giveaway.

Thanks for reading - until next edition!

It’s a Great Day to Start Securing Things for a Smart & Safer Society.

Take care and Best Regards,

M. Yousuf Faisal.

Follow: #securingthings on LinkedIn | @securingthings on X/Twitter & YouTube.