#BecomingTechies is a content series that features professionals working at the cutting edge of technology and the unique career journeys that got them there. The series is hosted by Abednego Samudera, Manager at Michael Page Indonesia, who leads the Technology Practice.
Today’s featured techie is Faisal Yahya, a Country Manager at Vantage Point Security in Indonesia and a cybersecurity strategist with over 20 years of experience in the field. Faisal is well known as a pioneer of cybersecurity in Indonesia, where he calls home. In this interview, he shares the essential skills that the modern cybersecurity professional needs to possess and the inspiration that got him excited about cybersecurity in the first place.
Faisal Yahya, Country Manager at Vantage Point Security shares his insights
with Michael Page Indonesia’s Abednego Samudera.
Q: Was there ever a turning point in your career that made you realise that you enjoyed cybersecurity, both the offensive and defensive sides of it?
I’ve always considered myself a lone wolf. I enjoy learning at my own pace and at my own time. At the time, I knew that I could learn a lot of things on my own without involvement from too many other people — and that was actually a turning point. You cannot say that you are a cybersecurity person unless you keep studying and progress on an annual basis.
Cybersecurity personnel is a process, not a completion. For example, if you want to learn about the cloud, you need to rent a space in the cloud from someone else; if you want to be a database administrator, you need to get a database from someone else. There’s a lot of involvement from other people or external parties — but cybersecurity is very unique. Many companies have websites of their own. They are all online. So you can visit them, check them, you can create your own at-home lab to excel your skills. It is less dependent on other people.
That’s what makes me excited about this field. I can have my own time studying, and I enjoy doing that outside of my working hours.
Q: What obstacles have you had to face in your career?
In cybersecurity, you cannot tell people what you are reading. You need to tell people about your experience. This means that you have to do the work. You need to do the hands-on. The problem right now is that time is very limited, while the possibilities are unlimited. Meaning, you need to focus on the specific niche before you get deep in that area. Previously, I was working more on defensive measures, so I studied a lot about defensive certification. But now, I am working on the offensive. And then I switched to study more about the offensive. This is not because of where I work. It’s more about where I can spend maximum time in relation to my professional activities.
Q: For young, up-and-coming professionals in the field, what skills or domain would you tell them to focus on?
It’s always changing. People always think that cybersecurity is a single knowledge area. Actually, it is not. Right now, because of advancements in technology, there is a lot of knowledge that is related to cybersecurity, such as artificial intelligence. Another example is machine learning, which has to do with statistics, mathematics and user behaviours — or psychology. For example, in 2020, people will pay more attention to COVID19-related news, so they click on a link without being aware that it could potentially bring in more damage than good. So cybersecurity, as a knowledge, is expanding, thus allowing people to keep studying, improving, learning and relearning things.
It is important to have an interest in cybersecurity, but you also need to have a passion to learn. A degree in cybersecurity is not really a measurable thing, so you need to practise, keep active and engage with people in specific areas. Don’t limit yourself, and your ability to study is your biggest asset.
Q: Who or what inspires you?
With regards to cybersecurity, there is no specific person that inspires me but, on informational security, it would be my father. When I was nine years old, my father brought home a computer, and I still remember when it happened. He didn’t go to school, but he studied to become a programmer on his own simply by reading books. Every Sunday morning, he would play with his computer. I wondered at that time when the computer would start talking. I used to think that every computer should have the ability to talk on their own via software. I guess I watched too many cartoons at the time. Anyway, my father, who worked on his computer, inspired me at the time.
Later on, he learnt about programming, and I learnt how to make a virus. I studied assembly language. We worked on different parts, but those things were trigger moments. And having that curiosity to study more about the details and the process. That is what inspired me to work on information systems, so not specifically cybersecurity. It was my curiosity to learn about the details of the process. Because I saw how my father learnt everything himself just by reading books, I followed in his footsteps. That’s also how I became a lone wolf, in a way.