SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Flare tammy 1200x677
#
Ransomware
#
Cybersecurity
#
Threat intelligence

Breaking in without a blueprint: Lessons learned from my nontraditional path to cybersecurity

Thu, 5th Mar 2026
By Tammy Harper, Senior Threat Intelligence Researcher, Flare

When people think about a successful career in cybersecurity, they often picture a computer science degree, a clear technical track, and a mapped progression from analyst to expert. My path looked nothing like that.

I began my career in door-to-door sales. I did not have a degree in computer science or criminology, nor did I have internship experience in the field. What I did have was technical curiosity, a willingness to learn, and a clear understanding that cybersecurity offered an exciting opportunity.

When I began my journey into the field, I could not afford a full multiyear degree, so I chose a condensed program focused on cybersecurity fundamentals and advanced training. Before I had even completed it, my instructor hired me. The company was managing a significant security case and needed additional support, and I found myself drawn to digital forensics and incident response almost immediately.

That moment illustrates something important about the industry: There is no single entry point. Cybersecurity rewards capability, not pedigree. But for those of us without traditional credentials, capability alone is not always enough. While these paths can be difficult, they can also be rewarding after you experience career success. Here are some lessons I learned from my nontraditional path into threat intelligence.

You need to manage the pressure to achieve

Entering the field without a conventional background meant proving that I belonged. My résumé did not automatically signal credibility, and without an academic pedigree that conveyed authority in threat intelligence, I had to build that authority from the ground up through output, consistency, and relentless effort.

Early on, I worked intensely. I took on complex assignments, built networks of sources, and looked for opportunities to add value at work. At my previous employer, I took the initiative to help establish a threat intelligence function. What began as answering basic questions evolved into deeper investigative work.

Over time, I carved out a niche in identifying and tracking ransomware groups. Globally, only a limited number of researchers focus on hunting and identifying emerging ransomware infrastructure at its earliest stages, and even fewer are women. It is a tight-knit community in which credibility is earned through accuracy and consistency. From the outside, my career appeared to be gaining momentum quickly.

The lesson I learned is that pressure can be a catalyst, but it can also distort perspective. When achievement becomes the only metric, you stop acknowledging growth and recognizing progress. Over time, that mindset becomes unsustainable. The pressure to achieve shaped my career, but learning to manage that pressure is what will sustain it.

It's important to celebrate all the wins

I approached the beginning of my career as a race. I felt pressure not only to establish myself professionally but also to provide financial stability for my family. That responsibility intensified the urgency I already carried as one of the few women in my field, and it shaped how I measured success.

The result was constant forward motion: the next case, the next conference, the next presentation. When I began speaking publicly, I treated each acceptance as a stepping stone rather than an achievement. Travelling internationally to present original research became another item on a checklist instead of a milestone worth recognizing.

The lesson learned is that sustainable success requires more than output. It requires perspective. Small victories matter because they mark growth. Overlooking them in pursuit of the next milestone can lead to burnout.

Being invited to speak at a major industry conference for the first time, seeing your research cited by competitors, or being welcomed into respected professional groups are not minor moments. They are indicators of credibility and growth. Recognizing them is just as important as the work itself.

Representation for women in tech matters

Women remain underrepresented in cybersecurity, and that imbalance is even more pronounced in highly technical or intelligence-focused niches. In many of the professional circles I move in, women are the exception rather than the norm. 

This reality has reinforced for me that representation matters. When there are a limited number of women in the room, you are aware that your performance shapes perceptions beyond yourself. There is a heightened sense of responsibility to demonstrate expertise, composure, and leadership. That awareness can be motivating, but it can also be heavy.

At times, I have also encountered another challenge: scarcity thinking among women. When opportunities appear limited, it can create the false perception that one person's success reduces another's chances. In reality, the opposite is true. Every credible voice expands the space for others. Elevating additional women into technical leadership does not dilute influence; it strengthens the field.

Cybersecurity is complex. It benefits from diverse perspectives and varied paths into the field. Creating space for more women, especially in highly technical and intelligence-driven roles, is not about optics. It is about strengthening the discipline itself.

Building a sustainable cybersecurity career

If I could offer guidance to women considering cybersecurity, especially those from nontraditional backgrounds, it would be the following:

First, do not assume you are unqualified because your path is unconventional. This field rewards capability, curiosity, and persistence. Many skills learned from other industries and experiences are transferable when applied thoughtfully.

Second, build genuine relationships, not just professional contacts but trusted peers. The work can be isolating, particularly in intelligence roles. Having friends in the industry - people who understand the pressures and nuances - makes a significant difference.

Third, avoid turning your career into a constant race. Early on, I felt I had to prove myself at every step, which was exhausting. Instead, take time to celebrate the smaller wins when you can. This will show steady success and create motivation to hit the next goals.

On International Women's Day, I hope more women see that there is space for them in the cybersecurity industry, even if they don't take the conventional way to get there. While having a nontraditional path may be challenging, the industry needs skilled practitioners, and skill is built through commitment - not credentials alone.

Related stories
Vodafone & Google Cloud launch AI & security tools
Locai Labs deploys AI coding assistant at First Light Fusion
Infosecurity Europe adds AI summit amid cyber defence shift
ISACA launches AI risk certification amid governance gap
Cyber Essentials update raises bar on visibility gaps

Top stories

Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack
Black Box Automation vs. Engineer Control: The partnership redefining Kubernetes FinOps
Automotive microcontroller market set to hit USD $15.1bn
BlackBox Hosting partners Everpure for sovereign cloud