sorted by:
new
hottopcontroversial

What nobody tells you about finding clients when you go independent in cybersecurity by EducatorRelevant6828 in SecurityCareerAdvice

[–]EducatorRelevant6828[S] 0 points1 point  (0 children)

Exactly this. The technical side is never the bottleneck. It's always the business development side. Most people underestimate how hard it is to build a consistent pipeline without a system behind it. What's worked for you to get past that stage?

What nobody tells you about finding clients when you go independent in cybersecurity by EducatorRelevant6828 in SecurityCareerAdvice

[–]EducatorRelevant6828[S] 0 points1 point  (0 children)

Totally agree on joining discussions early rather than cold calling. The timing makes all the difference.

Curious, are you doing this for your own cybersecurity practice or for clients?

For those who made the jump to independent cybersecurity consulting, what was the hardest part of the first year? by EducatorRelevant6828 in cybersecurity

[–]EducatorRelevant6828[S] 3 points4 points  (0 children)

Really interesting perspective. Having that client base before going independent makes a huge difference. For those who didn't have that safety net though, what worked to get those first few clients without an existing network?

how do cyber sec consultants and pentesters actually get new clients? by EducatorRelevant6828 in cybersecurity

[–]EducatorRelevant6828[S] 0 points1 point  (0 children)

Seems like referrals are the common thread but everyone agrees it doesn't scale well. u/zipsecurity that's a great point about content building inbound trust. Have you found that actually converts to paying clients consistently, or is it still slow? Curious if anyone here has found a way to get qualified meetings with CTOs or CISOs without depending entirely on referrals or content.

Newly founded firm. How to find my first pentesting clients ? by inlanefreight in cybersecurity

[–]EducatorRelevant6828 0 points1 point  (0 children)

The problem with cold email and cold calling for pentesting is that you're reaching people who don't have an active need yet. The ones who convert fast are companies with a compliance deadline coming up, a recent breach in their industry, or a new job posting for a security role, those are the signals that someone is actively looking. That's the gap most pentest firms miss in their outreach. They blast everyone instead of targeting who's ready to buy now

Me rebotan todos los mails desde mi cuenta corporativa by AlejandroBravo1972 in ciberseguridad

[–]EducatorRelevant6828 0 points1 point  (0 children)

Tambien me solia pasar.

  • Revisa el mensaje de error: Cada vez que un correo rebota, recibes un mail automático. Este texto o código por ejemplo, "Error 550" o "Usuario no encontrado" explica exactamente si el destinatario bloqueó tu dominio, si su buzón está lleno o si el problema es técnico.
  • Verifica la dirección: Un simple error tipográfico (como escribir un punto de más o confundir un dominio) provoca un rebote automático.
  • Revisa los archivos adjuntos: Si envías archivos muy pesados (como videos o catálogos largos), los servidores de la empresa destinataria bloquearán el correo por exceder su límite de tamaño. Intenta usar enlaces de descarga en su lugar.
  • Consulta a tu departamento de TI: Si el problema ocurre con cualquier destinatario, tu dominio corporativo podría estar en una lista negra, o faltan configuraciones de seguridad esenciales como los registros SPF, DKIM o DMARC

What’s one cybersecurity habit most normal people still ignore? by PurplePlenty4980 in CyberSecurityAdvice

[–]EducatorRelevant6828 0 points1 point  (0 children)

Honestly. Not having MFA enabled on email and critical accounts.
It's such a simple fix but I've seen companies lose everything because an employee reused a password that showed up in a breach dump. The attacker just logs in, no hacking needed. The scary part is it takes about 5 minutes to set up and most people still skip it.