Books on a library shelf

Getting Started in InfoSec Consulting

A Beginner's and Beyond Guide by Ted Demopoulos

Getting Started in InfoSec Consulting book cover

A 5/5 easy recommend to just about anyone looking to be an expert in their field

Summary

Ted Demopoulos's book Getting Started in InfoSec Consulting: A Beginner's and Beyond Guide is packed with loads of real-world wisdom that is often hard to come by. It is 179 pages long and has 6 chapters, featuring a brief case study at the end of the first 5. The font is fairly large and the spacing is also generous, making it easy to read.

The book takes the reader through the processes of creating, building, and maintaining a small consulting practice. It never gets in the weeds, preferring to keep a high-level approach and focus on the key ideas instead of the minutiae.

While the title implies it is only about infosec consulting, this is a misnomer. The book is much more about consulting in general and how to "be" an expert. It teaches the reader about many ways to build a personal brand and gain the perspective of a qualified expert in the eyes of others. It also discusses general negotiation strategy and effective business practices.

Inside pages of the book

Pardon my copy, it is a little dirty

Chapter 1: What You Need to Know to Get Started

Chapter one focuses on defining and discussing terms such as "expert" and "consulting." It also looks into the advantages and disadvantages of consulting, consulting models, consulting types, and other considerations.

Chapter 2: Some Business Basics That Will Help a Lot

Chapter 2 discusses the more technical information in the book, such as corporations, LLCs, and processing and receiving payments. It also introduces essential business concepts such as upselling and sales.

Chapter 3: Getting Clients

The third chapter covers generating revenue by getting work (clients). The 11 ways outlined in the chapter to get clients are:

  • Have clients come to you
  • Direct outreach to people you know
  • Direct outreach to people you don't know
  • Referrals
  • Volunteering
  • Speaking
  • Writing
  • Networking
  • Trade associations
  • Advertising
  • Referral/subcontracting arrangements
Chapter layout showing reading session length

Each chapter is the perfect length for about one session of reading

Chapter 4: Pricing, Getting Paid, and Negotiations

Chapter 4 covers pricing strategies and key negotiation tactics such as building trust and taking your time.

Chapter 5: Getting and Maintaining Expert Status

Chapter 5 covers many different ways to increase your personal brand awareness and have people view you as an expert. It gives advice on speaking and on how to create a website, among other things.

Chapter 6: Making It Work Long Term

Chapter 6 serves as a conclusion to the book and covers topics such as how to keep yourself current. It gives suggestions from having a home lab, to writing a book or blog. Lastly, it covers exit strategies and options on where to go after you begin to find success as a consultant.

My Thoughts

Ted Demopoulos's book Getting Started in InfoSec Consulting: A Beginner's and Beyond Guide was a quick and easy read that, while not really technical or in-depth, did a wonderful job at transferring the real-world wisdom gained through years and years of experience to the reader.

The concepts discussed are extremely practical and applicable to almost anyone. The book contains many great tips and actionable items. Examples of these tips on how to build a personal brand are doing speaking engagements with the local Rotary club or creating a blog. It was also enlightening to read the case studies of other people at the end of each chapter.

The tone of the writer is personable and friendly, and when combined with the larger font and word spacing, it makes for an enjoyable experience. The chapters are split well and contain the amount of content that is good for about one reading session.

Book page example showing approachable writing style

It certainly does not read like a textbook or an encyclopedia.

I thoroughly enjoyed the book and would recommend it to just about anyone looking to take their career to the next level past what is possible with just technical abilities. It is for more people than just InfoSec consultants. It really helped me lay the path to get from where I am now to the in-demand expert I want to be. It gave me a large part of the inspiration and motivation to do the book review you're reading and a lot of the other content I have in the pipeline.

Key Takeaways

There were a couple of profound takeaways I had from reading Getting Started in InfoSec Consulting.

The first is that if I want to be an expert, I need to be an expert. This means standing up for myself in negotiations, among other things. As an example, charging what I believe my work to be worth and sticking to it instead of lowering prices. It also means being willing to lose deals that are not in my best interest to win. Most importantly, being the expert means being confident and speaking with authority on matters in which I am indeed an expert. The difference between me and someone viewed as more of an "expert" is often simply due to brand recognition and awareness - more people know of them. They may not actually be more knowledgeable or skilled regarding the subject matter.

The second key takeaway is the true importance of networking. Clients and work should come to you, and this is accomplished more often than not through word of mouth. Being an active part of the community and establishing and maintaining friendships is as important as any other form of career development or technical skill that could be learned.

At the end of the day, you could be the best person in the world at what you do, but if no one knows who you are or what you do, it doesn't matter.

Motivational image about becoming an expert

Be the expert you want to be!

Where to Buy

Hardcover: $26 | Paperback: $18 (at time of writing)

amazon.com