Eugene Tawiah, CISSP, is a New York City native who turned an "unhealthy obsession" with PCs aged 2600 into a successful career in information security and compliance. He's been a member of (ISC)² since November 2013.
What made you decide to start a career in information security?
I've been interested in information security since 1992, when a network administrator introduced me to a BBS, or bulletin board system, and showed me how to "break" into systems. I love my "break" credits to the media. I co-hosted an online cybersecurity-focused gray hat "radio" show in lower Manhattan. A New York Times reporter named Anthony Lappé heard about my radio show, and he wanted to see what we were talking about. I think my No. 1 rule at the time: "Don't talk to the media." A front-page New York Times article about my radio show garnered a lot of unwanted attention from law enforcement agencies. The sudden attention from the 15 minutes of fame gave me an inside look at how mass media works and the desire to know more fueled my drive into consulting.
A lot of members dream of starting a company and being an entrepreneur. For those who are still working to actually succeed in this business?
I come across as very confident, but I felt it's equally important to take the plunge. I knew how to run systems, but running a business required learning many new skills. I offer a few bits of advice based on my experience:
- Don't be afraid to admit what you don't know
- Build a strong network of peers and mentors
- Stay focused on your core competencies
- Keep learning and adapting to new technologies
Where do you see yourself in 10 years?
I would love to find a CISO role in a large well-known enterprise or an educational institute where I can make a significant impact on organizational security.
How important is your CISSP to your career?
My CISSP is very important to my career, and it is highly respected in the industry. I have the hands-on experience; however, this well-respected certification adds another dimension to my profile and starts important conversations with clients and employers.
Where do you see (ISC)² in 10 years?
I see (ISC)² continuing to evolve with the changing threat landscape, opening doors for cybersecurity professionals, and starting important conversations about security best practices across all industries.
"My CISSP certification adds credibility to my experience and opens doors that might otherwise remain closed. It's not just about what you know—it's about being able to prove it."
— Eugene Tawiah, CISSP
This interview highlights Eugene Tawiah's journey from teenage hacker to respected cybersecurity professional, emphasizing the importance of continuous learning and professional certification in building a successful security career.