Mind the Gap: Leveraging mind maps & self-assessments to develop a personal training plan

Let’s be clear here: there is a place for everyone and every skillset in cybersecurity.

MITRE is another organization that provides us all with a lot of cool & free resources. You’ve probably already heard of both ATT&CK and D3FEND — don’t worry, we won’t talk about that here. Instead, I’ll point to their earlier work, an amazing free book titled “Ten Strategies of a World-Class Cybersecurity Operations Center.” Seriously, this should be required reading for all blue-teamers, especially management types. For our purposes, we’re looking at page number 103 (PDF page 114), figure 16: “Typical Career Paths Through the SOC.” (NOTE THIS LINK LEADS STRAIGHT TO THE PDF).

Source: MITRE, https://www.mitre.org/sites/default/files/publications/pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf
Source: Henry Jiang, https://www.linkedin.com/pulse/cybersecurity-domain-map-ver-30-henry-jiang
  • Analyze
  • Collect and Operate
  • Investigate
  • Operation and Maintain
  • Oversee and Govern
  • Protect and Defend
  • Securely Provision

That’s a NICE Self-Assessment You Got There!

The first thing we need to do is jump over to the NICE framework’s resources page and download their supplemental Excel document. (NOTE: THIS HYPERLINK DOWNLOADS THE EXCEL FILE) This beast of a workbook includes a tab for every role in the NICE framework with some super complex lookups and links so you can easily navigate from a Table of Contents to the pages that you want to see.

  1. Click the “Click to view KSAs” hyperlink for our role on the Table of Contents page.
  2. Copy the entire KSA page.
  3. Open a blank workbook.
  4. Paste (plaintext) into the blank workbook.
  5. Navigate back to the supplemental workbook and copy the Tasks page for your role.
  6. Paste the Tasks as plaintext at the bottom of the page where you pasted the KSAs.
  7. You should now have the KSAs and Tasks in one long spreadsheet.
  8. Delete the extra lines and section titles between each category. For example, delete the blue line that says “Abilities” at the top of the abilities section.
  9. Insert a blank column and title it “Score.”
  10. Insert a blank column and title it “Category.”
  11. In the “Category” column, add the appropriate category (e.g. “Knowledge,” “Skills,” “Abilities,” and Task” for each line of the spreadsheet.
  1. I’ve heard of this, but please don’t ask me to explain it
  2. I’m familiar with the topic and can explain it with a little more research / Google-fu
  3. I get this stuff and can do it on my own
  4. This is my jam. I can perform this task on my own and my teammates ask me for assistance with this sorta thing. I can also explain it to my non-technical friends and family
  5. I’m kind of a big deal. I can teach it to anyone and others call me a SME for this topic
  • Risk management
  • Common networking protocols and fundamentals
  • Attacker methods and techniques

Putting it all together

So we decided we wanted to get into cybersecurity. We looked at a few career maps and decided that we want to be threat analysts. We realized that we have a LOT to learn to be a threat analyst and we completed a self-assessment of our cyber skillz to identify where to focus our training for the next few months.


Bonus Nerd Stuff

Hey if you like this approach and you like Excel formulas. I’ve included this bonus section to show how I create a quick dashboard for my self-assessment scores.

  • Category
  • Average
  • High
  • Low
  • Task
  • Knowledge
  • Skills
  • Abilities
  • In B3, type =AVERAGEIF(Category, A3, Score)
  • In B4, type =AVERAGEIF(Category, A4, Score)
  • In B5, type =AVERAGEIF(Category, A5, Score)
  • In B6, type =AVERAGEIF(Category, A6, Score)
  • In C3, type =MAXIFS(Score, Category, A3)
  • In C4, type =MAXIFS(Score, Category, A4)
  • In C5, type =MAXIFS(Score, Category, A6)
  • In C6, type =MAXIFS(Score, Category, A6)
  • In D3, type = MINIFS(Score, Category, A3)
  • In D4, type = MINIFS(Score, Category, A4)
  • In D5, type = MINIFS(Score, Category, A5)
  • In D6, type = MINIFS(Score, Category, A6)





Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Andy Piazza

Andy Piazza


I enjoy writing, mentoring, and sharing knowledge. I’m klrgrz (killer grizz) on Twitter. I do stuff n things with cyber threat intel.