In cybersecurity, the landscape never stops changing. If you want to succeed, you need to adapt. Fast.
Early in my career, I stumbled on a mindset that completely changed the way I work and accelerated my growth.
I call it the “Just Figure It Out” mindset.
Today, information is everywhere. A quick Google search or a single LLM prompt can unlock answers that once took weeks (or months) to put together.
And yet… I’m constantly surprised by how many people don’t leverage the powerful tools we have at our fingertips.
They get stuck, shrug their shoulders, and either move on or throw it over the fence to someone else.
With resourcefulness and the right mentality, you can solve problems faster, learn new skills on the fly, and keep pace with an industry that refuses to stand still.
Here’s how I’ve applied the “Just Figure It Out” mentality across different areas of cybersecurity, and why it’s been one of the biggest growth drivers of my career.
New Tools & Technologies
Cybersecurity touches every corner of the tech industry, which means it’s constantly evolving alongside every tangent.
Attackers adapt their techniques daily, and staying ahead means adapting just as fast.
In my opinion, one of the best ways to do this is staying up to date with the latest tools. Whether it’s enterprise platforms or open-source projects, modern security teams have more options than ever.
Just see what problems people are solving out there.
And with the rise of SaaS and AI lowering the barrier to building products, each solution seems to have countless competitors - so you’ll be able to compare and contrast what works best for your use case.
The truth is, no two organizations will ever have an identical stack. Your next role might have a different SIEM, a new EDR, or a more expensive email getaway.
But no one is reinventing the wheel. The fundamentals remain the same.
Once you understand the core concepts behind tools like SIEMs, EDRs, and cloud providers, the differences lie in just the details.
That’s where the “Just Figure It Out” mindset kicks in. Learn to learn the nuances quickly without feeling like you’re starting from scratch.
New Languages
No, I’m not talking about French or Spanish. I’m talking about the different syntaxes you’ll come across as you pick up new tools and technologies.
Query Languages are a commodity these days. Every tool you’ll come across seems to have its own flavor.
But once you’ve mastered one, adapting to others gets easier.
At its core, they all work the same way: you’re selecting data from somewhere and filtering it down to what you find valuable.
The same goes for programming languages. If you learn the major language in the cybersecurity landscape (Python), you’ll find most security systems will support it.
And when you inevitably have to pivot, you’ll find it much easier to pick up that next language.
For example, with the rise of Infrastructure as Code, security engineers have been pushed to pick up Terraform. But a declarative language is much easier to pick up after learning the basics of an object-oriented language.
Plus, with LLMs at your fingertips, you can prompt to learn and prompt to solve. Leverage them to explain concepts, walk through examples, and accelerate your understanding - but don’t let it replace your critical thinking.
Accessibility isn’t an excuse to stay shallow.
Read, understand, implement. That’s how you’ll build lasting skills.
Incident Response
Every company is different. Tech stacks may look similar on paper, but architecture never is.
As you join a new organization, one of your first hurdles is learning the network and all of the services running inside of it.
Again - while the fundamentals don’t change, you’ll have to learn how the dots connect.
And even if you’re not new to an org, you’ll often respond to incidents in parts of the environment you never touched before. In fact, I’d argue most incidents don’t come neatly packaged with the full context you’d like.
You’ll be working with incomplete information, siloed knowledge, and business context you’re still piecing together.
That’s where “Just Figure It Out” really matters - learning how to make decisions with incomplete information.
You’ll need to learn how to quickly pull in the right team (system admins, developers, business owners) and piece together the puzzle on the fly.
That ability to adapt, learn, and connect the dots under pressure is what separates a good responder from a great one.
- Today’s Sponsor -
Whether it’s Detection Engineering, Incident Response, or Threat Huting - Security Operations is built on data. And as a Security Engineer, you need to make that data work for you. Selecty is a database-agnostic, sidecar query assistant built to do just that. Generate queries based on your table schehmas, optimize them to your use case, iterate on them quickly, and debug faster than ever - all in one sleek interface. Check it out!
New SIEM Sources
This one’s a given. You’re always going to be onboarding new log sources that you’ll need to learn in order to be effective at your job.
As business expands, so will the use cases for your SIEM - new tools, services, integrations. And with each comes a new schema to decipher.
We’d all love a world where logs are neatly standardized to a common schema, but that’s never going to happen. The reality is - that’s your job when you’re crafting your SIEM ingestion.
You’ll need to crack open raw logs, pick apart the key/value pairs, and figure out where the valuable fields lie.
Turning that noise into actionable data is a skill you only build by doing.
A “Just Figure It Out” mentality here can make you an assassin on the keyboard. The faster you can make sense of a new data source, the more valuable you become when an investigation lands on your plate.
Nothing is better than being so familiar with your log sources that you can write queries on a schema from memory.
And the only way to get to this level is by finding an excuse to work with your data:
Run your own mini threat hunts
Find excuses to test new detection ideas
Build and refine a saved query library
Investigate alerts manually instead of relying only on dashboards
Each of these builds a framework that forces you to “Just Figure It Out.”
And over time, those reps will make you reliable when it’s crunch time.
Cloud Micro-Services
It’s natural to get comfortable with the cloud services you touch every day. You build muscle memory, you learn the quirks, and you become incredibly efficient.
But as businesses evolve, new services will almost always get thrown into the mix.
That’s where the “Just Figure It Out” mentality comes in. When a new service lands on your plate, lean on every resource at your disposal:
Leveraging official docs
Reading Blog Posts
Speaking with SMEs
Digging into Log Sources
Personally, I prefer the latter - logs don’t lie.
Take AWS CloudTrail for example. By filtering down to a new service, you can piece together flows, establish baselines, and learn its schema in the context of your environment.
All of these skills start to stack. Once you’ve figured out a few services, your confidence will compound, and the next one won’t feel so intimidating.
And if you’re not there yet? That’s fine. You already know the answer: Just Figure It Out.
New Responsibilities
As you grow in your career, your responsibilities will inevitably expand.
And with that expansion comes the uncomfortable reality that you’ll be pushed into areas you’ve never touched before.
It’s part of growth not only as a professional, but as a person.
You won’t always be an expert. You may be asked to manage a team in a domain of cybersecurity you’ve never been hands-on with. Or lead a strategic initiative in an area that’s brand new to you.
In those moments, the “Just Figure It Out” mentality is your best tool.
Your job isn’t to know everything, it’s to learn fast enough to stay in the conversation and contribute meaningfully.
Knowledge is everywhere. But turning that knowledge into action is what makes you invaluable.
The Cybersec Café Discord is officially live! Join a growing community of cybersecurity professionals who are serious about leveling up. Connect, collaborate, and grow your skills with others on the same journey. From live events to real-world security discussions — this is where the next generation of defenders connects. Join for free below.
Seriously, Just Figure It Out
The “Just Figure It Out” mentality is one of the fastest ways to grow.
It builds knowledge. It builds confidence. And it proves to yourself that you can handle whatever gets thrown your way.
At its core, it’s all about mindset - the belief that you not only can figure it out, but that you will.
Why? Because the information is out there. 99.9% of the time, we’re not reinventing the wheel.
The real skill is knowing how to find that information and apply it to solve problems.
So when in doubt… Just Figure It Out.
Securely Yours,
Ryan G. Cox
P.S. The Cybersec Cafe follows a weekly cadence.
Each week, I deliver a Deep Dive on a cybersecurity topic designed to sharpen your perspective, strengthen your technical edge, and support your growth as a professional - straight to your inbox.
. . .
For more insights and updates between issues, you can always find me on Twitter/X or my Website. Let’s keep learning, sharing, and leveling up together.