+ Reply to Thread
Results 1 to 5 of 5
  1. Junior Member
    Join Date
    Oct 2017
    Posts
    26
    #1

    Post Business Potential of lone wolf InfoSec Consultant

    We all know that that there has been a spurt of demand cyber security technologies, processes and people. Obviously the need of cyber security must be on minds of most of Small and Medium Business owners. But I am wondering how feasible it is for an experienced Cyber Security consultant to be successful in having one's own business as compared to a job? Is there a good demand yet, at least in big metro cities or is the cyber security assessments and audits still dominated by big well known corps big big budgets?
    Has anyone tried setting up a constancy business firsthand?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    May 2006
    Posts
    2,026

    Certifications
    CISSP, CCSP, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #2
    Quote Originally Posted by Snooper View Post
    We all know that that there has been a spurt of demand cyber security technologies, processes and people. Obviously the need of cyber security must be on minds of most of Small and Medium Business owners. But I am wondering how feasible it is for an experienced Cyber Security consultant to be successful in having one's own business as compared to a job? Is there a good demand yet, at least in big metro cities or is the cyber security assessments and audits still dominated by big well known corps big big budgets?
    Has anyone tried setting up a constancy business firsthand?
    I'd say small business owners worry of a Cyber doesnt even cross their mind. And those who do, small MSP's snatch them up before any lone consultant does.
    Reply With Quote Quote  

  4. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Galloway, NJ
    Posts
    1,388

    Certifications
    A+, Network +, GSEC, GCIH, Lunatic+
    #3
    Yes, I believe it's possible, however you need to build yourself a reputation in the field to get any real work. Take SANS instructors for example, a good many of them have consulting businesses where they make considerable more money than teaching. One instructor told me he makes over 500k a year consulting and about a 1/5 of that teaching SANS courses. He works alone, and has plenty of business. I would take a wild guess and say a good portion of his business comes from former students. After all who you gonna call when you need a consultant, some random guy out of the phone book? Or someone who has an industry reputation? In short, if you became a SANS instructor or taught on the side somewhere else, in a few years business will come to you with little effort on your part.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    996

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #4
    The hardest part is getting the clients. At least for ppl like me, who are very technical but are often clueless in sales and negotiations. It's really hard.

    I recently researched a resource called upwork that is supposed to connect clients and ppl like us without much of a middleman such as MSP/MSSP with their salespeople, accounting and management expenses.

    I was really stunned by the misery the folks over there live and money they get. There was a guy, with a considerable amount of certs, including CISSP, who requests something like $150/hour. Does he get what he asks? Nope. I checked his successful contract history and, amazingly enough, he did some DMARC configuring work for someone for fckn $20. Twenty! He agreed to this work and performed it! For $20!

    It's easy enough to configure DMARC when you know what you are doing, but $20? If you do that you have to do things right from the first attempt in order not to break things and this requires careful planning and researching the client, their infrastructure, etc. For damn twenty!
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Sep 2015
    Location
    Myrtle Beach, SC
    Posts
    214

    Certifications
    MCP, A+, Net+
    #5
    Yeah lots of people on those sites will do work for $5/hr, makes me wonder if anyone ever picks someone who works for a reasonable US price when its remote work.

    I use the sites for local field service work and do make money. I'm just getting started finding my own clients and just as mentioned its hard to get clients and 70-90% of the work is sales and the rest is technical and is true in just about any business endeavor. Some of what I consult is security for small businesses. My focus is getting small businesses away from their bad practices, ie sticky notes full of passwords on monitors among other things. Myself I'm not at the level that I'd be consulting for a company larger than say 100 users, but there's plenty of 1 to 100 user companies that need a lot of IT services and the MSP's out there do get them, but they also lose them all the time, you just have to be part of the market share.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks