SELECT * FROM Introduction;

Just before I sat down to write this, I had been analyzing different types of maps, thousands of photos of train tracks in British Columbia, cross-referencing transmission corridors with hiking trails to identify the real-world location of a nano banana-generated Ghibli-style scene… and falling in love with the process of finding a needle in a haystack. And yes, it was to find the first flag of a CTF.

My first exposure to cyberspace came from watching Garcia – the original OSINT queen – on Criminal Minds locate an assailant in under a minute, pinging cell towers and surfacing information about virtually anyone with a few keystrokes. I remember being 8 years old, thinking less about the theatrics and more about the mechanics, how she took barely tangential pieces of information and correlated them into something coherent enough to identify, locate, and stop a suspect. In hindsight, the earliest sign that I was a nerd was that I found the data more compelling than Shemar Moore.

Cybersecurity, I’ve learned, is expansive and rarely straightforward. For most end users, security starts and ends with password strength; for most entry-level practitioners – me included – impossible travel has a way of masquerading as the ultimate IOC; and for tenured researchers, definitive attribution can surface almost like a reflex. In a field defined by scale and complexity, the sheer volume of resources can make early learning feel paralyzing. Overwhelm, self-doubt, and indecision are common byproducts. You are not alone; rather than ignoring this existential truth, it’s worth naming it.

How We Ended Up Here

If you, reader, are anything like me, then you are familiar with the following process:

1. Have a question about something

2. Research the answer

3. Intermission to go down multiple irrelevant rabbit holes

4. Find the answer to the original question

5. End up with 1000 new questions

6. Existential crisis

7. Repeat!

This process is more so a rite of passage when entering the threat intelligence & cybersecurity space. It is also a litmus test of tolerance against the inherent nature of the job - you will always have unanswered questions, and that is what makes the work so exciting.

One of my recent encounters with this process was, naturally, at 2 AM as I maniacally tried to figure out the answer to the very pressing question: “Where in cybersecurity do I fit?”

This late-night rabbit hole was, in part, prompted by my discovery of Henry Jiang’s Map of Cybersecurity Domains. While Jiang outlines different facets of the industry in a very visually pleasing and palatable way, the map left me more confused than it did entice me to any one niche. Every domain connected to three others; technical paths bled into compliance tracks; creative OSINT work sat alongside cryptography and risk frameworks. The vastness wasn’t inspiring; it was paralyzing. Blue teaming, red teaming, security & detection engineering, threat intelligence research… the list continues, my question still unanswered.

sudo whatdoichoose

Paralysis sets in when you’re optimizing for the perfect choice rather than taking the next step. Getting unstuck means understanding the mechanics of the loop you’re in, and then deliberately disrupting it.

Permission Denied: Why Paralysis Happens

• The Paradox of Choice & Hick’s Law: Unlike other fields with linear progressions, cybersecurity offers infinite branching paths that are constantly evolving. (If you want the science behind why this breaks your brain, look up Hick’s Law – TLDR: more options = longer you’ll stare at the screen doing nothing).

• The “I Need to Know Everything” Trap: Security engineers & researchers of all specialties are especially prone to this – if everything is connected, how do you choose just one thread?

• Imposter Syndrome as a Feature, Not a Bug: Everyone feels underqualified. The field moves faster than anyone can keep up. This is normal. Some moments will feel like your head is well above the water, and some will feel like your back is turned to a crashing wave.

• The Resource Rabbit Hole: You search “how to get started in threat intelligence” and get a seemingly uncountable number of YouTube videos, vendor blogs with conflicting methodologies, GitHub repos of varying quality – some abandoned, paid courses, and Twitter threads that all assume different baseline knowledge.

Curating a comprehensive learning path becomes a full-time job. You spend three hours building a perfectly organized bookmark folder and a Notion page of resources, then feel so mentally exhausted you can’t actually start learning from them. The research about learning displaces the learning itself.

The Knowledge Depreciation Problem

Why it Feels Like You’re Always Starting Over

You finally wrap your head around basic Python scripting, and suddenly everyone’s saying you should learn Go or Rust for security tooling. You master the fundamentals of approaching and solving CTF or OSINT challenges, only for the platforms you learned on to get shut down or paywalled. You spend weeks understanding MITRE ATT&CK techniques, and new research comes out that reshapes how those techniques are approached.

This isn’t unique to cybersecurity, but the velocity is brutal. By the time you feel competent with the basics, the landscape has shifted. This creates a vicious cycle: “Why should I invest time learning X if it’ll be obsolete as soon as I understand it?”

The paralysis here isn’t about too many choices – it’s about the fear that any choice you make has an expiration date. You’re not just learning a skill; you’re trying to hit a moving target that you can’t even see. Ask yourself: what would happen if you stopped chasing the target altogether? The answer may surprise you - and it’s coming up next.