I always assumed that cybersecurity was entirely about machines, codes, systems, networks, firewalls. It felt distant, technical, almost like another language spoken on another planet. But along my learning journey, something shifted, I learnt that there is more to Cybersecurity and so many roles come with this field.
A truth surfaced quietly, and once I saw it, I couldn’t unsee it:
Cybersecurity isn’t just technology.
Cybersecurity is people.
It’s behaviour. It’s emotion. It’s psychology.
There was a single moment where this clicked for me. I was studying social engineering; how attackers manipulate people long before they attack systems and suddenly it felt familiar. I have seen these patterns before. I have lived them. I understood the way humans act under stress, how they hide things, how they panic, how easily trust can be exploited, how fear can make someone hand over information without thinking twice.
Aviation had trained me for this without me realising it.
In aviation security, we are taught a simple but powerful chain:
Threat – anything or anyone that poses danger to civil aviation.
Vulnerability – the target exposed to the threat (passengers, aircraft, airline staff, airport).
Risk – the likelihood of the threat becoming reality.
A formula etched into every cabin crew’s mind:
RISK = THREAT + VULNERABILITY
And suddenly, it hit me:
The weakest link in any system is rarely the system but the human behind it.
Once that clicked, everything about cybersecurity changed for me.
I started paying attention differently.
Not only to the technical steps but to the human steps:
the emotional triggers, the motives, the pressures, the subtle manipulation techniques attackers use.
It felt familiar, almost like watching an old movie with new subtitles.
Aviation had already taught me how to read people, how to sense tension, how to spot inconsistencies, how to evaluate behaviour before words even formed.
And that’s when the fear of “starting from scratch” melted a little.
Because I realised I was not coming in empty-handed.
I was not an outsider.
I had been studying human behaviour for years without knowing it was one of cybersecurity’s most valuable skills.
In that moment, cybersecurity stopped feeling like a world of machines and started feeling like a world of humans: humans making mistakes, humans being manipulated, humans needing protection, humans creating loopholes without realising it.
And I understood something simple but powerful:
I am not just learning cybersecurity.
I am learning people and I have been doing that all along.
Want more like this?
I write about human-centred cybersecurity, risk, and career transitions.
