How to Set Smart Goals (That Actually Work For You)

written by Graham Helton || Guest Author

This article was originally published in the InfoSec Survival Guide: Green Book. Find it free online HERE or order your $1 physical copy on the Spearphish General Store.

Setting goals is a deceptively simple career skill we all know is important, but how do you set goals you’re actually excited to work towards?

First Step

Identify what you’re trying to set out to achieve. Is it landing a job? Learning a programming language? Learning how to exit vim? The traditional litmus test for if a goal is high quality is to identify if it is S.M.A.R.T.: Specific, Measurable, Achievable, Relevant, and Time-Bound. This is a good starting place… but remember to tailor it to your circumstances! For example, I almost never make my goals “time-bound” because I generally have zero clue how long something new will take and I don’t want to rush (or limit) my learning. It simply doesn’t work for me, and that’s ok. Where SMART goals can help is when trying to work towards an ambiguous goal such as “learning to code,” which is probably too broad of a goal. When you sit down to work on it, where do you even begin?

I want to:

1. Learn to code.
2. Become a penetration tester.

so my SMART goal is:

1. Finish 3 tools using Python.
2. Spend 1 hour a day learning skills that are listed on job postings for a penetration tester.

Break It Down

Now that you’ve defined your main goal, break it down into smaller sub-goals that you can easily accomplish. If you have to do multiple things to accomplish a sub-goal, you probably need to break it down further.

My SMART goal is:

1. Finish 3 tools using Python.

so the sub-goals are:

1. Find a resource for learning Python.
2. Work through 1 chapter per day of Automate the Boring Stuff with Python by Al Sweigart.
3. Write a tool that automates a simple task you do frequently (x3).

My SMART goal is:

2. Spend 1 hour a day learning skills that are listed on job postings for a penetration tester.

so the sub-goals are:

1. Find 10 job postings for penetration testers.
2. Make a list of each skill or technology they want experience in.
3. Find learning resources for each skill or technology.
4. Spend 1 hour per day going through the learning resources.

Helpful Tips

Now, for the fun part — working towards your goals. This is where 99% of the work comes in.

Can’t find the time (or energy) to work towards your goal?

Work on them early in the day if you can. The later in the day you start working on your goals, the more likely you are to be too consumed by other important daily life tasks which makes it easy to say, “Oh, I’ll get to it tomorrow.” You’re (probably) a human, though; some days you’ll just want to watch Netflix, don’t be too hard on yourself.

Keep a scratch pad.

If you’re easily distracted like I am, try keeping a notebook next to you in which you can write down any random thoughts that come to your mind. The second I attempt to start working towards my goals, my brain likes to flood me with reminders of other things I could be doing. Simply writing down those thoughts on a scratchpad allows me to get that thought out of my brain so that it doesn’t keep resurfacing while I’m trying to focus.

Find your own rhythm.

If you’re having a blast working towards something, keep going! Goals should be the minimum target, not the maximum. Having a blast studying a topic on your journey to become a penetration tester… but find yourself down a rabbit hole suddenly learning a different (cool) pentesting technique? As long as it’s at least somewhat related to your end goal, keep going! You learn the best when you are having fun.

Tell the world!

One of the best ways to keep things fun is to find people working on the same goals as you. The security community is vast and full of people working towards similar destinations. Connect and share your experiences; not only will it help others, but it will also help you stay accountable!

---

---

---

---