2025 Roadmap☁️🔒

Cloud & Security...

Dec 18, 2024

I’m not going to lay out a bunch of stuff you already know here

….Learn the cloud, get comfortable with Docker etc you’ve heard all this before…

I want to share four things - I’m ACTUALLY recommending you lean into next year by sharing what I’m planning on leveling up in myself…

These aren’t just hard tech skills ☁️🔒

If you’re looking for more of a traditional Roadmap, this is still relevant: 2024: A Cyber Security Road Map 🛣️

If you’re unsure about where to focus your studies next year, hopefully this will help start to build a rough roadmap…

Why? 🤔

It’s good to have a plan… simple.
Honestly half the time I get distracted with life and other projects but I least know where to come back to when I feel lost.

Enough already, I don’t care about your inner monologue - give me the Roadmap…

Next year, I want to get comfortable with attending different conferences and meetups in Cloud and Security. I recently went to BSides London, and I loved it! I didn’t realise how important it was to connect face-to-face with like-minded people who share the same interests and challenges.

In a fully remote world, it’s so easy to skip these opportunities, especially when life, work, and projects pile up. But I challenge you, even if you’re just starting out or trying to land that first role, attend at least one event next year.

Here are some options:

Look for local security meetups (like OWASP chapters or Cloud user groups in your city).
Join larger conferences like BSides, KubeCon, AWS re:Invent, or RSA Conference. Many offer affordable or free options if you’re new!
Don’t overlook online conferences either - while not the same as being there in person, they can still connect you with people and ideas.

Why does this matter?
Networking isn’t just about getting a job or finding opportunities, it’s about feeling a part of a community. When you see that others are on the same path, it motivates you to keep going.

Set this goal for 2025: One event, one connection, one step forward.

By the end of 2025, I want to have built a new product. I’m not ready to share exactly what that is yet, but I can tell you this: it’s going to involve learning a whole new set of skills from both a Cloud and Software Engineering perspective.

I’m planning to document everything as I go - The wins, the failures, and the lessons, and I’ll be inviting you all to join the beta version when it’s ready.

Why build in public?
Because sharing the process is just as valuable as the final product. It keeps you accountable, helps others learn alongside you, and creates a community that’s rooting for your success. Plus, it’s an incredible way to showcase your skills and progress over time.

I encourage you to do the same.
Whether you’re working on a personal project, a certification, or your first security tool, document it. Here’s how:

Share your progress on SubStack, X, or wherever you’re active. Think “I built X to solve Y problem.”
Don’t be afraid to show your process: Struggles included. People connect with honesty and real stories.
Engage with feedback. Let people join your journey, ask questions, and suggest ideas: You’ll be surprised how much you can learn from others.

Building in public isn’t about being perfect. It’s about learning out loud, creating connections, and proving to yourself that you can turn an idea into reality.

Set this goal for 2025: Build something, share the process, and watch yourself grow.

Stating the obvious much…

AI tools are going to be a non-negotiable for any employer soon and are already changing Cloud and Security - This is just the beginning. Next year, I’m exploring how to use AI to improve my cloud workflows, analyze security logs, and automate responses.

What not to do:
Don’t rely on AI if you’re learning - This is a trap, you will become what’s know as an “Expert Beginner” - Some YouTuber I can’t remember the name of…
You will be able to tackle high level problems, without understanding the basics.

What to learn: Explore cloud-native AI tools like AWS Bedrock, For security, tools like Elastic Security or AI-powered SIEM solutions are a great start. Finally, understand the basics: LLMs, AI Models API’s, RAG etc
Why it matters: AI is here. Whether you’re analysing mountains of logs or streamlining processes, knowing how to work with AI makes you invaluable.

Set a challenge: Use an AI tool to automate a task—like summarising logs or detecting security anomalies in your cloud environment.

I’ve put this one off for long enough, Kubernetes isn’t just a buzzword anymore; it’s the backbone of modern cloud applications…. and I still don’t know it 💀

If you’re already comfortable with Docker, next year is the time to level up your Kubernetes skills…I’m telling myself this more than you.

If you also want to level up with me, we will need to focus on concepts like pods, services, deployments, and Helm charts. Tools like K9s (Kubernetes CLI) or Lens can help make navigating Kubernetes clusters easier.

What we could do: Deploy a small application on Kubernetes, secure it, and monitor it using tools like Prometheus or Grafana.

Challenge: Build a Kubernetes lab environment and deploy a multi-service app with security and monitoring enabled.

🎉🎉

I hope this helped! Let me know if you want a more hardcore nitty gritty insight into the kinds of projects you should be doing in 2025.

Thank you for reading: Keep it secure, keep it light-hearted!

WJPearce - CyberBrew