I have completed 60 days now at PwC and wish I could say that I am charging along, full-speed ahead on all the challenges of working for the biggest of the Big 4. The truth is that my pace is more like a slow jog as I discover what a fast-paced world of exciting challenges I have entered.

My first 60 days here has involved me in a learning curve that I hadn’t expected. Working at the same level as my peers here requires a whole new level of leadership skills and the ability to multitask. In my first 60 days my biggest achievement can be summarized as: I now think I know what I don’t know. Or, as the Four Stages of Competence model calls it, I achieved the level of Conscious Incompetence.

What is the Four Stages of Competence model?

Four Stages of CompetenceThe first stage of competence is Unconscious Incompetence, where you know so little about a task that you feel you can jump right in without further preparation.

The second stage is Conscious Incompetence, where you recognize how much you need to learn before you can complete the task successfully. In other words, you lack the knowledge and experience you need, but at least realize what all you need to know and are willing to learn it.

The third stage is Conscious Competence, where you have acquired enough knowledge and experience to do the task, but only when you give it your full attention.

The fourth stage is Unconscious Competence, where you are expert enough that you can easily carry out the tasks. In other words, they have become second nature to you.

I naively came to PwC expecting to start at the fourth stage. I was so confident that my lengthy and varied experience would have prepared me well for PwC challenges that it never crossed my mind that there were things I would need to learn.

I was wrong.

What did I expect when I decided to join PwC?

I obviously pursued my position at PwC for reasons other than how much I expected to learn here.

One thing that drew me was PwC’s reputation for caring about their clients and the world around them. I wanted to continue doing the work I love while contributing to making the world a better place.

It certainly didn’t hurt that PwC also has a reputation for taking good care of their consultants.

I pursued PwC also because of its commitment to world-class cybersecurity. Although, I have to admit, I had few reservations about that. Like many people, I’d always viewed PwC as primarily an accounting and auditing firm. Their reputation for cybersecurity is less widely known. The question I had was whether I’d be working with cybersecurity specialists on challenging problems or working with accountants to keep the tally of cybersecurity losses our clients experienced.

What I discovered about PwC by now?

Contrary to my initial reservations, I found PwC to be way ahead of the most of the cybersecurity industry.

For example, my team here has been hacking cars and drones as mundane parts of the normal business day before it became a subject of advanced research to be demoed on the BlackHat conference.

PwC worked with Google to develop a Security Intelligence platform in the cloud. By all initial measures, this solution is outperforming anything else currently on the market.

My colleagues here in Hong Kong team have developed a proprietary tool for testing our clients’ cybersecurity postures. They took few different types of cutting-edge malware, removed all the nasty bits and replaced it with useful reporting tools, tested to exhaustion their ability to control the malware, and are now using it to test how well our client’s prevention and detection methods work. When you think about it – what better way to test the cybersecurity than by using exactly the same approaches and tools that cybercriminals use to wreck a havoc across enterprises?

PwC cybersecurity operates at the level of geekiness that I haven’t experienced even in IBM. And I love it!

PwC’s Risk Assurance practice, which focuses on helping clients change the way they perceive and manage risk so they can actually capitalize on it, has been growing at the astounding rate of 30% in this part of the world. That growth shows no sign of slowing in the near future. It’s gratifying to be part of turning threats into opportunities.

I’ve found also that PwC’s reputation for caring about clients is far understated. Asking what’s best for the client and for society truly takes precedence over what is most profitable for PwC. And that concern for clients doesn’t stop with the immediate problem. Everybody around me is constantly analyzing mega trends and local trends, thinking about how those trends could impact their clients and what PwC could do to make sure not only that clients can capitalize on them, but that we can use those trends to benefit society, too.

For example, PwC is investing heavily in helping China’s food industry continue its growth while reducing the food safety scandals that afflicted it. Ultimately, we seek to help providers develop processes that will ensure safe and healthy food for consumers.

I’m excited to also be leading our Enterprise Resilience services. This program focuses on helping clients identify their vulnerabilities and embed countermeasures to them into their operating models, to facilitate speedy recovery from any type of disaster. Ultimately, our work in this area has applications far beyond the needs of just our clients. It extends to helping the world around them also quickly recover from disasters ranging from disaster-level cyber-attacks to natural disasters to pandemics and more.

PwC truly sees the value in becoming a long-term trusted advisor to its clients. And it sees the value in improving the world in which clients operate, recognizing that the more stable the society is in which a client operates, the more that client will thrive.

Just as PwC doesn’t value profits over the best interests of clients and society, PwC consultants don’t protect key knowledge to help them achieve personal advancement, as is common in many other businesses. A culture of sharing and learning drives a shared sense of purpose.

What I’ve found out about myself?

Sixty days into working at PwC, I’ve found stage two of the Four Stages of Competence – Conscious Incompetence – to be a good description of my current state. Although I’ve drawn on familiar competencies I’ve exercised in other companies, I’ve found that working for PwC has raised my expectations of myself to an entirely new level.

Those expectations have taken me to a new level of multitasking. I already have a bunch of tasks and internal learning courses that are way overdue.

Yet I find that I relish it all. Working at PwC has inspired me, with its limitless opportunities for personal and professional growth that are exceeded only by the opportunities PwC offers me to truly make a difference for clients and society.


I know I’m not at the level of competence here that I want to be. As befits the stage of Conscious Incompetence, I know there’s a lot more I need to master before I grow into what I see I can be here.

Not that I am totally lost. My current competencies enable me to deliver on the cybersecurity projects on which I work. But there’s so much more here than simply delivering on projects and marking them off my list. I have to become the leader that can bring together diverse global capabilities of PwC to deliver more than all of us individually could do.

I work for one of the most successful companies in the world; for the brand that is the second most powerful brand in the world (more powerful than Coca-Cola or Disney for example), yet one that puts the good of clients and society ahead of mere profits. I work for a network of firms that employ 200K+ people, yet shares information freely across that massive network. I work for a brand that spans many countries, cultures and ethnic groups of our world, yet instills in all those diverse individuals a common passion and purpose for solving big problems in society.

The technical challenge of working at the one of the world’s most advanced global cybersecurity companies – in the region that has the most cybersecurity challenges in the world – is as exciting as I expected it to be. The challenge of fully integrating myself into this highly collaborative and purpose-driven environment looks to be more thrilling than I would have imagined.

I will keep sharing my experiences with growing beyond Conscious Incompetence at PwC here in the future. In the meantime, I invite any of my cybersecurity contacts who finds that the environment I described resonates with them to contact me. I’d love to discuss with you what working at PwC is like.

marin@5g.security | Website | Other articles

Marin Ivezic is a Cybersecurity & Privacy Partner in PwC Canada focused on risks of emerging technologies. He leads PwC’s global 5G cybersecurity efforts as well as industrial, IoT and critical infrastructure cybersecurity services in the region. All these focus areas are being transformed with the emergence of 5G, massive IoT (mIoT) and critical IoT (cIoT). Marin worked with critical infrastructure protection organizations in a dozen countries, 20+ of the top 100 telecom companies, and a number of technology companies on understanding the geopolitics of 5G; uncovering as-yet-unknown security and privacy risks of 5G, AI and IoT; and defining novel security and privacy approaches to address emerging technology risks.