There’s so much talk about cyber security nowadays.
And many people want to start a cyber security career, but find themselves plagued with questions.
How hard is it? Is it for me? What do I have to do to be successful?
This is because cyber seems like such an advanced field.
However, there ARE people who have gone from zero tech knowledge to cyber industry leaders.
I decided to gather 10 of them and ask them one question:
“If you could give one piece of advice to someone new to tech looking to get into cyber security, what would you tell them?”
Let me tell you, the responses I received were amazing. They are listed below.
BONUS: Want a list of 121 (mostly free) resources for learning cyber security?
Get a Bonus resource. It’s 121 YouTube channels, blogs, books, and learning sites that I have used to learn cybersecurity. Believe me. The ones in this list are some of the best.
Grab the key security concepts
Stu Sjouwerman – CEO of KnowBe4
One quick tip is when you want to get into Cyber Security, know that you are learning a whole new language. You need to quickly grab the key concepts, learn the massive amount of acronyms that are being used, and learn to think fast with the data. Essentially you need to learn to think as an attacker and use those insights to defend your organization. Here is a glossary with the essential terms I have gathered together over the last 15 years, it’s focuses on malware, InfoSec, social engineering and security awareness training. Good luck and welcome to the team!
Glossary – https://www.knowbe4.com/knowbe4-glossary/
Be passionate about it
Ricardo Reimao – Cyber Security Specialist
If you ask me one tip for the folks starting into cybersecurity, I would say that you must love what you do. It may sound cliché, but it is a profession that requires you to be constantly studying and improving yourself. I love spending hours trying to understand a new technology and trying to “break it”, so for me staying up to date is a fun process. Apart from loving what you do, it is essential to have a very solid base, meaning, having a good understanding of operational systems, networks and coding. This will help you in all sub-areas of cyber security. Also, in my opinion, having hands-on experience is essential. Whenever taking a course, make sure to try each concept with your own hands. Virtual machines are your best friend here, create an environment where you can practice your skills.
Learn the bits and bytes
Christopher Burgess – Cyber Security Writer, Speaker, Podcaster
Someone new to technology, and interested in cybersecurity, requires a firm foundation in the basics of information technology. That is to say, first learn how the bits and bytes move about. I would recommend starting with end point device knowledge, as the most immediate payoff for all are securing the devices they use every day. This knowledge will force the ancillary understanding that the only true security is to throw the device away, and that everything is resource driven, and those with the most resources “should” have the most secure devices (but they don’t always) and those with minimal resources are able to secure their devices (though they don’t always).
There’s more than just tech
Jake Williams – Security Consultant/Owner Rendition Infosec, SANS Instructor
Writing is far more important than people realize. Every infosec job requires that we communicate our findings, and most of that happens in writing. I’ve seen some really talented people get passed by for promotions because they write worse than their (less technically talented) peers. It’s so important that a writing sample is something we ask every applicant for at Rendition Infosec.
Stand out and communicate
Ryan Manship – President at Red Team Security
Differentiate yourself in a meaningful way. Example: be involved in something outside of class and lead if able! Also, ensure you work on your written and verbal communication skills (especially in IT/CyberSec).
Don’t be afraid to ask
Ken Underhill – Master Instructor at Cybrary
I would tell them to ask for help. Go to meet-ups and conferences, tell people they’re new, and ask for good things to study and ask for people to let them know about job opportunities. Also, think outside the box. You might have to take a non-cyber position to get your foot in the door. Be ok with that. Finally, never stop learning. I’m teaching people hacking and still take courses from others to learn.
Don’t let ego stop your cyber security career
Chris Roberts – Security Advisor
“Always ask another question” Probably the simplest and most useful thing that ALL of us could learn. Put the macho, testosterone attitude aside and ask another question because 1/2 the audience or the folks in the room are probably also thinking the same damm thing.
Experiment every day
Marc Castejon – CEO of Silent Breach
I think that if they are new to tech, I would recommend them to look at software development as a first approach. Understanding some underlying mechanisms that hackers abuse is key to grasping what cyber security is about. As a second step, I would recommend they look into the different certifications that are around, such as OSCP or CEH. These can bring a lot of credibility in that space .. And finally, it’s important to be hands on, and experiment on a daily basis. Practice makes perfect.
A successful cyber security career is up to you
Ron Woerner – Chief Cybersecurity Consultant at RWX Security Solutions
A-B-C = Always Be Curious Keep learning. Everywhere, everything, and everyone can be a teacher. This means doing your homework, reading and practicing every chance you get. Reach out to others you admire and ask for help. There’s no right or wrong way to start in cybersecurity. The key is to take that first step and keep moving forward. Your success is up to you.
Test the field first
Grant Collins – Founder of Cyber Intern Academy
My one tip to new students: Start small and see if you are actually interested in a cybersecurity career. Often times, I believe we have misconceptions in this industry, thinking that once you get an I.T. certification or degree, you will be hired on as a skilled expert. This is far from the truth… As students, we need to start small and work our ways into the careers we desire and want. How do you start with this idea in mind? Begin with trying to spark an interest in the industry through online learning, reading books, and even reading the security-related news… From here, you will and can start to see if the whole idea behind “cybersecurity” is something you are interested in and want to pursue as a career. After this, begin with the idea of starting with an entry-level cybersecurity job… From this experience, you can transition and “hone your skills/direction” towards the cybersecurity career you desire.
College is NOT required
Joshua Burnett – CEO of Virescit Tactical Systems
College is NOT required! The time, brain power and monetary expense is just as formidable when applied to Industry certifications and experiential growth through immersion and employment. College is just one path to expertise in the field.
That’s an amazing collection of useful tips and advice, right?
Now I want to turn it over to you:
What are your tips and advice for someone looking to start a career in cyber security?
Let me know by leaving a comment below right now.
