Welcome To Our Resource Designed To Help YOU Get Started in Cybersecurity
In this resource you’ll learn that you can absolutely have a career in Cybersecurity.
We’ve created a website and a MUCH bigger (and better!) resource called “Breaking Into Cybersecurity”. Rather than give you a ton of things to read we went straight to the heart of the matter and interviewed a whole bunch of professionals that are working in Cybersecurity and we asked them how they got started!
We strongly encourage you to hit up our new resource which is specifically designed for those new to the Information Security industry.
The text below is the original article which we wrote several years ago. Again, we really encourage you to visit our new website and resource which is specifically aimed at helping those with limited IT experience start a career in InfoSec.
Starting any type of career can be a daunting prospect.
Very likely we can all agree on two things: do something you love doing, and, it takes time and dedication to achieve your goals.
Breaking into cybersecurity is no different than any other career path or profession. In fact, in some ways, we’d even argue that Cybersecurity as a career starting choice is a sensible move because as long as you can satisfy certain requirements, you’ll be good to go!
This post is for people that:
- Have No Experience With Cybersecurity (Ethical Hacking)
- Have Limited Experience (Typically as an Admin).
- Those That Just Can’t Get A Break
OK, let’s dive into the post and suggest some ways that you can get ahead in Cybersecurity.
First off, let’s just agree that saying ‘a Career in Cybersecurity’ is a bit like saying ‘a Career in Banking’, i.e. it’s an umbrella term that incorporates dozens of niches within the industry. In Cybersecurity we can, for example, talk about digital forensics as a career, or malware/ software detecting, auditing, pentesting, social engineering and many other career tracks. Each of these sub-categories within cybersecurity deserves a separate blog post, but, for the purposes of this piece, let’s focus on some important generic requirements that everyone needs before embarking on a successful career in IT Security.
Do You Have No Experience With Regards To Cybersecurity?
If you have no experience don’t worry. We ALL had to start somewhere, and we ALL needed help to get where we are today. No one is an island and no one is born with all the necessary skills. Period.
OK, so you have zero experience and limited skills…our advice in this instance is that you teach yourself some absolute fundamentals. Teach yourself TCP/ IP, programming, coding, markup and as many technologies as you can! Our #1 advice for those with limited experience is to get your head around hacker tools and learn how to use them effectively.
Metasploit, nmap and Burp Suite are three great examples of platforms that can be used to perform security testing of web applications and network vulnerabilities. Understanding why there is a vulnerability will catapult your knowledge, confidence and your skills in being able to detect (exploit) and patch (remediate) breaches and other ‘common’ security problems.
Where can you learn the skills? Here are a bunch of resources to get you going:
- SANS CyberAces
- Introduction to Practical Hacking and Penetration Testing [YouTube: Eli the Computer Guy]
If you are completely new, we’d suggest watching the above video by Eli the Computer Guy and then watching some quality videos on SecurityTube. If you can master certain tools then you’ll be ready to start to put your skills to good use!
Where can you practice your self-taught skills? Here are a bunch of resources to get you going:
Once you’ve taught yourself hacking skills then go ahead and test them (legally) on purposely made Vulnerable Platforms. The aim of these platforms that are purposely vulnerable is that they allow novices and those with limited cyber experience to sharpen their penetration testing skills.
- Damn Vulnerable Web Application (DVWA)
- Google Gruyere (Web Application Exploits and Defenses)
- The ButterFly – Security Project
- Concise List Of Over 20 Vulnerable Hacking Platforms
To recap and summarize the above, the key objective for those that are interested in starting a career in cybersecurity but have zero experience, is to teach yourself the fundamentals and better still, to become proficient in learning how to code, program and use specific tools that are mentioned above so that you can confidently implement and use them in the field.
The next goal is to obviously find a job! We would recommend applying for as many ‘entry-level’ IT jobs as possible since once you have your ‘foot-in-the-door’ you can begin to migrate into security with relative ease as long as you do what we outline in the next section.
Do You Have Limited Experience (as an IT Admin) And Want To Break Into Cybersecurity?
Many of our readers and students are already working in IT and are keen to break into IT Security. The good news here is that that is entirely possible. Here is one relatively solid fact and we welcome all thoughts on this: typically no one ‘starts a career in cybersecurity’. It is much more common to migrate into security than simply start in the space from the ‘get-go’.