Get Started in Cybersecurity
Launch into your learning process by finding the right resources and build a plan that works.
The Questions this Webpage Addresses
Where do I start?
What is Cybersecurity?
Which path should I pursue?
What is Cybersecurity?
Definition: “Cybersecurity is the art of protecting networks, devices, and data from unauthorized access through the practice of confidentiality, integrity, and availability of information.”
The 3 Key Elements in Cybersecurity
Confidentiality
Ensuring only authorized users have access to read information.
Integrity
Allow authorized users to modify information.
Availability
Authorized users are able to access information on a as-needed basis.
Ensuring the confidentiality, integrity, and availability of a network, different devices, and data is the core to cybersecurity. All three conditions make up what we know as cybersecurity. One condition is not necessarily better than the other. Ensuring confidentiality, integrity, and availability is often referred to as the CIA Triangle or Triad. In addition to the CIA Triad, other conditions such as non-repudiation and authorization are equally important to maintain an effective cybersecurity posture.
Cybersecurity isn’t all about “hacking”
Although cybersecurity often involves what we like to depict as “hacking”, there is much more involvement than simply hacking into computers, networks, and companies.
Cybersecurity considers specific risks posed an organization
Performing accurate risk assessments is an important element to cybersecurity. Identifying, evaluating, and mitigating specific risks posed to an organization is one key element in cybersecurity. Risks can include both physical and digital elements.
Cybersecurity Domains
“Cybersecurity” represents a complete list of responsibilities, roles, and topics. Often referred to as the domains of cybersecurity, each element includes very specific goals and responsibilities to be accomplished. Within every domain are sub-domains. The responsibilities and tasks associated with each sub-domain contribute the larger goal of the top domain and ultimately the goal of cybersecurity. The below graphic is a simplified version of all the cybersecurity domains. Check out this graphic for more information on the various cybersecurity domains.
Is Cybersecurity the Right Career for You?
Now you have a very basic understanding of what cybersecurity is and how it is broken down into the various types of domains. Like any other career, cybersecurity careers demand a skill set and character qualities to be successful. Take this short quiz to find out if you have qualities and traits which align closely to what cybersecurity demands in professionals. It’s 25 questions long.
Cybersecurity Careers
Cybersecurity can be divided into several types of paths, specialties, and responsibilities. Each trait making up it’s own career title. Here are the most popular entry-level positions in cybersecurity.
Cybersecurity Analyst
Detects and prevents cyber threats for a company
Incident Responder
A cyber firefighter who addresses security incidents and threats
Penetration Tester
Probes for and exploits security vulnerabilities to identify weaknesses in networks / systems
Security Auditor
Probes for the safety, effectiveness, and security compliance of a company
Security Specialist
Responsible for designing, testing, implementing, and monitoring the overall security posture of a company
Vulnerability Assessor
Scans applications and systems to identify any current vulnerabilities
Develop a Learning Plan and Start Now
Starting out in cybersecurity can be confusing and can leave you overwhelmed. You have hundreds of learning resources and options. Top that with not having any idea on which course / platform to start with… And what about the position you want to pursue? Oh, what about school or certifications or courses? Here’s what I recommend, make yourself a plan. Your plan will be different from the next reader who reads this article. What’s important is you have a plan catered towards your learning style. A learning plan which allows you to start now.
Explore and Learn Before Making a Signifigant Investment
It’s important to consider a university degree or certification, depending on which option works best for you. But before you make a major investment into university or certification training, I would highly recommend you start out by simply taking the next few months and learning more about the cybersecurity industry. You could be at university right now, in high school, and in another career. The setting you are in right now does not matter. This learning can be free, paid, online, or in the form of a book, it doesn’t matter… What does matter is you learn more about the industry before you make major investments to get into the industry.
List of Great Resources to Get Started With
Online Learning Platforms
StationX: Offers 90+ courses, bundled course packages (typically 3 – 6 courses), general cybersecurity training, cybersecurity focused ⭐
PluralSight: Hundreds of online courses, monthly subscription, “all in one” learning platform, good for certification study, not necessarily all cybersecurity focused
Cybrary: Best free online cybersecurity training, general cybersecurity training, good resource for certifications, cybersecurity focused, one of the most popular online cybersecurity training platforms ⭐
Udemy: Cheap and free courses, general cybersecurity training, good for certification study, have lots of options, not necessarily all cybersecurity focused
Coursera: Free online cybersecurity courses, university training, general cybersecurity training, scheduled curriculums, certification vouchers (certification of completions), lots of option, Massive Open Online Courses (MOOC)
edX: Free online cybersecurity courses, university training, general cybersecurity training, scheduled curriculumns, certification vouchers (certification of completions), lots of options, Massive Open Online Courses (MOOC)
CBT Nuggets: Great platform for certification study, certification vouchers, general I.T. training, cybersecurity certification training, certification material
Beginner Courses
Books
Ghost In The Wires: My Adventures as the World’s Most Wanted Hacker by Kevin Mitnick
Podcasts
Cybersecurity News Websites
[⭐] = My top selections per each category
Let’s Make a Four-Step Plan
You now have some resources to choose from. Let’s go ahead and make a plan.
Step 1
Take out a piece of paper. Pick one of the above mentioned resources from each category. Write down your four resources on this piece of paper.
Step 2
Next to the listed resources you have written down, allocate a specific amount of dedicated time you will spend each day or week on learning from that resource.
Step 3
Title this paper, “My plan to learn more about cybersecurity” and place this paper in a place where you will be able to see it every day.
Step 4
Time to start learning! You have a plan set into place now. Getting started in cybersecurity does not have a very sophisticated, well-orchestrated plan. Approach your plan with simplicity.
Common Questions
Here are some of the most common questions I recieve from individuals who are considering the idea of getting started in cybersecurity.
How do I get started in cybersecurity?
Look above. My recommendation, don’t wait for a university or certification program to teach you. Start learning now! Pick a resource, grab a notebook, and dedicate 30 minutes of your day to learning more about cybersecurity.
What’s the best school for cybersecurity?
Simple answer, a variety of schools. Check out this website if you are in the United States and want to look into cybersecurity degrees.
Do I need a college / university degree?
Considering a university student is writing this response, this answer may be a bit bias. I don’t think you have to have a college / university degree. However, I would strongly encourage you to consider college if you are between the ages of (18 – 22) and do not hold a degree.
I suck at programming… Does that mean I can’t succeed in cybersecurity?
Programming is used in cybersecurity. Is it used for every single task, job, and career? No. You can be very successful in cybersecurity without having the knowledge of programming. I would encourage you to learn programming, but it’s not required.
What certification should I start with?
If you have looked into security certifications, you will know there are a lot options out there. Here’s what I suggest, look into a certification which holds credibility and real value in the industry. A lot of people view the Offensive Security Certified Professional (OSCP) as a credible, valuable certification for example.
Which major is best for cybersecurity?
The easy answer to this question is several. I would advise looking into a technology-related major if you know you want to get in cybersecurity. Popular majors include computer science, computer information systems, business information systems, software engineering, cybersecurity, and security assurance.
Should I get a Master’s in Cybersecurity?
Unless you are striving to be in the academic industry (such as a professor or researcher for a university), I would advise on not doing a Master’s in Cybersecurity. After you have an Associates or Bachelor’s level degree, certifications are your next best option.
I can’t afford online training. Can I still learn more about cybersecurity?
Of course! There are some great, free resources out there which you can learn from. My recommendation is to look at the above resources and choose one to start out with. I also did a video about free cybersecurity resources.
I don’t have past experience in I.T. Can I still get into cybersecurity?
Entry-level cybersecurity positions aren’t the most common. Often times, you will see companies requiring a minimum amount of past I.T. or I.T. security experience. I personally think you can. Here’s how. Build your own “experience.” Build out your own little home lab.
How do I get an internship in cybersecurity?
I made a website on just this topic. Go check it out here and see what kind of methods you can use to make yourself marketable and stand out against the competition.
The list of questions can keep going… So if you have a specific question, go ahead and email me (grant@cybercademy.org)