homepage
Open menu
Go one level top
  • Train and Certify
    Train and Certify

    Immediately apply the skills and techniques learned in SANS courses, ranges, and summits

    • Overview
    • Courses
      • Overview
      • Full Course List
      • By Focus Areas
        • Cloud Security
        • Cyber Defense
        • Cybersecurity and IT Essentials
        • DFIR
        • Industrial Control Systems
        • Offensive Operations
        • Management, Legal, and Audit
      • By Skill Levels
        • New to Cyber
        • Essentials
        • Advanced
        • Expert
      • Training Formats
        • OnDemand
        • In-Person
        • Live Online
      • Course Demos
    • Training Roadmaps
      • Skills Roadmap
      • Focus Area Job Roles
        • Cyber Defence Job Roles
        • Offensive Operations Job Roles
        • DFIR Job Roles
        • Cloud Job Roles
        • ICS Job Roles
        • Leadership Job Roles
      • NICE Framework
        • Security Provisionals
        • Operate and Maintain
        • Oversee and Govern
        • Protect and Defend
        • Analyze
        • Collect and Operate
        • Investigate
        • Industrial Control Systems
      • European Skills Framework
    • GIAC Certifications
    • Training Events & Summits
      • Events Overview
      • Event Locations
        • Asia
        • Australia & New Zealand
        • Latin America
        • Mainland Europe
        • Middle East & Africa
        • Scandinavia
        • United Kingdom & Ireland
        • United States & Canada
      • Summits
    • OnDemand
    • Get Started in Cyber
      • Overview
      • Degree and Certificate Programs
      • Scholarships
    • Cyber Ranges
  • Manage Your Team
    Manage Your Team

    Build a world-class cyber team with our workforce development programs

    • Overview
    • Why Work with SANS
    • Group Purchasing
    • Build Your Team
      • Team Development
      • Assessments
      • Private Training
      • Hire Cyber Professionals
      • By Industry
        • Health Care
        • Industrial Control Systems Security
        • Military
    • Leadership Training
  • Security Awareness
    Security Awareness

    Increase your staff’s cyber awareness, help them change their behaviors, and reduce your organizational risk

    • Overview
    • Products & Services
      • Security Awareness Training
        • EndUser Training
        • Phishing Platform
      • Specialized
        • Developer Training
        • ICS Engineer Training
        • NERC CIP Training
        • IT Administrator
      • Risk Assessments
        • Knowledge Assessment
        • Culture Assessment
        • Behavioral Risk Assessment
    • OUCH! Newsletter
    • Career Development
      • Overview
      • Training & Courses
      • Professional Credential
    • Blog
    • Partners
    • Reports & Case Studies
  • Resources
    Resources

    Enhance your skills with access to thousands of free resources, 150+ instructor-developed tools, and the latest cybersecurity news and analysis

    • Overview
    • Webcasts
    • Free Cybersecurity Events
      • Free Events Overview
      • Summits
      • Solutions Forums
      • Community Nights
    • Content
      • Newsletters
        • NewsBites
        • @RISK
        • OUCH! Newsletter
      • Blog
      • Podcasts
      • Summit Presentations
      • Posters & Cheat Sheets
    • Research
      • White Papers
      • Security Policies
    • Tools
    • Focus Areas
      • Cyber Defense
      • Cloud Security
      • Digital Forensics & Incident Response
      • Industrial Control Systems
      • Cyber Security Leadership
      • Offensive Operations
  • Get Involved
    Get Involved

    Help keep the cyber community one step ahead of threats. Join the SANS community or begin your journey of becoming a SANS Certified Instructor today.

    • Overview
    • Join the Community
    • Work Study
    • Teach for SANS
    • CISO Network
    • Partnerships
    • Sponsorship Opportunities
  • About
    About

    Learn more about how SANS empowers and educates current and future cybersecurity practitioners with knowledge and skills

    • SANS
      • Overview
      • Our Founder
      • Awards
    • Instructors
      • Our Instructors
      • Full Instructor List
    • Mission
      • Our Mission
      • Diversity
      • Scholarships
    • Contact
      • Contact Customer Service
      • Contact Sales
      • Press & Media Enquiries
    • Frequent Asked Questions
    • Customer Reviews
    • Press
    • Careers
  • Contact Sales
  • SANS Sites
    • GIAC Security Certifications
    • Internet Storm Center
    • SANS Technology Institute
    • Security Awareness Training
  • Search
  • Log In
  • Join
    • Account Dashboard
    • Log Out
  1. Home >
  2. Blog >
  3. Top 5 Steps to Immerse yourself into the cybersecurity field
SANS_Filler_Avatar.jpg
SANS Institute

Top 5 Steps to Immerse yourself into the cybersecurity field

We asked several cyber professionals, including some of our SANS Instructors to give us the most important steps to get into cyber. Here are the top 5

April 13, 2021

5steps.png

Now more than ever, cybersecurity and infosec careers are in great demand; and this industry is broad with a variety of skills needed. In addition, cybercrime never stops, technology changes rapidly, and this industry is never boring.

This also means practically every industry out there needs professionals like you. Not only will you have plenty of work but also a sense of accomplishment to know you are part of a greater good.

We asked several cyber professionals, including some of our SANS Instructors to give us the most important steps to get into cyber. From an extensive list, we are providing the top five. And side-note, there’s a lot of information here, so take your time to read and start one step at a time.

1.png

Take the time to watch webcasts and YouTube videos, read blogs, and start googling when something piques your interest.

- Webcasts

  • sans.org/webcasts, In particular, The 14 Absolute Truths of Security & Security Essentials Core Concepts
  • Your 5-year path – John Strand from Black Hills InfoSec
  • CAREERS IN CYBERSECURITY - ADVICE FROM DEFCON 24

- YouTube

  • SANS – Also numerous sub-channels DFIR | Pen Testing | ICS | Blue Team | Cloud Security
  • IT Career Questions

- Blogs

  • sans.org/blog In particular, So You Wanna Be a Pen Tester? 3 Paths To Consider
  • Reading Room – The SANS Reading Room features over 3,010 original computer security white papers.
  • This Week in 4n6: A weekly blog all DFIR
  • Newsbites - SANS NewsBites is a semiweekly high-level summary of the most important news articles on computer security during the last week.
  • Brian Krebs – His website will expose you to a whole new world.
  • HECFBlog – David Cowen dives deep into Digital Forensics

- Podcasts

  • Trust Me. I’m Certified – brought to you by GIAC Certifications, a podcast exploring how to conquer imposter syndrome.
  • Blueprint Podcast - Build the Best in Cyber Defense, A Podcast by John Hubbard
  • Security Weekly – Connecting the Security Industry with the Security Community


SANS instructors produce thousands of free content-rich resources for the information security community annually. Find them at sans.org/free

2.png

It’s important to learn the core concepts and get hands-on. Familiarize yourself with Windows, Linux, Coding Languages, and Networking. How?

  • Build a Home Lab – Jeff McJunkin walks you through it here 

Webcasts on Topic:

      • Building Your Own Super-Duper Home Lab
      • Building an Enterprise Grade Home Lab
  • Learn Coding & Networking - So many free resources, just start googling
  • Learn Linux Basics – Watch Intro to Linux and other free resources
  • Holiday Hack Challenge – You can go through the past 5 years challenges, just be careful of spoilers online
  • Participate in Cyber Ranges - NetWars and Security Innovations are both great.
  • Download Free Tools – Play around with open source tools like SIFT Workstation. SANS Faculty has created over 150 free tools. Find them here.
  • Check out Aman Hardikar’s Mind Map to practice InfoSec skills online
  • CyberStart – Geared toward finding the next leaders in cybersecurity

3.png

Industry Experts and mentors can open a world of tools, topics, and events that you wouldn’t otherwise be aware of.

SANS Instructors are very active on Twitter and a great place to start. Here are some of our most active:

James Lyne | Eric Zimmerman | Lenny Zeltser | Katie Nickels | Josh Wright | Larry Pesce | Chad Tilbury | Ed Skoudis | Rob Lee | Tim Medin | Heather Mahalik | Stephen Sims | Chris Crowley | Mark Baggett | Eric Conrad | Robert M Lee | Jeff McJunkin | Micah Hoffman | Lance Spitzner | Johannes Ullrich | Sarah Edwards

And some other favorites:

Keith Palmgren | Lesley Carhart | Brian Krebs | Doc Blackburn | Rachel Tobac | Ian Reynolds | John Strand | Bruce Schneier | Nick Mitropoulos | Rob Fuller | Bryan Simon

And don’t forget SANS Twitter accounts:

SANS | SANSNew2Cyber | SANSCloud | SANSDefense | SANSDFIR | SANSICS | SANSLeadership | SANSPenTest | SANSEMEA | SANSAPAC

4.png

There are so many great IT Security conferences, and many of them post their content online afterward.

SANS is pleased to offer a variety of virtual training events for the global cybersecurity community. Explore upcoming Summits, Forums, and Solutions Tracks, and start making plans to level up your knowledge, hands-on skills, and industry connections. View the current listing here.

BSides – Countless dates and locations

Wild West Hackin’ Fest – Welcome to both seasoned experts and those new to the industry

5.png

 Get involved with groups, MeetUps, Lists, Forums, and LinkedIn Communities:

  • SANS DFIR LinkedIn Community: Keep up with the latest of Digital Forensics & Incident Response, look for jobs, training and more
  • SANS DFIR Discussion list - This list is intended to provide SANS Alumni with access to a forum to ask questions related to Digital Forensics, Incident Response, and Reverse Engineering Malware. SANS is dedicated to helping build communities. The digital forensics community is a growing field and it is useful to help grow your knowledge that you invested so much of your time into.
  • SANS Industrial Control Systems Community Forum: Participate in the SANS ICS Community Forum where ICS professionals discuss current security events, share tips, ask questions, and connect with others passionate about securing the critical infrastructure
  • AFCEA Chapters - AFCEA provides a forum for military, government, and industry communities to collaborate so that technology and strategy align with the needs of those who serve.
  • InfraGard Local Chapters - The InfraGard program provides a vehicle for seamless public-private collaboration with the government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure.
  • ISACA Local Chapters - ISACA offers access to resources and a community of experts committed to lifetime learning and career progression to help you stay up to date.
  • ISSA Chapter Directory - ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk, and protecting critical information and infrastructure.
  • OWASP Chapters Program- The OWASP Foundation works to improve the security of software through its community-led open-source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences.

6.png

Ok – there’s a #6 as a bonus

Get Training and Certification

SANS offers an accredited college certificate – the Undergraduate Certificate in Applied Cybersecurity from the SANS Technology Institute – that guides you through a sequence of four courses. The program includes an introductory course plus three SANS courses leading to GIAC certifications that provide the foundational knowledge and hands-on skills needed to launch a cybersecurity career. The program also serves as a pathway to the SANS.edu master’s degree program and job-specific graduate certificate programs. A 100% online option is available. Applications are accepted monthly.

“I was having a hard time getting a job in information security due to my lack of hands-on experience. SANS gave me extraordinary training and the opportunity to rise to the top of the résumé pile.” – AJ Langlois, BB&T


SANS Security Essentials courses are designed to provide a range of topics to help you grasp foundations quickly and fill critical knowledge gaps. The certifications associated with the courses provide assurance to employers that their prospective hires can actually do the job. Below is a list of SANS foundational courses and certifications, with supporting resources that can help you get started, and that might give you an idea of the path that interests you the most:


SANS Foundations

SANS Foundations is the best single course available to learn the core knowledge and develop practical skills in computers, technology, and security fundamentals that are needed to kickstart a career in cybersecurity. The course features a comprehensive variety of innovative, hands-on labs and practical exercises that go far beyond what is offered in any other foundational course in cybersecurity. These labs are developed by leading subject-matter experts, drawing on the latest technology, techniques, and concepts in cybersecurity.

The course provides students with the practical learning and key skills to empower future cybersecurity learning and professional development.

“I think the biggest value add for SANS Foundations was simply how comprehensive it was. It covered a lot of topics, but each was covered in enough depth for a better handle on the basics without being overwhelming.” - U.S. government federal law enforcement professional


SEC301: Introduction to Cyber Security will teach you real-world cybersecurity fundamentals to serve as the foundation for your career skills and knowledge for years to come.

Course Demo | GIAC Information Security Fundamentals (GISF)

“Coming from a non-cybersecurity background, this course was perfect for setting my cyber foundation.” – Marco Godinez, Discover Financial

“The best parts of this class are the real-world examples and historical events, which illustrate how these course topics are applicable and why they are important to learn/understand.” – Gia M.

SEC401: Security Essentials Bootcamp Style teaches you the essential information security skills and techniques you need to protect and secure your organization's critical information assets and business systems.

Course Demo | GIAC Security Essentials (GSEC)

"SEC401 took what I thought I knew and truly explained everything to me. Now, I also UNDERSTAND the security essentials fundamentals and how/why we apply them. Loved the training, cannot wait to come back for more." - Nicholas Blanton, ManTech International

"SEC401 provides an excellent overview of security fundamentals delivered by experienced industry professionals." - Jathan Watso, Department of Finance

Brand New Course! FOR308: Digital Forensics Essentials will teach you fundamentals of Digital Forensics & Incident Response, including what digital data is, how to find it, acquire it, preserve it, and most importantly, how to understand it and explain findings.

Course Demo

“FOR308 was valuable as it filled in many gaps in my experience and it set a good foundation of the basics to which I can build upon, I enjoyed the acquisition, and validation section.” - Carla Dawn, FOR308 student

“FOR308 is packed with technical information and covers aspects necessary for those taking their first steps in the digital forensics as well as those who think about leading teams in the field. An overall good balance of theory to practice, delivered in a very professional manner.” -Wiktor Kardacki, 6point5


Hope this information and resources help you in your quest to become the next cybersecurity professional!

Share:
TwitterLinkedInFacebook
Copy url Url was copied to clipboard
Subscribe to SANS Newsletters
Receive curated news, vulnerabilities, & security awareness tips
United States
Canada
United Kingdom
Spain
Belgium
Denmark
Norway
Netherlands
Australia
India
Japan
Singapore
Afghanistan
Aland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius, and Saba
Bosnia And Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Cook Islands
Costa Rica
Croatia (Local Name: Hrvatska)
Curacao
Cyprus
Czech Republic
Democratic Republic of the Congo
Djibouti
Dominica
Dominican Republic
East Timor
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard And McDonald Islands
Honduras
Hong Kong
Hungary
Iceland
Indonesia
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Republic Of
Kosovo
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia, Federated States Of
Moldova, Republic Of
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Oman
Pakistan
Palau
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Reunion
Romania
Russian Federation
Rwanda
Saint Bartholemy
Saint Kitts And Nevis
Saint Lucia
Saint Martin
Saint Vincent And The Grenadines
Samoa
San Marino
Sao Tome And Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Sri Lanka
St. Helena
St. Pierre And Miquelon
Suriname
Svalbard And Jan Mayen Islands
Swaziland
Sweden
Switzerland
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad And Tobago
Tunisia
Turkey
Turkmenistan
Turks And Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United States Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis And Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zambia
Zimbabwe

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Recommended Training

  • ICS410: ICS/SCADA Security Essentials
  • SEC402: Cybersecurity Writing: Hack the Reader
  • MGT415: A Practical Introduction to Cyber Security Risk Management

Tags:
  • Cybersecurity Insights

Related Content

Blog
Cybersecurity Insights
January 16, 2023
The 17 Best Cybersecurity Podcasts
A list of cybersecurity-related podcasts.
Emily_Neuens_370x370.png
Emily Neuens
read more
Blog
Special_Broadcast_ChatGPT.png
Cybersecurity Insights
December 21, 2022
Q&A From SANS Special Broadcast: What You Need to Know About OpenAI's New ChatGPT Bot - and How it Affects Your Security
We had an influx of questions come in during our ChatGPT Special Broadcast on Wednesday, December 21. Here were those questions — and our responses.
370x370-person-placeholder.png
Emily Blades
read more
Blog
Blueprint_Podcast_-_Blog_-_Top_5_Blueprint_Podcast_Episodes_of_2022_-_340x340.jpg
Cyber Defense, Cybersecurity Insights
December 12, 2022
Top 5 Blueprint Podcast Episodes of 2022
This year Blueprint Podcast published 14 episodes with experts from across the cybersecurity industry. Here were the top-rated episodes of the year.
Emily_Neuens_370x370.png
Emily Neuens
read more
  • Register to Learn
  • Courses
  • Certifications
  • Degree Programs
  • Cyber Ranges
  • Job Tools
  • Security Policy Project
  • Posters & Cheat Sheets
  • White Papers
  • Focus Areas
  • Cyber Defense
  • Cloud Security
  • Cybersecurity Leadership
  • Digital Forensics
  • Industrial Control Systems
  • Offensive Operations
Subscribe to SANS Newsletters
Receive curated news, vulnerabilities, & security awareness tips
United States
Canada
United Kingdom
Spain
Belgium
Denmark
Norway
Netherlands
Australia
India
Japan
Singapore
Afghanistan
Aland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius, and Saba
Bosnia And Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Cook Islands
Costa Rica
Croatia (Local Name: Hrvatska)
Curacao
Cyprus
Czech Republic
Democratic Republic of the Congo
Djibouti
Dominica
Dominican Republic
East Timor
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard And McDonald Islands
Honduras
Hong Kong
Hungary
Iceland
Indonesia
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Republic Of
Kosovo
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia, Federated States Of
Moldova, Republic Of
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Oman
Pakistan
Palau
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Reunion
Romania
Russian Federation
Rwanda
Saint Bartholemy
Saint Kitts And Nevis
Saint Lucia
Saint Martin
Saint Vincent And The Grenadines
Samoa
San Marino
Sao Tome And Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Sri Lanka
St. Helena
St. Pierre And Miquelon
Suriname
Svalbard And Jan Mayen Islands
Swaziland
Sweden
Switzerland
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad And Tobago
Tunisia
Turkey
Turkmenistan
Turks And Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United States Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis And Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zambia
Zimbabwe

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
  • © 2023 SANS™ Institute
  • Privacy Policy
  • Contact
  • Careers
  • Twitter
  • Facebook
  • Youtube
  • LinkedIn