We read about cybersecurity in the news almost every day as organizations and governments around the world continue to get hit with ransomware, scams, and cyber attacks. There is a huge demand for people trained in cybersecurity to help defend against these growing threats. In fact, recent studies estimate that there are almost 3 million cybersecurity job openings globally.
Have you considered a career as a cybersecurity professional? It is a fast-paced, highly-dynamic field with a huge number of exciting specialties to choose from. These positions include fields like forensics, awareness and training, endpoint security, critical infrastructure, incident response, secure coding, and policy. A career in cybersecurity also allows you to work almost anywhere in the world, with a variety of benefits and an opportunity to make a real difference
Do I need a degree in computer science?
Absolutely not. Many of the best security professionals have non-technical backgrounds. The key is a passion to learn; once you understand how technologies work (and break), you can better secure them. Cybersecurity is so exciting because you can start learning at your own pace in the comfort of your own home.
How do I get started?
Start exploring different areas to discover your interests. You can often start with just the computers or devices you have at home.
Systems: Learn the basics of administering an operating system, such as Linux or Windows. If you really want to nerd out, build expertise through the command line interface and scripting.
Applications: Learn how to configure, run, and maintain applications, such as web servers.
Networking: Discover how computers and devices talk to each other by capturing and analyzing network traffic. This can be great fun as your home is most likely already a networked environment with all sorts of devices connected to it.
Cloud Technologies: Learn how cloud services work and the different ways they can be leveraged.
Set up your own lab at home. You can use online cloud resources, such as Amazon's AWS or Microsoft’s Azure, or you can create multiple virtual operating systems on the same physical computer with virtualization services. If you want to work directly with hardware, purchase simple, cheap computers like the Raspberry Pi or Arduino. Once you get your systems up and running, start interacting with them and learn everything you can about configuring and optimizing them, or start programming and creating code on these systems. There is no right or wrong way to start, just follow where your interests take you.
Another great way to get started is to meet and work with others in cybersecurity. Consider attending a local cybersecurity conference or a virtual ‘con’ such as Bsides or SANS New2Cyber. The hardest part is finding that first event or meet-up. Once you attend, connect with other attendees and grow your professional network.
Other options for learning cybersecurity include YouTube videos, listening to podcasts, visiting online
forums, subscribing to blogs from security professionals, or participating in online Capture the Flag (CTF)
events. Ultimately, do not let your education or background hold you back. A passion to learn and help
others, as well as the ability to “think outside of the box” are key attributes. Once you start developing
your technical skills and meet with others, the opportunities will come.
Lodrina Cherne (@hexplates) is the Principal Security Advocate at Cybereason, driving innovation
and development of best practices related to cybersecurity standards and policy. She is also a
Certified Instructor at the SANS Institute where she helps information security professionals
advance their foundational understanding of digital forensics and incident response (DFIR).