By: Shimon Brathwaite
January 4, 2022
Cybersecurity: Is It Easy To Learn?
By: Shimon Brathwaite
January 4, 2022
Cybersecurity has grown in popularity and notoriety dramatically in the last few years. Thanks to events like the suspected hacking of the US election, data breaches of companies like Google, Facebook, etc., and the constant threat of computer viruses, cybersecurity has exploded as an industry. The cybersecurity market is expected to grow by 35X over the next 13 years, and this is a growth of billions if not trillions of dollars. This makes it one of the best industries you could choose to start a career. Now, many people are intimidated by tech fields. Whenever you see a computer hacker or programmer on TV, you see a black screen with lines of code and many moving parts, which can be discouraging for someone not from a technology background. I would like to encourage you not to be intimidated by these things. Many people have tremendous success in cybersecurity that don't come from a technology background, and many of them never get into the very technical work. I can't promise you that cybersecurity will be easy to learn, but I can promise you that it is doable, and in this article, I'm going to explain some of the best ways to learn cybersecurity. Source @ forbes
What does it mean to learn cybersecurity?
The first thing I want to address is what is cybersecurity. For those who have never heard a formal definition, cybersecurity is everything you do to protect your company's assets from digital threats. It ranges from technical work like configuring firewalls, networking, etc., to security policy, reporting and analytics, sales engineers, communications, and other soft skills orientated jobs. To effectively learn, what you want to focus on is understanding three main things:
1) The attacker's goal: You should understand what assets hackers like to target and what their goal is in doing so. As an example, one of the main things hackers want to target is Personally Identifiable Information (PII), which can be extracted and resold for a profit or used to extort the company via ransomware.
2) How they perform their attack: You should know how cyberattacks work, whether you work on the offensive or defensive side. This will make you more effective in fixing the issues that allow them to happen. Common cyberattacks include Ransomware, DDOS, Cross-Site Scripting, SQL injection, and phishing attacks.
3) How digital assets are protected: You want to comprehend the processes and software solutions used to protect assets from attack. Your ability to know and help implement these practices is what people within the industry are paid to do. It would help if you learned things like the CIA triad, the principle of least privilege, security by design, and other concepts like that. When it comes to technology, work with a computer network, firewall, IDS/IPS, SIEM, etc.
How to learn Cybersecurity easily.
Bootcamps are one of the best ways to learn cybersecurity because you do a full-time immersive experience. In addition, they allow you to get up to date on the latest technology, and most of them help facilitate your transition into the workplace.
Websites like Cybrary and Udemy are great for taking online courses on these topics that interest you. Compared to boot camps, these are incredibly cheap, and you can take them at your own pace, in your own home. For example, Cybrary has a ton of courses on all sorts of cybersecurity topics that you can learn.
Another way to get good quality content that employers will respect is to get professional certifications. In particular, some good ones for a beginner are the CEH, Security+, and CySA+ certifications that give you good fundamental knowledge. They also don't have the strict experience requirements that other certifications like the CISSP, so it won't be as difficult for you to obtain them as a beginner.
Youtube and Google are the two of the best places for gathering knowledge. Anything you want to know related to cybersecurity can be learned and explained on these two platforms. I recommend youtube because you can watch people perform specific actions and follow along with walkthroughs by watching youtube videos. Especially in penetration testing, this is a great way to learn about vulnerabilities, exploits, and how to hack computers if that's an area that you are interested in.
Use platforms like hackthebox, vulnhub, or codewars to get hands-on practice doing work. Studying and reading will only get you so far. You need experience working with the software, hacking into the systems, writing code, and recording this work in some portfolio that you can show an employer/client.
How to be an effective self-learner
If you're interested in self-studying cybersecurity, there is one crucial concept that I would like to share: if you want to retain information, then you need to practice. Studying by reading information is one of the most inefficient ways of learning and keeping information. Some people estimate that we retain as little as 10% of what we read on average. If you want to learn as efficiently as possible, you need to practice it. This means doing labs, writing code, performing the cyberattacks yourself on authorized web servers, etc. This way, you will maximize the time you spend self-studying, and you will be more successful if you choose to take a Bootcamp, professional certifications, go to college, etc. Source @ elearningindustry
Cybersecurity is not difficult to learn; it simply takes time. Although not everyone who wants to get into the field needs a computer hacker's expert knowledge or IQ, ordinary people who dedicate a few hours a week can get the knowledge they need to enter and do well in this field. Furthermore, you have many options to learn about it outside of a regular college program; this includes boot camps, professional certifications, and self-studying online. Regardless of what path you choose, make sure that you actively practice your learning skills to retain as much information as possible.