By: Cybrary Staff
January 13, 2023
How to Start a Career in Cybersecurity
By: Cybrary Staff
January 13, 2023
“During the interview, I shared with them what I was doing on Cybrary. I was using Cybrary’s amazing free video courses, but all of the knowledge, skills, and abilities gained through the Cybrary subscription was essential to impressing the employer during the interview.”
- Gabrielle Hempel, Security Analyst at Accenture
Learn more about Gabby's Story:
- How Maryland's Cybrary Turned a Mechanic into a Cybersecurity Analyst in 3 Months
- [The US has nearly 1 million open IT jobs—here’s how much it can pay off to switch industries into tech
The Cybesecurity Starter Pack
Created by Cybrary's Chief Mentor and community member, Joseph White
If you know nothing at all about IT or Cybersecurity then you have a bit of work ahead of you. The goal of this “starter pack” is to help you learn some critical terms and skills that you will use throughout your new career. This is not about job training or certification. This is laying the foundation for everything else you plan to learn. Invest in your foundation, as it will serve you well.
1.) Watch Introduction to IT & Cybersecurity (2hr)
- This course will give you a great fly-over of the careers available in IT and Cybersecurity.
2.) Watch Command Line Basics (2hr)
- This course will "cover the most common Windows and Linux commands used to gather information, manipulate data, and configure systems to your needs." Almost everything you do in IT or Security will involve the command line, so the sooner you embrace this the better. Getting a good grasp of these commands should take no more than a week or two; the key is to get repetition using the command line.
- This course covers "Software, Hardware, Security, Network and Basic IT Literacy". The A+ is quite a long course, but remember it’s less about preparing for some certification; rather, getting exposure to the terms, concepts and skills that will be valuable as you start your career.
While watching the CompTIA A+ courses, I’d recommend reading the following books:
- This book "covers different types of attacks, common tactics used by online adversaries, and defensive strategies you can use to protect yourself. You’ll learn what security professionals do, what an attack looks like from a cybercriminal’s viewpoint, and how to implement sophisticated cybersecurity measures on your own devices.
- This book teaches "why and how to use fundamental open source and free tools such as ping, tracert, PuTTY, pathping, sysinternals, NMAP, OpenVAS, Nexpose Community, OSSEC, Hamachi, InSSIDer, Nexpose Community, Wireshark, Solarwinds Kiwi Syslog Server, Metasploit, Burp, Clonezilla and many more."
4.) Watch CompTIA Security+ - Module 1 (1 hr) Time to learn more about the art and science of cybersecurity.
5.) Watch CompTIA Security+ - Module 2 (1 hr) Learn about threats, attacks, and vulnerabilities.
6.) Watch Networking Fundamentals (2hr) This course is "a great starting point for anyone interested in learning entry-level networking skills and concepts."
7.) Watch CompTIA Security+ - Module 5 (1 hr) More important networking concepts and terms
Cybrary's CEO on exploring a potential career in cybersecurity:
The field of cybersecurity is broad, but can be broken down into Blue Team (the defenders), Red Team (ethical hackers / offense) and the Purple Team (a cross between the blue and the red).
Explore each of these areas and find out what you enjoy most, then focus on that. Do not neglect the other areas though. In order to excel in the field of cybersecurity you have to know a lot about a little bit (your area of expertise) and a little bit about a lot (all the other areas). While a lot of people are attracted to offensive cybersecurity, it is really common to start as a defender both because those jobs often create more approachable starting points but also because the number of defensive roles will generally be far more than their offensive counterparts.
You will need to know the fundamentals. Knowledge and skills in the following areas are table stakes:
- Operating Systems Fundamentals (Linux and Windows)
- Basic Computer Science concepts
- Coding Skills (python is a good one)
- Enterprise System Administration skills are a plus
In my opinion, certifications are ‘nice to have’ for an entry level candidate but some basic ones won’t hurt. They can help build your confidence, and provide somewhat of a path for you to lay out your early journey. At the end of the day when you get the opportunity to interview for your first role it is likely that the interviewers will value motivation, critical thinking, hands-on skills, and self-study above all else when selecting entry level candidates.
Should you decide certifications are important for you, I’d consider CompTIA Network+, it is a good one as it shows a bit of that basic network knowledge, and CompTIA Security+, it is cheap, and it will teach you some basic security terminology and basic concepts. Neither certification shows an advanced knowledge of their subject, but they are a good choice for getting a foot in the door. One other I’d call out is the CompTIA CySA+. It focuses on the basic skills needed to perform the daily work of a security analyst.
There are many options available online when it comes to certification training. Everyone has a unique style of learning, but we’d recommend doing your research prior to spending significant sums of money on certification training. Traditionally (and many still charge this much), these courses cost $3000-$5000. In the last 5-7 years, new on-demand options have offered comprehensive alternatives for a fraction of the cost.
Cybrary provides a low-risk, low-cost way to get started with certifications. Our certification prep programs are all self-paced and offer high quality online certification training including full-length video courses, optional hands-on labs and complete practice tests to build confidence prior to sitting for the certification exam.
Lastly, Leslie Carhart (@hacks4pancakes) has written an extensive and detailed series of blogs about this subject; and while written several years ago, the concepts still very much apply: Starting an InfoSec Career – The Megamix – Chapters 1-3
In a recent podcast, the Cybrary team spoke with Meg West to learn more about her path to success in a cybersecurity career. She breaks down barriers and provides helpful starting tips. We've summarized the podcast here; or you can listen to the podcast in it's entirety here. If you want to hear more from industry leaders and professionals, from all aspects on the cybersecurity and IT fields, give insight into how they got where they are today and what new and emerging technology we should be taking notice of; be sure to subscribe to the Cybrary podcast. It's available on all major platforms like Spotify, Apple Podcasts and Google Podcasts.