A wise man once said to me, “The Journey of 1000 bytes… begins with a single bit.”
So you decided you wanted to pursue a career in Cyber security. Congratulations! You picked a long but rewarding road towards empowering yourself and others. We are in an age where cyber security continues to grow in importance and relevance, it won’t stop anytime soon
Well, that’s all fine and dandy you might say, but I don’t know where to begin! What organizations/groups do I seek out and join, what exactly I should focus on! What will enable me to be a truly competent cyber security professional?
The truth is, there is no one road to success in this industry. The most important thing to do is to pick a road, follow it, and keep moving forward, adapting and learning as many things as you can about whatever particular topic you chose. Some of you will have more of a technical background than others, but the important thing to do is not rest on your laurels or get down on yourself. Keep learning and keep moving forward.
The only way to fail is to never take the first step!
That’s right, the only way to fail is to never take the first step. I would strongly advise finding a community to be a part of, be it online or in person. Ideally you would find ways to do both and maximize your learning through deep exposure. Don’t spend too long thinking about what to do or where to begin. The answer is always going to be “Yes! More!”
So join that community, start that course or project. Get involved with capture the flag competitions, and most importantly reach out to people who seem to know what they are doing, they can guide you on how to develop. Be sure to get involved with initiatives such as Cyber Patriot, a program designed to teach the young about cyber security and help inspire and motivate them to join and grow the workforce in a positive way. Teaching helps you learn and holds you accountable for the knowledge you share.
The Second Step
Now that you are part of a community, say a meetup group, professional organization or perhaps being an active member of a subreddit like r/infosec, you are now surrounded by other people with the same interests as you. People love to help those who help themselves and you will find many seasoned cyber security ninjas willing to show you the way, so long as you show up to learn and give it your best.
It is around this time that things might stop making sense to you, or become harder to grasp the first time around. Maybe you don’t quite understand how SQL databases work, maybe you are not familiar with basic coding principles or the difference between Java and Python. Or perhaps the concept of networking and the TCP/IP stack comes across as magic.
You might feel discouraged, but this is actually good! Now you know where to focus your efforts. Ask your peers about SQL databases, coding principles, the TCP/IP stack. Google them, do what it takes to make you feel like you could explain it to someone else. If you feel like you are aimlessly trying to learn random stuff, partake in a capture the flag competition or a group project on github in order to give your learning some guidance.
There is nothing you learn that can’t or won’t be useful again in the future when you try to learn or do something new in the cyber security field. It all goes towards broadening your knowledge and ability to integrate the many aspects of this field.