Cybersecurity is a great industry with some of the most fascinating jobs in the world. It is a relatively young field that has seen rapid growth in recent years, with thousands of jobs waiting to be filled. While I’m excited to work in cyber, there are a few things that I wish I knew before starting my journey.
For some background, I first became interested in cybersecurity during my sophomore year of college when many of my friends majored in it. Cybersecurity is a term that tends to invoke an air of mystery and intrigue, which had me hooked from the start. To those on the outside, it sounds very cool and exciting. Before I decided to change my major to cybersecurity, I watched some YouTube videos summarizing the industry. The problem with some of these videos is that they sensationalize the idea that cybersecurity professionals are like the internet police force, stopping hackers left and right. To a college kid looking for purpose, this all sounded amazing, but it set unrealistic expectations. With that said, I changed my major and began a new path into cybersecurity.
Learning cybersecurity has been a fun process, and I have no regrets about pursuing this field. However, I have faced many challenges, and there have been some bumps in the road. I want to provide some more accurate expectations for anyone thinking about going into cyber, so here are five things that I wish I knew before jumping into the field:
Cybersecurity Is Not What the Movies and the Media Portray
Yes, cybersecurity does involve stopping hackers and protecting others from them. However, this field is much more complex, and apprehending a hacker who could be miles away behind a computer screen is not as easy as confronting them in person. For police officers, they can physically see an attacker and deal with them right there. However, within the world of cybersecurity, stopping a hacker can take days or even months. Threat hunting through networks and reviewing hundreds of logs can be very tedious, but this type of work is necessary to stop attackers. Moreover, these hackers can be highly skilled in disguising themselves or hiding deep within systems and networks. To work in cybersecurity, you need to have a natural curiosity and the discipline to keep searching even when you feel like giving up.
Hacking Is Not as Effortless as It Seems
Many jobs within cybersecurity allow you to be an ethical hacker. When I first got started in cybersecurity, this is what I wanted to do. There are so many movies where you see someone 'hacking' into a government agency, using five monitors with all sorts of code running, and typing what looks to be 100 words per minute. In reality, this is simply not the case. Learning to break into systems and networks requires a vast amount of technical knowledge. Someone could spend years learning about vulnerabilities, exploits, and how to break into systems and still only be considered a beginner ethical hacker. Hacking takes time to learn, and the best way to become advanced in the field is to pursue certifications such as the eJPT, CEH, or the OSCP. Studying for these certifications will allow you to further your knowledge on ethical hacking best practices and will allow you to test your knowledge when exam time comes around.
Learning Cybersecurity Is Like Trying to Drink Out of a Fire Hose
That is seriously the best way to put it. When you get started in cybersecurity, you will encounter so much information, and it's easy to become overwhelmed. There are so many topics within cybersecurity that can take months to fully grasp. Some of these topics include digital forensics, penetration testing, cyber law, cybersecurity frameworks, incident response, malware analysis, and cloud security. My recommendation is to take one or two of these topics and try to become an expert on them. Watch videos on them, study them in your free time, and reach out to people currently working within these roles. This is also why I believe it is important to specialize in a single part of cybersecurity when starting so that you can become skilled within that area and land a good job.
You Must Be Knowledgeable in IT Before Jumping Into Security
This is one thing that I, and many other people, failed to realize before jumping into the field. You must be knowledgeable in general information technology before you can adequately secure technology. Being familiar with IT fundamentals will greatly improve your security skills because you will better understand how the technology works, how people interact with the technology, where its weaknesses are, and how to troubleshoot issues. Moreover, it is difficult to secure a system or device if you are not familiar with it. Therefore, if you are not someone who is naturally technical or who didn’t grow up using technology, I recommend immersing yourself in general technical skills and then working your way into security.
Cybersecurity Requires a Passion for the Field
Cybersecurity is certainly not an easy field to work in. Throughout your cybersecurity career, you will face many complex issues that require a lot of hard work and determination to solve. There will be many times where new security incidents occur, and you won't have the slightest idea how to remediate them. You are often required to think on your feet and be resourceful to gain information quickly, and this is where the need for passion comes in. If you have an insatiable hunger for knowledge, you will do great in this field. People who are passionate about cybersecurity do not quit when things get tough. Moreover, they are constantly trying to learn more and improve their skills within the field. Yes, cybersecurity jobs pay well, and the job is very exciting. But there are plenty of other jobs that are exciting and pay well. Cybersecurity truly requires a passion for information technology, problem-solving, and security.
I hope this article provides you with better expectations for what working in cybersecurity is really like. This field is unlike any other, and there are so many great opportunities within it. The bottom line is that if you are interested in cybersecurity, go all in and start learning now. It’s a long but rewarding road ahead.