Getting Started in Cybersecurity: Experts Reveal What Worked for Them
You can’t picture yourself in any career field other than cybersecurity. This booming segment of the information technology (IT) field has everything you could possibly want in a career: work that makes a difference, plenty of job stability, ties to your natural interests and solid earning potential.
There’s just one problem: You’re not sure of what you can do to get started in cybersecurity.
Although cybersecurity jobs are on the rise—the Bureau of Labor Statistics projects employment of information security analysts to grow 31 percent from 2019 to 2029—there’s still plenty of competition for roles in this field.1 You need to know how to gain the skills you need and set yourself above the crowd so you can begin your cybersecurity career.
Getting started in cybersecurity doesn’t have to be daunting. We spoke with experts who have been in your shoes to learn the tactics that worked for them. Read on for an overview of action steps you can take today to get closer to launching your cybersecurity career.
Expert tips for getting started in cybersecurity
1. Narrow down your career options
The cybersecurity field is bigger than you may realize. That’s why our experts recommend doing some research to narrow down exactly what type of cybersecurity career you’re looking for.
“The cybersecurity field offers two main role types: in-depth specialist roles and broader but shallower generalist positions. Before you go any further, you should think carefully about your options and decide what problems you’d like to solve,” says Chris Parker, owner of WhatIsMyIPAddress.com.
Do you want to have a deep focus on damage mitigation? Learn about compliance? Become a penetration tester? Gain a broad understanding of the security needs for a large commercial network? There are several specialized subsets of knowledge within the field. Take some time to explore—and remember that areas that overlap with your current knowledge base can often be a solid starting spot. Having a more specific goal will ensure that the steps you take are truly leading toward a career path you’re excited about. “Your choice may define your working life for years to come, so you’ll need to find something that you can realistically envision doing every day,” Parker says.
2. Practice with a “home lab” setup
You’ll often hear IT pros talking about their “home lab” setups. A home lab is an environment of your own creation that mimics real-world business networks. Think of it as your own personal playground to test hacking techniques or security tactics.
Building a home lab gives you the opportunity to play around with the tools of the trade in a risk-free environment. You can hone your skills while also determining which aspects of cybersecurity you enjoy working with most.
Home labs don’t have to be expensive and complicated. Many aspiring cybersecurity pros get started on a shoestring budget with relatively basic technology. Start by seeking out cybersecurity home lab tutorials online. Fair warning—there’s a lot to learn, and it can seem a little overwhelming initially, but this remains a solid and practical way to develop your networking expertise.
3. Seek out cybersecurity projects
Keep in mind, there may be an opportunity to seek out “stretch” projects related to cybersecurity where you work. Even if these projects are only loosely related to cybersecurity, you may have an opportunity to make connections with information security professionals in your organization—and knowing people who do the job you’d like to do is never a bad thing. While this may not always be a viable option, it’s worth letting your supervisor know you have an interest in cybersecurity and would like to have it in mind as part of a professional development plan.
The results of this approach will vary. For example, if you work at an IT help desk, maybe you have the opportunity to ask to take the lead on escalated tickets related to security issues or shadow the person who does to learn more about the role.
Don’t forget about projects and opportunities outside of work, as well! Contests, “bug bounties” and contributing to open-source projects can all provide ways to bolster your practical experience.
4. Network, network, network
Making connections with others in your field has come a long way from the days of cheesy icebreaker questions in a hotel conference room. These days, most networking takes place online. It can be the difference between landing a job and being overlooked.
“Network with people in the job role you want to be in on LinkedIn,” says Ken Underhill, cybersecurity leader and host of the Cyber Life television streaming show. “Let them know the things you are currently learning, and let them know you are looking for a job.”
You can also connect with cybersecurity pros by joining cybersecurity forums on Reddit, Twitch or Discord and seeking out membership to various cybersecurity organizations, like the Cybersecurity Advisors Network or Women in Cybersecurity. “The cybersecurity industry is one big family,” Underhill says. “There are some jerks, but the vast majority of people are eager to help you out.”
5. Earn certifications
There are plenty of industry-standard certifications to choose from in the cybersecurity field. Though these certifications are technically optional, employers are relying on them more and more to narrow down towering piles of applications. A certification proves that you have the specific knowledge necessary to perform your job duties in a particular role.
“It makes a lot of sense to pursue certification in your chosen area. There are plenty of options around, though, so do the research to narrow them down,” Parker says. Think about the investment of time and money a particular certification will take, as well as how widely accepted it is by employers.
Not sure which certifications will give you the most bang for your buck? Parker recommends looking through job postings for the type of role you’d like to pursue. “All the information about what employers are looking for is right there. You’ll notice that certain skills and certifications come up quite frequently.”
6. Pursue formal education
Although determined self-taught learners can pick up on quite a bit about cybersecurity on their own, pursuing a formal education in cybersecurity is still a tried-and-true way to bolster your employability. According to the Bureau of Labor Statistics (BLS), most information security analysts need at least a Bachelor’s degree in Cyber Security or a related field.1
“Cybersecurity isn’t a good option for those who expect to be hired and taught as they work,” Parker says. “Even its most generalized positions require extensive knowledge.”
Not only will a relevant degree give you the knowledge and training you need to excel in the workplace, but it can also help prepare you for some of the industry certifications mentioned above. The Cyber Security academic offerings at Rasmussen University can help students prepare for industry certification exams, like the Systems Security Certified Practitioner (SSCP), Cisco Certified Network Professional (CCNP), Certified Information Systems Auditor (CISA) and CompTIA Cybersecurity Analyst (CySA+).
7. Commit to lifelong learning
It’s no secret that the technology field is constantly changing. Even with a degree and relevant certifications on your resume, you need to commit to an attitude of lifelong learning if you want to find success in cybersecurity.
“Never stop learning because, if you stop, you will be left behind,” Underhill says. “This is true for every job role in the cybersecurity field.”
Keeping up with the latest in cybersecurity doesn’t have to take up all your spare time. Simply following relevant tech podcasts or cybersecurity blogs can help you stay in the loop. For topics you’d like to tackle in depth, there’s also the option to seek out continuing education courses.
Jump-start your cybersecurity education
As you can see, there are plenty of steps you can take when it comes to getting started in cybersecurity. Taking action on just a few of these steps can help lead you to the cybersecurity career you’ve been dreaming of.
That said, it will be tough to get your foot in the door without a formal education. Earning a relevant degree is an excellent stepping-stone on the path to this career field. Find out how you can get started with a Cyber Security Bachelor’s degree from Rasmussen University.
1Bureau of Labor Statistics (BLS), Occupational Outlook Handbook, [accessed March 2021], https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm Information represents national, averaged data for the occupations listed and includes workers at all levels of education and experience. This data does not represent starting salaries. Employment conditions in your area may vary.