How to Enter the Field of Cyber Security

Getting into any new field is difficult, and cyber security is no different. Ironically you’d think it would be easier as there are an estimated 1 million open security roles across the globe. The uniqueness of these positions however takes time and dedication to master. For those who are in college or planning to  soon, universities have begun to expand their programs to meet the increasing growing demand for these skill sets. For others more entrenched in their current IT careers, it can be hard to find the opportunity to gain the necessary experience.

1. Join local user or Meetup groups. If you’re truly interested in entering the cyber security field and are already in IT, there’s no getting around the fact that you’ll need to put in some time outside of work. People volunteering to run these groups are dedicated to their profession and can help answer many questions you have.
2. Obtain certifications. If you’re just getting started in IT, the Security+ from CompTia is a good place to start. There are a few other large organizations for a range of entry level, intermediate and senior level certifications. The Global Information Assurance Certifications (GIAC) from SANS.org, ISACA, and (ISC)² groups all have a variety of networking, application, and policy options. It will cost money for the training and the test, but certifications are respected in security and can help open doors.
3. Practice, practice, practice. There are quite a few purposefully vulnerable websites dedicated to allowing people to practice techniques.
4. Find your niche. Security is such a broad subject covering networking, applications, management and policy making. It’s always good to have a broad base of knowledge, but you need to find a niche to separate yourself. Have a background in development? Learn about designing applications to be secure, or malware. You currently support a network? Focus your time on firewalls and penetration testing.

There are so many paths to choose from in the cyber security field one can easily have information overload and not know where to begin. Talk to people in the field already. Learn from their successes and mistakes. Invest in yourself through training and certifications. There’s no getting around the extra work and practice you’ll need to commit to. Don’t be a jack of all trades and master of none.