Introduction

Cybersecurity has become more critical than ever before. As technology advances, so do the threats that exploit vulnerabilities in our digital systems. When I started out in the pursuit of being a cybersecurity professional, I made a few mistakes that cost me lots of time and effort. If you’ve ever considered a career in this dynamic and high-demand field, you’re in the right place. This article will provide you with a roadmap to get started in cybersecurity and I’ll provide links to all the resources (both free and paid) to help you navigate the space better. Without much further ado, let’s get started.

Understand the Basics

Before diving into the world of cybersecurity, it’s essential to have a solid understanding of the basics. Mastering the basics acts as building blocks to later help you grasp more complex concepts. You can start by learning the following:

a. Cyber Threats: Familiarize yourself with common threats and attacks like malware, phishing, ransomware, and social engineering attacks. Having a basic understanding of how these threats occur and how they can be mitigated is a great starting point.

b. Networking: I was never a huge fan of networking but this might just be one of the MOST crucial concepts in cybersecurity. It involves understanging how computers communicate with one another and the various protocols involved therein. Gaining knowledge of how computer networks function, including protocols, IP addresses, and routing will be of immense value in your journey.

c. Operating Systems: For you to be able to attack or defend a system, you need to know what is running on it i.e the processes and the various functions within that system. Learn about different operating systems (Windows, Linux, macOS), their vulnerabilities (how they can be compromised) and how they can be secured.

d. Cryptography: Understand the principles of encryption and decryption, which play a vital role in securing data either during storage or during transmission.

Educational Pathways

Cybersecurity is a multidisciplinary field, and there are various educational pathways you can take.

a. Bachelor’s Degree: Pursue a degree in computer science, information technology, or a related field. Many universities offer specialized programs in cybersecurity both locally and internationally.

b. Online Courses and Certifications: There are numerous online courses and certifications available. Notable ones include CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) and Certified Information Security Manager (CISM). This list is not exhaustive as there are so many more certifications you can pursue in this space.

c. Bootcamps: Consider enrolling in cybersecurity bootcamps, which offer intensive, hands-on training in a shorter timeframe. However, in my opinion, this option requires one to have grasped the fundamentals first since it is a crash course and can be quite confusing for a complete newbie.

d. Self-Study: If you prefer a self-paced approach, there are plenty of free and paid resources available online. Books, blogs, and YouTube tutorials can be valuable sources of information. Some industry professionals you can follow include; John Hammond, Network Chuck, Heath Adams, Tib3rius etc

Build Practical Skills

Cybersecurity is a highly practical field. To get started, you need to hone your skills by:

a. Setting Up a Home Lab: Create a safe environment to experiment with different operating systems, software, and security tools. For example, you can set up the attacking machine using Kali Linux and a vulnerable machine from VulnHub as the victim host to simulate common attacks on existing vulnerabilities. Having such a setup will prove your virtualization skills as well as attack and defense skills. This hands-on experience is invaluable.

b. Capture The Flag (CTF) Challenges: Participate in CTF competitions to solve real-world security puzzles and enhance your problem-solving abilities. Some great platforms to get you started include Hack The Box (HTB), TryHackMe, PicoCTF and Proving Grounds by Offsec among others.

c. Networking: Join local or online cybersecurity communities, attend meetups, and network with professionals. Find a mentor or someone in the space to walk the journey with you since learning from experienced practitioners can provide valuable insights.

Stay Informed

Cybersecurity is a constantly evolving field. To stay relevant and informed, follow these steps:

a. Read News and Blogs: Stay updated on the latest cybersecurity news by reading blogs, websites, and following cybersecurity experts on social media.

b. Subscribe to Podcasts: There are many cybersecurity podcasts that provide in-depth discussions on current threats, trends, and best practices. I personally listen to Darknet Diaries by Jack Rhysider, CISO Stories and Paul’s Security Weekly.

c. Continuous Learning: Commit to lifelong learning. Attend webinars, conferences, and workshops to expand your knowledge and skills since the field is very dynamic and requires you to constantly be updated on the latest trends.

Gain Practical Experience

To land your first job in cybersecurity, consider the following:

a. Internships: Look for internships or entry-level positions in IT or cybersecurity. Practical experience is highly valued by employers.

b. Volunteer Work: Offer your services to nonprofit organizations or local businesses to gain hands-on experience and build your resume.

c. Create a Portfolio: Showcase your skills by creating a portfolio of projects on your Github page. This will include any scripts, code, penetration testing reports or vulnerability assessments you’ve conducted. For those willing to go a step further, create a portfolio website and host it for free on netlify to host your blogs/articles.

Apply for Jobs

Once you’ve acquired the necessary knowledge and skills, start applying for cybersecurity positions. Entry-level positions may include security analyst, junior penetration tester, or security operations center (SOC) analyst.

Certifications and Advancement

As you gain experience, consider obtaining advanced certifications and specialize in a specific area of cybersecurity, such as network security, cloud security, incident response or any other area that might be of interest to you.

Conclusion

Getting started in cybersecurity is an exciting journey filled with opportunities to make a real impact in the digital world. By understanding the basics, pursuing education and certifications, building practical skills, staying informed, gaining experience, and advancing your career, you can embark on a successful path in this ever-evolving field. Remember that dedication, continuous learning, and a passion for cybersecurity will be your keys to success.Feel free to reach out on my socials in case of any questions/suggestions you might have. Happy learning :-)

Resources:

CTFs;

https://www.hackthebox.com/

https://tryhackme.com/

https://www.offsec.com/labs/individual/

https://picoctf.org/index.html#picogym

Beginner Cyber security courses;

https://www.eccouncil.org/cybersecurity-exchange/cyber-novice/free-cybersecurity-courses-beginners/

https://www.coursera.org/google-certificates/cybersecurity-certificate

https://www.isc2.org/Landing/1MCC

Build your own Lab (BYOL);

https://www.vulnhub.com/

https://docs.rapid7.com/metasploit/metasploitable-2/

https://resources.infosecinstitute.com/topics/penetration-testing/how-to-make-your-own-penetration-testing-lab/

https://albertlacasta.com/build-selfhosted-pentesing-lab/

Introduction#

Understand the Basics#

Educational Pathways#

Build Practical Skills#

Stay Informed#

Gain Practical Experience#

Apply for Jobs#

Certifications and Advancement#

Conclusion#

Resources:#