There are many routes you can take to kickstart your career Cyber security. Unfortunately, that leaves people at a disarray as they don't know where to start due to the many options. Have you heard of Analysis Paralysis, where we overanalyze or overthink a situation which causes our action or decision-making to become "paralyzed".
I've experienced it, and let me tell you, it's no fun, and somewhat draining. The irony right? So here are a few things you can do to move yourself forward into the industry.
Here are a few things to get you started:
Read books that introduces the concepts and ideas of Cybersecurity
Watch videos explaining these same concepts for visual and layered understanding
Get connected and join cyber educational groups, networks, and subscriptions
Let's dive more into these steps
Resources to get you started
Get Certified Get Ahead by Darril Gibson is the first book I laid my hands on. This book covers the fundamentals and also prepares you for the Security+ certification. Not only does it provide the basics, it's also an easy and interesting read for someone new to the field. It's not overloaded with excessive industry talk, but covers the important topics in a concise and simple way for the prospective cyber warrior.
Cybrary.it - Cybrary Offers free IT and Cybersecurity training. Courses are taught by well experienced professionals in the industry.
SANS Cyber Aces - SANS is one of the most trusted and the largest organization for information security training and security certification in the world. They offer free online courses.
Professor Messer - Professor Messer is the CompTIA training guru. You can access all his videos via Youtube and study materials on his site. This is a great resource for anyone preparing for a compTIA exam (A+, Network+, Security+, or Cisco training). Most videos never goes over 20 minutes, which makes it the perfect resource while on the go.
Take Entry Level Security Certifications
Getting a certification is another way to learn the fundamentals while building your credentials.
CompTIA Security+ - CompTIA is a globally recognized neutral vendor organization. This is the certification I attained. They provide a plethora of IT certifications
Microsoft offers study materials and certifications to guide new and upcoming IT and Security professionals. You can take the 98-367 exam to learn Security fundamentals. This is recommended if you have experience in Active Directory, Windows-base Server, firewalls,
Although this is an entry level certification, GIAC certification covers advanced technical subject areas to measure specific skills and knowledge areas rather than general Security knowledge.
Hands on experience is vital in even being considered. Though you might have theory knowledge, putting it into action is necessary. So, how can we get that experience? Here are a few pointers:
Build your own lab
You can build your own lab to perform and practice tasks of a cybersecurity analyst. Using tools like Nessus and OpenVAS for vulnerability analysis and protocol analyzers like Wireshark to analyze network traffic.
Develop a skill
Developing a skill can be a great way to set yourself apart. Your skill can be automating processes with the programming language python, which can be useful in a Security Operations center.
You can have extensive knowledge and practice in Cloud Security. According to Techgenix, "It is a highly coveted skill as the number of cloud attacks is ever increasing".
Join a Network (It's time to get connected)
Start immersing yourself in the space with like minded people building their Cyber repertoire such as, experienced professionals, cybersecurity students, and groups. Networking is King, it's in the name. Utilize your social media (LinkedIn, Instagram, Twitter). Many opportunities can come from networking online. Here is one tip when networking, do your research on a persons page, website, and look at what they have provided to the public, before reaching out to someone and asking for advice. Many times the answers we seek have already been provided, and asking redundant questions will probably get you glazed over.