The cybersecurity field is growing by leaps and bounds today. With the constant growth of technology, threat vectors such as data breaches, ransomware attacks, viruses and malware have grown too. The need to defend corporations and tackle different security challenges is the need of the hour and a strong cybersecurity workforce is needed. According to a 2019 (ISC)2 Cybersecurity Workforce Study, the current cyber security workforce is close to 2.8 million professionals. The world needs an additional 4.07 million professionals to close the cybersecurity gap. That is about a 145% cybersecurity skills shortage which has to be closed.
Looking at these statistics and constant growth opportunities, if you are working in another domain and if you are thinking about moving into the cyber security domain but are not sure how – then, this post is just for you.
Fact: Did you know that according to a 2019 (ISC)2 Workforce study, only less than half of cyber security professionals actually started in the field?
At the outset it is good to have these degrees as you step into the Information security workspace (though not an absolute necessity)
These degrees and coding experience and knowledge will serve as a good foundation for you.
The following four pronged approach will definitely help you to climb the cyber security ladder:
“Read, read, read, study, study, study” is probably a mantra that will give you great benefits as you step into the Information security workspace. There are numerous courses on udemy.com, Coursera that will get you started with basic knowledge in the Information security landscape.
Creating an account on GitHub.com and learning to practice coding and creating websites and tinkering with them is a great way to gain practical experience.
Certifications are the most important pillars of the Information security domain. Every employer looks for cyber security certifications from an applicant. While there more renowned ones like the CISSP, CCSP which require a number of years of experience, there are several entry level certifications that will help you get your foot into the information security door. It is always good to have at least one to prove yourself to the Information security world and secure yourself a thriving career. These are some of the entry level certifications:
In order to do the CompTIA Security+ certification, experience is not mandatory but is recommended.
According to the CompTIA website,
“The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability”
Once you are CompTIA Security+ certified, you can start your career in the capacity of System administrator, Security administrator, Security specialist, Security engineer or more security roles.
The CompTIA Network+ certification does not require any mandatory years of experience to do the certification (though some years of experience is recommended)
These are some of the duties that a CompTIA Network+ certification will enable you to do:
Once you are CompTIA Network+ certified, you can get a job as a Junior Network administrator, Network Field Technician, System Engineer or Network analyst.
The ‘Certified Ethical Hacker’ from EC-Council certifies you to be a hacker but in a legitimate way. According to the EC-Council website,
“A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s)”
If the candidate has completed his CEHv10 training from an Accredited training center like InfoSecTrain, then he/she does not need the required 2 years work experience and can go directly for the application process.
“The GIAC Security Essentials (GSEC) certification validates a practitioner’s knowledge of information security beyond simple terminology and concepts”
This certification justifies that you are suitable for hands-on IT system roles.
By securing any or all of these certifications, you will qualify for entry level cyber security jobs. This in turn will propel you to more certifications and a much more illustrious InfoSec journey.
Finally, some organizations also cross train to fill the cyber security job gap. If you are in another domain, Cyber security managers respect your experience and enable you cross train and move you into domain.
Hope these tips and suggestions enable you to secure a rewarding career in the Information security world!