Cybersecurity (CySec) is a vast field encompassing a wide range of skills and knowledge areas. Before you dive into a specific cybersecurity path, it’s essential to establish a solid foundation in general IT concepts.
I’m a big believer in learning the right way, even if it takes longer. I remember my tennis coach saying that it was much harder to teach students who had learned bad habits than to teach beginners who knew nothing. This idea has always stuck with me, and it applies to cybersecurity just as much. Building a strong foundation at the start will set you up for success later on.
Lay the Foundation with IT Fundamentals
To start in cybersecurity, you first need to understand the fundamentals of IT. The go-to resources for these basics are the well-known trifecta: CompTIA A+, Network+, and Security+. These cover foundational IT, networking, and security concepts, respectively. And you don’t necessarily need to obtain these certifications; studying the materials is enough. The structured curriculum these certifications offer will help you build knowledge from the ground up.
At this stage, before taking on Security+, I also pursued the Certified in Cybersecurity (CC) certification by (ISC)². This certification is nearly free, requiring only a $50 subscription fee. I also completed the Google Cybersecurity Certificate, which provides a discount voucher for the Security+ exam.
Mix Theory with Practical Learning
One thing I’d change if I could go back would be to include more hands-on practice alongside my studies. Learning theory alone can be overwhelming and sometimes even discouraging. By working on practical projects and labs, you’ll reinforce the theoretical concepts and gain a deeper understanding of how they work in real-life scenarios. You can find these projects here on my website and my Youtube channel, on educational platforms, and all over the internet.
Engage with Interactive Platforms
Another fantastic way to learn cybersecurity in a fun, interactive environment is through TryHackMe and Hack The Box. These platforms offers a range of challenges and labs that will deepen your understanding as you progress. It’s a great way to make learning enjoyable and keep yourself engaged. I consider TryHackMe to be more beginner friendly.
Learn a Scripting Language
While you don’t need to be a coding expert to succeed in cybersecurity, some basic scripting knowledge is essential. Learning a language like Python can be incredibly valuable as it will allow you to automate tasks, analyze data, and create simple tools that can make your work easier. There is a great course on Youtube by Programming with Mosh.
Choosing Your Path in Cybersecurity
Once you’ve established a strong foundation, you’ll likely have a clearer sense of which area within cybersecurity resonates most with you. The field is vast, offering a variety of specializations to suit different interests and skill sets. Whether you’re drawn to defending systems as a Blue Team or SOC Analyst, testing defenses as a Red Team or Pentester, or focusing on security strategy and policy as part of Governance, Risk, and Compliance (GRC), there’s a path for everyone. Other options include becoming a Cybersecurity Engineer or exploring roles in Incident Response, Digital Forensics and beyond.
There are several tools to help guide you in choosing the next steps in your journey:
- CompTIA’s Cybersecurity Career Pathways: CompTIA offers a structured look at different cybersecurity career paths, along with suggested certifications to get you there. You can explore this resource on their website here.
- TryHackMe Learning Paths: TryHackMe also organizes its learning modules into different cybersecurity specialties, giving you hands-on experience tailored to your interests.
- Paul Jerimy’s Security Certification Roadmap: A great resource for understanding the certification landscape in cybersecurity is the Security Certification Roadmap by Paul Jerimy. This map organizes certifications by their specialty and difficulty level, making it easier to see which ones align with your goals. Check it out here.
This roadmap will set you on a steady path to mastering the essentials in cybersecurity. Starting with strong IT fundamentals, balancing theory with practice, engaging with interactive tools, and picking up a scripting language will prepare you for deeper learning and specialization in this dynamic field.
With so many resources and paths available, you’re well-equipped to explore and discover the role that fits you best in cybersecurity. Happy journey!
Resources and Recommendations
CompTIA A+: Mike Meyers on Udemy or Professor Messer on Youtube
CompTIA Network+: Jason Dion on Udemy or Professor Messer on Youtube
CompTIA Security+: Jason Dion on Udemy or Professor Messer on Youtube
Python: Programming with Mosh on Youtube, Code Academy
tryhackme.com
hackthebox.com