Hi everyone my name is Vincent Burns and I’m here to talk about cyber security awareness. And no, I’m not talking about the computer-based training that you have to take at work to learn how to spot phishing emails. I’m talking about cyber security awareness as in what it’s like to work in cyber security, how to get a job working in cybersecurity, as well as some of my personal experiences as a cybersecurity professional. So join me as we explore a career field that many people have heard about but probably don’t really fully understand. This is Cyber Career Starter, let’s go.

It’s probably not what you think it is.

I think by now it’s common knowledge that cyber security careers are one of the fastest growing in the country. but what does that entail? Cybersecurity is a broad career path spanning everything from Red teaming, blue teaming, penetration testing, auditing and even managing people and projects. Today I want to cover some of the common misconceptions that people may have about working in cybersecurity. These are assumptions that I’ve heard over the years from my own experiences. things that I’ve heard from people about why they think they could never work in cybersecurity or maybe things they’ve seen in movies or maybe experiences that they’ve had but don’t necessarily apply to every part of cyber security. Again I want to preface this that with the fact that these are observations from my experiences and therefore represent my opinion. I’m sharing with you today in hopes that it will give you some insight into starting your own career in cyber security. And may satisfy your curiosity or even help you achieve your goals. 

Should I learn to code?

Probably the biggest misconception I hear out there is that cybersecurity requires a lot of coding. and honestly this could not be further from the truth. in fact I would argue that working in IT a lot of times requires more scripting and coding then working in cybersecurity. Now you may Wonder how that is possible when a lot of times you need experience in information technology to work as a cybersecurity specialist. but that’s another misconception that I’ll get into later. the truth is a lot of times all you need is a strong foundation in cyber security principles. if you work as a cybersecurity analyst on a blue team which means that you are defending your organization from threats that may include hackers. a lot of your job involves monitoring your network and environment using security tools. a lot of times these tools are essentially complex antivirus software. so if you think of it that way when you get a virus your antivirus software will let you know and give you options to fix the problem. or it’ll fix it automatically for you. working on a blue team you essentially manage the software. for an entire Enterprise. none of this requires coding. but it does require a strong understanding of how to respond to threats the different types of threats you could encounter the security controls you have in place but again there’s no coding involved in any of this. if we look at another tenant of cybersecurity careers like say auditing. this involves examining an organization’s security posture and making sure they’re following certain security standards. again when you’re evaluating a company’s security controls there is no coding involved. instead you’re working with a lot of differentDepartments within information technology to ensure they have the proper security controls in place and if they don’t you then work with them to come up with a plan to enact those controls. so those are two prime examples of how you can work within cyber security without any coding experience whatsoever. in fact when you’re first starting out I would argue that there are very few instances in cybersecurity where you would need any type of coding experience to do your job.

How much experience do I need?

Now circling back to what I said about needing it experience to get into cyber security. it’s true that most cyber security jobs prefer you have some technical experience with an information technology. But a common misconception that I’ve seen is how much experience you really need to get into cyber security. Typically when you start out working in i. T.  you begin at the help desk. from there you build up your certifications and you move into a different role whether it be networking, system administration, application support, coding or anything else. the misunderstanding comes from people thinking that you need a ton of experience in information technology to work in cyber security. The truth however is that you need little to no experience working in information technology to start working in cybersecurity. does it help to have a lot of experience in it? yes I would say it does. but if you can demonstrate that you have a strong foundational knowledge in it in cyber security then no you don’t need a ton of experience in it to start in cybersecurity you can go right into it. and like I said I’m talking from my own experience because I only worked a little over a year in it before I started a job in cybersecurity. in fact my first certification was the CompTIA A+ and instead of taking the network Plus like most people would I went ahead and took the Security Plus exam by CompTIA because I knew I wanted to work in cybersecurity. and because of that I was able to get my first cybersecurity job pretty quickly. 

Degrees are pointless right?

Another misconception I see is not just about working in cybersecurity but working in IT in general. It’s that you don’t need a degree to get a job. This may have been true a few years ago but since I started working in cyber security it just hasn’t been what I’ve seen. For most jobs in information technology and that includes cybersecurity, if you want to be competitive and have an easier time finding a job then you need to get your bachelor’s degree. And I’m sure I will get a lot of push back for this, but I guarantee a lot of the people who started their I.T. career without a degree eventually got one. It is so easy and so cheap to get a bachelor’s degree nowadays that there’s really no excuse and if you don’t have one you’re falling behind. and I am definitely one of those people who doesn’t think going to a four-year University is worth it I totally agree that it’s a complete rip off but there are options out there for working adults to get their bachelor’s degree in as little as 6 months and four not a lot of money compared to what a lot of other people are paying. all you have to do is a quick YouTube search to find out what I’m talking about. and funny enough it doesn’t necessarily matter what your degree is in. my bachelor’s degree was technical management which was essentially a business management degree with some technical classes mixed in. so you don’t even have to get a straight Information Technology degree or computer science degree if you’re not a very technical person. I would say a business management degree would even be sufficient if you have the right certifications like Comptia’s Security Plus. Again I know I’m going to get a lot of push back on this but this is just my opinion and what I’ve seen from my experience. Certainly there are a lot of ways you can go about getting into the cyber security profession. but I’m just speaking to what I believe will give you the best chance and what is essentially the beaten path right. you could take that shortcut through the woods and you may come out the other side just fine or you could just take the nice paved Road that’ll take you the scenic route. 

So there you have it those are some of the misconceptions I’ve seen about starting in cyber security and what it’s all about I hope this helps you in on your path to furthering your career and getting into a job that has been both fulfilling and rewarding in my in my time time as a as  a cyber Security pro.