There has never been a better time to get into cyber security. There is a growing demand for experts, leading to increased salaries and job opportunities. If you’re thinking about starting a career in cyber security, here are some things you should do and will need!
A passion for unexplored technology. Cyber is a constantly changing area so you’ll need to be able to constantly adapt to keep up! You don’t have to have lots of gadgets, but if you can make things easier with technology you’re on the right path!
You’ll also need good communication skills and you’ll also need to be able to work in a team! They’re really important as you’ll need to work with other experts to defend cyber threats. You’ll also want need to be able to share your knowledge and ideas with others to help work together to find the best solutions.
Get work experience
As with most industries, you’re much more likely to get ahead in cyber security if you have experience. Even though the industry skills gap means organisations are more likely to take on less experienced people, practical knowledge is a huge advantage.
Internships and entry-level jobs are ideal starting points, but if your current commitments mean this isn’t an option, you could look for volunteer positions. Similarly, you could offer to help your employer or academic institution’s IT department in your spare time.
Cyber security isn’t something you can pick up quickly. There are a lot of complex topics that you need to at least be aware of. Rod Rasmussen, vice president of cyber security at Infoblox, told Forbes: “If you aren’t in the IT space at all, start with learning IT fundamentals. We’ve seen this as necessary for even folks like FBI or other law enforcement officers who have the investigatory or ‘finding bad guys’ part down really well. That will serve you well in cyber, but regardless of your background, you need those building block fundamentals in IT in order to create an effective new career in cybersecurity.”
You might find university or night school helpful, but academic qualifications aren’t necessary for most employers. Books and e-learning courses might be better options, as they allow you to study specific topics at your own pace.
Meeting people and making connections is sometimes essential for getting your foot in the door. Networking websites such as LinkedIn can also be helpful, but face-to-face meetings are much more effective. Forbes recommends that people “get involved in meetups, attend conferences [and] ask for tips over coffee with current security professionals of local tech companies”.
You need qualifications in your chosen field to advance your career. The qualifications you need will depend on your career path. For example, if you want to be an information security manager, a relevant ISO 27001 qualification is a must. If you’ll be helping an organisation comply with the Payment Card Industry Data Security Standard (PCI DSS), you’ll need to develop PCI DSS implementation skills.
As you develop your career and accumulate experience, you can consider gaining more senior qualifications, such as CISA®, CISM®, CISMP and CISSP®.
Of these, the CISM (Certified Information Security Manager) qualification is the most versatile. It’s the globally accepted standard of achievement among information security, information systems audit and IT governance professionals. Information security is generally the most sought-after field, and this often begins with ISO 27001.
ISO 27001 is the international standard that describes best practice for an information security management system (ISMS). We have many resources to help you learn about ISO 27001, but for a thorough introduction, you should attend our ISO 27001 Certified ISMS Foundation Training Course.
This one-day course is delivered by an experienced information security practitioner, and combines formal training, practical exercises and relevant case studies. At the end of the course, attendees sit an exam, and if they pass, they are awarded a qualification by the International Board for IT Governance Qualifications.