Cyberattacks are happening all the time and there’s a shortage of people with cybersecurity skills. Now, more than ever, we need skilled workers starting cybersecurity careers.
According to the ISC Cybersecurity Workforce Study, the number of professionals in cyber security jobs would need to increase by 65% to meet the growing demands of today’s businesses.
If you’re at all interested in working in this field, this is a great time to learn how to get started in cybersecurity.
So, how long does it take to learn cyber security skills? Is cybersecurity a good career? What do you learn in cyber security training? Is cyber security hard to learn? When you’re considering new job paths, these questions are important ones.
In this post, we’ll cover what cybersecurity entails, why there is such a massive demand for these skills, how to get into cybersecurity, what cybersecurity career options are available, and more.
Disclosure: I’m a proud affiliate for some of the resources mentioned in this article. If you buy a product through my links on this page, I may get a small commission for referring you. Thanks!
What Is Cybersecurity?
Honestly, cybersecurity is exactly what it sounds like. As Chris Coleman, president of Woz U, sums it up, cybersecurity is “the practice of protecting electronic data, networks, computer systems, and other confidential information.
”Specifically, this content needs to be protected from cyberattackers. The goal of cyberattacks is typically to sabotage business processes, extort money from users, or access, steal, or destroy sensitive information.
Why Is Cybersecurity Important?
Cybersecurity matters for everyone, from governments and large companies to small business owners, employees, and even individuals at home. But why is cybersecurity important for so many?
“We live in a world of unprecedented connectedness,” says Josh Feinblum, former CSO at DigitalOcean. “Every year we see more everyday devices connected to the Internet. At the same time, nearly every part of our lives are tracked electronically. This includes all of our health records, financial information, power consumption, what we wear, when we get home, where we travel and when etc. With the right data, machines can build profiles that understand us better than we understand ourselves.”
This underlines the importance of individual knowledge and action when it comes to your information security. “Your data is spread more places than ever, and it’s up to you to protect it,” says Robb Reck, CISO at Ping Identity. “You need to take accountability for knowing where you share your data, understanding the implications of that sharing, and taking every step you can to manage the risks for yourself.”
For companies, cyberattacks are increasingly common and costly. That’s why organizations are increasingly willing to spend the money to prevent them.
The cyber security market is expected to reach $366.10 billion by 2028, a compound annual growth rate (CAGR) of 12.0% during the forecast period. Earlier this year, the Biden administration also unveiled its fiscal 2023 budget, allocating $11 billion toward civilian cybersecurity spending, which is an 11% increase from the year before.
All of this means that there is projected to be 3.5 million cybersecurity job openings in 2025.
📈 Cyber crimes have also spiked as a result of COVID-19. In fact, the FBI reported in 2020 that the number of cyberattack complaints they’ve received has reached as high as 4,000 per day, which is a 400% increase from pre-COVID.
“There’s an exploding number of unmanaged and unprotected IoT [Internet of Things] devices in use within companies, so the attack landscape is growing exponentially,” says Nadir Izrael, co-founder & CTO at Armis. “Cybercriminals and nation states are targeting IoT due to the lack of security built into these devices. I’ve seen vending machines doing data exfiltration. We saw IoT attacks up 300% in the first part of 2018.”
Because cyberattacks have the potential to cripple businesses, companies are recognizing the need to make cybersecurity jobs training and hiring a priority. “In the past several years, security has transformed from a technical discipline within IT to a business risk management function,” explains Reck. (And it’s warranted, as nearly five million data records are lost or stolen worldwide every single day.)
On a larger scale still, even politics, diplomacy, and social cohesion is at stake. “We see nations stealing untold amounts of secrets and intellectual property from each other, influencing each other’s elections, and even our broader social discourse,” Feinblum continues. “Machines can be used at scale to affect nearly every part of our society, all the way down to an individual level. This increases the need to combat security risks.”
However, it’s tough to implement these measures as technology (and hackers’ means) are always changing. New ways to pose digital threats and circumvent IT security are constantly emerging.
So, the translation of all of this?
Cyber security engineers, analysts, and other tech security professionals are more in-demand than ever before.
Information Security vs Cybersecurity
Many people think of information security and cybersecurity careers as being synonymous, but they’re actually a little bit different.
Even though they’re closely related, information security (also known as “InfoSec”) is about keeping data secure and confidential — whether that data is in a digital or physical form. For example, protecting sensitive information in a physical filing cabinet may fall under the information security umbrella.
Cybersecurity, on the other hand, is solely about protecting data that is stored digitally (e.g., network, computer, server, the cloud).
Another key difference is that information security typically involves preventing unauthorized access, modification, or destruction, while cybersecurity most often involves preventing cybercrimes, cyber threats and digital fraud.
Overall, you can think of cybersecurity as a subset of information security. (Of course, in the digital age, it’s absolutely the biggest subset!)
Network Security vs Cybersecurity
Just like cybersecurity is a subset of information security, network security is a subset of cybersecurity. Like the name suggests, network security specifically involves securing computer networks and ensuring any data that gets sent through them is not compromised.
Solutions that fall under network security include firewalls, anti-virus software, password protocols, multi-factor authentication, and virtual private networks (VPNs). It’s particularly important for companies to invest in good network security.
Start coding now
Stop waiting and start learning! Get my 10 tips on teaching yourself how to code.
Is Cyber Security A Good Career for Me?
To figure out if cybersecurity is right for you, try taking a free cybersecurity course to dip your toes in or watching “day in the life of a cybersecurity engineer” videos on YouTube to get a feel for what the day-to-day looks like in cybersecurity roles.
❤️ Think about what you enjoy doing and what you have a passion for. For example, if you enjoy solving problems and figuring out what could happen before it happens, a cybersecurity career could be a great fit for you.
💻 Additionally, evaluate the skills you already have and the skills you need to learn to break into cybersecurity careers. Are you willing to commit to learning these skills? Not only that, but because the cybersecurity field is constantly changing, are you willing to continue learning throughout your entire career? If you are, jobs in cybersecurity could be a great match.
📍 Another factor to consider is employer demand in your area. Try looking up cybersecurity roles on job sites and filter by your location to see how many cybersecurity jobs are currently available. Some people may be open to relocating for a new career, but others may not.
How to Get Into Cybersecurity With No Experience
So, are you mulling over a career change, or just want new cybersecurity skills in your arsenal to help maintain your own data and computer security?
Let’s go through the process of what transitioning to cybersecurity might look like, from the idea and planning phases to the skills you need to learn and resources that will teach you how to learn cyber security from scratch.
❓ Questions to Consider Before Starting a Career in Cybersecurity
Leonard Simon, one of Springboard’s cybersecurity program mentors, recommends asking and researching the following questions to gauge how to proceed with learning cybersecurity:
- Do I have any previous experience or certifications related to the IT or cybersecurity field?
- Is there a certain information security technology I should learn first?
- What skills would I need for a career in computer security?
- How will I get experience in this field?
- Is there a lot of traveling involved in IT security roles?
- Are there entry-level/internship roles in cybersecurity available?
- How are the cybersecurity career advancement opportunities?
- What does the future of cybersecurity look like?
I’ll answer a few of these below, like learning cybersecurity skills and technologies — but others will be dependent on your goals and the demand from employers where you live.
🎓 Is a College Degree Necessary for a Cybersecurity Career?
The short answer: not necessarily.
“Our industry was pioneered by people without college degrees,” says Josh Feinblum. “Work hard to get involved in the community, contribute to open source projects, try to speak at conferences about cool research — these are all things the original pioneers did and can provide opportunities for smart, hard-working individuals to enter the industry.”
Kristen Kozinski, who is now an Information Security Trainer at the New York Times, has seen (and personally experienced) the same trend.
“Most of the people I’ve met in the field are self-taught,” she says. “I have a very non-traditional path myself. A few years ago, I was working at MailChimp and our Information Security team opened up an apprenticeship position to work with the security engineers. It felt like the perfect opportunity. I did a little studying on The Open Web Application Security Project and got the job. I went on to work with that team as a Junior Security Engineer.” Now, Kozinski also runs her own security awareness business, Don’t Click on That.
However, if you do have a computer science or related degree, it will likely expand your cybersecurity career options.
As Feinblum notes, “College degrees are frequently a checkbox expected by many large companies, so not having a degree may limit some opportunities.” It’s not a deal-breaker, just another factor to consider!
🛣️ Pick a Cybersecurity Career Path
One of the most exciting things about cybersecurity is that there are a ton of paths you can choose under the cybersecurity career umbrella. And, as I talked about above, you don’t need a tech background to pursue them.
The first step to choosing a cybersecurity career path is to identify your strengths based on your unique background.
“I recommend that your first step is to take an honest evaluation of your own skills and interests,” says Robb Reck. “Are you a people person? An application developer? A policy wonk? A networking guru?”
Listing out your preferences and skills will help you pinpoint the type of IT security position that’s the best fit for you. “Some popular areas are penetration testing, security engineering, and incident response,” says Kristen Kozinski.
Once you’ve started to narrow it down, begin deeper research on the fields of interest you’ve selected within cyber security and learn the lingo.
“Look for books that dive into that area,” recommends Kozinski. “No Starch Press has a lot of great security books. I also recommend looking at the Awesome Infosec Github page, which is a crowd-sourced collection of educational resources.”
Also, if you really want to know how to get into cyber security, it will help to get in touch with others in the industry. Reach out for advice and build connections.
“Get on Twitter,” Kozinski recommends. “The cybersecurity community there is very open and a lot of people give great advice on how to find work and where to find learning resources in your area of interest.”
In-person groups are invaluable too. “Get connected with groups like Information Systems Security Association (ISSA), Open Web Application Security Project (OWASP), Cloud Security Alliance (CSA) or ISACA, all of which likely have regional chapters somewhere near you,” advises Robb Reck. “Start volunteering with these groups, get plugged in with Open Source projects on the internet. You don’t need a job to get experience in security. The connections you make in those groups will likely be the vehicle to finding your next career.”
Since cybersecurity is such a wide field, there are many different paths when it comes to how to get into cybersecurity for beginners.
And while obviously cybersecurity salaries will vary based on the specific role, as well as your qualifications, negotiation chops, and time in the field—you won’t be eating instant ramen for every meal. The average salary for a cybersecurity professional is over $94,000 per year. A cybersecurity starting salary may be more in the $60-70k range.
Keep in mind that exact cybersecurity job titles can vary from company to company, but in general, here are some common roles:
- Cybersecurity generalist: a jack of all trades for smaller companies. Could be a good fit if you like working a variety of projects and are adaptable.
- Network security engineer: a cybersecurity role found at large companies. These people are involved in managing the security of their company’s network hardware and software, from firewalls to routers to VPNs. A great role for people who enjoy problem-solving and getting their hands dirty with a lot of different technologies.
- Cloud security engineer: as the title indicates, this role involves providing security for cloud-based platforms. A good role if you want a future-proof career and want to work on the cutting-edge of new technologies.
- Application security specialist: specializing in protecting applications from threats using a mix of hardware and software skills. Could be a good fit for you if you want to work with the latest and greatest application security/devsecops technologies.
- Identity and Access Management (IAM) engineer: a sub-field of cybersecurity focusing on digital identities and access rights within an organization to ensure correct levels of system access for all employees and prevent unauthorized use. A good job for people who enjoy developing new solutions and processes.
- Security architect: designs, builds, and manages the implementation of network and computer security for a company. Great for people who want to be in a manager-level role with a lot of impact.
- Penetration tester: get paid to legally hack into software, systems, etc., in order to identify security vulnerabilities. A good fit for people who are natural problem-solvers and have a strong attention to detail.
- Malware/forensics analyst: job title could be “cyber forensic malware engineer” or “analyst.” They dig into malware to figure out what it does, where it came from, and so on. Another role that’s great if you love solving puzzles and getting to the root of issues.
- Incident response analyst: first responders to any type of security breach or issue, rapidly addressing threats to find the cause and limit the damage. Great for people who thrive under pressure and love exciting roles.
- Cryptographer: builds ways of encrypting sensitive information to ensure individual and corporate privacy. Could be a good fit for those with strong problem-solving skills.
- Security trainer: trains employees in security best practices. A great role for people who love helping and teaching others.
- Security auditor: reports on a security system’s effectiveness and suggests ways to improve it; different than penetration tester because a security auditor is more high-level and uses established standards to evaluate a system. A good fit for people who are creative and have a strong attention to detail.
- Governance, Risk and Compliance professional: a more senior role with oversight of regulatory and legal compliance and overall business practices. Best for people who want to be in a higher level role with a lot of responsibility and direct impact on a company.
- Cybersecurity engineer: designs, develops, and implements network solutions to defend against cyberattacks, hackers and other threats. If you are creative, love coming up with new ideas to fix problems and love solving problems, this could be a good match for you.
And there are more! Variations could also include IT security specialist, cyber security analyst, cyber security specialist, etc.
Plus, even those currently in careers that aren’t security-focused on the surface can still benefit from cybersecurity training for beginners. At the very least, basic knowledge of security can help you protect your own data.
Looking for entry-level cybersecurity jobs to figure out how to start a career in cybersecurity as a beginner? Some common titles to search for include help desk technician, network administrator, and junior information security analyst.
Many of these aren’t purely cybersecurity-focused, but include some elements of it. Often, that’s all you need for a good foot in the door. There may also be internship opportunities in cybersecurity you can use to get your start.
🖥️ Cybersecurity Prerequisites
As with any tech field, it’s useful to start by gaining programming fundamentals.
“Being able to understand a programming language will give you a good start in cybersecurity,” says Kristen Kozinski. “You don’t need to be an expert, but being able to read and understand a language is a good skill to have.” This is not a must-have cyber security prerequisite, but it’s definitely nice to have.
🔒 Key Cybersecurity Technologies and Skills to Learn
Successful cybersecurity engineers are also able to think like a cybercriminal, says Chris Coleman. “It’s only with a firm understanding of the vulnerabilities of systems that someone can predict and prevent cyberattacks.”
Other specific technical skills you need will vary based on the area you choose to focus on. However, here are some general cybersecurity skills that Coleman recommends:
- Security and networking foundations: Learn tools and strategies for protecting networking infrastructure from unauthorized access, misuse, or hacking.
- Logging and monitoring procedures: Diagnostic strategies/tools used for alerting users to issues and helping to find the cause of an application problem.
- Network defense tactics: Strategies and tools for keeping a network safe.
- Cryptography and access management practices: Techniques like encryption, that turns plain text into gibberish that can’t be read unless someone has the key to decrypt it. Plus, making sure that only the right people have the right access levels to certain programs/applications.
- Web application security techniques: Diverse security measures for keeping web applications safe from attacks.
So what’s the best way to learn cybersecurity? No matter what you specialize in—be it network security, information security, IT security, etc—the key to most security work is understanding systems.
“When encountering new technology or processes, learn to take a systems view first,” advises Andy Ellis. “Ask questions like, ‘What is happening in this system that I can’t directly see? What goals does the system owner or designer have? What sort of unavoidable loss could be there? How could it happen?’”
For instance, if you’re thinking about vulnerabilities in a payroll system, you’d start by considering questions like:
- How does an employee get paid?
- Where is their data?
- How can that fail?
“Asking yourself these questions, and learning the answers, is a great way to get started on a journey to helping secure the future,” Ellis continues.
Soft skills, meanwhile, include a willingness to learn — as the information security field is constantly changing — as well as the ability to work well on a team.
💻 Practice cybersecurity skills/projects
Setting up a home or online lab can be really helpful for learning cybersecurity. A cybersecurity home lab is an environment where you can practice your skills without doing any real harm to your computer/system.
This cybersecurity course on Pluralsight, Building a Cybersecurity Home Lab Environment, can help you get started. It essentially helps you create a “hacking lab environment” for all your security research, hacking tools, and training. With these labs, you can launch attacks, verify vulnerabilities, and conduct research projects without jeopardizing your production environment.
This is a great first step before taking a cybersecurity course, which we go over later in this article.
Working in Cybersecurity
Now, let’s turn to cybersecurity careers themselves — starting with why it’s a field that welcomes those from all backgrounds, including non-technical ones.
Then, we’ll cover the future of cybersecurity’s job outlook and how you can explore cybersecurity jobs by starting with side gigs.
The Value of Transitioning From a Non-Technical Background
“It’s a mistake to think of security as a single career path,” says Reck. “There are dozens of distinct career paths within security, offering opportunities for anyone with a passion for protecting our cyber infrastructure. The need for security professionals is skyrocketing and shows no signs of stopping, so the future is bright for those seeking careers in this field.”
If you think you need a CS degree and ten years of experience in tech to consider the field, think again.
“Doing security well, at scale, requires a mix of law, psychology, sociology, technology, and organizational sciences,” adds Feinblum. “Cybersecurity offers a wide variety of opportunities for technical and non-technical people.”
“Most people tend to focus on technical operators and incidence response engineers as the base career paths, but cybersecurity also needs program managers, software developers, professional communicators, data scientists, systems analysts, and more,” adds Andy Ellis, CSO at Akamai. “And that doesn’t cover all of the go-to-market careers in a security company, like product management, marketing, public relations, and sales.”
In this way, a non-technical background can actually be an advantage, setting you apart and giving you unique perspectives and abilities.
“My security team includes people who have been librarians, journalists, lawyers, and control systems engineers,” says Ellis. “We hire them because we need those skill sets in the security career fields.”
For example, says Feinblum, “Security practitioners can cover policy and law, while others can build large-scale distributed systems, find security flaws, or focus on finding evil that’s lurking where it doesn’t belong.”
Cybersecurity Job Outlook
Given the massive (and increasing) need for digital protection, it’s no surprise that the potential of cybersecurity careers is more favorable than ever.
“The job outlook for cybersecurity professionals is extremely promising, probably more so than any other industry right now,” says Michelle Moore, PhD, Academic Director at the University of San Diego.
This is especially true given the recent shift to remote work, which has opened up companies to additional security vulnerabilities.
Data from the BLS confirms that the job outlook for 2021-31 is much faster than average. While the average growth rate for all occupations is 5%, it’s 35% for information security analysts: seven times the average.
Meanwhile, (ISC)²’s 2021 Cybersecurity Workforce Study found that the number of unfilled cybersecurity positions stands at over 2.72 million.
Unfortunately, the implications of this shortage could be drastic.
“As much as we’d like to believe the future will be a safer and brighter one than the one we’re in today, that doesn’t match with recent history,” says Andy Ellis. “The development of new technologies — which bring with them amazing opportunities across the board — almost always include new opportunities for dangerous losses. Protecting against those losses is always going to be a necessary function for enterprises large and small.”
If you’re craving a career where you can truly see the impact of your work, learning how to become a cybersecurity engineer could be perfect for you.
Start coding now
Stop waiting and start learning! Get my 10 tips on teaching yourself how to code.
Cybersecurity as a Side Gig
Aside from full-time roles, there are also ways you can flex cybersecurity skills in part-time or non-traditional roles. (There are lots of benefits to side gigs!)
Casey Ellis says that “to stay ahead of adversaries, companies will need to depend more and more on crowdsourced security programs, such as bug bounty, vulnerability disclosure and next-gen penetration testing, to identify vulnerabilities before the bad guys do. In our latest survey, we found that 30% of CISOs that don’t already run these programs plan on implementing crowdsourced security in the next year.”
Bug bounties involve testing a company’s application or software from the outside. Typically, you’ll do this on your own time. If you find any security vulnerabilities, you can report them to the company for their teams to fix before someone malicious finds the same gap.
You’ll quite often be rewarded for this. Here’s a comprehensive list of companies that offer bug bounty programs.
It also provides a fun and productive way to use and hone your skills on the side.
“Bug bounty programs are a method to funnel your creative energy and develop new skills,” says Ellis. “You have the opportunity to hack some of the biggest brands in the world and earn money for it. While there are full-time hunters, many participants do this as a way to continue their ongoing security education and test themselves. There is a vast and growing community out there that is more than happy to offer guidance as well as a growing number of resources to help you along the way.”
Aside from that, if you’re interested in cybersecurity but not ready for a career change, rest assured that educating yourself won’t be a waste. Chris Coleman believes employees outside the tech department need to be educated, too.
“Cyber threats continue to evolve, and expertise in this category will not be isolated to a single department,” he says. “Software engineers, product designers and C-suite executives will all need to be knowledgeable about cybersecurity for organizations to operate effectively. It will be important for employees company-wide to have a baseline knowledge of cybersecurity and fully understand the practices and procedures in place by the company.”
With all that in mind, what are you waiting for!?
How to Learn Cybersecurity From Scratch (Courses, Books, and Online Training)
If you’re thinking of going back to college instead of learning online, be aware that formal cybersecurity training is in short supply.
“There aren’t enough paths carved out for students learning cybersecurity,” says Nadir Izrael. “While we discuss computer science educational tracks, we have an equal need for security professionals, but not enough formal training in higher education.”
Because of the current cybersecurity shortages, self-teaching, along with practicing and networking, is often enough to land you in a job.
“The skill gap is so high currently that employers are less concerned with the traditional education path and are looking for demonstrable competencies,” says Coleman.
But what’s the best way to learn cyber security on your own?
Of course, the resources that will be most valuable to you depend on exactly which cybersecurity career path you want to pursue and how time-intensive you want to get.
That said, if you’re learning cybersecurity from scratch, here are some places to look for cybersecurity training online. With each platform, we’ll also highlight some cybersecurity courses that can get you started in cybersecurity for beginner, intermediate, and advanced levels.
Please note that pricing listed below may change in the future!
Cybersecurity Courses on Coursera
Coursera offers cybersecurity courses and specializations for beginners to advanced individuals who are already in the field. You can access Coursera’s courses for between $39/month and $49/month, depending on the course.
Courses on this platform are offered by top universities and industry leaders, and Coursera has tons of courses related to cybersecurity and networks. See the topic page here.
Here are a few security-specific courses we suggest on Coursera:
- Introduction to Cyber Security Specialization: Cybersecurity training for beginners that uses hands-on learning to present students with authentic real-world security scenarios and the tools and countermeasures to use against threats. Taught by NYU Tandon School of Engineering professors.
- IT Fundamentals for Cybersecurity Specialization: This course covers all the important fundamentals, including cybersecurity tools and processes, system administration, database vulnerabilities, types of cyberattacks, and the basics of networking, as well as more specialized information like cryptography and digital forensics. Offered by IBM.
- Cybersecurity Specialization: Intermediate-level course that covers both hardware and software concepts, and will teach you to really think like a security professional. 43% of students report starting a new career after completing this specialization. Offered by the University of Maryland.
You can read our full Coursera review here.
Cybersecurity Courses on Udemy
If you’re getting started in cybersecurity, here are a few security-specific courses we suggest on Udemy:
- The Complete Cyber Security Course: Hackers Exposed!: This course focuses on preventing hacking by shoring up tech defenses. It’s taught by Nathan House, who has over 24 years of experience in cyber security. You’ll gain an advanced practical skillset in defeating all online threats. This is volume 1 of 4 of the complete course.
- The Absolute Beginners Guide to Cyber Security 2022 – Part 1: Great beginner cybersecurity course for people with no experience. It covers key concepts such as hacking, malware, firewalls, worms, phishing, encryption, biometrics, BYOD, and more.
- The Ultimate Dark Web, Anonymity, Privacy & Security Course: This course will start you as a beginner and take you to an advanced level in personal internet security. It covers topics like anonymous web browsing and emails, cryptocurrency, VPNs, and more.
You can read our full Udemy review here.
Learn Cybersecurity on EdX
Most courses on edX are free, but you can add a Verified Certificate by paying between $50 USD and $300 USD. See cybersecurity topic page. Other courses on edX are Professional Certificate or MicroMasters courses that are more involved and come at a higher price.
Here are a few courses we suggest on edX for how to learn cybersecurity:
- Cyber Security Basics: A Hands-on Approach: In this cybersecurity course for beginners, you’ll learn how to think like a hacker, which will equip you to get into their heads and prevent potential threats to your online security. Topics covered include malware, computer forensics, XSS, SQLi, and more.
- Essentials of Cybersecurity: This is a Professional Certificate course, meaning that it takes a little longer (4 months) and costs a little more ($796), but the pay off will likely be higher. You will learn about the cybersecurity landscape, numerous sectors and various roles, competencies and career pathways, etc.
- Cybersecurity Fundamentals: This course from the Rochester Institute of Technology is part of the RITx Cybersecurity MicroMasters Program, but can also be audited on its own for free. Learn network fundamentals, basic cryptography, computing security, how to analyze potential threats, and more. This is a free cyber security course if you choose the audit option.
You can read our full edX review here.
Learn Cybersecurity on Udacity
Udacity offers both free and paid options to learn cybersecurity. With free cybersecurity courses to help you learn the fundamentals and then an extensive Nanodegree program to take your learning to the next level, Udacity has something for everyone, no matter what level you’re at.
Here are a few security-specific courses we suggest on Udacity:
- Introduction to Cybersecurity Nanodegree: In this program, you will learn how to evaluate, maintain, and monitor the security of computer systems. You’ll also learn how to assess threats, respond to incidents, and implement security controls to reduce risk and meet security compliance goals. The program is self-paced and can be completed in around 4 months if you study for 10 hours per week.
- Intro to Information Security: This free cybersecurity course provides a one-semester overview of information security. If you already have computer and programming knowledge, this is perfect for you. You’ll get a broad overview of essential concepts and methods for providing and evaluating security in information processing systems.
- Network Security: This free cybersecurity course provides an introduction to computer and network security. After completing this class, you will be able to evaluate works in academic and commercial security and will have rudimentary skills in security research.
You can read our full Udacity review here.
Learn Cybersecurity on Skillshare
Whether you’re a beginner or a more advanced techie looking to learn cybersecurity skills, Skillshare has some great classes.
You can access Skillshare’s course library for $13.75/month or $165/year, and you can also take advantage of a one-month free trial of Skillshare Premium.
Here’s a cybersecurity course we recommend on Skillshare:
- The Absolute Beginner’s Guide to Cyber Security: This course is a perfect introduction for individuals and students who are interested in becoming cybersecurity or information security professionals. It is also ideal for students who just want to have a well-rounded knowledge about the basic concepts used in the world of information security.
You can read our full review of Skillshare here.
Cybersecurity Training on Pluralsight
Pluralsight has many specific courses related to information security and cybersecurity. You can check out the topic page here. They have courses and cybersecurity learning paths for beginners to advanced individuals who are already in the field.
You can access Pluralsight’s course library for $29/month and take advantage of all their course offerings.
Here are a few security-specific courses we suggest on Pluralsight:
- Introduction to Information Security: Beginner-level cybersecurity course that teaches about information security programs used by organizations. You will learn foundational principles of information security, like confidentiality, governance, risk management, and compliance. You’ll also explore organizational assets and how they are protected through the use of security controls and how auditing, monitoring, and testing is used to review and evaluate the effectiveness of those security controls.
- Ethical Hacking: Understanding Ethical Hacking: Cybersecurity training for beginners course with over 1,000 positive reviews. Here you’ll learn to start thinking and looking at your network through the eyes of malicious attackers as well as understand the motivation of an attacker.
- Malware Analysis Fundamentals: Beginner-level cyber security course with high ratings where you’ll learn the skills required to properly, quickly, and safely analyze malware by examining both its characteristics and behavior.
- Cybersecurity Threats: Ransomware: Intermediate level course. In this course, you’ll learn to identify ransomware infection points, recover files without paying a ransom, defend against and respond to attacks, and pitfalls if you do pay.
Aside from one-off cybersecurity courses, Pluralsight also offers paths, which combine multiple courses with a particular end-goal. For instance, they offer an SSCP® path (Systems Security Certified Practitioner) which is an entry-level (ISC)² certification that helps newcomers enter the information security space. Read our full review of Pluralsight here.
Best Cybersecurity Bootcamps
If you’re interested in a more accelerated path to learning cybersecurity (and you have a bigger budget and the time), a cybersecurity bootcamp could be a great option. Here are a few of the best ones:
- Cybersecurity Engineering Bootcamp via Flatiron School: Available in New York City, Denver and 100% remote, this 15-week cybersecurity bootcamp will help you launch a career in cybersecurity. You’ll learn cybersecurity tools like Python, Wireshark, Linux, Metasploit, and more.
- Fullstack Cyber Bootcamp via Fullstack Academy: Full- or part-time options available. Completely remote. 13 weeks of full-time study or 26 weeks of part-time study. This cybersecurity bootcamp will qualify you for two specific cybersecurity roles: L Security Operations Center (SOC) Analyst and Penetration Tester.
- Cyber Security Bootcamp via Springboard: Prepares you to take and pass CompTIA’s Security+ certification. 30 labs, 35 mini projects, and one capstone project. Studying 15-20 hours per week, you should complete this bootcamp in around six months
Cybersecurity Books for Beginners
I’ve written an entire article on the best cybersecurity books but here’s just a selection found on Amazon*:
- Cybersecurity For Dummies: Introduces you to the basics of becoming cyber-secure, including different cybersecurity threats to be aware of, basic cybersecurity concepts, and what to do to be cyber-secure. Buy it on Amazon.
- Cybersecurity for Beginners: Great for people who have a non-technical background. Also has a glossary that helps you translate cybersecurity technical terms into plain, non-technical English. Buy it on Amazon.
- Hacking: A Beginners’ Guide to Computer Hacking, Basic Security, Ethical Hacking and Penetration Testing: Teaches the history of hacking, types of hacking, different hacking methods, and how to defend against them. Free on Kindle. Get it on Amazon.
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software: A guide that helps you safely analyze, debug, and disassemble malicious software. Comes with hands-on labs throughout the book to help you practice your cybersecurity skills. Buy it on Amazon.
* As an Amazon Associate, I earn from qualifying purchases
Want to take advantage of free resources first? We get it! You can turn to our list of free places to learn tech skills, which has a dedicated section just for learning cybersecurity for free.
Start coding now
Stop waiting and start learning! Get my 10 tips on teaching yourself how to code.
Cybersecurity Career FAQs
Let’s finish up by taking a look at some of the questions we haven’t answered yet!
🛣️ What is the cybersecurity career roadmap?
Since cybersecurity requires IT knowledge and practical hands-on experience, the common career pathways often start at IT helpdesks or IT support-type roles.
Many people also start as software developers and transition to cybersecurity. Cybersecurity professionals may also enter the field as junior information security analysts or network administrators.
Cybersecurity can also be an entry-level role if you have the skills needed to get started right away, especially if you have any transferable skills from other jobs or industries.
To learn more, check out this interactive career pathway that shows key jobs within cybersecurity and the common pathways to get there.
🗓️ How long does it take to learn cyber security?
A similar question is how long does it take to learn coding? The answer in that article is similar for cybersecurity: it depends.
You can learn the basics of cybersecurity in as little as a few months, but in order to get certifications or a job in the field, it can take a few years of related experience and study, commonly 1-2 years. Being an expert in cybersecurity will take many years.
📖 What’s the best language to learn for cyber security?
Python is a good option for cyber security professionals to learn, especially since it’s the foundation for many popular cybersecurity tools. Python is also great for automation, which can be really beneficial for a cybersecurity job.
🤔 Is cyber security hard?
As with every career, cyber security may seem challenging at first, but as you learn and gain experience, it will get easier.
That said, the great thing about tech careers in general is that you’ll be constantly challenged to learn new things—which for many is a perk of the job!
Some aspects of cyber security may be tougher than others (e.g., cryptography), but as long as you have patience, passion, and a willingness to learn, you can do it.
Start Your Career in Cybersecurity Today
“There has never been a better time to get started in security,” concludes Robb Reck. “Finding that first job can be a challenge, but it is well worth the effort. Volunteer work, internships, and working on projects on your own can take the place of professional experience, and will make landing that first job so much easier.”
And for anyone who values rewarding work, it’s a great job to have.
In the words of Brian Witten, Vice President & Product Security Officer at United Technologies Corporation, “Waking up every morning, knowing that you’ll help make the world a better place, and then knowing, every time you go to sleep, that today you’ve helped protect millions, maybe billions of people…I wish that kind of happiness for everyone.”