Tips From Self-Taught Security Pros
To any aspiring cyber and IT security students asking themselves if they can become experts on their own, look no further.
The answer is yes, absolutely! The proof is in the pudding, or in this case, in the sheer number of self-taught security pros in the technology industry. They’ve navigated the waters, explored new paths, and learned a few tricks along the way. We’ve narrowed their insights down to four key pieces of information to help you on your security journey.
Master the Basics
As with any self-taught skill, it’s key to keep in mind the importance of first learning, and then mastering, the basics. In the world of cyber security and technology, doing this will help you assimilate advanced skills more quickly and easily. With this foundational knowledge in place, you can continue building up your skills and come even closer to achieving your security goals!
Self-taught security professionals encourage aspiring experts to first have a strong understanding of all the IT basics. Those include (but are not limited to):
- Computer Science basics
- Fundamentals of modern operating systems (Windows, Linux, OSX, Android, iOS, …)
- Basic Programming skills (C++, Python, …)
- Basic Networking skills (Routing, Forwarding, TCP/IP)
Knowing what you need to learn is important, but how will you learn it? The amount of educational material available to aspiring students is growing each day, so we’ve created a list to include a few of the most highly recommended.
- Set some time aside to read educational books. The Pentester BluePrint authored by INE Instructor Phillip Wylie is a great place to start!
- Check out some security conferences. These events can be filled with days of informational content and insights from industry experts. A few of the most popular events are RSAC, DEF CON, Black Hat, and the Diana Initiative.
- Enroll in a practical training course. INE is the premiere provider of technical training and has more than 18,000 training videos covering Cyber Security, Networking and Programming skills, Computer Science basics, operating systems, and more, all paired with a hands-on approach to learning.
Narrow Your Focus
Mastering the IT basics is a great place to start, but there’s a bit more work to be done before pursuing a career in cyber and IT security. After learning the basics, you should turn your focus to become familiar with the important security topics discussed in the industry. Those include (but are not limited to):
- How System, Network, WiFi, and Web App Attacks work
- The Penetration Testing Lifecycle phases (Information Gathering, Scanning, Vulnerability Assessments, Exploitation, Reporting)
- How and why Security Audits must be performed
- How Buffer Overflows, XSS, and SQL Injection work
- The different tools needed to perform a penetration test
By becoming familiar with these topics, and engaging in discussions about them, you are giving yourself the opportunity to gain real-world insights from those in the industry while continuing to learn information that is critical to an IT and cyber security career.
Test Yourself, and Others
Think you have it all down to a science? A great way to reinforce your knowledge is to try teaching those skills to a fellow IT security student or colleague. Speaking of science, Albert Einstein once said “If you can’t explain it simply, you don’t understand it well enough.” He’s a guy worth listening to!
Once you have explained and taught a skill to someone else, you can be sure that you have mastered that skill. If you find yourself struggling to explain how and why a particular method or tool should be used and when, it might be time to refresh your knowledge. One way this can be done is through INE quizzes, designed to test your knowledge as you progress through your courses.
Proving Your Skills
Because security is a highly practical industry, employers often look for individuals who have dedicated time to their career through education and real-world experience. There are many ways you can beef up your resume to include what employers seek the most, but a few of the most common include:
- Taking part in various Bug Bounty programs
- Using your practical training to get certified
- Participating in hands-on cyber security challenges like CTFs
- Building strong relationships with industry experts
- Getting involved in panel discussions and webinars to showcase your knowledge
While there are many more ways to showcase your skills and passion for what you do, the examples above set a solid foundation for employers to consider.
Whether you’re a professional who would like to review the basics or a beginner aspiring to learn modern and professional skills, INE has the resources you need to achieve your training goals!