#ask me more cybersecurity/compsci questions lol I am a nerd and I enjoy answering them haha | Explore Tumblr Posts and Blogs

cyberstudious · 11 months

Note

hiii, i am also interested in cybersecurity but don't know how to gain skills to start it as a career after graduation next year

Hi! First of all, good luck with your last year before graduation! it can be kinda hectic and kinda scary, but there are lots of good things in store!

The cool thing about cybersecurity (and computer science in general tbh) is that there are lots of opportunities to learn things on your own!

(Brief side note: my recommendations are U.S.-centric, just because that's where I am and where my experience is. The industry may be a bit different if you're in a different country, but lots of things should be the same.)

This got very long, so I'm putting it under a read more. The tl;dr is:

play CTFs

get an entry-level certification (or even just study for one!) - the CompTIA Security+ is a great choice

join or start a cybersecurity club on campus (or join a professional organization like Women in Cybersecurity)

stay up to date with cybersecurity news

learn some skills on your own time: networking, programming, general IT skills, etc.

If anyone wants more information about any of these suggestions, let me know & I'd love to make a separate post about them!

CTFs Capture the Flag games are how I initially got into cybersecurity and they're a fantastic way to practice new skills in a fun, real-world kind of environment. If you've never done one, you absolutely should! Here are a few of my faves:

Cyber FastTrack is my top recommendation. It's only available to current college students in the U.S. (and requires U.S. citizenship), but the challenges are fantastic & they have awesome learning materials. It generally runs October-April each year. I did well in this CTF and got a scholarship for the SANS.edu Undergraduate Certificate in Applied Cybersecurity - that's 4 certifications & nearly $19k of free training. It's ridiculous and I love it. Highly recommend.

CyberStart is the same set of challenges, but you have to pay to access all of it. It also has programs similar to Cyber FastTrack for high school students, high school girls, and UK and Canadian students - check their about page.

picoCTF - I haven't done this one before but it's constantly recommended as a good beginner CTF. It looks like you can practice online at any time, but they also do a yearly high school competition.

OverTheWire Bandit - This site has several different wargames (similar to CTFs) that teach you different topics, but Bandit is the one to start with. It teaches you lots of Linux things & will give you the skills to play the others.

Certifications Certifications are a recommendation or a requirement for many (if not the majority) of cybersecurity jobs. They're not a replacement for experience, but getting one as a student demonstrates that you have the passion and work ethic to pursue cybersecurity on your own. Studying for an entry-level certification is also a fantastic way to get a general understanding of the field and pick up some essential knowledge.

The main one I see recommended is the CompTIA Security+. I studied for this certification very slowly for a long period of time, because I was using it to learn cybersecurity in general. It covers a lot of material but it also goes very in-depth in places. I got this cert because I knew it could get my foot in the door in lots of places, and just telling people that I was studying for it was a way to impress potential employers!

Professor Messer has a ton of fantastic, 100% free training material for the CompTIA certifications. In addition, you can use all the free resources that you have as a student to study for this. I used LinkedIn Learning courses, check if your college or local library give you free access to this.

In addition, there are technically 2 CompTIA certifications you should have before you get the Security+: the A+ and the Network+. The A+ is just general IT knowledge, and you can probably skip it if you're decent with computers. Having a solid understanding of networking is super important, so it's worth going through the material for the Network+ even if you're not going to pay to take the exam.

(Also, taking the Security+ exam while you're a student lets you get the academic discount! I think that saved me $100-$150.)

Clubs and Professional Organizations Join a cybersecurity club at your school if there is one. It's a great way to meet other students interested in the same things and get advice. They may also have tech talks, run CTF events, or have local professionals come and speak. If there's no cybersecurity club at your campus, consider starting one!

You can also join a professional organization. The only one that I know of is Women in Cybersecurity (WiCyS), and they do lots of great stuff. Student membership is $20/year, and then you get access to their webinars, a mentorship program, their member community, and student scholarships to the WiCyS conference. I was lucky enough to get a scholarship to the conference this past March and it was a really fantastic experience. I was also the president of my campus's student WiCyS chapter! If you're looking to start a cybersecurity club, WiCyS has good support and resources for their student chapters.

Stay Informed About Cybersecurity News Cybersecurity is always evolving, so it's important to have current knowledge of what's happening in the industry. This gives you real-world examples that you can keep in your mind while you're learning new concepts, and it's also a way to impress employers during interviews. These are a few of my favorite sources:

SANS Internet Storm Center StormCast Podcast - 5 minutes of security news every weekday morning

Blogs:

Krebs on Security

Schneier on Security

Malwarebytes Labs

Learn Skills on Your Own Cybersecurity involves working with lots of different technologies. Having solid foundations in these areas will help you a lot:

computer networking (OSI model, ports & protocols, how the internet works, firewalls, etc.)

Linux commands & Windows PowerShell

programming/scripting

cryptography basics

"everyday" security: if you're the IT person for your friends & family, know how to answer questions like:

"How do I set a good password?"

"Should I use a password manager?" (yes.)

"Where should I use MFA?" (everywhere.)

"How do I keep my home network secure?"

"How can I avoid getting scammed?"

This DIY Feminist Cybersecurity Guide is one of my favorites for general security hygiene information.

This got really long (over 1k words! wow!), but I hope it was helpful! Please feel free to send me any more questions you might have, whether specific or broad! I think cybersecurity is a great place to be and I love sharing resources and talking about it!

#I hope this was helpful!!! I also had a fun time writing this lol #ask me more cybersecurity/compsci questions lol I am a nerd and I enjoy answering them haha #asks #cybersecurity

54 notes · View notes