10 Frequently Asked Questions About Getting Started in Cybersecurity
In today’s world, where technology has reached new heights, governments and businesses alike are spending more and more on defending themselves against cyber threats. For that, they need experienced and skilled cybersecurity professionals. But did you know that 57% of companies have a cybersecurity skills shortage? Over 140,000 positions are available in the United States for Cybersecurity professionals, and there is a deficit of over 500,000.
If you plan to start your cybersecurity career, now is the right time. You might have many questions regarding the field. So, to help you out, I will cover ten frequently asked questions and everything you need to know before starting your cybersecurity journey. These questions were asked by people in my email list, on my LinkedIn profile, and in my skool community. So, let’s go.
1: Am I too old to get started in cybersecurity?
No, of course not. You’re never too old or late to learn a new skill or career. If you believe you’re too old to do something new with your life, then it simply means you are scared.
In fact, there has been an increase in the number of older professionals aged 50 and older entering the field of cybersecurity later in their careers. In 2023, 16% of new starters were aged 50-59, compared to 8% in 2021.
2: Do I need to learn to code?
Coding is beneficial for entering cybersecurity but is not mandatory. If you can learn it after you have gone through the foundational knowledge, when you get in the door, you need to know how to code, at least Python, because that will help you a lot.
For some roles, yes, it’s mandatory. If you want to become a Malware Analyst, you need to learn about programming, assembly language, and how the operating system works. But generally, you don’t need to learn to code to get into cybersecurity.
3: Do I need a university degree or not?
People think they need formal education to succeed, but that’s not the truth. Although universities provide some benefits, like learning how to be in an academic setting and how to present yourself, if you are looking to get into cyber security, you don’t need a university degree.
To give you my personal example, I’m based in Australia. When I got here and was invited by the government to do a cybersecurity job, no one asked for my degree. I have a degree from another country that no one cares about. Not once has anyone asked me about my degree. There are so many people getting into this industry without any formal education.
It doesn’t matter what degree you have. At the end of the day, it’s not about where you learn but what you know and what your skills are. If you’re considering getting into cyber security and feel, oh, I need a degree, don’t do that to yourself. You need to spend the same time and money on gaining the skills that companies need. So, don’t stop yourself from getting into this field by thinking you need a degree.
Q 4: Are certifications mandatory, and what’s their role?
There are many ways to learn the skills and tools needed for cybersecurity. You can teach yourself, join a bootcamp, enroll in a university program, or pursue certifications. Certification is just one of those options, providing a structured way to learn. They are perfect if you are planning to learn a new skill or tool on your own.
Now, I have a contrarian view on certifications. They aren’t your golden ticket into the industry. While some people may find them helpful, I see certifications just as a roadmap, not the final destination. The goal is to gain the right skills, and certifications are simply a tool to help you get there. They offer a structured way to learn, but they’re not the only way.
Let’s say you want to get into cybersecurity and don’t know where to start. You’ll most likely look to industry experts for advice. Many experts will guide you towards certifications. For example, if you want to learn about the basics of IT and computers, we are going to refer you to CompTIA A+ because it covers the foundation.
When I suggest certifications, I focus more on the content than the certification itself. No one will hire you based on certification and say, “Oh, this person has all the computer certifications; let’s hire him.” That’s not the case. Employers care about what you can do, not just the titles you’ve earned. I don’t believe that you need to pay and get all the certifications to get into cybersecurity. So, it’s not mandatory, and their role, in my opinion, is just to give you the roadmap and guidance.
However, there are certain certifications that are in demand, such as CISSP in cybersecurity. And it is in demand because to get the certification, you need experience in the industry. So, when companies ask for CISSP certification, it’s because they need proof that you have industry experience.
Q 5: Is having an IT background a requirement to get into cybersecurity?
IT backgrounds can definitely help. I was an IT help technician myself and then a network engineer who managed to get into cybersecurity. However, many people think they can’t succeed in cybersecurity if they don’t have any IT experience. There’s no place for them. That’s not the truth. In our program, people with no IT background, people from sales backgrounds, and people from mechanical engineering backgrounds were successfully able to get into cybersecurity.
However, it’s not going to be easy, and they will need to work harder than someone with an IT background. Why is that? Because the latter will already know about the help desk, networking, the foundation, and everything else. Moreover, they have a higher chance of getting hired for cybersecurity roles.
But if you set your eyes on one target, one goal in your life, you can achieve it. Cybersecurity is an open field, so where you start doesn’t matter. However, an IT background can provide you with a head start.
Q6: I want to get into cyber, but I don’t have time. How much time do I need?
Everyone has 24 hours throughout the week. It’s possible to transition into cybersecurity with part-time effort as well. You don’t need to attend full-fledged nine-to-five bootcamps. All you need is two hours of focus study every day, and you can get into cybersecurity in less than six months. That’s it.
The perception that learning cybersecurity is too time consuming is not correct. If you, let’s say, have a nine to five job, you can wake up earlier in the morning and start learning about cybersecurity from 6:00 AM to 8:00 AM. Or you can come back, spend time with your family, then allocate two hours at night. So, it’s not about having the time. It’s about prioritising your studies and also sacrificing a little bit of fun time or the time you spend scrolling Instagram or watching Netflix.
Remember to have consistency in your study. You might need to cut back on your time with friends on weekends for that. Consistent effort is more important than total time. If you don’t know how to stay consistent, use the calendar to book your time for studying. Block your entire life just like me. I had my calendar fully booked in advance when studying. What I was going to do on that day, everything was planned. You can even progress at your own pace. There are so many self-paced online courses. One such program is our program “Cyber Mastery Accelerator”.
Q7: Are all cybersecurity jobs remote? If so, how can I get a remote job?
There was a time during Covid when all the companies were over-hiring. They were not able to train or get people into their offices, and everyone had to work remotely due to restrictions and nationwide lockdowns. Now, things have changed. Still, some people are looking for remote jobs in cybersecurity. They’re not even looking at other opportunities that are not remote. Most of these people are actually trying to get into this field and looking for entry-level remote jobs.
But I’m going to be real here. If you are just starting in the field, then you don’t have any idea about cybersecurity. So, you should be open to learning new things from people around you who work in the company. And you can’t do that by working remotely. Your colleagues aren’t going to see what you’re doing, can’t reach out to you, get on a call with you to teach you or share their feedback in case you make mistakes.
Remote roles are available, but those are good for people with experience. This doesn’t mean that remote jobs are not available for entry-level roles. We have students in our program who have received offers for fully remote roles. But they are more likely to struggle than other people who work on-site.
So, when you’re starting your journey, you shouldn’t look at only remote roles. Otherwise, you’ll miss out on great opportunities that may come your way and may lose opportunities to interview with great companies.
You must be open to any job that comes your way. Some roles require work on-site, while others are hybrid. For instance, I have years of experience in the industry. I still had to go to the office to work as a security consultant, but it was a hybrid scenario, like two days from the office and three days from home. Working on-site will help you socialise, meet new people, ask questions and learn from your colleagues. And there’s this famous saying, cybersecurity can be anywhere, but not every job is everywhere.
But if you’re looking for only remote roles, you can search them on LinkedIn and seek.com and change the settings to only remote positions. It will help you find which companies are hiring only remote employees. You can target such companies and connect with people working there. Whenever there is a job opening, you can reach out to them directly.
Q8: Is AI going to replace cybersecurity in the future?
People fear that AI will make cybersecurity professionals obsolete, so they need to stop getting into cybersecurity. If you also fear that AI will replace jobs, you’re mistaken. AI will enhance, not replace, cybersecurity, period. It’s not going to happen anytime soon while we are alive.
AI isn’t new in our field. It existed long before it came into the news with ChatGPT. Through XDR automation, Machine intelligence (MI) was already being applied to cybersecurity. It will continue to play a role in the future, but humans aren’t going anywhere because cybersecurity is not just about tools and technologies. It’s about humans, human psychology, and social engineering. Even though AI can automate repetitive tasks, it will still require human intelligence to solve complex problems. AI can act as a shield, but humans will be the warriors always.
Q 9: Should I invest in training bootcamps or mentorship programs?
Investing in the right training or mentorship can boost your career prospects, accelerate your career, and save you time and trouble. Mentorship and bootcamps can be powerful tools, but you have to choose them wisely. Read the reviews by previous participants and ask questions to figure out if they are right for you. You also need to check whether they will provide you with hands-on practical experience.
Although there are free training programs available on YouTube that you can check out, they get confusing. You might have to research and watch YouTube videos to gain insights and understand what’s happening, which is sometimes too much.
On the other hand, when you get mentorship from someone who has done it before and is doing the same thing for other people, you reach your goal faster because you’re not making the same mistakes. You are following a proven roadmap that others have already used to achieve the same goal faster.
Some people get anxious when they look at all the information out there. They want a structured way of learning things. They want someone to hold their hand, guide them, support them, and answer their questions. Bootcamps or mentorship programs are for such people. We even have a program at Cyberxcel Academy.
We have many other students who fast-tracked their cybersecurity careers with the right mentorship from me and the training we provide. You can check out our program here. We gave them the training, held their hands throughout the program, and helped them with the job-hunting phase. So, if you have the money to invest in yourself, you can also try our program and make the learning process faster for yourself.
Q 10: Can I even get into cybersecurity? Am I good enough? Do I have what it takes to get into this field?
Yes, anyone can enter cybersecurity with the right mindset and effort. I’m not going to sugarcoat it for you guys. It’s not going to be easy, but it’s going to be worth it. And if it were easy, everyone else would’ve done this. You must be willing to put in hard work, invest in yourself, and sacrifice a lot of time with family and friends.
But you can get into this. For that, you must have a simple roadmap- a step-by-step plan that you need to follow to get there. We have students who were able to get into cybersecurity from different backgrounds quite easily, but they had to sacrifice time. They had to sit down and study. And yeah, opportunities are there. Cybersecurity is a broad field, and there is a path for almost anyone, whether technical or not. The door to a bright career in cybersecurity is open, but you have to walk through it.
If you’re trying to get into cybersecurity, take up the courage. Be bold, be brave, and take risks in your life. You have to explore. You will become successful if you put in the hard work. If you believe cybersecurity is only for those with specific backgrounds or ‘smart’ people, remember—I did it. I was a broke musician, had no idea about the field, and English is my second language. If I could do it, why can’t you? There are possibilities for you. All you have to do is just take it and be willing to be brave. Fortune favours the bold.
I hope these FAQs answered all your questions. If you want more content like this or have more questions, ask them in the comment section. I will be happy to provide answers to all your queries.
