The fact that you're humble enough to admit 'I have no idea what I'm looking at' makes me think you're gonna make it my guy! The most times I've seen people fail, is when they relax on their laurels thinking that they know it all. This is an ever-changing field, just like most of IT is, hell most of life for that matter! As long as you keep the passion alive and the desire to learn, and KNOW that you don't know it all...you'll be just fine !
I appreciate the kind comment Justin! My intention wasn't to look for validation comments. But I do appreciate the encouraging words. I hope to continue the journey with an open mind and follow your advice here. Thanks for the share!
As a programmer sometimes I look at a problem and will think I have no clue where to start. But then I do a deep dive on the problem and break it down and eventually things start to make sense.
I started off learning Hacking and offensive security...and trust me I can relate. CTFs are the best way to get hands on experience to learn offensive security...Hackthebox and all those platforms...really good platforms to learn. DEDICATION AND PASSION IS KEY. I feel like giving up everyday... but videos like this are a major encouragement. Lets carry on the journey people. Thanks Grant!
How good are you now? I've done a couple classes in college for cyber security and what not and was wondering how far I can get with this? Have you learned when to use the right attack for the situation?
>DEDICATION AND PASSION IS KEY! I totally agree! I think I'll be set in this field because I get an itch if I don't get My IT fix. Also, I know I'll never know it all and I know I'll be wrong and make mistakes. Professionally speaking though, what's the likelihood that someone with half a dozen felonies on their rap sheet getting employed in this field? I'm dying to turn My life around! I don't want to go back to that life!
Same here and just slept last night thinking the same, but need to carry on to eventually reach somewhere and hopefully contributing something good to the industry on the way!!
CTF's are great for learning tools but have nothing to do with how pentesting is done. Many people suck at CTF's and are AMAZING at pentesting in the field. Most are too guessy when they get advanced. CTF's need to get more realistic
cybersecurity is easy... you buy expensive tools that never get implemented properly, provide cool looking presentations for executives and completely ignore things like accounts for people that have left the company still being enabled and all of the mundane stuff that actually matters quite a lot. The greatest threat should always be the one you just learned about at your last conference, and it should be of utmost importance to buy yet another tool to combat it.
A lot of videos on here would have you believe that getting into Cyber Security is easy peasy. Jump from 30k to 200k no worries lol. Just play around with some tools at home and you are good to go. Or worse, use brain dumps to cheat your way through the exam and come out as a paper cert and not having a clue.
Just got out of college and I got a job a few months ago as "Jr. Security Engineer" or so they said. On my first 5 months I've struggled trying to keep up with all the things they ask me to do, one day is Azure, the other day networking problems, vulnerability patching, and a bunch of things. On top of that, seniors seem to have no idea of what they're doing. I love cybersec but man it sure is tough! Thank god it is my passion and I love learning, that'll keep me on the road :) Good luck to you man!!
It was same for me but the easy way to understand it , koffeee studies all crap and pratice much when you do something you have to understand it 150% networking need to understand all all 7 lager up to down and how they work all topo, if you to chose web applic testing you have to understand everything and what going on and how wich code they have use ,websever how it work ,where to find vulnerabil which attack you will use, language just learn python in case something jump in with python otherwise, pratice pratice if you understand they do not want to give you job , just send them your ip adress to them i mean leave a little bit your trace for them. do not jump jump there and there all youtube tutorial won't help and you don't need all these tools in youtube but you need to understand , want to hack pysical hardware and then sitting with web application tool it won't work. Do it yourself. example i can not protect but i can give someone advice where and how to protect your computer and your website b, to destroye it yes i love it ,and i always like to do it why i like ? because In my brain nothing should be hidden, it gives me courage to do it. Remember at the end you need money.
Honestly weird people say they "graduate cyber security" and it seems this hints at people taking these incredibly oddly marketed "cyber security degrees" despite cyber security being a subsect of CS/IT and something that requires extensive foundational IT knowledge just as something like solution architecture or cloud does. Cyber security is a path you pursue AFTER having a Bachelors of IT and have extensive understanding of all technologies out there.
@@russellera8841 advice do not put all effort in something that will not feed you and your family in future, it just a set up for people to waste they time, all you can do it is to learn all crap i mean all the you can understand how it work and where to put time when to time when u need take down a system or to protect , things you know do not put time in that but put in time things you do not know and one things that you will really be very good in cyber security need all 7 lager to understand, hacking you do not need so much program.. but need to understand to read the code line error in any data coding language they are all same at the end they all need output . if you want pentest then try to allways hack bigger site like google , youtube amazon ebay, yout al them when you find something report to them and sorry. Again do not learn or put effort in things does not help u when you sitting wiith your computer waste your life aaand time .
Great points. As someone that's been in this field for over 5 years, let me just say... that feeling never really goes away. The more you know, the more you realize how much you still don't know. To me, that's part of what makes the field awesome though. There's always more cool stuff to learn!
Yeah, there's a lot to cybersecurity than meets the eye. I just finished 1st year of college doing the major, and I can tell you, that I have got a long way to go
I learned more in my first two jobs in cyber than I ever did during my cyber related classes in college. IMO the degree helps you get your first job in the field but that's when the learning really begins...
@@Ignite619 It's possible, just buy one and get into like online gaming or pursue a cybersecurity major. Also, you can get help from others too to enhance your IT skills.
The foundational knowledge required to begin in network security is a massive hurdle, it's true. I am completing my bachelor's specializing in network security applications development and you essentially need to understand all of the protocols at each layer in the OSI model (With emphasis on TCP and IP). Then you must also understand the basic networking administration tasks such as mainting a network, setting up servers, changing hostnames, setting up different networking services. How to set up and configure firewalls, how to set up and configure IDSs, etc. You have to understand network design, which is how to design a network that is scalable, efficient, and secure, while maintaining costs. Once you understand these you can start to get into the offensive side of things where you start to learn how to penetrate all of the defenses you set up previously. You obviously need to understand how to design low-level network applications, etc. Once you have all of that stuff figured out, you can get into network forensics and analysis which is the fun part (tracking down hackers, monitoring networks for attacks, etc).
And this is mainly linux. Have fun learning Active Directory for Windows systems lmao. But honestly, you shouldn’t really have to be able to do all that stuff. I’ve gotten past WAFs without any prior knowledge. I’ve done threat hunting for finding malware traces without doing network admin stuff. You can get into a SOC analyst role pretty easy here.
How long is your course?? Crazy to think some people go to school so long for this stuff. Hope the time frame and price are worth it! In my 8 months of first year net admin course all of these foundations have already been taught in detail. From the protocols to network configuration / setup to AD and PS, hardware and others. I hear some university's teaching information technology are pretty bad at what they do and the curriculums / time frame. In my area anyways. Gl
@@v380riMz Yes, lots of information on how to bypass WAFs on the web, However Businesses do not want people who can bypass WAFs, they want someone who can stop people being able to bypass their kit in the first place, which is why there is a shortage of the "right" sort of person who can help protect their Business.
@@zachs6327 I've taken multiple courses but in my specific institution the network security specialization that I'm currently in takes 2 years by itself, my first 2 years of school were spent learning basic IT and programming, the price is no where near as expensive as your typical university
Just started watching you channel as I am considering to jump into the industry from construction. I can already tell these videos will be helpful to see what the reality of this field really is. One thing I can say is that with a ton of STEM fields you will always feel behind the ball. there is too much out there that already exists and too many new ways of doing things coming out so it always feels as if you are drinking water through a fire hose. The best thing is to just do what you can but to also be as much of a sponge as you can for whatever new info comes your way.
The foundation must be super solid. Every avenue has a different focal point, though they all intermingle and you really gotta know your stuff if you want to do better in interviews. Just think about the OSI model, for example. If you can fully understand how systems operate at every layer and what exactly is happening at each layer, that will really help you out in the long run. If you can effectively communicate that you know how things work, how to protect systems or applications, and how to verify that the protection works, then you’ve got a pretty solid answer for a lot of problems any company could be facing.
agree with you sir, Im currently learning cyber security and it was hard for me to get started into the field since I was lack the foundation. The more I learn about the foundation, its like discovering new roads and it really helped a lot.
Bro you have no idea how relatable this video is. Iv been doing this for a couple months with no IT background and I feel like I never know what the hell im doing or looking at.
So I went the traditional route of going to school and obtained industry certs. Did my fair share of CTFs and self learning platforms like HTB and THM. I currently in incident response and I must say that I feel incredibly overwhelmed at times with what I don’t know. I take it day by day learning my new role but cybersecurity is no joke with what you have to KNOW to do your job well.
Thanks for this comment. This is where I'm at right now. About half way through my associates degree and looking at certs and doing HTB and THM as much as I can in the in between. I feel like all of this effort is going to pay off. :)
@@comradedad I’m on the last year of my Bachelor’s degree, am working on CompTIA Security+, mastering the NIST risk management framework, and studying the different skillsets required for the CISSP certification. I’m in my early 20s and am currently kicking ass on a daily basis. That is, studying and working in all that I can. Working in a drive thru at a restauraunt improves communication, multitasking, and physical/mental stamina - that’s the earliest possible prerequisite to a entry-level IT job. It involves cashiering and lots of focus/memorization as well.
So if I’m bad at holding onto information because for some reason my memory is awful…is it even worth getting into? A lot of my previous schooling goes into one ear and out the other because I hated it so much.
Completely agree. Industry is huge and growing and there are so many people who want to do it because it's cool. pentesting for example everyone wants to be one but the demand is actually quite low. The skills are definately important to have even for blue team but people love the idea of red teaming. Truth is there are so many niche areas and the industry it's self has such a wide range of jobs and specialised knowledge requirements that are crucial that don't all align with people's preconceived notion of the job/industry. And to an extent I think many businesses don't fully appreciate or respect this either which shows. Sounds cliche but I find on my learning journey I am focusing on what I am both good at and enjoy, taking note of the major certs that have value and trying to specialise in the areas that I enjoy and am good at so I can hopefully show more proficiency over others in those sections while still trying to grasp the rest of the background knowledge I know I need. Either way man you ain't alone. It's not easy haha
Nice video. I’m currently in College for IT. I’m interested heading towards in Cyber Security. So this video helps out a lot. Also reading the comments are helpful.
My biggest surprise after starting to work with CS is how I now actually consider the majority of technical topics to be easy. By that, I do not mean that a technical challenge is easy to solve by yourself. Trust me, the creativity, complexity and skills some threat actors show is absolutely mind boggling! However, usually if you bring enough clever minds together, you will be able to solve really complex challenges as a team. The biggest challenge I find however is management. There are so many challenges, which you mention a few of. Cyber Security actually requires everyone in an organization to work together. Some more than others. Managing all this is a complete chaos, and usually this chaos is what could potentially lead to a mistake in configuration, something to be overlooked, or something else which you can bet an attacker is ready to exploit. This is also why I love what I do. I get to both dig into super interessting technical challenges, while at the same face challenges which requires social and communication skills. I was never the most technical guy, but in CS I feel I have the perfect balance between being a straight up nerd, but also a "people" guy. Just my reflections :)
what is your job position? I’m intrigued that social & technical skills have to be strengthened. And I’m not too technical myself but this field interests me.
Canadian here, been in Cyber for almost a year in a half now. I would say that you raised so many valid points. In addition of having a full IT skills you also need communications skills as well. Governance and office politics are as important as your knowledge in IT. It is hard. You have to fight alone against the whole internet AND change inertia in your own company. Been lucky enough to spot and stop 2 attacks quite fast so they're listening more now.
My recommended route is earning your A+ Certification and then applying for a degree, these two things will open doors in getting you an I.T job. While you work on your degree and grow your I.T expirience over the next 2 to 4 years try earning your Network+ or CCNA certs, and then go after the security+ degree. During this process i'd say about 2 years in you'll need to pick up scripting. After you earn your degree all of these things combined will definitely land you a role in cyber security and you'll have a great understanding to present to employers.
Thank you so much for this. I work in Vulnerability management and there’s no words to describe how much of a struggle it is. You made a very good point about needing that foundational IT knowledge first. I underwent a 6 month cyber apprenticeship and learned a lot of the basics but lacked in the networking and coding aspect. That really came to bite me 6 months after that. The longer I’m here the longer I realize everyone is scratching their heads to some degree, some more than others. It’s a tough industry and constantly changing so you can’t just “get good” at it. You have to adapt and grow too. I think that’s also why I like it so much.
So much truth. We keep hearing about how they can't find enough people to fill cyber jobs, but when someone who's qualified, but doesn't have the experience applies, the app goes right in file 13.. This is true in IT as well, maybe more so in cyber because it's more "specialized", but the concept is the same.
@@tanjirocarry4258 Yep. That's why I say there's not a shortage of anything other than a) companies willing to give people an opportunity 2) companies willing to pay a decent wage. It's not uncommon around here to want a Bachlors, 5 years experience, and pay $12 hr
@@tanjirocarry4258 Take a role doing support at a vendor or MSP, do that for 6 months and then viola now you have some experience and it's client facing which is important! Some of my colleagues did this when they graduated. They worked support for a while, some longer than others, but 3 are at OPSWAT now and 1 is IT Dir for a small business. I know a few others who went into more specialized fields as well but they all started off doing support, helpdesk, etc. Vendors are always looking for smart, capable, IT Grads for their support roles, hell I think we are hiring for a few roles at Malwarebytes.
Not gonna lie, I was going to disagree with your video title at first. But you're right. I got into cybersecurity a year ago and the past year has been my most intense year of learning. I've had to use all my past knowledge in IT. I cant imagine how much more difficult it would have been for me without my accumulated knowledge of IT (programming, Networking, Systems admin, hardware repair are areas that I worked in before). I still have to go on a tangent to learn another new thing every once in a while so I can grasp a security concept. I think what keeps me going is that I actually enjoy the things I learn everyday. I do digital forensics now and it's just crazy, the amount of interesting artifacts that exist on devices for you to find. Great video!👍
Cyber security aspirant here.. you made me laugh from the get go because it is so ridiculous how much crap we have to jam into our heads. Whenever I feel overwhelmed I just remember that I will be on a TEAM of experts, and thus it will be our collective knowledge that gets the job done.
@@gginchat7079 You'll never get the money you think your gonna get without a shitfuck ton of Programming(Python), Discreet math, CCNA (Networking) and being able to automate is the future. You have to dedicate hours a day to studying and evolving your craft everyday if you want to hang with the big boys but if you want it you'll find a way just don't think its gonna happen overnight. I worked my fucking ass off to be where I am.
@@slicker1260 I’ve been in this game 10 years and been hacking since I was a 9 so I’ve had a nice head start, but to get the good government jobs I went back to school to basically relearn everything I already knew to get a degree which you don’t necessarily have to have a degree in cybersecurity but it will deff help if you going for the bigger government jobs nowadays. I have my CCNA and also passed CCNA 1-3 with flying colors , I have my Linux cert, I have an ethical hacking cert, and I had to learn how to program in 2 different languages other than python but Python is really the most important of all. If you want to get into buy bounty though you don’t need any of the above if you have a drive you can just dive in and start crushing it today so theirs multiple routes but if you want long term job security and an open invitation I’d advise you consider going back to school for this that way if someone fires you or you have a bad 5 months of doing Bug BOUNTY it’s not back to square one and you still have your degree and certs to fall back on that nobody can take from you and yet it happens all the times I’ve seen guys completely give up because their employer wanted them to get more certs or another programming language to keep up with the evolving landscape that is cybersecurity of course if your already a badass and can prove you understand networking and programming I’ve seen some guys do well but again it’s alot of work a lot of studying and implemention of code you might as well get school and all your certs done and work towards getting an intern so you can pay off school. I won a state championship for my college for Internetworking so it all adds up. There is no one way to get into this but again if you want to hang with the big boys just get your studying and certs done and out of the way and then start working like a mad man and keeping up with all the latest exploits and vulnerabilities a lot for most people. And if everyone was doing so great at it they wouldn’t have to start a “UA-cam Channel” I’ve met very few cybersec badasses who really got all their shit together and work towards understanding everything but my pay is in the triple digits after years of honing my craft and being able to deliver anything thrown my way. I wouldn’t have lasted 3 weeks w/o all the hours of studying and preparation it took to get here. There’s some guys who are freaks like I said and get in doing bug bounty but they are the exception not the rule and they don’t have consistent pay like most of us that put in the hours and time and got our degree. Then you will probably start out doing help desk for 2-3 years just to get your foot in the door where people can see how much you really know so my opinion is don’t take any shortcuts, put the time in. Do it right, and be careful who you choose to listen to life advice from I’ve seen alot of guys try and cut corners to be out of work starting from scratch which is not a good place to be put in the time and get rewarded in the end and even then this is a lifelong learning endeavor
@@OneManCanStopTheMotorOfWorld Bro I’m already 24 with a crappy Associates in business. I was thinking about going back to community for this but I don’t think it’s even worth it now…
I’m currently in my first year of college and I’m trying to get my associates degree in computer science. Mainly for cyber security….and honestly…..I have no idea what I’m doing. I learned how to make virtual machines….and I literally can’t remember anything from first semester. I’m honestly scared that I won’t pass…..but I can’t allow myself to fail….I can’t and I won’t. Maybe I’ll find a great job with it. Maybe I won’t….but literally, I don’t know what I’m even doing lol…
Well as long as you actually like it or it’s a genuine tool for you then I think you’ll be okay. Maybe start your own little projects like trying to hack your phone or something like that. Just do little things for yourself so you know that you can do what you’ve been learning, and that it’s not all just in your head
I’m an IT manager for a school, and when you mentioned security is both technical and cultural issue.. man that hit home. I try to cover all basis by enforcing 2FA for all accounts, having all our computers and devices use our IdP for login instead of local accounts, and inviting anyone who has ANY type of privilege(ie. Account provisioning, creating a group, etc) to our password manager plan so they can begin using a managed vault and stop recycling the same password for different accounts, and also an authenticator app. Even then, I find out about stuff like one of our administrators signing up for a service and not using the password manager, and setting up a password along the lines of “password123” I feel like security is an uphill battle against convenience.. it is extremely hard to regulate every single employee/user in an organization.
"I DONT CARE IF I GET STUCK AT THE GENIN LEVEL FOR THE REST OF MY LIFE, YOU GUYS ARENT GOING TO SCARE ME OFF. ILL STILL BE HOKAGE ONE DAY! YEAAAA BELIEVE IT"
If you are in university or educating yourself in IT fundamentals, get a technical support position. It will pay dividends to have on your resume to say you got paid to work in IT.
I worked for the student and faculty tech support for my university for all 4 years of college. Not only did I get a degree in that field but I also had 4 years (albeit not full time so around 2 years in total) of experience coming right out of college. Not only did I love that job it helped me get a job afterwards super quick. Now I am doing IT and studying for my CCSK certification. Definitely go for this route it will help tremendously (working for your uni) !!!
Yea...... You do need to know a decent amount of all IT to do cyber security but DONT be afraid be cause you don't know a lot about everything. I currently work as I Cyber Security Analyst but my current job duties are managing several Palo Alto firewalls and running phishing campaigns to train users. Ask me about application gateway firewalls and I have no idea. The bottom line is just specialize in something in cyber security. It has way too many facets to know everything. I also know very little in Malware analysis and offensive penetration testing. I am more defensive Security. I hope what I say encourages more to get started. The best piece of advice I could give is: Know how something works vs memorizing how something works if that makes sense.
This video motivated me so much because the difficulty of cybersecurity made me start to lose hope in myself thinking that it is not my type. But apparently it's hard for everyone so there is hope for everyone!
cybersecurity is an umbrella term that encompasses everything in IT. Of course it is hard. that's why it's pretty common, to have the other jobs (sys admin, network engineer) mastered before you even jump into cybersec. I cringe everytime I see these bootcamps and college certs promising an entry into cybersec straight outta college. yes, it can be done...but you will indeed be overwhelmed. People NEED to know that cybersec is not an offshoot of IT, it is the application of everything in IT.
As a guy rounding out third year uni in Cybersec at the upper end of the grade system, i can confirm i also have regular moments of borderline panic that i feel i don't know what the hell I'm doing half the time. The hope is that feeling goes over time but the more i see from professionals, the more i think this is the norm! 😂
I've been working in IT for almost 14 years and decided to go back to school in order to obtain my degree in cybersecurity, and I feel like I have no idea what I'm doing, especially being a remote student, no live lectures, really no support. So when I get stuck or have questions, it will take 48 hours to 4 weeks before I get a response back. Thank you for doing this video, it's greatly appreciated. I've actually been able to use online tools and online learning platforms, which, made it really easy to understand what I'm doing.
The thing is, the industry is growing and it needs to change the way it thinks, you need to grow and groom talent, if all the companies want 10 yr experienced masters in everything, good luck. There’s people wanting to go into it, of course you need to study, it’s a lot of information, but there’s a lot of professions like that. A lot of gatekeeping and old ways of thinking are going to make it easy for criminals in the long run.
It is comforting to hear this because after seven months of continuous days of 8 hours of a day of continuous study, I find myself not making significant progress and finding that I have reached a dead end.
I'm currently working on the Google IT Support certificate right now, and plan on tackling the cybersecurity and Comptia Security + later, so it's good to know I'm doing it right investing time to learn general IT principles and land a general IT position first. Seems obvious, but it's easy to overlook the fundamentals and try to jump straight into a new career track. The more I look into the field the more it seems like something I'd love, I love the opportunity to constantly learn more and grow as the field grows!
The issue is people look at it like it’s one job. I’m going into Cybersecurity, that’s like saying I’m going into Law Enforcement. There are sooo many paths to go into. Get your basics and pick an area of interest and focus on that. If that gets boring after awhile, change it up. Narrow your focus.
I'll always say cybersecurity is harder than programming. Learning industry grade complex systems and knowing how to exploit and find bugs and vulnerabilities is not for everyone and only a few may find bugs.
I hear the trick is to start off working blue team jobs. There are more of them and they're a tad bit easier than jumping straight into red team jobs. And I believe that learning defense will definitely make you better at offense.
6:47 makes me cry as i never studied networking and usually had a tough time learning. But this topic is what I've been interested in past several years but have not aquired any usefull skills yet i guess. I hope I can make it.
I went to a 2 year community college for my cybersecurity degree and obtained alot of network ccna’s along the path, am transferring to a 4 year to get a bachelors in IT with a cloud infrastructure focus. I feel like this is a decent route if you don’t know if its for you. My local community college has alot of major connections and offer internships year round. Internships are great if you only have little hands on experience in IT besides classroom. You will learn a lot and it looks very good on your résumé because they know you’re atleast trying to further your knowledge and be an outlier.
Going to college for a cybersecurity degree is NOT the traditional way. That's the NEW way. In the past people were self taught or maybe studied computer science. Cybersecurity degrees only came along in the past few years. When I graduated high school there was no such thing as "cybersecurity" much less a "cybersecurity degree".
-I confirm- I have read and understood the terms of service and policies of Cyber FastTrack, and that I meet the eligibility criteria of being at least 18 years old and *enrolled in an accredited U.S. college* 🐸🐸
Guys which is harder, software automation testing, cyber security or business intelligence? I am trying to pick a course but have no clue which one is the easiest. Thanks 👍
Great video! I will say, I am so glad I worked as a helpdesk tech, then a network admin before I started my cybersec career. I couldn't imagine going into cybersec without the knowledge I gained from working as a tech and net admin.
Thanks for this, I just got my first Cybersecurity Gig as a CTI analyst and it's overwhelming, there's seriously still a ton that I don't know and I'm kicking myself in the ass for not studying up on certs and setting up a home lab earlier (If you guys are wondering whether certs/Home lab projects are worth it, they 100% are btw) Still, I'm committed to learning and getting the experience I need! This really helps keeps things in perspective man. I appreciate your content a lot.
One thing most people who are interested in Cybersecurity don’t understand before jumping into that profession is that, you need a little bit of understanding of how networking works. That is why is always advisable to get CompTia Network+ before Security+, and then to a more advanced Cyber CERTS. It’s not about accumulating certs or degree, experiences are very important to any job role.
I took college courses that taught a great deal about networks, such as the recent edition of “business data communications and networking” - and I took the mindtap course for security+ to prep for the exam. Would you reccomend getting a study guide for the comptia exams? I don’t know if the mindtap courses are good enough.
There are currently 600k unfilled cyber security jobs in USA which will grow to 3.5 million in 2025. The demand for good cyber security experts is there but yet there seems to be lack of demand for younger unexperienced workers (which is the same for any field). Why don't these companies invest the time to take these young workers and turn them into experts? Surely its in their best interest.
Do you think I have a shot in cyber security if I only have a BA in criminal justice? I regret not pursing a comp sci degree. I want to get into the TECH industry as I no longer want to purse law enforcement.
I start cyber security in march at some community college i don’t really know if that’s great or not, i don’t really have much tech history besides me building a gaming pc, i do know i love to learn a lot of stuff so i hope this all goes good for me lol
I have been working in an IT Support role, now in a senior position for the last 10 years. I have tried to break into cybersecurity and i found it hard where to start. I have degree in EE engineering, CCNA, ITIL, MCSA but still find it a bit hard where to start. Is ejpt + CISSP a good start? Working towards both.
I’m on the opposite end of your situation work exp wise. I have two certs Sec+ and CySA+ lots of lab experience but hardly any related work force exp and it’s a challenge. A lot of companies desire the SANS certs but that price tag is a killer. Maybe for someone with your IT background, cissp, but that is overkill if you are applying to entry jobs. On the other had there are people getting in with no exp but have friends within companies sliding novices into job roles, and giving them the opportunity to earn their certs while on the job. Tbh it boils down to how skilled you are/ how hooked up you are/ how lucky you are lol a complete crap shoot.
Cyber is hard. Not only on knowledge but on dedication and discipline as well. It is hard to focus on items as monotonous as reviewing logs or looking through alerts. Certainly helps to have an obsessive brain.....
I went through the boot camp. Which was useful in terms of hand on approach on software but it didn't give me a boost with certificate. It teach me the foundation but try crushing everything in 9 months and it turn into a mess. I almost got a job in I.T. however, they want me to take my time to learn active directory 1st before jumping in which I learned in a boot camp but not fluent.
One thing most people who are interested in Cybersecurity don’t understand before jumping into that profession is that, you need a little bit of understanding of how networking works. That is why is always advisable to get CompTia Network+ before Security+, and then to a more advanced Cyber CERTS. It’s not about accumulating certs or degree, experiences are very important to any job role.
One who masters the Basics, can one not be too surprised with new information. I'm also learning the basics such as C# and C Programming before I can move to C++. Later on Powershell, Python, Offensive security, etc since im focusing towards as a prominent Penetration Tester.
its true that is hard to get in yeah but once u get in the amount of knowledge and exp that u can get is endless and its worth a lot in my opinion. and after that everyone from this field wants u
Here's the name of the game... Fucked. Doomed. Etc... It used to be, you learn a trade, an occupation, and the longer you do it, the better you became at it. So you advanced. You started managing, mentoring, teaching others how to be their best. Not with IT. The longer you do it, the more you have to know. The more you have to learn. You can't keep up. As you age, your memory goes, your drive goes. Burnout is real kids. So bottom line, if you do IT, you're doomed. Eventually, you will suck and hate your life. Or you might hang on, but you'll hate your life. Good luck!
You’re talking about just STEM fields in general then since this seems to be the nature of the beast. I personally don’t mind venturing into the unknown
Great video that sums up starting out in the Information Security field. I highly recommend obtaining a network certification (Cisco, Palo Alto, etc) and systems admin certification (Microsoft, CompTIA, etc). I have found my prior experience as a network admin and system admin really propelled my career and gave me a huge boost in foundational knowledge. Also don't be afraid about not knowing or understanding everything right away, cyber security is about research and learning :)
I've been in IT for almost a decade and a half dealing with Network Infrastructure and have done everything from networking to servers to virtualization to SANs to scripting to web development to network security, and I can already tell you that I'm still learning. Most would think that I'm very talented but I spend a lot of time honing these skills to the point of almost mental exhaustion even after a whole day's work. It is not for the feint of heart. Yes, there is good money but don't think you're just going to be at your seat watching youtube videos. It's a lot of work, deadlines and pressure to get stuff taken care of. Even if you don't know the answer to the problem, you have to find out as the business depends on you. All that being said, it's a rewarding career if you do it right.
It is overwhelming, for sure. If you're young the best route is probably to get into the military and join a unit like the Royal Signals Corps, which is the UK example off the top of my head, or the equivalent from your country's armed forces. They basically do all the IT for the military and SIGINT (signals intelligence). A lot of people in agencies like GCHQ, NSA etc entered the organisation through that route. For older career changers like moi, the route is going to be more about accepting a huge drop in salary and starting at the bottom again - but you can quickly surpass your old salary in a few years, esp if you have previous management experience and other transferable skills. The Cyber Fast track sponsoring this video won't let you sign up if you are not a US college student - Old people and foreigners need not apply.
Dude your so humble about this. Im about to graduate in a year and I still barely have a clue at what im doing and what im looking at. Legacy media has really warpped the idea of what the field it
Could you make a video about the various options job wise one could take in the cyber security realm? I'm a freshman/sophomore at my college and I'm in the cyber security club, and even we barely know all the options.
This was a great video cyber security is hard to get into because you are competing against. System and Network engineers that have already been in the industry for 10 plus years.
Cybersecurity is an amazing field, and yeah it is complex and confusing You have to learn Linux and a bunch of things about OS internals(API, Kernel, Process heap, DLL etc etc...) You have to learn several programming languages for Scripting and reverse engineering (python, PHP, PowerShell, (assembly for reverse engineering)) You have to learn networking and a lot of protocols You have to learn vulnerabilities assessment and only the tools you are going to use but what vulnerability itself implies and why is this a vulnerability) You have to learn about cloud security assessment. A bunch of certificates does not prove that you are a pro. Knowing some tools does not make you a pro. Thinking outside the box makes you a pro. It is a complex field and you do not become a professional after one year.... you have to be obsessed and consistent.
The fact that you're humble enough to admit 'I have no idea what I'm looking at' makes me think you're gonna make it my guy! The most times I've seen people fail, is when they relax on their laurels thinking that they know it all. This is an ever-changing field, just like most of IT is, hell most of life for that matter! As long as you keep the passion alive and the desire to learn, and KNOW that you don't know it all...you'll be just fine !
I appreciate the kind comment Justin! My intention wasn't to look for validation comments. But I do appreciate the encouraging words. I hope to continue the journey with an open mind and follow your advice here. Thanks for the share!
As a programmer sometimes I look at a problem and will think I have no clue where to start. But then I do a deep dive on the problem and break it down and eventually things start to make sense.
@@collinsinfosec
Hi man
Please I want you to help about what us university has a becolore degree , thanks alot
Regards
This video was an ad my guy lol
@@NINETYFIVE_TC I'd say that depends...and lots of things, anybody can develop talent for if they work hard.
I started off learning Hacking and offensive security...and trust me I can relate. CTFs are the best way to get hands on experience to learn offensive security...Hackthebox and all those platforms...really good platforms to learn. DEDICATION AND PASSION IS KEY. I feel like giving up everyday... but videos like this are a major encouragement. Lets carry on the journey people. Thanks Grant!
How good are you now? I've done a couple classes in college for cyber security and what not and was wondering how far I can get with this? Have you learned when to use the right attack for the situation?
>DEDICATION AND PASSION IS KEY!
I totally agree! I think I'll be set in this field because I get an itch if I don't get My IT fix. Also, I know I'll never know it all and I know I'll be wrong and make mistakes.
Professionally speaking though, what's the likelihood that someone with half a dozen felonies on their rap sheet getting employed in this field? I'm dying to turn My life around! I don't want to go back to that life!
Same here and just slept last night thinking the same, but need to carry on to eventually reach somewhere and hopefully contributing something good to the industry on the way!!
Couldn't agree more with everything you said!
CTF's are great for learning tools but have nothing to do with how pentesting is done. Many people suck at CTF's and are AMAZING at pentesting in the field. Most are too guessy when they get advanced. CTF's need to get more realistic
cybersecurity is easy... you buy expensive tools that never get implemented properly, provide cool looking presentations for executives and completely ignore things like accounts for people that have left the company still being enabled and all of the mundane stuff that actually matters quite a lot. The greatest threat should always be the one you just learned about at your last conference, and it should be of utmost importance to buy yet another tool to combat it.
Lmao yess
bro I'm dead this is exactly how it feels to be a SOC analyst right now I'm about to start my own company lmfao
why is this so accurate lmaooooooooooooo
A lot of videos on here would have you believe that getting into Cyber Security is easy peasy. Jump from 30k to 200k no worries lol. Just play around with some tools at home and you are good to go. Or worse, use brain dumps to cheat your way through the exam and come out as a paper cert and not having a clue.
I like the way ya think!
Just got out of college and I got a job a few months ago as "Jr. Security Engineer" or so they said. On my first 5 months I've struggled trying to keep up with all the things they ask me to do, one day is Azure, the other day networking problems, vulnerability patching, and a bunch of things. On top of that, seniors seem to have no idea of what they're doing. I love cybersec but man it sure is tough! Thank god it is my passion and I love learning, that'll keep me on the road :) Good luck to you man!!
I graduate from cyber security in November, it is nice to see someone else who doesn't really know what they are actually studying.
It was same for me but the easy way to understand it , koffeee studies all crap and pratice much when you do something you have to understand it 150% networking need to understand all all 7 lager up to down and how they work all topo, if you to chose web applic testing you have to understand everything and what going on and how wich code they have use ,websever how it work ,where to find vulnerabil which attack you will use, language just learn python in case something jump in with python otherwise, pratice pratice if you understand they do not want to give you job , just send them your ip adress to them i mean leave a little bit your trace for them. do not jump jump there and there all youtube tutorial won't help and you don't need all these tools in youtube but you need to understand , want to hack pysical hardware and then sitting with web application tool it won't work. Do it yourself.
example i can not protect but i can give someone advice where and how to protect your computer and your website b, to destroye it yes i love it ,and i always like to do it
why i like ? because In my brain nothing should be hidden, it gives me courage to do it. Remember at the end you need money.
Honestly weird people say they "graduate cyber security" and it seems this hints at people taking these incredibly oddly marketed "cyber security degrees" despite cyber security being a subsect of CS/IT and something that requires extensive foundational IT knowledge just as something like solution architecture or cloud does.
Cyber security is a path you pursue AFTER having a Bachelors of IT and have extensive understanding of all technologies out there.
@@Cneq You can't study specific subjects at college? peculiar.
Me too i graduated next year and im so worried cause I don’t know what im actually studying.
@@russellera8841 advice do not put all effort in something that will not feed you and your family in future, it just a set up for people to waste they time, all you can do it is to learn all crap i mean all the you can understand how it work and where to put time when to time when u need take down a system or to protect , things you know do not put time in that but put in time things you do not know and one things that you will really be very good in cyber security need all 7 lager to understand, hacking you do not need so much program.. but need to understand to read the code line error in any data coding language they are all same at the end they all need output .
if you want pentest then try to allways hack bigger site like google , youtube amazon ebay, yout al them when you find something report to them and sorry. Again do not learn or put effort in things does not help u when you sitting wiith your computer waste your life aaand time .
Great points. As someone that's been in this field for over 5 years, let me just say... that feeling never really goes away. The more you know, the more you realize how much you still don't know. To me, that's part of what makes the field awesome though. There's always more cool stuff to learn!
Yeah, there's a lot to cybersecurity than meets the eye. I just finished 1st year of college doing the major, and I can tell you, that I have got a long way to go
I learned more in my first two jobs in cyber than I ever did during my cyber related classes in college. IMO the degree helps you get your first job in the field but that's when the learning really begins...
@@Reclaimer_XB oh wow, I didn't know that
Im planning on starting soon. I’m not good with computer stuff. Do you reckon it’s impossible for me to learn?
@@Ignite619 It's possible, just buy one and get into like online gaming or pursue a cybersecurity major. Also, you can get help from others too to enhance your IT skills.
@@supermax5000 thank you. I’m super stressed already thinking I’m gonna absolutely drop the ball on this.
The foundational knowledge required to begin in network security is a massive hurdle, it's true. I am completing my bachelor's specializing in network security applications development and you essentially need to understand all of the protocols at each layer in the OSI model (With emphasis on TCP and IP). Then you must also understand the basic networking administration tasks such as mainting a network, setting up servers, changing hostnames, setting up different networking services. How to set up and configure firewalls, how to set up and configure IDSs, etc. You have to understand network design, which is how to design a network that is scalable, efficient, and secure, while maintaining costs. Once you understand these you can start to get into the offensive side of things where you start to learn how to penetrate all of the defenses you set up previously. You obviously need to understand how to design low-level network applications, etc. Once you have all of that stuff figured out, you can get into network forensics and analysis which is the fun part (tracking down hackers, monitoring networks for attacks, etc).
I generally agree with your comment. I'm completing my bachelor's degree in cybersecurity and it's a generalist degree.
And this is mainly linux. Have fun learning Active Directory for Windows systems lmao. But honestly, you shouldn’t really have to be able to do all that stuff. I’ve gotten past WAFs without any prior knowledge. I’ve done threat hunting for finding malware traces without doing network admin stuff. You can get into a SOC analyst role pretty easy here.
How long is your course?? Crazy to think some people go to school so long for this stuff. Hope the time frame and price are worth it! In my 8 months of first year net admin course all of these foundations have already been taught in detail. From the protocols to network configuration / setup to AD and PS, hardware and others. I hear some university's teaching information technology are pretty bad at what they do and the curriculums / time frame. In my area anyways. Gl
@@v380riMz Yes, lots of information on how to bypass WAFs on the web,
However Businesses do not want people who can bypass WAFs, they want someone who can stop people being able to bypass their kit in the first place, which is why there is a shortage of the "right" sort of person who can help protect their Business.
@@zachs6327 I've taken multiple courses but in my specific institution the network security specialization that I'm currently in takes 2 years by itself, my first 2 years of school were spent learning basic IT and programming, the price is no where near as expensive as your typical university
Just started watching you channel as I am considering to jump into the industry from construction. I can already tell these videos will be helpful to see what the reality of this field really is.
One thing I can say is that with a ton of STEM fields you will always feel behind the ball. there is too much out there that already exists and too many new ways of doing things coming out so it always feels as if you are drinking water through a fire hose. The best thing is to just do what you can but to also be as much of a sponge as you can for whatever new info comes your way.
The foundation must be super solid.
Every avenue has a different focal point, though they all intermingle and you really gotta know your stuff if you want to do better in interviews. Just think about the OSI model, for example. If you can fully understand how systems operate at every layer and what exactly is happening at each layer, that will really help you out in the long run. If you can effectively communicate that you know how things work, how to protect systems or applications, and how to verify that the protection works, then you’ve got a pretty solid answer for a lot of problems any company could be facing.
agree with you sir, Im currently learning cyber security and it was hard for me to get started into the field since I was lack the foundation. The more I learn about the foundation, its like discovering new roads and it really helped a lot.
Bro you have no idea how relatable this video is. Iv been doing this for a couple months with no IT background and I feel like I never know what the hell im doing or looking at.
So I went the traditional route of going to school and obtained industry certs. Did my fair share of CTFs and self learning platforms like HTB and THM. I currently in incident response and I must say that I feel incredibly overwhelmed at times with what I don’t know. I take it day by day learning my new role but cybersecurity is no joke with what you have to KNOW to do your job well.
Thanks for this comment. This is where I'm at right now. About half way through my associates degree and looking at certs and doing HTB and THM as much as I can in the in between. I feel like all of this effort is going to pay off. :)
@@comradedad I’m on the last year of my Bachelor’s degree, am working on CompTIA Security+, mastering the NIST risk management framework, and studying the different skillsets required for the CISSP certification. I’m in my early 20s and am currently kicking ass on a daily basis. That is, studying and working in all that I can. Working in a drive thru at a restauraunt improves communication, multitasking, and physical/mental stamina - that’s the earliest possible prerequisite to a entry-level IT job. It involves cashiering and lots of focus/memorization as well.
So if I’m bad at holding onto information because for some reason my memory is awful…is it even worth getting into? A lot of my previous schooling goes into one ear and out the other because I hated it so much.
Completely agree. Industry is huge and growing and there are so many people who want to do it because it's cool. pentesting for example everyone wants to be one but the demand is actually quite low. The skills are definately important to have even for blue team but people love the idea of red teaming.
Truth is there are so many niche areas and the industry it's self has such a wide range of jobs and specialised knowledge requirements that are crucial that don't all align with people's preconceived notion of the job/industry. And to an extent I think many businesses don't fully appreciate or respect this either which shows. Sounds cliche but I find on my learning journey I am focusing on what I am both good at and enjoy, taking note of the major certs that have value and trying to specialise in the areas that I enjoy and am good at so I can hopefully show more proficiency over others in those sections while still trying to grasp the rest of the background knowledge I know I need.
Either way man you ain't alone. It's not easy haha
This is a SPOT ON statement.. 100% agree.
Nice video. I’m currently in College for IT. I’m interested heading towards in Cyber Security. So this video helps out a lot. Also reading the comments are helpful.
My biggest surprise after starting to work with CS is how I now actually consider the majority of technical topics to be easy. By that, I do not mean that a technical challenge is easy to solve by yourself. Trust me, the creativity, complexity and skills some threat actors show is absolutely mind boggling! However, usually if you bring enough clever minds together, you will be able to solve really complex challenges as a team.
The biggest challenge I find however is management. There are so many challenges, which you mention a few of. Cyber Security actually requires everyone in an organization to work together. Some more than others. Managing all this is a complete chaos, and usually this chaos is what could potentially lead to a mistake in configuration, something to be overlooked, or something else which you can bet an attacker is ready to exploit.
This is also why I love what I do. I get to both dig into super interessting technical challenges, while at the same face challenges which requires social and communication skills. I was never the most technical guy, but in CS I feel I have the perfect balance between being a straight up nerd, but also a "people" guy.
Just my reflections :)
what is your job position? I’m intrigued that social & technical skills have to be strengthened. And I’m not too technical myself but this field interests me.
Canadian here, been in Cyber for almost a year in a half now. I would say that you raised so many valid points. In addition of having a full IT skills you also need communications skills as well. Governance and office politics are as important as your knowledge in IT.
It is hard. You have to fight alone against the whole internet AND change inertia in your own company. Been lucky enough to spot and stop 2 attacks quite fast so they're listening more now.
My recommended route is earning your A+ Certification and then applying for a degree, these two things will open doors in getting you an I.T job. While you work on your degree and grow your I.T expirience over the next 2 to 4 years try earning your Network+ or CCNA certs, and then go after the security+ degree. During this process i'd say about 2 years in you'll need to pick up scripting. After you earn your degree all of these things combined will definitely land you a role in cyber security and you'll have a great understanding to present to employers.
Is that what you've done, or someone you know?
Absolutely not
@@b3at1 yes this was my route
@@talostheking8529 now they offer Google certification cyber security
Thank you so much for this. I work in Vulnerability management and there’s no words to describe how much of a struggle it is. You made a very good point about needing that foundational IT knowledge first. I underwent a 6 month cyber apprenticeship and learned a lot of the basics but lacked in the networking and coding aspect. That really came to bite me 6 months after that. The longer I’m here the longer I realize everyone is scratching their heads to some degree, some more than others. It’s a tough industry and constantly changing so you can’t just “get good” at it. You have to adapt and grow too. I think that’s also why I like it so much.
So much truth. We keep hearing about how they can't find enough people to fill cyber jobs, but when someone who's qualified, but doesn't have the experience applies, the app goes right in file 13.. This is true in IT as well, maybe more so in cyber because it's more "specialized", but the concept is the same.
this is my issue rn. im trying to find an internship, but because of the lack of field experience no one calls back.
@@tanjirocarry4258 Yep. That's why I say there's not a shortage of anything other than a) companies willing to give people an opportunity 2) companies willing to pay a decent wage. It's not uncommon around here to want a Bachlors, 5 years experience, and pay $12 hr
@@tanjirocarry4258 Take a role doing support at a vendor or MSP, do that for 6 months and then viola now you have some experience and it's client facing which is important! Some of my colleagues did this when they graduated. They worked support for a while, some longer than others, but 3 are at OPSWAT now and 1 is IT Dir for a small business. I know a few others who went into more specialized fields as well but they all started off doing support, helpdesk, etc. Vendors are always looking for smart, capable, IT Grads for their support roles, hell I think we are hiring for a few roles at Malwarebytes.
@@FINZFAN thank you for that suggestion. im kinda lost with how to start right now.
Not gonna lie, I was going to disagree with your video title at first. But you're right.
I got into cybersecurity a year ago and the past year has been my most intense year of learning.
I've had to use all my past knowledge in IT.
I cant imagine how much more difficult it would have been for me without my accumulated knowledge of IT (programming, Networking, Systems admin, hardware repair are areas that I worked in before). I still have to go on a tangent to learn another new thing every once in a while so I can grasp a security concept.
I think what keeps me going is that I actually enjoy the things I learn everyday.
I do digital forensics now and it's just crazy, the amount of interesting artifacts that exist on devices for you to find.
Great video!👍
Cyber security aspirant here.. you made me laugh from the get go because it is so ridiculous how much crap we have to jam into our heads. Whenever I feel overwhelmed I just remember that I will be on a TEAM of experts, and thus it will be our collective knowledge that gets the job done.
Thinking about going into Cybersecurity. Good pay lol?
@@gginchat7079 You'll never get the money you think your gonna get without a shitfuck ton of Programming(Python), Discreet math, CCNA (Networking) and being able to automate is the future. You have to dedicate hours a day to studying and evolving your craft everyday if you want to hang with the big boys but if you want it you'll find a way just don't think its gonna happen overnight. I worked my fucking ass off to be where I am.
@@OneManCanStopTheMotorOfWorld can u give ma a range how much salary cyber security generates for people ? yourself ?and how long to get there for u
@@slicker1260 I’ve been in this game 10 years and been hacking since I was a 9 so I’ve had a nice head start, but to get the good government jobs I went back to school to basically relearn everything I already knew to get a degree which you don’t necessarily have to have a degree in cybersecurity but it will deff help if you going for the bigger government jobs nowadays. I have my CCNA and also passed CCNA 1-3 with flying colors , I have my Linux cert, I have an ethical hacking cert, and I had to learn how to program in 2 different languages other than python but Python is really the most important of all. If you want to get into buy bounty though you don’t need any of the above if you have a drive you can just dive in and start crushing it today so theirs multiple routes but if you want long term job security and an open invitation I’d advise you consider going back to school for this that way if someone fires you or you have a bad 5 months of doing Bug BOUNTY it’s not back to square one and you still have your degree and certs to fall back on that nobody can take from you and yet it happens all the times I’ve seen guys completely give up because their employer wanted them to get more certs or another programming language to keep up with the evolving landscape that is cybersecurity of course if your already a badass and can prove you understand networking and programming I’ve seen some guys do well but again it’s alot of work a lot of studying and implemention of code you might as well get school and all your certs done and work towards getting an intern so you can pay off school. I won a state championship for my college for Internetworking so it all adds up. There is no one way to get into this but again if you want to hang with the big boys just get your studying and certs done and out of the way and then start working like a mad man and keeping up with all the latest exploits and vulnerabilities a lot for most people. And if everyone was doing so great at it they wouldn’t have to start a “UA-cam Channel” I’ve met very few cybersec badasses who really got all their shit together and work towards understanding everything but my pay is in the triple digits after years of honing my craft and being able to deliver anything thrown my way. I wouldn’t have lasted 3 weeks w/o all the hours of studying and preparation it took to get here. There’s some guys who are freaks like I said and get in doing bug bounty but they are the exception not the rule and they don’t have consistent pay like most of us that put in the hours and time and got our degree. Then you will probably start out doing help desk for 2-3 years just to get your foot in the door where people can see how much you really know so my opinion is don’t take any shortcuts, put the time in. Do it right, and be careful who you choose to listen to life advice from I’ve seen alot of guys try and cut corners to be out of work starting from scratch which is not a good place to be put in the time and get rewarded in the end and even then this is a lifelong learning endeavor
@@OneManCanStopTheMotorOfWorld Bro I’m already 24 with a crappy Associates in business. I was thinking about going back to community for this but I don’t think it’s even worth it now…
I’m currently in my first year of college and I’m trying to get my associates degree in computer science. Mainly for cyber security….and honestly…..I have no idea what I’m doing. I learned how to make virtual machines….and I literally can’t remember anything from first semester. I’m honestly scared that I won’t pass…..but I can’t allow myself to fail….I can’t and I won’t. Maybe I’ll find a great job with it. Maybe I won’t….but literally, I don’t know what I’m even doing lol…
Well as long as you actually like it or it’s a genuine tool for you then I think you’ll be okay. Maybe start your own little projects like trying to hack your phone or something like that. Just do little things for yourself so you know that you can do what you’ve been learning, and that it’s not all just in your head
I’m an IT manager for a school, and when you mentioned security is both technical and cultural issue.. man that hit home.
I try to cover all basis by enforcing 2FA for all accounts, having all our computers and devices use our IdP for login instead of local accounts, and inviting anyone who has ANY type of privilege(ie. Account provisioning, creating a group, etc) to our password manager plan so they can begin using a managed vault and stop recycling the same password for different accounts, and also an authenticator app.
Even then, I find out about stuff like one of our administrators signing up for a service and not using the password manager, and setting up a password along the lines of “password123”
I feel like security is an uphill battle against convenience.. it is extremely hard to regulate every single employee/user in an organization.
Unfortunately the more you let people think for themselves the worse situations you will ALL end up in.
It's only hard if you don't understand it and some things just take longer to understand. It's not just cybersecurity it's any job.
I am strong believer of never giving up. If you have the curiosity and diligence to learn. You can succeed.
"I DONT CARE IF I GET STUCK AT THE GENIN LEVEL FOR THE REST OF MY LIFE, YOU GUYS ARENT GOING TO SCARE ME OFF.
ILL STILL BE HOKAGE ONE DAY! YEAAAA BELIEVE IT"
I have been in Cybersec since 2013. Hang in there. Training and educating yourself is a never ending journey!!!
hey can i dm you for questions?
If you are in university or educating yourself in IT fundamentals, get a technical support position. It will pay dividends to have on your resume to say you got paid to work in IT.
This is great advice! Something I didn't think about myself when at school.
I worked for the student and faculty tech support for my university for all 4 years of college. Not only did I get a degree in that field but I also had 4 years (albeit not full time so around 2 years in total) of experience coming right out of college. Not only did I love that job it helped me get a job afterwards super quick. Now I am doing IT and studying for my CCSK certification. Definitely go for this route it will help tremendously (working for your uni) !!!
This was definitely really helpful man thank you! Always enjoy watching your videos!
Yea...... You do need to know a decent amount of all IT to do cyber security but DONT be afraid be cause you don't know a lot about everything. I currently work as I Cyber Security Analyst but my current job duties are managing several Palo Alto firewalls and running phishing campaigns to train users. Ask me about application gateway firewalls and I have no idea. The bottom line is just specialize in something in cyber security. It has way too many facets to know everything. I also know very little in Malware analysis and offensive penetration testing. I am more defensive Security. I hope what I say encourages more to get started. The best piece of advice I could give is: Know how something works vs memorizing how something works if that makes sense.
This video motivated me so much because the difficulty of cybersecurity made me start to lose hope in myself thinking that it is not my type. But apparently it's hard for everyone so there is hope for everyone!
cybersecurity is an umbrella term that encompasses everything in IT. Of course it is hard. that's why it's pretty common, to have the other jobs (sys admin, network engineer) mastered before you even jump into cybersec. I cringe everytime I see these bootcamps and college certs promising an entry into cybersec straight outta college. yes, it can be done...but you will indeed be overwhelmed. People NEED to know that cybersec is not an offshoot of IT, it is the application of everything in IT.
As a guy rounding out third year uni in Cybersec at the upper end of the grade system, i can confirm i also have regular moments of borderline panic that i feel i don't know what the hell I'm doing half the time. The hope is that feeling goes over time but the more i see from professionals, the more i think this is the norm! 😂
If you don't experience panic at some point you are doing something wrong
I've been working in IT for almost 14 years and decided to go back to school in order to obtain my degree in cybersecurity, and I feel like I have no idea what I'm doing, especially being a remote student, no live lectures, really no support. So when I get stuck or have questions, it will take 48 hours to 4 weeks before I get a response back. Thank you for doing this video, it's greatly appreciated. I've actually been able to use online tools and online learning platforms, which, made it really easy to understand what I'm doing.
If you worked in IT for 14 years, why do you need a cyber security degree ?
@@TheHollywoodHino exactly.. why don't you just show that you can do the work?
I can relate because I'm a second-year university student, and everything is online and so frustrating to feel so lost.
Thank you for this! This somehow comforts me.
I agree with this! Great video!
Thank you!
The thing is, the industry is growing and it needs to change the way it thinks, you need to grow and groom talent, if all the companies want 10 yr experienced masters in everything, good luck. There’s people wanting to go into it, of course you need to study, it’s a lot of information, but there’s a lot of professions like that. A lot of gatekeeping and old ways of thinking are going to make it easy for criminals in the long run.
It is comforting to hear this because after seven months of continuous days of 8 hours of a day of continuous study, I find myself not making significant progress and finding that I have reached a dead end.
I'm currently working on the Google IT Support certificate right now, and plan on tackling the cybersecurity and Comptia Security + later, so it's good to know I'm doing it right investing time to learn general IT principles and land a general IT position first. Seems obvious, but it's easy to overlook the fundamentals and try to jump straight into a new career track. The more I look into the field the more it seems like something I'd love, I love the opportunity to constantly learn more and grow as the field grows!
Nothing is hard. Its just needs focus dedication,Passion,Love,Consistency,Patience
Literally everything in life is hard and there’s no road for an easy path so saying that something is hard it’s just ridiculous
Not sure if he is trying to say to dont go into cybersecurity or a motivation to get into
Very hard to get the work experience that companies want in order to obtain an entry level position
Google is your friend, also it’s nice to invest in a home lab or at least have a few VMs on a laptop for practice.
The issue is people look at it like it’s one job. I’m going into Cybersecurity, that’s like saying I’m going into Law Enforcement. There are sooo many paths to go into. Get your basics and pick an area of interest and focus on that. If that gets boring after awhile, change it up. Narrow your focus.
It’s hard, but anything is possible.
I'll always say cybersecurity is harder than programming. Learning industry grade complex systems and knowing how to exploit and find bugs and vulnerabilities is not for everyone and only a few may find bugs.
+ mention you can start programming very easily, contribute to other projects, make something useful in young age. Unlike Cybersecurity...
Cant thank you enough for making this video. Its HARD for me too. It feels like how much ever you learn, its not enough, the imposter syndrome is real
I hear the trick is to start off working blue team jobs. There are more of them and they're a tad bit easier than jumping straight into red team jobs. And I believe that learning defense will definitely make you better at offense.
I am going to get IT experience before I get into cyber
Its hard because we keep adding new layers upon layers of complexity wich also intersects and can be exploited in new ways.
6:47 makes me cry as i never studied networking and usually had a tough time learning. But this topic is what I've been interested in past several years but have not aquired any usefull skills yet i guess. I hope I can make it.
I went to a 2 year community college for my cybersecurity degree and obtained alot of network ccna’s along the path, am transferring to a 4 year to get a bachelors in IT with a cloud infrastructure focus. I feel like this is a decent route if you don’t know if its for you. My local community college has alot of major connections and offer internships year round. Internships are great if you only have little hands on experience in IT besides classroom. You will learn a lot and it looks very good on your résumé because they know you’re atleast trying to further your knowledge and be an outlier.
Where did you go to school (for 2 year)
@@Lelouch999 wake tech community college, it was more like 2 and a half but they have a really good cybersecurity program
@@jordanstanton5697 did you ever try any game design classes? If so how were they? I’m thinking of going to school at the campus south of Raleigh
I feel like this right now I just graduated and I’m terrified of getting a job now
Thank you for the realistic opinion. It was the same for me when I started learning. I believe you will make it.
Well it's a good thing I'm watching this instead of studying for my CYBR exam 👍
Going to college for a cybersecurity degree is NOT the traditional way. That's the NEW way. In the past people were self taught or maybe studied computer science. Cybersecurity degrees only came along in the past few years. When I graduated high school there was no such thing as "cybersecurity" much less a "cybersecurity degree".
-I confirm- I have read and understood the terms of service and policies of Cyber FastTrack, and that I meet the eligibility criteria of being at least 18 years old and *enrolled in an accredited U.S. college*
🐸🐸
Guys which is harder, software automation testing, cyber security or business intelligence? I am trying to pick a course but have no clue which one is the easiest. Thanks 👍
Great video! I will say, I am so glad I worked as a helpdesk tech, then a network admin before I started my cybersec career. I couldn't imagine going into cybersec without the knowledge I gained from working as a tech and net admin.
Swear imposter syndrome is awful in CyberSecurity
Thanks for this, I just got my first Cybersecurity Gig as a CTI analyst and it's overwhelming, there's seriously still a ton that I don't know and I'm kicking myself in the ass for not studying up on certs and setting up a home lab earlier (If you guys are wondering whether certs/Home lab projects are worth it, they 100% are btw) Still, I'm committed to learning and getting the experience I need! This really helps keeps things in perspective man. I appreciate your content a lot.
What certificates do u have? N home lab?
One thing most people who are interested in Cybersecurity don’t understand before jumping into that profession is that, you need a little bit of understanding of how networking works.
That is why is always advisable to get CompTia Network+ before Security+, and then to a more advanced Cyber CERTS. It’s not about accumulating certs or degree, experiences are very important to any job role.
I took college courses that taught a great deal about networks, such as the recent edition of “business data communications and networking” - and I took the mindtap course for security+ to prep for the exam. Would you reccomend getting a study guide for the comptia exams? I don’t know if the mindtap courses are good enough.
Amazon paying for my full-ride to getting my degree, so I really can’t argue there in the industry part.
Just got offered a sysadmin job that I start next week! 😁
Well done
Great work! Wishing you all the best.
There are currently 600k unfilled cyber security jobs in USA which will grow to 3.5 million in 2025. The demand for good cyber security experts is there but yet there seems to be lack of demand for younger unexperienced workers (which is the same for any field). Why don't these companies invest the time to take these young workers and turn them into experts? Surely its in their best interest.
Great video!
I Don’t have any knowledge about cyber security but i have choose this course in Australia already so will it be hard for meee?😢😢
Right I’ve been a network engineer for years I know firewalls trying to learn more as I’ve seen what happens when attacked
Cool video, thanks for sharing
Studying cybersecurity in college and don’t remember what Im studying or what I am doing 98% of the time
Do you think I have a shot in cyber security if I only have a BA in criminal justice? I regret not pursing a comp sci degree. I want to get into the TECH industry as I no longer want to purse law enforcement.
I start cyber security in march at some community college i don’t really know if that’s great or not, i don’t really have much tech history besides me building a gaming pc, i do know i love to learn a lot of stuff so i hope this all goes good for me lol
For the money that SANS is charging compared to others, they are WAY overrated.
I love how different the quality is between when you first started and now
Thank you, I appreciate it.
If you have no other It knowledge is it best to avoid cyber security?
Appreciate this! I need it as I’m still a student with no experience
Happy to help!
I have been working in an IT Support role, now in a senior position for the last 10 years. I have tried to break into cybersecurity and i found it hard where to start. I have degree in EE engineering, CCNA, ITIL, MCSA but still find it a bit hard where to start. Is ejpt + CISSP a good start? Working towards both.
I’m on the opposite end of your situation work exp wise. I have two certs Sec+ and CySA+ lots of lab experience but hardly any related work force exp and it’s a challenge. A lot of companies desire the SANS certs but that price tag is a killer. Maybe for someone with your IT background, cissp, but that is overkill if you are applying to entry jobs. On the other had there are people getting in with no exp but have friends within companies sliding novices into job roles, and giving them the opportunity to earn their certs while on the job. Tbh it boils down to how skilled you are/ how hooked up you are/ how lucky you are lol a complete crap shoot.
Cyber is hard. Not only on knowledge but on dedication and discipline as well. It is hard to focus on items as monotonous as reviewing logs or looking through alerts. Certainly helps to have an obsessive brain.....
Is Cyber Security more difficult than Computer Science?
0:16 yes I’m getting a degree at UMGC in cyber security policy and management wondering how did I go from a combat job in the army to this 😶🌫️
Thanks 🎉
I went through the boot camp. Which was useful in terms of hand on approach on software but it didn't give me a boost with certificate. It teach me the foundation but try crushing everything in 9 months and it turn into a mess. I almost got a job in I.T. however, they want me to take my time to learn active directory 1st before jumping in which I learned in a boot camp but not fluent.
Sir Sir Sir......... We admire your work and honesty with new students.
I'm 3 years in and still not sure wtf I'm doing 60% of the time.
One thing most people who are interested in Cybersecurity don’t understand before jumping into that profession is that, you need a little bit of understanding of how networking works.
That is why is always advisable to get CompTia Network+ before Security+, and then to a more advanced Cyber CERTS. It’s not about accumulating certs or degree, experiences are very important to any job role.
One who masters the Basics, can one not be too surprised with new information.
I'm also learning the basics such as C# and C Programming before I can move to C++. Later on Powershell, Python, Offensive security, etc since im focusing towards as a prominent Penetration Tester.
its true that is hard to get in yeah but once u get in the amount of knowledge and exp that u can get is endless and its worth a lot in my opinion. and after that everyone from this field wants u
Very true!
am new in cybersecurity and I think it's very difficult but since you're ambitious of it, hardworking, perseverance and consistency is the key
Here's the name of the game... Fucked. Doomed. Etc...
It used to be, you learn a trade, an occupation, and the longer you do it, the better you became at it. So you advanced. You started managing, mentoring, teaching others how to be their best. Not with IT. The longer you do it, the more you have to know. The more you have to learn. You can't keep up. As you age, your memory goes, your drive goes. Burnout is real kids. So bottom line, if you do IT, you're doomed. Eventually, you will suck and hate your life. Or you might hang on, but you'll hate your life. Good luck!
You’re talking about just STEM fields in general then since this seems to be the nature of the beast. I personally don’t mind venturing into the unknown
Is it harder than mbbs??
Great video that sums up starting out in the Information Security field. I highly recommend obtaining a network certification (Cisco, Palo Alto, etc) and systems admin certification (Microsoft, CompTIA, etc). I have found my prior experience as a network admin and system admin really propelled my career and gave me a huge boost in foundational knowledge. Also don't be afraid about not knowing or understanding everything right away, cyber security is about research and learning :)
I've been in IT for almost a decade and a half dealing with Network Infrastructure and have done everything from networking to servers to virtualization to SANs to scripting to web development to network security, and I can already tell you that I'm still learning. Most would think that I'm very talented but I spend a lot of time honing these skills to the point of almost mental exhaustion even after a whole day's work. It is not for the feint of heart. Yes, there is good money but don't think you're just going to be at your seat watching youtube videos. It's a lot of work, deadlines and pressure to get stuff taken care of. Even if you don't know the answer to the problem, you have to find out as the business depends on you. All that being said, it's a rewarding career if you do it right.
It is overwhelming, for sure. If you're young the best route is probably to get into the military and join a unit like the Royal Signals Corps, which is the UK example off the top of my head, or the equivalent from your country's armed forces. They basically do all the IT for the military and SIGINT (signals intelligence). A lot of people in agencies like GCHQ, NSA etc entered the organisation through that route.
For older career changers like moi, the route is going to be more about accepting a huge drop in salary and starting at the bottom again - but you can quickly surpass your old salary in a few years, esp if you have previous management experience and other transferable skills.
The Cyber Fast track sponsoring this video won't let you sign up if you are not a US college student - Old people and foreigners need not apply.
Dude your so humble about this. Im about to graduate in a year and I still barely have a clue at what im doing and what im looking at. Legacy media has really warpped the idea of what the field it
I need help with motivation
Could you make a video about the various options job wise one could take in the cyber security realm? I'm a freshman/sophomore at my college and I'm in the cyber security club, and even we barely know all the options.
Sure! Here is a video I did a while back explaining some "entry-level" roles: ua-cam.com/video/HrGcI3LuzxY/v-deo.html
@@collinsinfosec Awesome thanks!
This was a great video cyber security is hard to get into because you are competing against. System and Network engineers that have already been in the industry for 10 plus years.
bro it’s s hard for you lol 😆
I loved this video! I currently study Cy-Sec now and can confirm....
Great channel, congrats on 100k!
Thank you!
Thanks for sharing, but you have to improve in the audio. It is going to be silent and higher from the tune.
Cybersecurity is an amazing field, and yeah it is complex and confusing
You have to learn Linux and a bunch of things about OS internals(API, Kernel, Process heap, DLL etc etc...)
You have to learn several programming languages for Scripting and reverse engineering (python, PHP, PowerShell, (assembly for reverse engineering))
You have to learn networking and a lot of protocols
You have to learn vulnerabilities assessment and only the tools you are going to use but what vulnerability itself implies and why is this a vulnerability)
You have to learn about cloud security assessment.
A bunch of certificates does not prove that you are a pro.
Knowing some tools does not make you a pro.
Thinking outside the box makes you a pro.
It is a complex field and you do not become a professional after one year.... you have to be obsessed and consistent.