Cyber Security is a fascinating field and an excellent career choice. Professionals are in high demand, the work is highly significant in protecting society, and they are paid a substantial salary. But hold your horses! Isn’t cyber security only for those who have a brilliant mind? Certainly employers would require at least a bachelors degree for entry level positions, wouldn’t they? And what about coding skills? How can anyone possibly get into cyber security without a good command of at least one programming language? Misconception. False assumptions. If you don’t fit the bill, stay tuned and find out, why you could and should pursue a career in cyber security!

One of the most common misconceptions that people tend to have is that you must have at least some kind of background in information technology, or IT. The notion is that you should have a fairly good understanding of computers, networks, the Internet in general and more specifically the world wide web.

While it is true that all of these concepts are important and you will need to understand them eventually, not being acquainted with them now does not prevent you from pursuing a career in cyber security. The Internet is filled with great videos, articles and courses that teach you all the essentials. All you need is a motivation to learn, and patience to study. If you would like a practical guideline regarding resources that can be beneficial to you, please scroll down to find the link in the Description.

The main problem with formal education is that it is far too theoretical for a field that is so practical. Understanding the theory behind information technology and cyber security is, of course, of prime importance, but that alone will not be sufficient when faced with real world challenges.

Another issue is the bureaucratization of educational institutions which prevents universities and colleges from applying rapid changes to their study curricula. Information technology in general, and cyber security in particular, are fields where things change constantly due to new emerging threats, the advancement of technology and the enforcement of new legislations. Universities and colleges simply are not capable of handling this volume of change. On the contrary, new information and content are uploaded nonstop to the Internet. In many cases, you have the latest and greatest information readily available to you free of charge!

If you are just staring out, I strongly recommend focusing first on acquiring a solid theoretical foundation and at the same time gradually incorporating an increasing amount of practical exercises to the mix.

Coding is most certainly a valuable and handy skill to have, because it enables you to develop your own tools instead of relying solely on those developed by others. Nevertheless, it is not a requirement for all cyber security positions. For example, if you are aspiring to become a Cyber Security Analyst, you do not need to know coding in most cases.

However, I would suggest attaining at least a basic understanding of the SQL query language. This is because Security Information and Event Management solutions as well as Managed Detection and Response solutions use their own custom query languages for searching log data. If you have a basic grasp of how SQL works, you can very quickly adapt to any custom query language.

If you are considering a career as a penetration tester, you can reach a certain level of expertise without coding skills as there are various graphical user interface tools available. However, it will be to your advantage to have a working knowledge of the following languages:

Bash for Linux and Macintosh users, PowerShell for Windows users, Python as a general language for penetration testing and exploit development, JavaScript for web application penetration testers, C / C++ / C# and Assembly language for reverse engineering and malware analysis, and lastly Rust and Go for advanced exploit development.

If you are not comfortable at the command line or have no idea about what was just said, it is not a problem. You can still attain a good position in the cyber security industry. Go for it!

It is a fairly common practice in the business world to encourage employees to recommend the employer to their friends and acquaintances. This helps the employer get more job applications for a vacancy. It also serves as a guarantee of some sort, because it is highly unlikely that employees will recommend a person unless they genuinely think that person will be a good fit.

If you are completely new to this field or you do not have any friends working in the cyber security industry, it will likely be more challenging for you to get hired. You may have to work harder to prove your worth while competing against other candidates who have better qualifications than you. But it can be done. If you are able to express your enthusiasm, and show that you are capable of high quality workmanship, you can land a job without any recommendation.

Although less common, some suggest that you will need to acquire cyber security certifications. These come into play later on when you are looking for higher level positions. Entry level positions rarely, if ever, require cyber security certifications. Furthermore, most certification programs will be more beneficial for those who have already gained some relevant working experience.

Certifications are important in the IT industry in general, and in the cyber security field in particular. They provide employers a better guarantee of a candidates capabilities than a traditional university degree. This is especially true for certifications that are highly practical in nature.

If you are just getting started, it isn’t advisable for you to be worrying about certifications at this point. Instead, focus on the freely available resources first. If however, you are interested to know more, the SANS institute offers fabulous courses, most of which are directly linked to an industry standard certifications program.

The courses have a hefty price tag, but SANS offers many other resources free of charge such as webinars and summit recordings. These are available on Youtube and on the SANS website. We also have a video covering the SANS SEC504 course, an exceptional and foundational course for anyone in the cyber security industry. Follow the link in the description to learn more.

I hope it is evident by now that you do not have to fit the bill in order to pursue a career in cyber security. Breaking into this field is possible for anyone who is willing to put in the time and effort. All the resources that you need are available, some are offered free while others require a payment. Regardless, make the most of the opportunity, as life is short and you only get one bite at the cherry.