How to Get into Cybersecurity in 2023

TL,DR:

• Demand for Cybersecurity professionals is high and growing
• Entry-level positions may not require a formal degree and instead prioritize skills
• Coming from a technical field with transferable skills sets you up for success, but consider studying for a relevant certification to demonstrate your abilities 
• For non-technical people, additional learning will likely be required 
• There are three main paths to acquiring Cybersecurity skills – self-study, university, or a cybersecurity bootcamp 
• A bootcamp will get you there faster than self-study and for a fraction of the cost of attending a traditional university

More people, organizations, and governments are online than ever before. The internet hit 5.1 billion users in 2023, with an estimated two-thirds of the earth’s entire population getting online. 

But, the digital age comes with a double-edged sword. While internet access unlocks opportunities the world over for those with good intentions, it also increases opportunities for those with bad intentions to exploit digital assets. And, with emerging artificial intelligence tools being used to scale both the frequency and complexity of cyber attacks, demand for those with cybersecurity skills has exploded. The cybersecurity industry is projected to grow 32% from 2021 – 2029 – a staggering increase when compared to the rest of the economy.

No matter where you’re starting from, you can get a job in cybersecurity – and we’ll show you how.

What Is Cybersecurity?

In simple terms, cybersecurity is the practice of securing networks, resources, and systems from cyberattacks. This means anytime you take measures to protect a system or network from cyberattacks, you are practicing cybersecurity.

Despite its superficial simplicity, cybersecurity is a lot more complex than installing antivirus or antispyware software onto your machines. It is a wide, comprehensive field consisting of different disciplines and best practices to preserve the safety, integrity, and reliability of networks and digital systems.

Why Is Cybersecurity Important?

Data breaches expose sensitive information to people with malicious intent – think things like passwords, credit card information, phone numbers, protected health information, personally identifiable information, and sensitive documents (such as copyrights, trade secrets, patents, and so on). 

But, information theft is often not the only goal of a cyberattack — hackers and bad actors also attack infrastructure controls and compromise data integrity. With the power of AI tools, these cyber threats are only projected to increase in both frequency and complexity. 

Therefore, it’s critical – both at the individual and organizational level – to secure the data that so many rely on.

What Cybersecurity Jobs Are Out There?

If you’ve done any research into cybersecurity positions, you’ve likely come across something called the cybersecurity talent gap. This term refers to the lack of skilled cybersecurity professionals available to fill much-needed roles. 

Recent studies estimate that there are over 3.5 million unfilled cybersecurity jobs in 2023 and that 56% of companies struggle to recruit qualified candidates. These are all positions that you could be training to fill!

Further reading: The Ultimate Guide to Cybersecurity Careers

Basic Education Requirements for Cybersecurity Jobs

This is likely the first thing you googled – “Do you need a bachelor’s degree to get a Cybersecurity job?” 

Cybersecurity is a vast field with a variety of different roles available. No matter your background, there is something you can contribute to the cybersecurity discussion. Due to this, there are no true “basic education requirements” that would apply across the board for every single cybersecurity position. In fact, many entry-level cybersecurity jobs do not require a bachelor’s degree in cybersecurity or related fields. For more senior roles, it may be required to hold a degree or specific certification.

But, this is about entry-level – so let’s move on to how your transferable skills can apply to cybersecurity (no degree required). 

Programming Skills Needed In Cybersecurity

While entry-level Cybersecurity roles often do not require a formal degree, you’ll still need relevant skills to prove you can do the job. A major skill set that is required is programming. If you have experience in any of the below common languages, you’re already ahead of the game. 

Further reading: Best Programming Languages for Cybersecurity 

Python

Python is used to test for web application security vulnerabilities, such as SQL injection and cross-site scripting, to scan for malicious code, and to build automated web application firewalls.

Golang

Also known as “Go”, Golang is often used to develop malware.

Javascript

Javascript is a lightweight scripting language used to access cookies on a browser, access and manipulate databases, and carry out cross-site scripting (XSS). 

C

This is a low-level programming language that is useful for reverse-engineering malware and creating antivirus software to counter it. 

C++

The C++ programming language was created as an improvement on C. It was made to support objects and classes and is faster and more flexible than C. It can also help in reverse engineering and identifying network vulnerabilities.

SQL

This is the language used to access and manipulate data in most databases, making it the most popular data management language. Most websites store their data in relational databases and use SQL (Structured Query Language) to access and modify it.

Assembly

Assembly is a low-level language that speaks almost directly to computer hardware. It can be difficult to write and read but is extremely powerful, especially when it comes to reverse-engineering malware.

Powershell

Powershell is a more robust and powerful command-line utility than the traditional Windows command-line tool, CMD. Administrators can use it to automate tasks or get in touch with the nitty-gritty details of the system, such as window APIs and events. Attackers like to use it to gain access to systems.

Ruby

This is a backend scripting language known for its clean syntax and ease of use. It is also popular because it allows you to get more done with less code. It is used on servers and is written in C.

Java

This programming language has remained relevant for a long while because of its versatility, security, and power. It can be used for virtually any programming task, such as pen testing and creating vulnerability testing software. 

PHP

PHP is the most popular server-side language and is still used by a large majority of websites. 

Soft Skills Needed In Cybersecurity

Despite what Hollywood might suggest, you will not be working alone in the back of a van (at least most of the time). You’ll be working on teams with other Cybersecurity professionals, so soft skills are just as important as hard, technical skills. The most important soft skills for a cybersecurity role are:

1. Management skills: this refers to time, people, and project management.
2. Problem-solving
3. Verbal and written communication
4. Presentation
5. Independence
6. Leadership
7. Logical reasoning
8. Creativity
9. Willingness to learn
10. Integrity

Further reading: 16 Soft Skills You Need to Succeed in Cybersecurity

Recommended Entry-Level Cybersecurity Certifications

Cybersecurity certifications help demonstrate that you can do a job. But you need to focus on getting the right ones for them to be effective. Here are some recommended entry-level cybersecurity certifications to consider:

CompTIA Security+

The CompTIA Security+ certification focuses on foundational cyber skills. This certification rubber-stamps your ability to assess an organization’s security level, monitor and secure cloud, mobile, and IoT environments, and identify and respond to threats.

Attaining this certification can qualify you for roles such as:

• Systems Administrator
• Help Desk Manager
• Security Engineer
• Cloud Engineer
• Security Administrator
• IT Auditor
• Software Developer

GIAC Security Essentials Certification (GSEC)

The GSEC is ideal for professionals with a background in information systems and/or networking who want to move into cybersecurity. This certificate validates security skills such as active defense, network security, cryptography, incident response and cloud security.

Attaining this certification can qualify you for roles such as:

• IT Security Manager
• Computer Forensic Analyst
• Penetration Tester
• Security Administrator
• Software Development Engineer
• IT Auditor

Systems Security Certified Practitioner (SSCP)

This certificate validates that you have the skills to design, implement, and monitor a secure IT infrastructure. The qualifying exam features questions regarding access controls, risk identification and analysis, security administration, incident response, cryptography, and network, communications, systems, and application security.

Attaining this certification can qualify you for roles such as:

• Network Security Engineer
• System Administrator
• Systems Engineer
• Security Analyst
• Database Administrator
• Security Consultant

Further reading: 9 In-Demand Cybersecurity Certifications

How To Get Into Cybersecurity If You Come From Another Technical Field

Many skills acquired in other technical fields transfer quite well to cybersecurity. Pre-existing knowledge of critical functions such as security ops or information systems can make the transition much smoother. Professionals in financial and risk analysis, security intelligence, and the like are well-positioned to transition into cybersecurity.

While things like certifications are an asset, some of the most relevant skills to have are knowledge of cybersecurity concepts and strong non-technical/soft skills.

Technical Skills

Here’s a fairly comprehensive list of the technical skills you’ll need to transfer into cybersecurity if you come from another technical field.

1. Risk assessment and management

This is possibly the most important skill a cybersecurity specialist can have. It entails identifying possible threats and analyzing and evaluating the risks the organization faces. It ensures that the measures to protect the organization are appropriate to the organization’s risks. 

2. Authentication

This is the process of ascertaining a user’s identity, thereby allowing them access to digital resources.  Cybersecurity professionals create new authentication schemes, audit existing ones for possible data leaks/breaches, and should be comfortable with firewalls and Intrusion Detection Systems (IDS).

3. Linux

This open-source operating system is a favorite of cybersecurity professionals because of its flexibility and transparency. As a result, most cybersecurity tools (such as penetration testing, vulnerability analysis, and ethical hacking) are developed for the Linux operating system. It’ll do you good to learn it before embarking on your cybersecurity career.

4. Information systems

This refers to how information is collected, processed, stored, and distributed both within and without an organization. As a cybersecurity professional, you should understand the routes data takes and what operations are performed on it. This will help in identifying breaches and building protective measures.

5. Digital forensics

This refers to the investigative methods used to find anomalies and malicious activity on the network. 

6. Coding languages

As mentioned above, many cybersecurity jobs require fluidity or at least familiarity with multiple programming languages. If you used any of the most common languages in a previous role, this is a major advantage. 

Tips For Leveraging Your Experience

If you are coming from another technical field and already have had the opportunity to develop some of the technical skills listed above, then you’re miles ahead in the process. Before jumping into the job search, be sure to polish your skills and brush up on current industry topics. Highlight your previous experience in applications, and you’ll significantly increase your chances of landing a cybersecurity job.

How To Get Into Cybersecurity If You Already Work In IT

Professionals with IT backgrounds often are familiar with information systems and networks, making a lot of their skills easily transferable to Cybersecurity. They also tend to have been exposed to fundamentals such as configuring and administering systems, coding, database management, IT procedures, and real-world business operations.

Technical Skills

Depending on the cybersecurity role you have in mind, your technical skills from your previous IT role might not translate perfectly, requiring additional education to be a competitive candidate (more on that later). That being said, some IT roles are such a good fit for cybersecurity that they are called feeder roles. The skills you’ll need are:

1. Risk assessment and management
2. Cryptography
3. Security operations
4. Information assurance

Tips For Leveraging Your Experience

The IT field is a great stepping stone for a cybersecurity career, but you’ll likely need to do some additional work before you can start firing off applications. To fill in skill gaps, you may want to consider either taking an accelerated course like a Cybersecurity bootcamp to streamline skill acquisition or studying for relevant certifications to demonstrate pre-existing mastery. 

Further reading: How to Stand Out and Get a Job in Information Security

How To Get Into Cybersecurity If You Have No Technical Experience

While it is possible to get into the cybersecurity field without technical experience, your journey will likely be longer than someone with a technical background. Don’t let that discourage you though – there are lots of resources out there to help you get started. 

Technical Skills 

If you’re coming from a non-technical background, you’ll likely need to go for further education to acquire the skills you need to land your first job. That being said, here are some skill sets to consider focusing on, depending on your ultimate career goals:

1. Penetration testing

This is also called pen testing. This is a way to check a system for vulnerabilities by simulating a cyber attack on it. 

2. Cloud security

The “cloud” is a collection of computers and servers that you can access remotely as opposed to locally. By extension, cloud security is any method by which applications, data, and resources are protected in the cloud.

3. Digital forensics

This means exactly what it sounds like; following digital clues to uncover crimes and crime attempts. Cybersecurity experts use this when there is a data breach to attempt to uncover who did what and when.

Tips For Leveraging Your Experience 

If you’re coming from a non-technical background, there’s no way around it – you’ll have to develop additional skills. Afterward, you can lean into the soft skills you developed in previous experience, but to even begin you’ll need to meet basic qualifications and requirements. 

Let’s discuss how you can develop those skills below.

Developing Cybersecurity Skills: 3 Paths

Self-study

This is generally the path most Cyber hopefuls embark on early in their journey – googling around, taking some free online courses, and generally just being a sponge for information. But, this path is often the hardest. While there are almost limitless free resources available online, determining what to study and sticking with it long enough to acquire solid skills is immensely difficult. But, if you have the iron will required of this path, pursue it!

Advantages of self-study: 

• Self-paced
• Inexpensive

Disadvantages of self-study:

• You need a lot of discipline to stay the course
• It could take a long time
• No guidance on course topics 
• No support if you hit a difficult topic

Traditional Degree

If you’re switching careers, you could go the traditional university route. A cybersecurity degree or a related one (such as computer science) will nicely set you on your path. But, 4 years and thousands of dollars later, you’ll graduate with lots of theory and likely little hands-on experience. 

Advantages of a traditional degree:

• You’ll get a solid understanding of the basics
• Accountable for learning
• Professors available for support 

Disadvantages of a traditional degree: 

• Often prohibitively expensive 
• Takes a long time (3-4 years)
• May not receive hands-on experience 
• Heavy focus on theory 

Cybersecurity Bootcamp

Attending a bootcamp is a good middle ground between the previous two options – far less expensive than a university degree, and much faster than both self-study and university. 

Cybersecurity bootcamps teach students the skills to break into the industry in weeks, not years. With a curriculum in tune with current trends (ie, artificial intelligence), instructors there to support your learning journey, and career services support post-graduation, a quality bootcamp can turbocharge your path into a new career.

Advantages of a Cybersecurity bootcamp: 

• Comparatively inexpensive
• Practical, hands-on skills
• Flexible learning options
• Takes weeks, not years 
• Job search support offered

Disadvantages of a Cybersecurity bootcamp:  

• Rigorous learning pace
• Significant time commitment

Get Started Learning Today

No matter where you’re starting from, there is a path for you into Cybersecurity. 

Apply Now to join other Cyber hopefuls in a program that’ll give you the cybersecurity skills you’ll need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Or, read stories about successful career changes on the Flatiron School blog.

Disclaimer: The information in this blog is current as of 30 October 2023. Current policies, offerings, procedures, and programs may differ.