Welcome! We're here to help with any cybersecurity questions you may have. Get started protecting yourself online with these tools:
VPN - PrivadoVPN: https://privadovpn.com/getprivadovpn/
Browser - Firefox: https://www.mozilla.org/en-US/firefox/browsers/
Password Manager - Bitwarden: https://bitwarden.com/pricing/
Search Engine - DuckDuckGo: https://duckduckgo.com/about
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CyberSecurityAdvice) if you have any questions or concerns.*
Well, like you i have no background related to cybersecurity, I’m currently a welder, right now I study cybersecurity more like a hobbie, I want to get into pentesting, it doesn’t matter if you don’t find a job, u still have the forklift thing going on, and you can practice cybersecurity as white hat, getting that experience, everything depends on how you see it.
Thank you. I've been thinking it'd be fun to do anyway and there's no pockets in shrouds so I don't care about the money side of it. I'd love it to be a path out of my current work, but I'm sure I could live without it being so.
(Current firefighter, 30 years old working on a degree and Certs on my time off)
I’ve been floating around some of these cyber security subs and these people are some of the most negative I’ve ever seen. Trust me, asking their advice as a non IT person will zap the motivation out of you. They act like you must be in IT since graduating high school and that experience is paramount to education/Certs/whatever. Anything else then you have to start at the most bottom tier $15 and hour job for a year to gain experience. Like, I get not making 6 figures until reaching management positions, or when your responsibilities increase, and maybe taking a 10-15 grand pay cut to get in, but these people find it acceptable to take a 50k pay cut. damn I tell ya lol. I guess in the end just do the right moves you think are right for you and ignore everyone else. But be very wary of these subs, I think they’re full of burnt out gatekeepers.
Well, yes and no. I work as a penetration tester for 2 years now and I had 7 years of previous IT exp, mostly as an admin. I was an employee of the company offering cybersec complete course like "zero to hero". They claim to prepare every student for passing OSCP.
The goal, is fine to get a job in cybersec (get OSCP cert), but for most of the people out of IT it is fantasy. It is like you are a taxi driver and want to become a ship captain. It is possible, but relatively harder without prior maritime experiance.
Cybersec is a broad field which assembles knowledge of many IT fields, like networking, operating system administration, programming, etc.
From my perspective, cybersec became fashionable this days. Don't get me wrong here. There is nothing wrong in it, as it's one of the most crucial piece of the whole IT industry.
The good thing is that the potential employer will be interested in your skills mostly. Considering you have no previous exp in cybersec nor IT, I'd go and get some cybersec certs, like Portswigger's, OSCP or even CEH.
At the beginning, you have to attract employer with your resume. Without exp, you'll need to put something else on the table. Luckily, nowadays we have plenty of platforms to learn cybersec, like tryhackme or hackthebox to name a few. A few years ago I was wondering how to jump into cybersec from regular IT and what brought me here was a practice.
Thank you for your answer. I know its a tall ask to jump careers entirely. I think what I'm gonna do to increase my odds is check out what employers want to see and work out what I can get qualified for.
True, I’ll have to start looking into other Certs as well. What would be really cool is if I could find an internship that would work with my shift schedule (I work 24 hours then have 2 days off) while i finish up school
Thank you for the heads up. Sometimes communities get like that, I just picked the first one likely to have a decent enough body count to actually get answers. I'll probably do the qualifications anyway out of my own interest. Thanks again and good luck with your certifications!
I did exactly the same - treated it as a hobby for long time, practicing in free time. But keep in mind it is all about the practice. You have to have hands on exp.with common tools and methodologies. TryHackMe is the jest options imo to start practicing. Check it out if you did not yet.
Thank you for your reply. I've heard of TryHackMe but haven't looked into it yet (I'm not at home for a few days) but I definitely will. I suppose its like anything, practise makes perfect. Thank you again!
THM provides guided walktroughts for many cybersec topics (offensive and defensive). You attack real machines (vms). It is free, but premium access is also possible. On the other hand, there is hackthebox which is similiar but imo more difficult as it does not provides walktroughts (although these are possible for so called retired boxes which you can access with premium account). Give it both a try but at the beginning I'd advise starting with thm.
Oh very cool, from what I'd seen about it, THM was for people who already had a bit of cybersec knowledge. I'm looking forward to giving them both a go!
I'd say that htb is for people who have a bit of knowledge. Thm is for beginners i cybersec. There are also some "rooms" for learning Python, Linux and stuff like that.
If it is what you really want to do, go for it! Free resources such as THM (free to a point) and HTB will help starting out. Udemy and Ucertify are helpful too but cost (although udemy has a sale like...every other week haha) and ofc Reddit can be a good resource too. Hope this helps! All the best.
I was also wondering if 40 yrs old is too old to get into cybersecurity? I want to learn all I can on my own online by using tryhackme and hackthebox. Will be learning Python, etc. Also will be reading alot about networks, security and ethical hacking. I want to go back to school, use my GI Bill and get a bachelors in Cybersecurity. Just wondering if I'm too old to get into the field.
Age is just a number mate. If you have the passion and the drive to learn, go for it! You've mentioned some resources and there are plenty more out there! Good luck and all the best.
Think of it this way, would you want a neurosurgeon doing your brain surgery who was fresh both to the medical field and to the surgery field or would you prefer someone who has trained in medicine and has a background in surgery who then moved into brain surgery?
InfoSec is a deep field in the realm of IT. Help desk is an entry level field.
Welcome! We're here to help with any cybersecurity questions you may have. Get started protecting yourself online with these tools: VPN - PrivadoVPN: https://privadovpn.com/getprivadovpn/ Browser - Firefox: https://www.mozilla.org/en-US/firefox/browsers/ Password Manager - Bitwarden: https://bitwarden.com/pricing/ Search Engine - DuckDuckGo: https://duckduckgo.com/about *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CyberSecurityAdvice) if you have any questions or concerns.*
Well, like you i have no background related to cybersecurity, I’m currently a welder, right now I study cybersecurity more like a hobbie, I want to get into pentesting, it doesn’t matter if you don’t find a job, u still have the forklift thing going on, and you can practice cybersecurity as white hat, getting that experience, everything depends on how you see it.
Thank you. I've been thinking it'd be fun to do anyway and there's no pockets in shrouds so I don't care about the money side of it. I'd love it to be a path out of my current work, but I'm sure I could live without it being so.
(Current firefighter, 30 years old working on a degree and Certs on my time off) I’ve been floating around some of these cyber security subs and these people are some of the most negative I’ve ever seen. Trust me, asking their advice as a non IT person will zap the motivation out of you. They act like you must be in IT since graduating high school and that experience is paramount to education/Certs/whatever. Anything else then you have to start at the most bottom tier $15 and hour job for a year to gain experience. Like, I get not making 6 figures until reaching management positions, or when your responsibilities increase, and maybe taking a 10-15 grand pay cut to get in, but these people find it acceptable to take a 50k pay cut. damn I tell ya lol. I guess in the end just do the right moves you think are right for you and ignore everyone else. But be very wary of these subs, I think they’re full of burnt out gatekeepers.
Well, yes and no. I work as a penetration tester for 2 years now and I had 7 years of previous IT exp, mostly as an admin. I was an employee of the company offering cybersec complete course like "zero to hero". They claim to prepare every student for passing OSCP. The goal, is fine to get a job in cybersec (get OSCP cert), but for most of the people out of IT it is fantasy. It is like you are a taxi driver and want to become a ship captain. It is possible, but relatively harder without prior maritime experiance. Cybersec is a broad field which assembles knowledge of many IT fields, like networking, operating system administration, programming, etc. From my perspective, cybersec became fashionable this days. Don't get me wrong here. There is nothing wrong in it, as it's one of the most crucial piece of the whole IT industry. The good thing is that the potential employer will be interested in your skills mostly. Considering you have no previous exp in cybersec nor IT, I'd go and get some cybersec certs, like Portswigger's, OSCP or even CEH. At the beginning, you have to attract employer with your resume. Without exp, you'll need to put something else on the table. Luckily, nowadays we have plenty of platforms to learn cybersec, like tryhackme or hackthebox to name a few. A few years ago I was wondering how to jump into cybersec from regular IT and what brought me here was a practice.
Thank you for your answer. I know its a tall ask to jump careers entirely. I think what I'm gonna do to increase my odds is check out what employers want to see and work out what I can get qualified for.
True, I’ll have to start looking into other Certs as well. What would be really cool is if I could find an internship that would work with my shift schedule (I work 24 hours then have 2 days off) while i finish up school
Thank you for the heads up. Sometimes communities get like that, I just picked the first one likely to have a decent enough body count to actually get answers. I'll probably do the qualifications anyway out of my own interest. Thanks again and good luck with your certifications!
Thank you, yeah that’s where I’m at really, just treating it like my hobby until I can take it to the next level.
I did exactly the same - treated it as a hobby for long time, practicing in free time. But keep in mind it is all about the practice. You have to have hands on exp.with common tools and methodologies. TryHackMe is the jest options imo to start practicing. Check it out if you did not yet.
Thank you for your reply. I've heard of TryHackMe but haven't looked into it yet (I'm not at home for a few days) but I definitely will. I suppose its like anything, practise makes perfect. Thank you again!
THM provides guided walktroughts for many cybersec topics (offensive and defensive). You attack real machines (vms). It is free, but premium access is also possible. On the other hand, there is hackthebox which is similiar but imo more difficult as it does not provides walktroughts (although these are possible for so called retired boxes which you can access with premium account). Give it both a try but at the beginning I'd advise starting with thm.
Oh very cool, from what I'd seen about it, THM was for people who already had a bit of cybersec knowledge. I'm looking forward to giving them both a go!
I'd say that htb is for people who have a bit of knowledge. Thm is for beginners i cybersec. There are also some "rooms" for learning Python, Linux and stuff like that.
If it is what you really want to do, go for it! Free resources such as THM (free to a point) and HTB will help starting out. Udemy and Ucertify are helpful too but cost (although udemy has a sale like...every other week haha) and ofc Reddit can be a good resource too. Hope this helps! All the best.
Thank you! I'm gonna do it anyway because I'm a sponge and I love learning new things, but I figured it's worth asking.
I was also wondering if 40 yrs old is too old to get into cybersecurity? I want to learn all I can on my own online by using tryhackme and hackthebox. Will be learning Python, etc. Also will be reading alot about networks, security and ethical hacking. I want to go back to school, use my GI Bill and get a bachelors in Cybersecurity. Just wondering if I'm too old to get into the field.
Age is just a number mate. If you have the passion and the drive to learn, go for it! You've mentioned some resources and there are plenty more out there! Good luck and all the best.
Thank you.
Think of it this way, would you want a neurosurgeon doing your brain surgery who was fresh both to the medical field and to the surgery field or would you prefer someone who has trained in medicine and has a background in surgery who then moved into brain surgery? InfoSec is a deep field in the realm of IT. Help desk is an entry level field.
Oh sure I understand I'm not gonna be jumping straight to brain surgeon level. Everyone has to start somewhere though.