{"id":209308,"date":"2024-03-01T14:55:46","date_gmt":"2024-03-01T14:55:46","guid":{"rendered":"https:\/\/michigandigitalnews.com\/index.php\/2024\/03\/01\/how-to-break-into-cybersecurity-without-any-experience\/"},"modified":"2025-06-25T17:21:24","modified_gmt":"2025-06-25T17:21:24","slug":"how-to-break-into-cybersecurity-without-any-experience","status":"publish","type":"post","link":"https:\/\/michigandigitalnews.com\/index.php\/2024\/03\/01\/how-to-break-into-cybersecurity-without-any-experience\/","title":{"rendered":"How to break into cybersecurity without any experience"},"content":{"rendered":"

[ad_1]
\n
<\/p>\n

Can you break into the world of cybersecurity without experience? It\u2019s a question that\u2019s been searched<\/a> countless times according to Google Trends\u2014even peaking in recent years.<\/p>\n

\n

Ultimately, it\u2019s doable, at least to a certain extent, according to Tia Hopkins, Field CTO and Chief Cyber Risk Strategist at eSentire<\/a>. \u201cYes, you can get into cybersecurity if you have no experience, but not if you stay in a place of no experience. Do things to build your understanding and capabilities continuously\u2014you can\u2019t be a locksmith if you never learn anything about locks.\u201d<\/p>\n

\n

ADVERTISEMENT<\/p>\n

\n
\n

UNC Kenan-Flagler’s #1-ranked online MBA<\/a><\/h4>\n

STEM-designated. Tar Heel ROI. No compromises. <\/span>Visit Website<\/svg><\/a><\/div>\n

\n

UNC Kenan-Flagler’s #1-ranked online MBA is a top choice for experienced professionals with strong undergraduate performance. You can earn your degree at your own pace\u2014in 18 to 36 months\u2014without sacrificing academic quality and rigor. Access lifelong career benefits and join a global community of over 42,000 alumni with an AACSB-accredited online MBA from UNC-Chapel Hill. GMAT waivers available. Learn more today.<\/section>\n<\/p>\n
\n
UNC Kenan-Flagler’s #1-ranked online MBA is a top choice for experienced professionals with strong undergraduate performance. You can earn your degree at your own pace\u2014in 18 to 36 months\u2014without sacrificing academic quality and rigor. Access lifelong career benefits and join a global community of over 42,000 alumni with an AACSB-accredited online MBA from UNC-Chapel Hill. GMAT waivers available. Learn more today.<\/section>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

Global cybersecurity non-profit ISC2 says the total gap<\/a> of cybersecurity professionals is around 4 million. According to Fortune Business Insights<\/a>, by 2028, the cybersecurity market is forecasted to reach $366.10 billion.\u00a0<\/p>\n

So, if you want to learn how to safeguard digital assets on the offensive or the defensive, the work is out there. But, with layoffs looming<\/a>, you have to keep learning or \u201cevolving,\u201d as Hopkins puts it\u2014turning your zero experiences into opportunities.<\/p>\n

What is cybersecurity?<\/strong><\/h2>\n

Cybersecurity is the protection of data, networks, and important information stored online, in servers, and in the cloud from criminals. It can take an offensive stance, too, trying to find hidden vulnerabilities in existing systems and poking holes to avoid shortfalls in networks.\u00a0<\/p>\n

The good guys in this industry, or white hats, are trying to achieve network nirvana\u2014the balance between protection and penetration.<\/p>\n

From credit card details to medical records, private information holds immense value when in the wrong hands. That\u2019s why when you\u2019re logging into a device or website, you\u2019re asked to create a strong password or forced to double authenticate.\u00a0<\/p>\n

How to break into cybersecurity with no experience<\/strong><\/h2>\n

Fortinet\u2019s 2023 Cybersecurity Skills Gap Global Research Report<\/a> reveals a compelling trend: 90% of cybersecurity industry leaders prefer to hire those with tech-related certifications, a leap from 81% in 2021. That same number of leaders are also willing to invest in their employees\u2019 cybersecurity certifications.<\/p>\n

This means that companies see value in experts, but they\u2019re also willing to hire a good candidate with less knowledge and then train and certify them up to standard as time comes. Here\u2019s how to show potential employers that you\u2019re the teachable even if, right now, you\u2019re in a place of no experience:\u00a0<\/p>\n

1. Understand yourself and the cybersecurity playing field<\/strong><\/h2>\n

Start with figuring out what you\u2019re good at, and ask yourself what the world needs and what you can get paid for.\u00a0<\/p>\n

\u201cThat\u2019s when you land on your purpose,\u201d Hopkins explains. \u201cCombine all of that to find out the types of roles that you\u2019d even like.\u201d There are a lot of transferable skills that you might not think would help you in the job search. For example:<\/p>\n

What you\u2019re good at: <\/strong>\u201cYou might even have a knack for breaking things,\u201d says Chris Evans, Chief Hacking Officer and CISO at HackerOne<\/a>. Cybersecurity leaders might use a trait like your inherent clumsiness, for example, as a reason to hire you.\u00a0<\/p>\n

What the world needs:<\/strong> That\u2019s because of the popular term \u201cpenetration testing\u201d or \u201cpen testing\u201d for short. It\u2019s the offensive method of identifying holes and weaknesses in a company\u2019s security network, breaking the system before malicious hackers can.\u00a0<\/p>\n

Pen testing is a form of ethical hacking\u2014a certifiable skill that hiring managers seek in information security and security operations center analysts. According to the U.S. Bureau of Labor Statistics, the information security analyst growth market is expected to expand<\/a> 32% by 2032.<\/p>\n

What you can get paid for: <\/strong>Indeed shows that in the U.S., penetration testers<\/a> with 1\u20132 years of experience earn an average of $171,000\u2014this can be the job you migrate to after getting one of the following entry-level ones. With less than a year of experience, information security analysts<\/a> earn around $75,000 annually, while security operations center (SOC) analysts<\/a> earn approximately $87,000.\u00a0<\/p>\n

The soft skills cybersecurity employers are looking for<\/strong><\/h3>\n

You might already have the soft skills people are looking for. Here are some notable ones:<\/p>\n

Communications and emotional intelligence<\/strong>: According to Hopkins, chief information security officers (CISOs) and technical leaders struggle to speak through the lens of the people listening. \u201cIf a CISO is talking tech, speaking in bits and bytes, to a CFO listening in dollars and cents, that communication will go nowhere, right? Know your audience and speak the language that needs to be spoken. Then actively listen.\u201d<\/p>\n

Curiosity<\/strong>: \u201cFor me, it means you\u2019ll keep up with the industry on your own time. You can\u2019t get complacent,\u201d Hopkins says. The ability to speak about the latest technology or newest cyber threats, like artificial intelligence<\/a>, quantum computing, and blockchain, will help you stand out among other applicants.<\/p>\n

Acting like an owner<\/strong>: Evans says he looks for ethical hackers who can be future leaders. \u201cSomeone who, when a problem comes up, can charge into it and think of ways forward and new solutions\u2014whether it\u2019s a technical problem or even if it\u2019s their job. I\u2019m looking for someone who doesn\u2019t make excuses.\u201d<\/p>\n

Passion<\/strong>: For Hopkins and other higher-ups, passion is the linchpin. She says, \u201cYou gotta love it, or you\u2019ll get burnt out quickly.\u201d Active participation in the community is paramount. Hack the Box\u2019s Capture the Flag<\/a> (CTF) tournaments are great for technical practice and growing online clout. Also, being active on blogs and forums such as 0x00sec<\/a> and Reddit\u2019s r\/blackhat<\/a> provides valuable networking opportunities, the opportunity to learn and ask questions, and places to make your name more well-known.<\/p>\n

The different domains of the cybersecurity landscape<\/strong><\/h3>\n

There are a lot of domains and departments inside the cybersecurity sector. But knowing what each sector does will help you narrow down a career trajectory you\u2019d be interested in pursuing. It\u2019s worth noting that some of these domains have overlap.<\/p>\n

\n\n

IT security<\/strong><\/h2>\n<\/summary>\n

Focussing on safeguarding an organization\u2019s info-tech infrastructure, assessing weaknesses, and implementing security measures. Job titles:<\/strong> Security analyst, security engineer, security administrator <\/p>\n<\/details>\n

\n\n

Network<\/strong> security<\/strong><\/h2>\n<\/summary>\n

Managing and analyzing firewalls, VPNs, intrusions, and general user traffic along a wired or wireless network. Job titles:<\/strong> Network security engineer, network security analyst<\/p>\n<\/details>\n

\n\n

Cloud security<\/strong><\/strong><\/h2>\n<\/summary>\n

Designing cloud architectures and managing cloud-specific security compliance requirements. Job titles:<\/strong> Cloud security architect, cloud security specialist<\/p>\n<\/details>\n

\n\n

ERM (Enterprise Risk Management)<\/strong><\/strong><\/strong><\/h2>\n<\/summary>\n

Collaborating with stakeholders to assess and mitigate organizational risks, developing risk-management strategies, and identifying potential issues. Job titles:<\/strong> Risk manager, risk analyst, information risk consultant<\/p>\n<\/details>\n

\n\n

User education<\/strong><\/strong><\/strong><\/strong><\/h2>\n<\/summary>\n

Educating and training employees, creating awareness campaigns, and providing safe-computing seminars. Job titles:<\/strong> Security awareness trainer, security awareness specialist<\/p>\n<\/details>\n

\n\n

Security operations<\/strong><\/h2>\n<\/summary>\n

Investigating, monitoring, and responding to alerts, threats, and incidents.\u00a0Job titles:<\/strong> Security awareness trainer, security awareness specialist<\/p>\n<\/details>\n

\n\n

Help desks<\/strong><\/strong><\/h2>\n<\/summary>\n

Forgot your password? This is the team that provides technical support to users.\u00a0Job titles:<\/strong> Help desk technician, user support specialist<\/p>\n<\/details>\n

\n\n

Career development<\/strong><\/strong><\/strong><\/h2>\n<\/summary>\n

Deciding which certifications and skills are standard to enter and grow in the industry.\u00a0Job titles:<\/strong> Skills development advisor, certification manager<\/p>\n<\/details>\n

\n\n

Career development<\/strong><\/strong><\/strong><\/h2>\n<\/summary>\n

Designing, coding, testing, and making software, hardware, tools, and services better. Job titles:<\/strong> Security software developer, product security engineer<\/p>\n<\/details>\n

\n\n

Data governance and regulatory compliance<\/strong><\/strong><\/strong><\/strong><\/h2>\n<\/summary>\n

Handling legalities and establishing policies, overseeing data handling practices, and ensuring companies are following laws. Job titles:<\/strong> Compliance officer, data privacy manager<\/p>\n<\/details>\n

\n\n

Digital forensics<\/strong><\/strong><\/strong><\/strong><\/strong><\/h2>\n<\/summary>\n

Investigating cyber incidents and collecting evidence by recovering deleted files, sometimes even being asked to testify in legal proceedings.\u00a0Job titles:<\/strong> Digital forensic analyst, incident response specialist<\/p>\n<\/details>\n

2. Learn the fundamentals of the role you\u2019re interested in<\/strong><\/h2>\n

Next, after researching a role that interests you, it\u2019s time to learn how to do the job. Some of the best ways to learn without first-hand, on-the-job experience are to study for and to complete certifications.\u00a0<\/p>\n

Get certified to show employers that you understand the fundamentals<\/strong><\/h3>\n

Certifications enhance your job prospects and showcase your dedication to learning. The entry-level ones are particularly valuable for high schoolers and career changers entering new fields. While exploring, remain vendor-agnostic, opting for more general knowledge and commonly accepted certs.\u00a0<\/p>\n

\u201cIf you\u2019re chasing a random certification that someone online tells you to get, you\u2019re wasting time,\u201d Hopkins says. \u201cIt\u2019s okay to explore and figure out where you want to go. But until you\u2019ve done that, I never recommend anyone go beyond these certs at first.\u201d\u00a0<\/p>\n

Here are the initial certs to consider applying for:<\/p>\n