Silly comment. It's always hard. It's whether or not you can get used to working like that. Many can't. But saying pr suggesting it's not hard is false. Running a marathon is always hard, no matter how much joy you get out of running.
It depends on what your definition of "the grind" is. If that includes pulling all-nighters, skipping the gym, eating like health is the last thing on your list - then absolutely no. The grind is not only NOT necessary, it will make you all the worse for it. If by "the grind", you mean working your ass off for eight hours, then going home. Then sure. But putting your own mental and physical health on a lower peg than your job - even if it's temporary - is a shit suggestion. A sharp mind and a healthy body is the foundation for learning effectively, responding effectively, and excelling in anything you do. Hurting your brain and body (aka: down-clocking your CPU and pulling half the wires out of your motherboard) is the last thing anybody in cybersecurity should be doing.
That sounds lovely but you obviously don't work Blue Team.... it's constant out of hours work at big companies. Weekends. 4 am in the morning. 60+ hour weeks are common. Hackers l, especially sophisticated AI or ML driven attacks, don't care about your work life balance. In fact they count on it. That's why most popular time in US for cyber attacks is Thanksgiving holidays. Blue Team Cuber Sec isn't front end dev. You can't do 40 hours a week always. You can't even count on following the sun or AI Ops always. You will be asked and compelled to imbalance your work/life in favour of work. It's the nature of the job.
@@iorekby I'll tell you with certainty - given the studies I've seen, I would not trust security experts who sacrifice personal time for work. Especially if they sacrifice sleep for work. That's a repeatedly verified recipe for high-cost mistakes. And in cybersecurity - especially during or after a successful attack - high cost mistakes can mean the difference between survival and closing your doors. Cybersecurity hotshots (just like the game developer hotshots and software engineer hotshots from back in the day) need to accept the facts. The biggest reason there are even security issues in the first place? It's a direct result of high-pressure, long-hour, hard-deadline environments. Release release release - who cares about the bugs - we need this out now! I'd rather have two shifts of fresh minds ready to rocket into action than one, long, drudging, grueling, Monster/Adderall riddled shift that are ready to pass out by the end of their shift. It's not the nature of cybersecurity - it's the result of a highly reactive rather proactive economic pressures.
@@iorekby TLDR: would you rather cops work long, mentally taxing shifts - using uppers just to finish the day in time to knock out a quick 4 hours of sleep before hitting the streets with a gun on their hip? Or maybe cops that work shorter shifts, don't need uppers and get a full 8hrs of sleep per night? Just sayin'. I know which one's I'd rather have roaming my streets.
@BlackbodyEconomics What are you even rambling about? What studies? This isn't ego, its necessity. No one wants to get a 4am call out ffs. You're coming at this from some delusional point of view where its guys wanting to swing their dicks. It's almost never that. It's literally there's no one else. It's like saying a paramedic or ER nurse pulling a double shift is trying to be a rockstar. Utter drivel. They are doing it for necessity. If you actually worked cyber Sec, you'd understand that. No one wants the anti social hours or stress. It's just that there are too few skilled professionals for the number of attacks currently. Maybe pontificate about something you've real world experience of next time instead of reading a Medium article and telling actual people who do the job what's what.
I get what you're saying but its a fantasy to expect good work-life-balance in IT, let alone cybersecurity. Its one of the reasons why there are so many vacancies for cybersec jobs.
@@dalvindream8975 I've never been good with computers, like I can type fast and am apart of the younger generation so I'm not like an old man, I have no qualifications. I'm 27 and need to start a career, do you think cyber security would be a good route for me? I get stressed easily and have a history of depression. You think I could do this shit? Any help is appreciated man
The grind is long but I am enjoying it. I love tackling challenges. In Highschool, I was not good academically. My average gpa was 1.8. I am doing cybersecurity to challenge myself, to see how intelligible I really am. To let my old self know that he was nothing more than a shell that is eroding away.
Finally someone that tells the truth about cybersecurity, I had to sacrifice 3 years of my life just to get half of the knowledge and experience to get into the industry (and even today I still have a lot to learn).Now I keep seeing random videos of course sellers telling people they can get into cybersecurity in 3 to 12 months with no experience.
Don't worry, diversity hiring practices will fix all that. You'll have boot campers who don't know what a firewall even is but they meet the race criteria.
You are the reason i am going into cybersecurity… idgaf how hard. i am going all the way 😂 i am 30 and dont really have a life so making something out of this is more realistic 😊
Bruh. Thank you. I’m on year 5 and I still feel like I know nothing even after constantly learning day after day, getting new certs each year, doing projects after work, and working in a very active environment day job. Managers need knowledge mile wide and inch deep but actual technical professionals (like myself as a T3 threat analyst) takes knowledge a mile wide and a mile deep. It’s a lot of work and strain on the brain. A LOT more than I expected before getting into the domain.
Hey, could you provide what things you’re exactly doing in cybersecurity? What things are “hard” and why it is considered difficult to learn? I’m someone interested in this field so I would appreciate the advice!
Year 5 and you've known nothing? Are you sure you've really learned? You should have learned something already by year 2. It might seems you were learning everything at once rather than focusing on one path until you've mastered it and move onto the next.
I think that's the thing about working in IT spaces - you never really know everything. I'm sure after 5 years, you have very good knowledge... we just have to keep learning new things since this space evolves/changes at such a rapid pace. You have to be a lifetime student just to survive and keep up.
I’m 29 years old and worked in a factory my whole life. I been super depressed and feeling like I needed a change asap and I have figured I was going to try cyber security I have nothing but myself holding me back this video gave me a lot of things to research
with certifications in 2 years you can be a really great job. in 1 year a junior job get these comptia a+, network a+, security a+ then az900 and you will be able to find a job. after a while get CISSP
I’m on the same boat at 30 years old I’m in my first year of college. I’ve been in trucking since 2017 and the market has been on a decline since Covid and hasn’t recovered, I tried to wait it out but it’s not worth it anymore
Same for me bro 27 and going to go back to college for cybersecurity or computer systems degree. I work the oilfield and realized I can used that degree to work for the same oilfield companies.
I haven't even finished the video yet but I'm already so thankful. As a college student of a different field, I'm a bit intimidated but also relieved from the info you shared. Thank you so much!
Thanks for the video! I'm getting my BS in Cybersecurity at WGU and just completed my A+ and currently studying for Network+ now. I'm a new subscriber now!
Every goverment job these day require Security plus. But you have to take it every 3 yrs... Learn that next. I learn less than a month pass it now it sit in an email. Never look it again... 🤣
This is from my experience, bro. A+ doesn't mean anything. Book smart means nothing. It's about QUALITY experience, talent, and the ability to think outside of the box to get the job done. There's no college in America that will teach you how to do your job. I'm not in Cyber Security, but that's my experience in IT. In my field, we have a lot of dumb people that have 4 year degrees and more experience in certain areas, but even they can't do the job correctly. That's why it's a COMBINATION of the traits above and not just one of them.
Wow…This is good. Beginners usually think they have to know everything under the cybersecurity umbrella but no, just focus on a domain. With time, you will develop interest in others and naturally pivot towards them.
Thank you for this information, it was very helpful. I’m trying to decide if I want to pivot careers and Cybersecurity was my top choice. No matter what you learn it’s a grind to be successful, put in the work and success will come. Nothing comes easy in life. 🙏🏾
I have had the exact same experience. I had a 20 yr Naturopathic Doctor Private Practice, and sold Medicare as a licensed insurance agent. If you want something better than to work at McDonald's or a clothing store, you got to keep up with the grind. New information, a lot of new information, comes out daily in any professional field. People depend on us. This is my public service, not just some random job for the money. That turns my motivation around.
Ngl, this video helped me realize cyber security is not for me. I can finally get that thought out of my head and maybe look towards front end dev. Good luck on your journey guys!
I love this video! Been working IT specialist and system admin work for 5+ years now and learning programming on the side, I decided to look into Ethical hacking one day and loved it and it feels great finding something I can enjoy, have a goal to aim for and have a good chunk of developed experience and skills I can convert to such a role. Grind can be hard, im 29 and only now deciding to work towards Ethical hacking, its never too late just need to dedicate time and energy to the grind 🙏
A very much needed video. A lot of the marketing from cybersecurity programs is that there are an abundance of jobs out there and that if you just take their program you'll easily get in. What they don't tell you is that there are so many openings because it's difficult finding qualified candidates who have enough experience. There are tons of people out there who have lots of knowledge - they have their bachelors, they have taken their Sec+ or similar cert, but they can't even get a job. The "entry-level" jobs aren't for those new to the field. The barriers to entry are steep, and the competition is high. It's even worse now thanks to AI consuming some of the lower-level grunt work that might be done by some of those "entry-level" positions.
@@xyz-pg3zdBasically it's doing the helpdesk monkey work a lot people might have used to get entry level Cyber Sec. In other words, the few actual entry level posts somken with say Sec+ and Network+ might've beem able to blag their way in to 10 years ago are rapidly disappearing.
Pentesting was my first job in cyber security. And I've actually worked alongside many pentesters that were new to cyber security over the years. Great video though.
@@Slashy_rlmost pen testers are very confined in their scope based on an agreement with the company. They simply follow a checklist of tests with the help of a network scanner. It really doesn’t seem too difficult. That’s why pen tests aren’t the end all be all of IT security audits.
@@hazeljust7001 Im a Uk college student in my first year of a level 3 IT course which covers basic networking etc, seeing these videos puts me off my goal and lowkey has me thinking if i should continue or not? I know IT has so many doors open but do you agree with this video? I dont have much experience in IT, im just 16 years old and I really wanna get into pen testing. But ive also been advised stuff like cloud aws is good, im just in it for the money really but cybersecurity is something i find passionate about the whole idea of ethical hacking seems very interesting to me and id love to be apart of it.
@@Slashy_rlYou are probably right, but I feel the OP is again being disingenuous. I have known plenty of "new pentesters, new to Cyber Sec" who had been network engineers or sys admins for like 10 years before had lol 😆 Thats not exactly "new" now, is it.
I followed the path from a guy who has been in the industry. Did exactly what he did and had no problems. He not only provided the certs I needed first, he told me what not to waste my time on......but the most important thing is contacts. It is who you know not what you know...in every single form of jobs. You get them from who you know. I had 15 years experience in finance and also a MBA so when they see me I can relate not only to different people in different divisions but understand how the company operates. I provide value at multiple levels.
You wanna spill the beans on the path you took brother man. CERTs, what to learn and what not to. Currently going to school for cyber and wanna learn ahead but don’t know where to go
This information is wayyy too valuable for under 10k subscribers. Great video! I have A+ and Network+ atm, working towards Security+ but really want to practice. This content gave me something to focus on for gaining practical knowledge!
@@bread_yt93 no you can go straight to security+ if you want/have the ability to, however A+ and Network+ provide a lot of foundational information that lead into security+. If you’re mainly focused on getting a job, security+ is a golden ticket but experience will always win the race. Hope this helps a little bit
@@bread_yt93hey ! can you please explain me what does it mean A+ or Security+ ? Because I have just recently start a research about cyberSecurity and I keep seeing something+ .
In my recent experience, it’s usually gatekeepers or techbro culture that thwarts noobs with doe eyed enthusiasm for the industry writ large. It’s that level discouragement that turns would be professionals into data analysts.
I have been on the other side of this coin and trust me when i say it was demoralizing to be heading projects well above my paygrade, all self taught, all education, studying, and student debt i underwent just to hand it away to coworkers who straight up admitted to not doing anything for a day, playing video games on company time, and through manipulation would still look better than myself to superiors. I got out of that toxic situation and into infrastructure and infosec with a mature team. Just realize there is more to the story than just gatekeeping. Your education is your responsibility.
@@hottroddinncan’t speak for OP, but I took classes at my local community college and used that to study for Sec+, A+ and Network+. I passed those, and spend my time on HackTheBox trying to do all the different rooms and stuff. I can’t even get a call back for a help desk job because every help desk posting wants 2 years of IT experience at minimum. What else do you do when you can’t even get in at entry level? I’m thankful I kept my mortgage job while taking classes, otherwise I’d be fucked.
@@shanksgiving that's sad. An entry level help desk job shouldn't be so hard to get in but people have made it so hard for everything. Hope you get to land that job soon.
With 20 years in cybersecurity I can tell you one thing......In Cybersecurity you can not lie about your knowledge. Cybersecurity is not like web development...you can not learn it properly in months. Even years. And is a very demanding profession.
its fr hard, i get so intimidated just reading up on concepts. been consistently studying for a week now and ive already learned a lot! looking forward to learning more
Jolly of Sec beginners in the US. Almost 0 chance of getting into the field unless you a) Climb the corp ladder and get lucky b) Are nearing senior position in parallel fields as SysAdmin, Network Eng, SE, etc. c) Were a talented kid that got arrested for breaking somewhere they shouldn't or d) Applied for an intern position as a student during your University time. Otherwise security is just as good as a non-profit hobby can be.
Facts! Cyber is Not Easy like some folks made it seem. It takes a solid foundation of IT in my opinion and lots of training. Is not impossible, but not easy. Good luck! ✌🏽😎
Thanks a lot man. One of the few videos I’ve come across that actually gives details and helpful structured advice. Not “BECOME A PEN TESTER IN SIX MONTHS!!! All the secrets in one video!!!” New subscriber ✌🏻
The sec+ network+ certificate method as a whole is also a problem. There are many companies that you can pay to take a 1 week course and pass these certs but they are basically just a week long vocabulary course where you memorize certain terms and answers rather than getting your hands on a network and understanding how a real network functions. These courses will teach you about vulnerabilities that have been patched 20+ years ago and act like they are still a problem. Instead they should focus on lab environments and teach the basics like how to set up a domain controller, Kerberos, web apps, etc . Instead of focusing heavily on outdated vocabulary terms.
I feel they are disingenuous because while say Sec+ *might* get you an entry level help desk job...that's it. It won't get you anywhere else. And people then fall in to the trap of "well at least in in the door". I worked on tech 20 years, specifically Cyber Sec for 11 years, including for some big companies like IBM and Oracle. Let me tell anyone reading this: companies like that rarely move people up from a customer support role (and that's all you are with Sec+). For things like Malware Analysis, Cryptography, Security Software Dev, network security architecture, cloud security, pen testing, Blue/Red/Purple team etc.... they were bringing in either people with masters/PhDs or highly experienced professionals. All had at least Bachelors in CS or EEE too. They aren't going to go to someone in their helpdesk office and say "Hey Timmy, you wanna learn how to write C and study secure electronics so you can implement lightweight cryptographic IoT device standards?" Doesn't really happen. So, Sec+ is sort of an entry to a dead end career. And it's a career that is rapidly being eaten away by Gen AI. Helpdesk monkeys aren't going to be needed as much in next 5 years just to log tickets and read an ELI5 runbook an actual Security Enginer prepared for them.
There are many jobs, industries, and careers that are "hard" to learn and to get into. Cyber Security is just one of them. So when you go for those types of jobs or careers, the journey is long. You have to be dedicated and committed to put in a lot of time to practice and learn. Only those who are PASSIONATE and actually want to do this kind of work are the ones who see results and some level of success. Good luck to all.
I am just beginning my associates in Computer Science and Information Systems this month and this video is inspiring. Tossing around a few career options to specialize in when I go for my bachelors and cybersecurity is one of those options. It sounds like I would be a great fit.
Hey Jono I’m glad you gave professor messer kudos as I’m studying with him to get my A+.and I like the cybersecurity field.i know now with the new A+ exam coming out some time in late 2025 CompTia will probably have people to know a little about AI and machine learning technology is always changing and we have to keep up.thanks for sharing this information.😄
I'm currently in school for cybersecurity while working on creating a homelab and doing extra research on my own time, plus working on certs. One thing I have noticed is that many of my peers are significantly less knowledgeable because they do the bare minimum--the Cengage bullshit labs and assignments. However, most of them genuinely cannot answer a single question the professor asks them. I think these are the people that will find cybersecurity difficult.
This made me feel a lot better, I enjoy the field but to cram all this stuff and preparing for the cert exams which I'm really bad at taking test , been studying and worrying but im still grinding
I was looking for a little motivation to get back into studying & I love how you mention an actionable tips on how to do that. I think an hour of our personal time is completely reasonable.
I really got into Cyber Security through Cyber Patriot competitions which my class does. I was mostly put on Linux which I really didn't understand how to use. Through the competitions, I learned about finding backdoors, SQL, a bit of PHP, and enjoyed using linux. I enjoyed the problem solving aspect of the field and I am also enjoying a bunch of tips you guys give out and it genuinely is helping me get better and not lose interest. I'm planning to do ethical hacking as a career
@@ProBallerJordan3 I actually enjoy what I'm learning about in class which is network security and administrator and only a junior. I find this particular science field quite fun and it's a career that I can see myself doing. Can't really tell if that was satire on the Internet.
@Virulence-xb2rv my university is offering network and security track, do you have any idea what will we do while studying this track and does it require mathematics? And is it easy? One more question what are some jobs that comes with network and security bachelor degree? I hope you answer me
@@misterperfection4114 1. You should definitely look through the job listings to see what jobs require. You can get many jobs with a bachelor's degree and some don't require one. Unless you are going for higher positions, a bachelor's degree is good. You also should get your certifications such as A+, Networking+, depending on what you're doing. They do expire, as CompTIA expires every 3 years I believe. 2. I'm a junior in HS and I don't know what you'll be learning but it will definitely require math. Binary is relatively easy to understand, it's just 2^x+1. So it goes 1,2,4,8,16,32,etc. You'll also use math when setting up your servers and running your cables, but that is pretty much the easy parts of it. If your learning cryptography, then you'll definitely need a grasp of algebra 3. No it's not easy. It can get pretty confusing if you don't pay attention. It may be easy online since you get detailed instructions but in a practical setting, it requires a bunch of planning. You may get a GUI on some systems but some others maybe something like a DNS server could only have a core installation. For my class we were able to learn how to manage the server roles with a GUI or with PowerShell. PowerShell isn't hard to learn and it has a very easy syntax to learn. You're in a college course and that sounds pretty awesome. Don't fully take advice from me as I'm not all the way there, I know I'm wrong in a lot of aspects
He made a good point. I have just an apprentice that I try do explain the MOST BASIC stuff. I recognize how complex IT really is (for a newbie), and how i got my knowledge from constantly failing and try to solve a (often a simple!) problem FOR HOURS. Even it was a simple driver installation, where I have been failing back then (about 20y ago). But from failure you learn the most and get the system to know better. The amount of knowledge who was constantly in the IT is insane in my opinion compared to other jobs. You cannot learn this stuff in a few months.
I intend to enroll in your course. I have been following your professional advice for some time, particularly your recommendations for career advancement and appropriate certifications. I appreciate your providing this GRC course.
I'm at the early stage of my career, having started initially doing hardware & software support for SOHOs & consumers which got me much more interested in Cyber. I've since spent 4 years at University studying Cyber Security (i'm about to graduate) and working for defence industry clients building secure IOT applications in the meantime. I can't express enough how great this discipline is to work in and how satisfying it is from a practical perspective as an IT professional, but also from an academic perspective since this is still an emerging field with a lot of opportunities for research.
Question is how to get into cybersecurity?! I am already a seasoned IT pro with more than 10 years under my belt in desktop/networking/technical support roles. Any tips or certifications to get into this field? Is a formal education required? I’m very open to going back to school and really intrigued to learn many more technologies. I’ve always been interested and passionate about technology in a nut shell.
I'm not american, but that's how I got into security: I worked as an internal technical supporter and did a further education as a system- networkengineer. I had 4 years experience in the IT (2 years as an supporter) and landed a job as a junior security engineer. I'm not that happy in the company (the job itself is really cool, but the company isn't), so I'm looking for a new job - I'm looking for an analyst or security engineer job. If you know a lot about firewall you will be fine to go into network security. Most of the things you learn by doing. Is it hard sometimes? Yes xD But it is totaly fine. I watched before this video, a video about the XZ utility exploit, because I didn't get exactly how it worked. But that's not work for me. I stretched my body while I watched the video. Anyway on Saturday I usually listen to 'Security now' which is a good podcast about latest security flaws ect - I do that while I travel to my training. And monthly I listen to 'Darknet Diares'. But like I said, for me that's not 'working'. Because I like it to do :) Talk to people that work in the industry - if you know people that's good as well for a new job. And you can talk about work with them. Usually you will learn something :) So win-win. The most important stuff: Do what you like. Don't do it only for money
Hi I’ve been wondering this for awhile now. As someone in the cybersecurity field. Do you have any time for other activities outside of work/study? To be specific such activities as gaming, reading (for fun), and working out. Gaming being a major pastime of mine. I will happily drop it as a hobby if it isnt realistically sustainable. If it is those I’d like to continue. So just wanted to hear an experienced individual’s experience. On balancing the lifestyle with hobbies in general.
Hey there, good question! It really depends if your role is on-call. My role only requires standard office hours so I have more free time for my hobbies. Generally, as you gain more experience, you will have more free time for other things as you wouldn't need to spend extra time on learning. Hope that helps!
Im 16, ever since I was a kid I was interested in computers, I’ve taken an interest in this field and I’ve learned the basics of python but, this video really helped me to know where to ‘look’ if that makes sense. Overall thanks for this informative video!
I enjoy your rationale. Too many ppl coming with hyperbole tags now “how to get 6 figure salary in cybersecurity” “how to become a cybersecurity expert in 6 months” etc. This field is a continuous professional development. There is no “ive made it moment” the moment u think that it means you’re behind…if tech is always evolving then the mind has to follow suit.
Hey, current security engineer at a FAANG here. People think you can take a couple of certs and you are able to get a job in this field. Reality is it is not an entry level field. Everyone I know in security pivoted from SWE or had multiple sec eng internships in college to get them the domain knowledge to pass the interviews. If you look online, you'll realize that there are almost no new grad jobs, because 99% of the new grads in the field are actually intern to fulltime conversions. You're not going to be able pass interviews with just knowledge, unfortunately that comes from on the job experience, which comes back to the chicken and egg problem.
so where do you recommend i begin i have done nothing except a minimal amount of Microsoft office adn i never got certifide so waht is the path i should take and where should i begen
Yes it’s hard it’s not for everyone! You have to be SMART! Sadly nowadays we tell everyone can be anything. Most people are not smart and still want to get into cyber. I studied cyber as part of my computer science degree and it was hard but not impossible. 50% or more failed and dropped out. It is what it is. Become a business analyst instead 😅
@@tumharadost1745 I’m working in customer services whilst at Uni one night a week and a part time CS degree with the open uni. I want to get a few certs this year to add to the one’s earned in 2023. Next year I’ll start applying for jobs but 2030 is my goal but will be pleased if it happens sooner
I’m deep into the cybersecurity course on Google with no education or experience. It’s really hard to follow. I understand the key concepts but there are so many complex ideas of securing a network or organization
I'm in my senior year for my degree in cybersecurity. It's tough. People hoping to get into it through corporate opportunities are going to have a really hard time competing. Get certs, some security-realted certs, and a degree if you can. That's pretty much the best way to stand out right now.
Hi. For your homelab architecture, is everything hosted on a single machine? If so, how much resources would you need? Thanks. Very informative video by the way! 🔥🔥🔥
I love cyber as a hobby, I used to want to do cyber as a career. (I'm a junior in IT but I have 5 certs and a Master's if that gives perspective). Then I realized how HOSTILE cyber is to entry level professionals in IT. I opted out of cyber for this reason. I still love and always will love cyber, but doing it as a career is far too stressful and demanding. I know some of you will say that IT is the same but I disagree, cyber has a lot more at stake.
Hey Jono I’m glad you gave professor messer kudos as I’m studying with him to get my A+.and I like the cybersecurity field.i know now with the new A+ exam coming out some time in late 2025 CompTia will probably have people to know a little about AI and machine learning technology is always changing and we have to keep up.thanks for sharing this information.
Nonsense, nothing is "a piece of cake," but anything worth going after isn't gonna be easy. This is based on just his personal experience because I know firsthand that you can definitely get ball running.
Hey Jono this video is so helpful for me . Please I need your advice. I just got my CompTIA A+, but I am confused on which cert to go next. I want to go into cybersecurity.Please I need your help and advice . Thank you 🙏
What i have got to realize about cybersecurity is that, cybersecurity is not an entry-level industry... Once you realize that, everything will start making sense about this industry. And you will understand the expectations that comes by pursuing this career.
Hey there, that Homelab network architecture is just an example of how it can look. There are many ways to get started on your homelab but best way is to research on the basics first!
I appreciate the thoughts around automation, I need to be more aware of where I can automate. Do you have a recommendation around what software to use to set up a home-lab?
Hey there, the software would depend on what you're trying to achieve, so there's no one software to do everything. For example, you could use VMware to set up a server on your computer. Hope that helps!
There are three main challange of cybersec 1. Is the technical part dare I say the "technology" It's the tools SIEM, XDR, WAF, NAC emhasis on detection. Or the fun part the testing and exploitation. 2. Is the process, most organisation doesn't aware how critical the secure operating procedure in conducting their business. Getting the stakeholder to "buy in" the secure process is an uphill battle in its own right. 3. Then last but not least is the people. You can shell unlimited money for the new and shiny security tools and established strict procedures but people will find a way to bypass them for convenience.
So, looking to get into this field and hungry for knowledge do I still need to go get a Bachelors or Associates or can I get the Certs and get some experience working for free under someone?
Get.Your.Degree. You need to understand how computational devices work on a granular level to have a top career in Cyber Sec. If you just want to land an entry level role, certs might be fine but also remember: the best Cyber Sec certs *must* be renewed every few years. Its not like a degree where you have it for life. Short term degrees are more work. Long term, it pays off and saves you way less effort down the road.
CyberSecurity domain is an ocean. There are many different areas that fall under the cybersecurity umbrella, and these are often referred to as cybersecurity domains. Network Security, Cloud Security, Application Security, Endpoint Security, Incident Response, Risk Management and etc.,
@@atharvapotdar5560 cause it bore me. Do you know the effort to work with other teams and research vulnerabilities and run all these test and the waiting to implementing just a parameter or a note or a code. Take too long and the waiting and the redo over and over and paper work. Just not for me. I like hand on technical and be done with. Not sitting there writting paper work. I do Cybersecurity plus i do IA for DOJ.... It too mamy B.S.... That just me... If you enjoy Cybersecurity. Maybe it for you. But not for me. I dont have the patience anymore. The pay is ok. Not a wow factor for me. I cut in halve $$ . Just to learn what the hype is all about. Now, i know. I like to move on something better.
@@atharvapotdar5560 The BS you have to deal with. Maybe if you like to do paper work and research over and over again. This is for you. For me, i like technical stuff and doing it for over many many yrs now. I like no nonsense just give me a project and i get done and next " new" one. Cybersecurity you have to deal with alot of different team, meeting after meeting and you have to tell or convince everyone why you need this parameters, code, note or whatever needs to be implemented for vulnerabilities. As we all have "expert" in every field. I take a halve pay cut to learn this trade and see what the hype is. Now i know, not interested it any more. Dont have the patience to learn like i once was when i was young. But that my two cents. You never can not stop from learning. Be eager to learn and work hard and be an expert... Dont think you learn few yrs or decades . You are an expert. Technology keep coming new things. You dont keep up. You get left behind. I am too tired for new thing. I rather do helpdesk and make me happy at night.. Just figure of speak...
I will now complete the CCNA, and then I plan to move to Comptia Security+, then Ceh, then , and until now I want to delve more deeply into cybersecurity, even though I have not learned the important things. What do you think of this plan?
Laws change. Medicine changes. Programming changes. Marketing changes. Whatever career you end up in you are going to need to constantly be learning if you want to be successful. Not trying to come off rude but constant learning is the key factor to success in any job.
@@DillonPatterson-co7beConstant learning is also the key to be successful in things other than career as well. Self Reflection and learning more about the world will definitely lead to a much more beautiful life experience.
@@asresalim6145For sure. I used to work with kids as a preschool assistant teacher and those kids kept me young. Having a young nephew does the same thing these days.It's a constant reminder to have childlike wonder about life and to always be scratching our curiosity itch.
@@DillonPatterson-co7be I'm also an aircraft mechanic. And I can say that cyber requires more engagement in learning. Your reasoning has a weakness. Generalization. Not all jobs are the same, and not all birds fly.
No only is hard but is also hard to get hired, HR is only picking whoever have the OSCP and so on. Those day where people used to get hired by only showing skills are over.
Demand for experience is higher than ever. People in comments keep saying "oh take a chance on me I can learn on the job". But for intermediate to advanced cyber sec roles, that's usually not an option. You are dealing with critical incidents constantly in one way or another. Cyber Sec is one industry where time is the enemy. People need to realise companies cannot take some 30 yo who wants to get out of baggin groceries who can't explain computer memory or check what processes are consuming most performance on a Linux OS, and hold their hand while they try and explain what the hell dynamic malware analysis is. People with that view have a _very_ naieve view of the industry. Imagine, with zero medical training, you said you wanted to shadow and ER doctor to learn how to work in medicine. People would laugh at you. Yet for some reason in Cyber Sec, which can literally be life or death too sometimes they expect this ridiculous idea of being shown every little thing for a year or two til they get the hang of it to happen. If you need lots of hand holding and ELI5'ing, Cyber Sec isn't the right industry. We need people who pick things up very fast withh minimal on boarding. I moved roles at the start of the year, and my "on boarding" was 1½ weeks to read the teams internal docs and Sec standards by myself, review their architecture and code base. I maybe had 2 short 30 min calls to fill in any blanks. Start of week 2, I was already stuck in to their project work and had first delivery within 45 days of starting. Thats not just me. Its what industry needs and generally expects for intermediate to high level roles.
Don’t listen to this guy. Ppl give opposing views for clicks for those in doubt. Just focus and study. Nothing is “hard” and the field is booming. Nothing worth having is “easy” but if you want it you can get it to.
lol you talk about how you "barely knew" any security concepts. then you go on to say your background is -- i was expecting you to say like janitor or something or business major -- you say software engineer. i am screwed.
Its Constant Learning, It's hard if you say its hard. It's your mindset !
Exactly hard is relative and very different for many people
Its passion
Exactly. 100%
Facts , you gotta want it . People hear the money and forget they actually have to do the work .
Silly comment. It's always hard. It's whether or not you can get used to working like that. Many can't. But saying pr suggesting it's not hard is false. Running a marathon is always hard, no matter how much joy you get out of running.
It depends on what your definition of "the grind" is. If that includes pulling all-nighters, skipping the gym, eating like health is the last thing on your list - then absolutely no. The grind is not only NOT necessary, it will make you all the worse for it. If by "the grind", you mean working your ass off for eight hours, then going home. Then sure. But putting your own mental and physical health on a lower peg than your job - even if it's temporary - is a shit suggestion. A sharp mind and a healthy body is the foundation for learning effectively, responding effectively, and excelling in anything you do. Hurting your brain and body (aka: down-clocking your CPU and pulling half the wires out of your motherboard) is the last thing anybody in cybersecurity should be doing.
That sounds lovely but you obviously don't work Blue Team.... it's constant out of hours work at big companies. Weekends. 4 am in the morning. 60+ hour weeks are common.
Hackers l, especially sophisticated AI or ML driven attacks, don't care about your work life balance. In fact they count on it. That's why most popular time in US for cyber attacks is Thanksgiving holidays.
Blue Team Cuber Sec isn't front end dev. You can't do 40 hours a week always. You can't even count on following the sun or AI Ops always.
You will be asked and compelled to imbalance your work/life in favour of work. It's the nature of the job.
@@iorekby I'll tell you with certainty - given the studies I've seen, I would not trust security experts who sacrifice personal time for work. Especially if they sacrifice sleep for work. That's a repeatedly verified recipe for high-cost mistakes. And in cybersecurity - especially during or after a successful attack - high cost mistakes can mean the difference between survival and closing your doors.
Cybersecurity hotshots (just like the game developer hotshots and software engineer hotshots from back in the day) need to accept the facts. The biggest reason there are even security issues in the first place? It's a direct result of high-pressure, long-hour, hard-deadline environments. Release release release - who cares about the bugs - we need this out now!
I'd rather have two shifts of fresh minds ready to rocket into action than one, long, drudging, grueling, Monster/Adderall riddled shift that are ready to pass out by the end of their shift.
It's not the nature of cybersecurity - it's the result of a highly reactive rather proactive economic pressures.
@@iorekby TLDR: would you rather cops work long, mentally taxing shifts - using uppers just to finish the day in time to knock out a quick 4 hours of sleep before hitting the streets with a gun on their hip? Or maybe cops that work shorter shifts, don't need uppers and get a full 8hrs of sleep per night?
Just sayin'. I know which one's I'd rather have roaming my streets.
@BlackbodyEconomics What are you even rambling about? What studies?
This isn't ego, its necessity. No one wants to get a 4am call out ffs.
You're coming at this from some delusional point of view where its guys wanting to swing their dicks. It's almost never that. It's literally there's no one else.
It's like saying a paramedic or ER nurse pulling a double shift is trying to be a rockstar. Utter drivel. They are doing it for necessity.
If you actually worked cyber Sec, you'd understand that. No one wants the anti social hours or stress. It's just that there are too few skilled professionals for the number of attacks currently.
Maybe pontificate about something you've real world experience of next time instead of reading a Medium article and telling actual people who do the job what's what.
I get what you're saying but its a fantasy to expect good work-life-balance in IT, let alone cybersecurity. Its one of the reasons why there are so many vacancies for cybersec jobs.
Nothing is hard its just new
It's changed my mind from give up.....
Thank you. That part
It’s not hard at all I thought I was going to be hard but it’s just time & practice
@@dalvindream8975 I've never been good with computers, like I can type fast and am apart of the younger generation so I'm not like an old man, I have no qualifications. I'm 27 and need to start a career, do you think cyber security would be a good route for me? I get stressed easily and have a history of depression. You think I could do this shit? Any help is appreciated man
That’s what she said.
The grind is long but I am enjoying it. I love tackling challenges. In Highschool, I was not good academically. My average gpa was 1.8. I am doing cybersecurity to challenge myself, to see how intelligible I really am. To let my old self know that he was nothing more than a shell that is eroding away.
Tell me how it goes for you bro keep it up 😊
This helped me a lot 💕
I’m just starting the process now for the same reasons! Keep fighting the good fight 💪🏽
@@Deft300 can u pls tell me if u learned by yourself or u studied the whole thing?
That’s dope, power to you.
Finally someone that tells the truth about cybersecurity, I had to sacrifice 3 years of my life just to get half of the knowledge and experience to get into the industry (and even today I still have a lot to learn).Now I keep seeing random videos of course sellers telling people they can get into cybersecurity in 3 to 12 months with no experience.
Hey there, agreed with you!
I hear you. I'm on year 1 of that journey from 10 years of IT. So much to learn 😫😫
Right, theyre really setting people up for failure.
Don't worry, diversity hiring practices will fix all that. You'll have boot campers who don't know what a firewall even is but they meet the race criteria.
@@kevmo2990 They'll say you're a gatekeeper when you tell them the truth, everyone thinks they can be mr robot in 1 year.
Nothing in this world is easy just choose one hard thing and focus on it
For me this is Assembly code!
@@lllllllllIIIIIIIIIIl No, just no.
Flipping burgers is easy.
Genji
Sales is easy if you have the right personality
You are the reason i am going into cybersecurity… idgaf how hard. i am going all the way 😂 i am 30 and dont really have a life so making something out of this is more realistic 😊
Same. Almost thirty this month. I started my online courses this past October. Hadn’t finished my bachelors. Going in to get my life going.
I’m 30 too and want to get in.. I messed up and looking for another chance
@@xyz-pg3zd always another chance. You got it.
im 30 as well, been a cop since 22. Looking for a career change and deciding between cyber security or software development.
Anyone have advice pls share
Bruh. Thank you. I’m on year 5 and I still feel like I know nothing even after constantly learning day after day, getting new certs each year, doing projects after work, and working in a very active environment day job. Managers need knowledge mile wide and inch deep but actual technical professionals (like myself as a T3 threat analyst) takes knowledge a mile wide and a mile deep. It’s a lot of work and strain on the brain. A LOT more than I expected before getting into the domain.
Hey, could you provide what things you’re exactly doing in cybersecurity? What things are “hard” and why it is considered difficult to learn? I’m someone interested in this field so I would appreciate the advice!
Year 5 and you've known nothing? Are you sure you've really learned? You should have learned something already by year 2. It might seems you were learning everything at once rather than focusing on one path until you've mastered it and move onto the next.
@@msascuinonducorduco you’re taking it too literally.
I think that's the thing about working in IT spaces - you never really know everything. I'm sure after 5 years, you have very good knowledge... we just have to keep learning new things since this space evolves/changes at such a rapid pace. You have to be a lifetime student just to survive and keep up.
Do I need a 4 year uni programme to start my journey in Cybersecurity
I'm coming up on 24 years dedicated to Cybersecurity, nearly 30 in IT. I still learn new things daily.
how much you earn
@@Alex-rv5ev peanut
@@Alex-rv5ev they earn nothing less than 100,000 dollars
Do you think bootcamps work for cybersecurity? Thinking of a career change and found a couple good ones.
I’m 29 years old and worked in a factory my whole life. I been super depressed and feeling like I needed a change asap and I have figured I was going to try cyber security I have nothing but myself holding me back this video gave me a lot of things to research
with certifications in 2 years you can be a really great job. in 1 year a junior job
get these
comptia a+, network a+, security a+ then az900 and you will be able to find a job. after a while get CISSP
I’m on the same boat at 30 years old I’m in my first year of college. I’ve been in trucking since 2017 and the market has been on a decline since Covid and hasn’t recovered, I tried to wait it out but it’s not worth it anymore
@@Lovemesomeyou crazy it was this or trucking and in Michigan trucking is taking off again don’t gotta leave stake ppl making 100k in state
Same for me bro 27 and going to go back to college for cybersecurity or computer systems degree. I work the oilfield and realized I can used that degree to work for the same oilfield companies.
Wow we all have the same
Mindset I’m 32 and I want a change I’m tired of working and getting nothing out of it
I haven't even finished the video yet but I'm already so thankful. As a college student of a different field, I'm a bit intimidated but also relieved from the info you shared. Thank you so much!
Thanks for the video! I'm getting my BS in Cybersecurity at WGU and just completed my A+ and currently studying for Network+ now. I'm a new subscriber now!
Every goverment job these day require Security plus. But you have to take it every 3 yrs... Learn that next. I learn less than a month pass it now it sit in an email. Never look it again... 🤣
This is from my experience, bro. A+ doesn't mean anything. Book smart means nothing. It's about QUALITY experience, talent, and the ability to think outside of the box to get the job done. There's no college in America that will teach you how to do your job. I'm not in Cyber Security, but that's my experience in IT. In my field, we have a lot of dumb people that have 4 year degrees and more experience in certain areas, but even they can't do the job correctly. That's why it's a COMBINATION of the traits above and not just one of them.
Hello boycotthell71! I’m in the same boat with you, getting my BS in cybersecurity with WGU too. I’m just starting the program.
Same boat brother!
Currently in the same program and studying for the A+ now. Got any tips or video recommendations?
Wow…This is good. Beginners usually think they have to know everything under the cybersecurity umbrella but no, just focus on a domain. With time, you will develop interest in others and naturally pivot towards them.
Any suggestions?
@@tejuanphillips8922Identity Access Management
yeah any suggestions?
Tryhackme…start there
Yeah any fucking suggestions?
finally someone who tells it like it is
Thanks for the comment!
Thank you for this information, it was very helpful. I’m trying to decide if I want to pivot careers and Cybersecurity was my top choice. No matter what you learn it’s a grind to be successful, put in the work and success will come. Nothing comes easy in life. 🙏🏾
I have had the exact same experience. I had a 20 yr Naturopathic Doctor Private Practice, and sold Medicare as a licensed insurance agent. If you want something better than to work at McDonald's or a clothing store, you got to keep up with the grind. New information, a lot of new information, comes out daily in any professional field. People depend on us. This is my public service, not just some random job for the money. That turns my motivation around.
Ngl, this video helped me realize cyber security is not for me. I can finally get that thought out of my head and maybe look towards front end dev. Good luck on your journey guys!
Try it out first
Front end dev has a high chance of getting automated away in the next 5 to 10 years, or at least the salary will decrease because of that.
Shit we're doomed@@konstantinrebrov675
@@konstantinrebrov675and how would u kno that , do u code? Dats bs
@@konstantinrebrov675 yes dont do dev
I love this video!
Been working IT specialist and system admin work for 5+ years now and learning programming on the side, I decided to look into Ethical hacking one day and loved it and it feels great finding something I can enjoy, have a goal to aim for and have a good chunk of developed experience and skills I can convert to such a role.
Grind can be hard, im 29 and only now deciding to work towards Ethical hacking, its never too late just need to dedicate time and energy to the grind 🙏
Do you have a degree
1) 02:58 Will to learn/ Interest in expanding knowledge
2) 04:18 Technical knowledge
3) 05:40 Grind/ Consistency/ Hard work
4) 06:50 Recommendations
A very much needed video. A lot of the marketing from cybersecurity programs is that there are an abundance of jobs out there and that if you just take their program you'll easily get in.
What they don't tell you is that there are so many openings because it's difficult finding qualified candidates who have enough experience. There are tons of people out there who have lots of knowledge - they have their bachelors, they have taken their Sec+ or similar cert, but they can't even get a job. The "entry-level" jobs aren't for those new to the field. The barriers to entry are steep, and the competition is high. It's even worse now thanks to AI consuming some of the lower-level grunt work that might be done by some of those "entry-level" positions.
What is AI doing ?
@@xyz-pg3zdBasically it's doing the helpdesk monkey work a lot people might have used to get entry level Cyber Sec.
In other words, the few actual entry level posts somken with say Sec+ and Network+ might've beem able to blag their way in to 10 years ago are rapidly disappearing.
its true cybersecurity is no joke its hard work i nearly gave up
So how is it going now??
@@Villaindits for now its going great i am documenting my journey on my youtube channel @mastertvt913
How is it going
@@Random_thing_from_the_internet for now its somehow greater i am documenting my journey on youtube
How's it going cuz
the most expanded but short video of cyber info i've seen! more than grateful
Pentesting was my first job in cyber security. And I've actually worked alongside many pentesters that were new to cyber security over the years. Great video though.
cap
@@Slashy_rlmost pen testers are very confined in their scope based on an agreement with the company. They simply follow a checklist of tests with the help of a network scanner. It really doesn’t seem too difficult.
That’s why pen tests aren’t the end all be all of IT security audits.
@@hazeljust7001 Im a Uk college student in my first year of a level 3 IT course which covers basic networking etc, seeing these videos puts me off my goal and lowkey has me thinking if i should continue or not? I know IT has so many doors open but do you agree with this video? I dont have much experience in IT, im just 16 years old and I really wanna get into pen testing. But ive also been advised stuff like cloud aws is good, im just in it for the money really but cybersecurity is something i find passionate about the whole idea of ethical hacking seems very interesting to me and id love to be apart of it.
@@hazeljust7001 oh, you right, i overlooked and thought you were talking about red teaming
@@Slashy_rlYou are probably right, but I feel the OP is again being disingenuous. I have known plenty of "new pentesters, new to Cyber Sec" who had been network engineers or sys admins for like 10 years before had lol 😆
Thats not exactly "new" now, is it.
I followed the path from a guy who has been in the industry. Did exactly what he did and had no problems. He not only provided the certs I needed first, he told me what not to waste my time on......but the most important thing is contacts. It is who you know not what you know...in every single form of jobs. You get them from who you know. I had 15 years experience in finance and also a MBA so when they see me I can relate not only to different people in different divisions but understand how the company operates. I provide value at multiple levels.
You wanna spill the beans on the path you took brother man. CERTs, what to learn and what not to. Currently going to school for cyber and wanna learn ahead but don’t know where to go
Please elaborate
@@baenksy same situation bro...
@@baenksySecurity+, and some AWS and Azure certs if you wanna do CloudSec. Also CISSP and CySA+
Would be helpful if you could share the same with us 😢
Thanks again for reminding things aren't easy in life, with so much distractions its hard to achieve goals
BRAVO! Thank you Jono. This is very heartwarming! So important video not enough people have to seen this!
This information is wayyy too valuable for under 10k subscribers. Great video! I have A+ and Network+ atm, working towards Security+ but really want to practice. This content gave me something to focus on for gaining practical knowledge!
I was preparing for security + directly do I need to first d A+ etc ?
@@bread_yt93 no you can go straight to security+ if you want/have the ability to, however A+ and Network+ provide a lot of foundational information that lead into security+. If you’re mainly focused on getting a job, security+ is a golden ticket but experience will always win the race. Hope this helps a little bit
@@bread_yt93hey ! can you please explain me what does it mean A+ or Security+ ? Because I have just recently start a research about cyberSecurity and I keep seeing something+ .
@@omarkhallouki5863they are certifications that are very valuable to get jobs. A+, net+, sec etc. look up compTIA to see the exam stuff
@@omarkhallouki5863 They're certifications offered by the IT company comptia.
It's not hard just challenging. With proper dedication and patience, I know I will make it
Lol how are you going to say its easy when havent even accomplished your goal.
@@Turnpost2552 who said it’s easy?
In my recent experience, it’s usually gatekeepers or techbro culture that thwarts noobs with doe eyed enthusiasm for the industry writ large. It’s that level discouragement that turns would be professionals into data analysts.
Thanks for the input!
I have been on the other side of this coin and trust me when i say it was demoralizing to be heading projects well above my paygrade, all self taught, all education, studying, and student debt i underwent just to hand it away to coworkers who straight up admitted to not doing anything for a day, playing video games on company time, and through manipulation would still look better than myself to superiors. I got out of that toxic situation and into infrastructure and infosec with a mature team. Just realize there is more to the story than just gatekeeping. Your education is your responsibility.
What's your education and professional experience and what positions did you apply for?
@@hottroddinncan’t speak for OP, but I took classes at my local community college and used that to study for Sec+, A+ and Network+. I passed those, and spend my time on HackTheBox trying to do all the different rooms and stuff. I can’t even get a call back for a help desk job because every help desk posting wants 2 years of IT experience at minimum. What else do you do when you can’t even get in at entry level? I’m thankful I kept my mortgage job while taking classes, otherwise I’d be fucked.
@@shanksgiving that's sad. An entry level help desk job shouldn't be so hard to get in but people have made it so hard for everything. Hope you get to land that job soon.
This is really helpful. I have a problem of grinding non-stop. I would code from 9PM to 5 AM and forget about everything else.
Oh nice. I'm new to the field. Kindly help with tips and resources
With 20 years in cybersecurity I can tell you one thing......In Cybersecurity you can not lie about your knowledge. Cybersecurity is not like web development...you can not learn it properly in months. Even years. And is a very demanding profession.
Totally agreed!
its fr hard, i get so intimidated just reading up on concepts. been consistently studying for a week now and ive already learned a lot! looking forward to learning more
How's it going now?
@@niharikachhabra2341got bogged down by college lol trying to pick it back up soon !
Jolly of Sec beginners in the US. Almost 0 chance of getting into the field unless you a) Climb the corp ladder and get lucky b) Are nearing senior position in parallel fields as SysAdmin, Network Eng, SE, etc. c) Were a talented kid that got arrested for breaking somewhere they shouldn't or d) Applied for an intern position as a student during your University time. Otherwise security is just as good as a non-profit hobby can be.
Thanks for your input!
It's quite a challenging field, but well worth learning!
Thank you. I’ve been fixing pc and started my own business but never hopped into cyber security. Shooting for help desk to get my feet wet.
It's not really a field though, it's an umbrella term for a lot of different fields.
Videos like this are the reason, why people like to watch ur videos. Good job mate.
Thanks for the feedback!
Facts! Cyber is Not Easy like some folks made it seem.
It takes a solid foundation of IT in my opinion and lots of training. Is not impossible, but not easy. Good luck! ✌🏽😎
Best "Cyber Security cert" to get remains a EEE or CE degree.
You're amazing my guy. Keep it up! You have definitely been a great guide in my journey to the Cybersecurity field
Thanks for the feedback!
Thanks a lot man. One of the few videos I’ve come across that actually gives details and helpful structured advice. Not “BECOME A PEN TESTER IN SIX MONTHS!!! All the secrets in one video!!!” New subscriber ✌🏻
The sec+ network+ certificate method as a whole is also a problem. There are many companies that you can pay to take a 1 week course and pass these certs but they are basically just a week long vocabulary course where you memorize certain terms and answers rather than getting your hands on a network and understanding how a real network functions. These courses will teach you about vulnerabilities that have been patched 20+ years ago and act like they are still a problem. Instead they should focus on lab environments and teach the basics like how to set up a domain controller, Kerberos, web apps, etc . Instead of focusing heavily on outdated vocabulary terms.
I feel they are disingenuous because while say Sec+ *might* get you an entry level help desk job...that's it. It won't get you anywhere else.
And people then fall in to the trap of "well at least in in the door". I worked on tech 20 years, specifically Cyber Sec for 11 years, including for some big companies like IBM and Oracle. Let me tell anyone reading this: companies like that rarely move people up from a customer support role (and that's all you are with Sec+).
For things like Malware Analysis, Cryptography, Security Software Dev, network security architecture, cloud security, pen testing, Blue/Red/Purple team etc.... they were bringing in either people with masters/PhDs or highly experienced professionals. All had at least Bachelors in CS or EEE too.
They aren't going to go to someone in their helpdesk office and say "Hey Timmy, you wanna learn how to write C and study secure electronics so you can implement lightweight cryptographic IoT device standards?" Doesn't really happen.
So, Sec+ is sort of an entry to a dead end career. And it's a career that is rapidly being eaten away by Gen AI. Helpdesk monkeys aren't going to be needed as much in next 5 years just to log tickets and read an ELI5 runbook an actual Security Enginer prepared for them.
Because offering those courses and certs are the easiest way for them to make bank.
Please which companies. Can you help me with the list of companies. Thank you
There are many jobs, industries, and careers that are "hard" to learn and to get into. Cyber Security is just one of them. So when you go for those types of jobs or careers, the journey is long. You have to be dedicated and committed to put in a lot of time to practice and learn. Only those who are PASSIONATE and actually want to do this kind of work are the ones who see results and some level of success. Good luck to all.
I am just beginning my associates in Computer Science and Information Systems this month and this video is inspiring. Tossing around a few career options to specialize in when I go for my bachelors and cybersecurity is one of those options. It sounds like I would be a great fit.
Hey Jono I’m glad you gave professor messer kudos as I’m studying with him to get my A+.and I like the cybersecurity field.i know now with the new A+ exam coming out some time in late 2025 CompTia will probably have people to know a little about AI and machine learning technology is always changing and we have to keep up.thanks for sharing this information.😄
Thanks for the feedback!
I'm currently in school for cybersecurity while working on creating a homelab and doing extra research on my own time, plus working on certs. One thing I have noticed is that many of my peers are significantly less knowledgeable because they do the bare minimum--the Cengage bullshit labs and assignments. However, most of them genuinely cannot answer a single question the professor asks them. I think these are the people that will find cybersecurity difficult.
This made me feel a lot better, I enjoy the field but to cram all this stuff and preparing for the cert exams which I'm really bad at taking test , been studying and worrying but im still grinding
I was looking for a little motivation to get back into studying & I love how you mention an actionable tips on how to do that. I think an hour of our personal time is completely reasonable.
I really got into Cyber Security through Cyber Patriot competitions which my class does. I was mostly put on Linux which I really didn't understand how to use. Through the competitions, I learned about finding backdoors, SQL, a bit of PHP, and enjoyed using linux. I enjoyed the problem solving aspect of the field and I am also enjoying a bunch of tips you guys give out and it genuinely is helping me get better and not lose interest. I'm planning to do ethical hacking as a career
Yeah you and everyone else
@@ProBallerJordan3 I actually enjoy what I'm learning about in class which is network security and administrator and only a junior. I find this particular science field quite fun and it's a career that I can see myself doing.
Can't really tell if that was satire on the Internet.
@Virulence-xb2rv my university is offering network and security track, do you have any idea what will we do while studying this track and does it require mathematics? And is it easy? One more question what are some jobs that comes with network and security bachelor degree? I hope you answer me
@@misterperfection4114 1. You should definitely look through the job listings to see what jobs require. You can get many jobs with a bachelor's degree and some don't require one. Unless you are going for higher positions, a bachelor's degree is good. You also should get your certifications such as A+, Networking+, depending on what you're doing. They do expire, as CompTIA expires every 3 years I believe.
2. I'm a junior in HS and I don't know what you'll be learning but it will definitely require math. Binary is relatively easy to understand, it's just 2^x+1. So it goes 1,2,4,8,16,32,etc. You'll also use math when setting up your servers and running your cables, but that is pretty much the easy parts of it. If your learning cryptography, then you'll definitely need a grasp of algebra
3. No it's not easy. It can get pretty confusing if you don't pay attention. It may be easy online since you get detailed instructions but in a practical setting, it requires a bunch of planning. You may get a GUI on some systems but some others maybe something like a DNS server could only have a core installation. For my class we were able to learn how to manage the server roles with a GUI or with PowerShell. PowerShell isn't hard to learn and it has a very easy syntax to learn.
You're in a college course and that sounds pretty awesome. Don't fully take advice from me as I'm not all the way there, I know I'm wrong in a lot of aspects
He made a good point. I have just an apprentice that I try do explain the MOST BASIC stuff. I recognize how complex IT really is (for a newbie), and how i got my knowledge from constantly failing and try to solve a (often a simple!) problem FOR HOURS. Even it was a simple driver installation, where I have been failing back then (about 20y ago). But from failure you learn the most and get the system to know better. The amount of knowledge who was constantly in the IT is insane in my opinion compared to other jobs. You cannot learn this stuff in a few months.
I intend to enroll in your course. I have been following your professional advice for some time, particularly your recommendations for career advancement and appropriate certifications. I appreciate your providing this GRC course.
Appreciate it!
It's not an easy path, but you have to know what to ignore. U can never know it all.
Just pick a certain domain (cloud, OS, DevOps, Networking, SecOps) pick one and stick with it
as in pick one thing your good at within the field?
which is the most financially successful field to join? if you know
@@NicholasVasquez-np4utdevops
@@NicholasVasquez-np4ut as in everything responsibility equals money :) besides that don't pick something just because of the money
I'm at the early stage of my career, having started initially doing hardware & software support for SOHOs & consumers which got me much more interested in Cyber. I've since spent 4 years at University studying Cyber Security (i'm about to graduate) and working for defence industry clients building secure IOT applications in the meantime. I can't express enough how great this discipline is to work in and how satisfying it is from a practical perspective as an IT professional, but also from an academic perspective since this is still an emerging field with a lot of opportunities for research.
I might be missing something but all of this seems pretty simple to me.
Is it cuz he makes me want to throw in the towel
@@Buttergirla IT college courses in general are hard
Question is how to get into cybersecurity?! I am already a seasoned IT pro with more than 10 years under my belt in desktop/networking/technical support roles. Any tips or certifications to get into this field? Is a formal education required? I’m very open to going back to school and really intrigued to learn many more technologies. I’ve always been interested and passionate about technology in a nut shell.
I'm not american, but that's how I got into security:
I worked as an internal technical supporter and did a further education as a system- networkengineer.
I had 4 years experience in the IT (2 years as an supporter) and landed a job as a junior security engineer.
I'm not that happy in the company (the job itself is really cool, but the company isn't), so I'm looking for a new job - I'm looking for an analyst or security engineer job.
If you know a lot about firewall you will be fine to go into network security.
Most of the things you learn by doing. Is it hard sometimes? Yes xD But it is totaly fine.
I watched before this video, a video about the XZ utility exploit, because I didn't get exactly how it worked. But that's not work for me. I stretched my body while I watched the video.
Anyway on Saturday I usually listen to 'Security now' which is a good podcast about latest security flaws ect - I do that while I travel to my training.
And monthly I listen to 'Darknet Diares'.
But like I said, for me that's not 'working'. Because I like it to do :)
Talk to people that work in the industry - if you know people that's good as well for a new job. And you can talk about work with them. Usually you will learn something :) So win-win.
The most important stuff: Do what you like. Don't do it only for money
i took 3 very hard poops today but i still got through them🤓 never give up on your dream folks
i think you need to eat more veggies
@@Fernandez218 veggies not combating the amount of spicy food i had
@@66VNB i think u need less spicy foods
@@Fernandez218 but i’m addicted 😥😥
@@Red_Mist700 spicy food
Honest one! came from security and shifted to devops due to hard path. Security is a no joke
Hi I’ve been wondering this for awhile now. As someone in the cybersecurity field. Do you have any time for other activities outside of work/study? To be specific such activities as gaming, reading (for fun), and working out. Gaming being a major pastime of mine. I will happily drop it as a hobby if it isnt realistically sustainable. If it is those I’d like to continue. So just wanted to hear an experienced individual’s experience. On balancing the lifestyle with hobbies in general.
Hey there, good question! It really depends if your role is on-call. My role only requires standard office hours so I have more free time for my hobbies. Generally, as you gain more experience, you will have more free time for other things as you wouldn't need to spend extra time on learning. Hope that helps!
@@TechwithJono you say office hours but it’s at home work?
@@Izzyisgreen.. standard office hours are like 9 to 5 on weekdays. Or 7-3... Etc... probably with a bit more lenience.
Im 16, ever since I was a kid I was interested in computers, I’ve taken an interest in this field and I’ve learned the basics of python but, this video really helped me to know where to ‘look’ if that makes sense. Overall thanks for this informative video!
That's a pretty complex area, but it's worth learning! Great video) 🔥
I enjoy your rationale. Too many ppl coming with hyperbole tags now “how to get 6 figure salary in cybersecurity” “how to become a cybersecurity expert in 6 months” etc.
This field is a continuous professional development. There is no “ive made it moment” the moment u think that it means you’re behind…if tech is always evolving then the mind has to follow suit.
Starting my BS in cybersecurity and information assurance at WGU in March, this video helps a lot and is very informative!
As someone who has done a BSc and a MSc in CS, you still need the IT Job experience and Sec Certs
The degrees only touch on the basics of sec for 2/3 modules not really needed but can be an advantage governance wise
@@BilalAhmed-um1umfor sure, appreciate this and will definitely keep it in mind!
ive learned more in 7 months doing IT store support than i have while getting my associates in cyber
Degrees teach jack. Best way to learn is hands-on.
Hey, current security engineer at a FAANG here. People think you can take a couple of certs and you are able to get a job in this field. Reality is it is not an entry level field. Everyone I know in security pivoted from SWE or had multiple sec eng internships in college to get them the domain knowledge to pass the interviews. If you look online, you'll realize that there are almost no new grad jobs, because 99% of the new grads in the field are actually intern to fulltime conversions.
You're not going to be able pass interviews with just knowledge, unfortunately that comes from on the job experience, which comes back to the chicken and egg problem.
I have friends who were math teachers and then 8 months later were doing this. No not at FAANG but not everyone wants to work for them
It is hard , this is why you took me me for granted. Thank you, one day God will remind you that we are dust.
so where do you recommend i begin i have done nothing except a minimal amount of Microsoft office adn i never got certifide so waht is the path i should take and where should i begen
Yes it’s hard it’s not for everyone! You have to be SMART! Sadly nowadays we tell everyone can be anything. Most people are not smart and still want to get into cyber. I studied cyber as part of my computer science degree and it was hard but not impossible. 50% or more failed and dropped out. It is what it is. Become a business analyst instead 😅
It's not about easy or hard.
This sphere is very stressful and has a huge responsibility.
Outstanding use of your time and giving value to other! Very commendable and worthwhile!
I am 46, and my business that I have been a part of for 20 years is crumbling a part. So here I am, making sure I have something to fall back on
Yeah I have my Sec+ and it's been 10mo and only had 3 interviews. I had to accept a help desk role at a paycut. SMH
I’m giving myself a 6 year time frame to get a cyber security job but hopefully sooner. Aiming for as much certs and experience between now and then.
6 year Is lot 🤯, pls tell what u r doing now
@@tumharadost1745 I’m working in customer services whilst at Uni one night a week and a part time CS degree with the open uni. I want to get a few certs this year to add to the one’s earned in 2023. Next year I’ll start applying for jobs but 2030 is my goal but will be pleased if it happens sooner
I’m deep into the cybersecurity course on Google with no education or experience. It’s really hard to follow. I understand the key concepts but there are so many complex ideas of securing a network or organization
are you going to take your CompTIA+ once you are done with that course
@@Rah89__ yeah
Did you complete the google course? I’m taking it now, I’m not deep in it tho, just began with enough time if i reallt want to do it or not
@@jamespat1982 I'm on Course 7 right now
I will finish my cybersecurity Hons degree in May it's gonna be continuous learning thats for sure as I go in to the field.
LORR JESUS CHRIST Have Mercy upon us Amen
I'm in my senior year for my degree in cybersecurity. It's tough. People hoping to get into it through corporate opportunities are going to have a really hard time competing. Get certs, some security-realted certs, and a degree if you can. That's pretty much the best way to stand out right now.
Hi. For your homelab architecture, is everything hosted on a single machine? If so, how much resources would you need? Thanks. Very informative video by the way! 🔥🔥🔥
Hey there, it depends on your usecase but generally one machine is enough (to start you off) as you can create multiple VMs on it. Hope that helps!
as a data scientist I completely agree with this guy.
It might be hard, but I’m harder.
Well it's hard that's why i chose this career path .
i don't wanna chase a field which is too easy for everyone to just get into.
I love cyber as a hobby, I used to want to do cyber as a career. (I'm a junior in IT but I have 5 certs and a Master's if that gives perspective). Then I realized how HOSTILE cyber is to entry level professionals in IT. I opted out of cyber for this reason.
I still love and always will love cyber, but doing it as a career is far too stressful and demanding.
I know some of you will say that IT is the same but I disagree, cyber has a lot more at stake.
Thanks for the input!
"cyber has a lot more at stake" Couldn't stress this enough.
Hey Jono I’m glad you gave professor messer kudos as I’m studying with him to get my A+.and I like the cybersecurity field.i know now with the new A+ exam coming out some time in late 2025 CompTia will probably have people to know a little about AI and machine learning technology is always changing and we have to keep up.thanks for sharing this information.
Nothing in life that’s easy is worth it. Apply yourselves!
Nonsense, nothing is "a piece of cake," but anything worth going after isn't gonna be easy.
This is based on just his personal experience because I know firsthand that you can definitely get ball running.
Hey Jono this video is so helpful for me . Please I need your advice. I just got my CompTIA A+, but I am confused on which cert to go next. I want to go into cybersecurity.Please I need your help and advice . Thank you 🙏
CompTIA Security+ or CompTia Network+
What i have got to realize about cybersecurity is that, cybersecurity is not an entry-level industry... Once you realize that, everything will start making sense about this industry. And you will understand the expectations that comes by pursuing this career.
8:13 The Homelab Network Architecture is that a software that you can download?
Hey there, that Homelab network architecture is just an example of how it can look. There are many ways to get started on your homelab but best way is to research on the basics first!
@@TechwithJono Thanks.
Great video. It feels like I came to you and asked for a cybersecurity guide and tips.
I appreciate the thoughts around automation, I need to be more aware of where I can automate. Do you have a recommendation around what software to use to set up a home-lab?
Hey there, the software would depend on what you're trying to achieve, so there's no one software to do everything. For example, you could use VMware to set up a server on your computer. Hope that helps!
There are three main challange of cybersec
1. Is the technical part dare I say the "technology" It's the tools SIEM, XDR, WAF, NAC emhasis on detection. Or the fun part the testing and exploitation.
2. Is the process, most organisation doesn't aware how critical the secure operating procedure in conducting their business. Getting the stakeholder to "buy in" the secure process is an uphill battle in its own right.
3. Then last but not least is the people. You can shell unlimited money for the new and shiny security tools and established strict procedures but people will find a way to bypass them for convenience.
So, looking to get into this field and hungry for knowledge do I still need to go get a Bachelors or Associates or can I get the Certs and get some experience working for free under someone?
Get.Your.Degree.
You need to understand how computational devices work on a granular level to have a top career in Cyber Sec.
If you just want to land an entry level role, certs might be fine but also remember: the best Cyber Sec certs *must* be renewed every few years. Its not like a degree where you have it for life.
Short term degrees are more work. Long term, it pays off and saves you way less effort down the road.
CyberSecurity domain is an ocean. There are many different areas that fall under the cybersecurity umbrella, and these are often referred to as cybersecurity domains. Network Security, Cloud Security, Application Security, Endpoint Security, Incident Response, Risk Management and etc.,
I do Cybersecurity. Bore the Hell out of me. But it's a living. Can't wait to move out of it in few months.
Why you want to move out of it bro?
@@atharvapotdar5560 cause it bore me. Do you know the effort to work with other teams and research vulnerabilities and run all these test and the waiting to implementing just a parameter or a note or a code. Take too long and the waiting and the redo over and over and paper work. Just not for me. I like hand on technical and be done with. Not sitting there writting paper work. I do Cybersecurity plus i do IA for DOJ.... It too mamy B.S.... That just me... If you enjoy Cybersecurity. Maybe it for you. But not for me. I dont have the patience anymore. The pay is ok. Not a wow factor for me. I cut in halve $$ . Just to learn what the hype is all about. Now, i know. I like to move on something better.
@@atharvapotdar5560 The BS you have to deal with. Maybe if you like to do paper work and research over and over again. This is for you. For me, i like technical stuff and doing it for over many many yrs now. I like no nonsense just give me a project and i get done and next " new" one. Cybersecurity you have to deal with alot of different team, meeting after meeting and you have to tell or convince everyone why you need this parameters, code, note or whatever needs to be implemented for vulnerabilities. As we all have "expert" in every field. I take a halve pay cut to learn this trade and see what the hype is. Now i know, not interested it any more. Dont have the patience to learn like i once was when i was young. But that my two cents. You never can not stop from learning. Be eager to learn and work hard and be an expert... Dont think you learn few yrs or decades . You are an expert. Technology keep coming new things. You dont keep up. You get left behind. I am too tired for new thing. I rather do helpdesk and make me happy at night.. Just figure of speak...
@@atharvapotdar5560he says it’s boring to him lol
There are so many different niches and positions in cyber tho like pen testing or GRC or IAM
Thank you ❤
I will now complete the CCNA, and then I plan to move to Comptia Security+, then Ceh, then
, and until now I want to delve more deeply into cybersecurity, even though I have not learned the important things.
What do you think of this plan?
Lesson learned: Don't get scammed. You have an easier path being a lawyer. Cybersecurity is constant learning.
Laws change. Medicine changes. Programming changes. Marketing changes. Whatever career you end up in you are going to need to constantly be learning if you want to be successful. Not trying to come off rude but constant learning is the key factor to success in any job.
@@DillonPatterson-co7beConstant learning is also the key to be successful in things other than career as well. Self Reflection and learning more about the world will definitely lead to a much more beautiful life experience.
@@asresalim6145For sure. I used to work with kids as a preschool assistant teacher and those kids kept me young. Having a young nephew does the same thing these days.It's a constant reminder to have childlike wonder about life and to always be scratching our curiosity itch.
Well said@@DillonPatterson-co7be
@@DillonPatterson-co7be I'm also an aircraft mechanic. And I can say that cyber requires more engagement in learning. Your reasoning has a weakness. Generalization. Not all jobs are the same, and not all birds fly.
No only is hard but is also hard to get hired, HR is only picking whoever have the OSCP and so on. Those day where people used to get hired by only showing skills are over.
Demand for experience is higher than ever.
People in comments keep saying "oh take a chance on me I can learn on the job". But for intermediate to advanced cyber sec roles, that's usually not an option. You are dealing with critical incidents constantly in one way or another. Cyber Sec is one industry where time is the enemy.
People need to realise companies cannot take some 30 yo who wants to get out of baggin groceries who can't explain computer memory or check what processes are consuming most performance on a Linux OS, and hold their hand while they try and explain what the hell dynamic malware analysis is.
People with that view have a _very_ naieve view of the industry. Imagine, with zero medical training, you said you wanted to shadow and ER doctor to learn how to work in medicine. People would laugh at you. Yet for some reason in Cyber Sec, which can literally be life or death too sometimes they expect this ridiculous idea of being shown every little thing for a year or two til they get the hang of it to happen.
If you need lots of hand holding and ELI5'ing, Cyber Sec isn't the right industry. We need people who pick things up very fast withh minimal on boarding. I moved roles at the start of the year, and my "on boarding" was 1½ weeks to read the teams internal docs and Sec standards by myself, review their architecture and code base. I maybe had 2 short 30 min calls to fill in any blanks.
Start of week 2, I was already stuck in to their project work and had first delivery within 45 days of starting.
Thats not just me. Its what industry needs and generally expects for intermediate to high level roles.
Don’t listen to this guy. Ppl give opposing views for clicks for those in doubt. Just focus and study. Nothing is “hard” and the field is booming. Nothing worth having is “easy” but if you want it you can get it to.
It's still good to listen to different perspectives gives a wider range of thought
work practice health thats it nothing in life is hard if youre into it.
lol you talk about how you "barely knew" any security concepts. then you go on to say your background is -- i was expecting you to say like janitor or something or business major -- you say software engineer. i am screwed.
This is a short video with a lot of great information! Will be sharing within our company!
so i'm cooked
Joni I love this video it really helps me conform what I wanna do in the future but I had one question. Around how long is a normal work day?