Cybersecurity has gone from a mystery we hear on the news to almost a necessity and a trend, touching on all fields and commanding global attention.
As there is no smoke without fire, the escalation of cybersecurity comes from the rise of technology, emerging cyber threats, and the challenges that follow each innovation. So to respond to this new demand, and make it simple for students or individuals interested, I spoke with Emre, a cybersecurity student who’s already gained valuable real-world experience and owner of CyberV. He helped us provide a roadmap and a list of advice that we list below.
How did he get into cybersecurity?
Emre is currently a student and apprentice engineer in cybersecurity.
(apprenticeship: an educational system that allows students to alternate between school and work. 50% of the time at school as a student and 50% as a professional)
He earned a University Diploma of Technology in Networks and Telecommunications, specializing in cybersecurity. He completed this through an apprenticeship as a Pentester and Blue Teamer, which allowed him to gain extensive technical experience in cybersecurity!
In parallel, he created a cybersecurity association called CyberV. An international association with several hundred members to bring together students, professionals, and anyone interested in cybersecurity. Within a team, he animates multiple events online to meet with experts and work on projects and group activities.
His first experience with cybersecurity was at 13 when his passion for development took him to a malicious code online, in which a single run was enough to get all his accounts hacked.
With the severity of his situation back then, it was in fact a blessing in disguise! He came across the word “cybersecurity” and started his journey with YouTube videos and programs.
While this story sounds adventurous, cybersecurity is flexible and anyone can find his way differently. The cybersecurity landscape is filled with professionals of all ages, proving that passion and dedication are the true drivers of success. No matter who you are, what age, or if your accounts have been hacked or not…
The skills you need to start in cybersecurity:
Cybersecurity is far more than just lines of code and firewalls. It is a vast world that we often do not realize. It’s not only about technology, but it expands to all fields like geopolitics, international law, and day-to-day interactions.
But if you are into the ‘technical’ aspect, Emre thinks there are plenty of must-have foundations to master before diving into big concepts like pentesting, forensics, or OSINT. So here is the list:
Networking
Understanding how machines communicate is fundamental. This means diving deep into networking concepts like the OSI and TCP/IP models, learning key protocols, and knowing how to set up and configure a network.
Cybersecurity is all about protecting systems and data across networks, so understanding how it works would be the first step before exploring attacks or securing methods.
Operating Systems
Since they are the foundation for all software, you should get comfortable with them. Know how they work and what are their vulnerabilities. We’re talking about Linux commands, Windows and Powershell, process management, permissions, logs, and all the other skills that come with it.
Development / Programming
Scripting and understanding code are valuable skills in the field! Maybe not to a high level of a developer, but moderate to use it comfortably.
Python for scripting and automation, Bash for tasks in Linux, C for those interested in low-level security and reverse engineering. Remember to start small with the basics and practice regularly with projects.
Web skills
The web is a major attack vector, so understanding how websites work and their common vulnerabilities is a huge advantage. This includes learning about web application architectures and common web vulnerabilities like SQL injection (SQLi), cross-site scripting (XSS), server-side request forgery (SSRF), and cross-site request forgery (CSRF).
In little words, you can’t defend what you don’t understand. So a strong foundation in all aspects of technology helps you build your cybersecurity knowledge with no struggle later.
Once you have these solid basics, you’ll find it much easier to specialize in what excites you most in the cybersecurity branches (pentesting, SOC, incident response, reverse engineering…)
Is that all you need?
Like any other career, soft skills are just as important! Because cybersecurity isn’t only about machines, it’s about people!
Technical skills are a must, but they become almost useless if you can’t communicate them to your teammates and clients. You should master the art of presentations, writing effective reports, working on a team, and even leading projects. The stronger your personality is amongst your peers, the more likely you are to reach success.
Since technology evolves every single minute, having a sense of curiosity and continuous ability to learn and explore is crucial. Cyberthreats increase immensely and companies are competing to create new technologies. With that being said, you too should be as fast and as motivated to learn about new vulnerabilities and keep your skills updated.
And those are things to learn and practice. Don’t assume they’ll just come naturally – invest your time in developing your communication, collaboration, and critical thinking abilities.
Misconceptions about cybersecurity
I asked Emre about the misconceptions he sees in the field that must be clarified. From imagining a hooded guy in a dark room coding and hacking twenty-four-seven to the false impressions about cybersecurity roles and the job market.
So let’s see what misconceptions are there:
"Cybersecurity is just hacking/pentesting and technical work"
False. Cybersecurity is not limited to penetration testing and coding. It includes a variety of roles that often do not require deep technical expertise. It also encompasses law, risk management, governance, policy-making, and security awareness. In fact, cybersecurity is a multidisciplinary domain where you can find your place even if hacking and coding aren’t your main interests.
"You need to get a lot of certifications to become an expert and build a career"
Certifications can be valuable, but they do not replace practical skills and experience. A well-known certification may help but it doesn’t automatically make you a cybersecurity expert. What truly matters is what you bring to the table. Your ability to understand and analyze threats, gather information, and solve security problems in real-life scenarios.
Think of certifications as a plus, a proof of investing time into learning and improving, but not guaranteeing success. They become useless if you’re not willing to continue the work and practice.
"You need to be a coding genius to work in cybersecurity"
Not at all. While basic scripting skills in Python, Bash, or Powershell can be useful, they are not essential to get started. Cybersecurity is a broad field with many roles that focus more on network security, system administration, threat analysis, and risk management rather than coding. It is far more important to understand networks, systems, and web security.
Coding skills can be an advantage, but they are not a strict requirement for building your career.
"Recruiters will chase after you"
Not quite the case. Cybersecurity is in high demand, but that doesn’t mean you will automatically get hired because of your degree or a few certifications. While opportunities are growing, so is the competition, and those who do the bare minimum won’t stand out.
Continuous learning, curiosity, and real projects are key to attracting recruiters. Building a strong professional presence and all the mentioned skills will set you apart. But it’s wrong to expect recruiters would chase after you if you’re not exceptional!
In little words
Cybersecurity is an exciting world, offering a wealth of opportunities for those who are prepared to dive in. Hopefully, this article has given you the first keys to start. and made the vision a bit more clear.
As you begin your journey, keep in mind that:
- Cybersecurity welcomes everyone: it is a flexible domain you can join regardless of your background.
- A strong foundation is key: Cybersecurity needs a solid understanding of different aspects of technology since you can’t secure what you do not know.
- Practice makes perfect: The field requires lots of practice, and hands-on experience way more than theory. Think of projects, CTF competitions, virtual practicing labs, and more.
- Continuous learning: Stay curious and never stop learning to keep up with its fast rhythm.
A huge thank you to Emre for sharing his experience and helping us bring together this article. Be sure to check his association and let him know you found him through this! Now, take your first step and explore more article about cybersecurity and technology.
