What is cybersecurity?
Cybersecurity is the practice of protecting computer systems, networks, and their corresponding data from theft, damage, destruction, manipulation, or the disruption of their normal operations.
You’re probably familiar with some of the more notorious elements of cybersecurity, like phishing and ransomware. But as the role of computers grows, cybersecurity touches more of everyday life.
It’s no longer just about keeping hackers from accessing government secrets or a company’s sensitive customer data. Cybercriminals target credit card numbers, in-home devices (ranging from virtual assistants like Alexa to internet-connected temperature controls), and even extort money from regular people by locking access to their social media accounts.
Why is cybersecurity important?
For governments, cybercrime is a major health and safety issue. In May 2021, independent hackers breached the Colonial Pipeline corporation, forcing them to shut down the pipeline that controls 45% of fuel supplies to the East Coast of the United States. This is just the latest case to raise fears of what could happen if hackers, or another nation, were to attack the nation’s power grid, clean water supplies, or critical health infrastructure.
Likewise, in the COVID-19 pandemic, the importance of quick communication and connectivity was paramount in trying to help the global population sort out information. Without the ability to work from home, many companies would have been without access to their employees. (But with criminals stuck at home, cybercrime numbers unfortunately shot through the roof.)
As the number of computer users and devices grows, cyberattacks will continue to become more common - and expensive - for companies and individuals to deal with. A single cyberattack can have a serious impact on a company’s reputation, even if no sensitive information is successfully stolen or revealed.
Likewise, a cyberattack on an individual’s text messages, photographs, or other sensitive information can put them in an embarrassing situation. Malware scanning software, encryption-capable messaging and file storage services are just some of the many tools average people must employ for their own protection.
What is the difference between information security vs. cybersecurity?
There are major areas of overlap between information security and cybersecurity, but it's important to understand the differences.
Whereas cybersecurity is about protecting against unauthorized access, harm, or modification of hardware and software (including data), information security focuses entirely on the security and integrity of data itself.
This distinction is important because not all data - or data access - takes place on a computer or computer network. A local doctor’s office may have filing cabinets filled with highly sensitive personal information about its clients, including their social security number, payment information, and health issues.
Likewise, a local data center storing information on behalf of thousands of companies could have a back door that is propped open when deliveries are made, providing easy unauthorized access to the physical building and setting the stage for possible theft.
While information security and cybersecurity represent unfortunate necessities (and huge expenses) for companies, they mean that the cybersecurity field is experiencing constant growth and a need for new talent.
How to Get Started in Cybersecurity?
To get started in cybersecurity, it helps to understand what you want to do in cybersecurity, and what credentials and education you have - or will need - to pursue your goals.
It is common for cybersecurity professionals to hold a bachelor’s degree or even a master’s degree in a related field, such as computer science, information technology, or cybersecurity itself (for colleges and universities that offer such programs.)
A college degree indicates that you have mastered a broad spectrum of computer-related knowledge and experience, several years of experience in coding and technology, and that you have studied critical topics such as network architecture, and database design. These are clear advantages when pursuing a technical career.
But a growing number of cybersecurity employees are coming from non-traditional backgrounds such as cybersecurity bootcamps that can be completed in a fraction of the time, and for a significant cost reduction, versus degree programs. And while they do not replicate years of immersive study, the top bootcamps will always be teaching only the latest technology and programming languages, ensuring your study is relevant to practical career needs.
Numerous other options exist, including online courses, books, and videos. But unlike a college or bootcamp experience, these won’t come with critical added-value elements including live instruction or a network of like-minded career professionals who can share tips, learning, and leads with you now and throughout your career.
College is also not an option for everyone. Some people may find they cannot afford the time and financial commitment. Others are already mid-career, and need to move into a new job in the next few months. For these professionals, a full-time immersive bootcamp may be a worthy investment that fits their time and financial requirements.
What kind of jobs are available in cybersecurity?
Cybersecurity is a great career option for people with highly technical backgrounds, but the good news is that it also needs people from all walks of life. This can make it an ideal choice for mid-career professionals who have developed expertise in other fields.
As an example, someone with a decade of experience in the oil and gas industry will have a depth of accumulated expertise an outsider will lack. Computers and network connectivity touch every field of human enterprise, experts are needed across every industry to give governments, companies, and individuals the best chance of stopping bad actors before they can access networks, computers, or information.
Here are a few entry-level cybersecurity careers to consider when deciding if a move into cybersecurity is right for you:
1. Cybersecurity analyst
Cybersecurity analysts are a backbone of any cybersecurity operation. Their day-to-day work can vary based on the current threats to the company, ranging from reviewing attempted (or successful) intrusions, to evaluating emerging threats in the industry.
Here’s what cybersecurity analysts make in different parts of the country (current in July 2021):
2. Incident analyst
Incident analysts focus their time entirely on responding to and understanding actual cyberattacks a firm has faced. They scan available data, interview employees, and conduct research to form conclusions in order to prevent future incidents. Increasingly, their job descriptions expand to include live incident management and responding to real-time incidents.
*current in July 2021
3. Penetration tester
While incident analysts focus on what has already happened, a penetration tester (pen tester) puts their efforts into identifying what could happen next. Their entire role is to try to break into a company’s networks and information ecosystem in order to expose security holes. For this reason, a pen tester is also known as an ‘ethical hacker’.
Penetration testers try everything from breaking into the company’s WiFi, to security holes on its website, to going through the garbage to look for information that may give them an advantage in their efforts. This makes penetration testing the perfect choice for career professionals who enjoy a challenge.
*current in July 2021
How to get into cybersecurity without a degree?
As with any career, it will be important for you to be able to show prospective employers that you are serious about your cybersecurity career and have the necessary skills to succeed.
A college degree provides an established advantage here, but with the growing talent gap in the cybersecurity industry - and the development of non-degree career paths - there has never been a better time to get into cybersecurity without a degree.
Non-degree candidates should focus their research on two pathways that provide a balance of time and cost with the recognition needed for resume development: certifications and coding bootcamps.
1. Professional certifications
Professional cybersecurity certifications might be fitting for individuals who need to demonstrate specific skills, but certifications won’t necessarily teach what you need to know. Rather, you are typically testing or refreshing on previous knowledge.
That’s why many non-degree candidates are turning to a cybersecurity bootcamp as a way to learn the skills they need to get into cyber.
2. Cybersecurity bootcamp
Bootcamps are an intensive, immersive program that teaches you skills you need to know for a new cybersecurity career in as little as 15 weeks.
And while coding bootcamps tend to recommend a full-time program, they will often have a flexible pacing option for working professionals who cannot afford to take two to three months of time off. This gives them the flexibility of certificate self-study, while adding the many additional advantages listed here.
Top coding bootcamps may also offer career coaching assistance, leveraging their network of local or trusted employer companies and a growing alumni network. This can be a great advantage - after all, who better to vouch for a program’s success than someone who used the same program to get a job in the industry?
3. Try a free lesson
Wondering what it would be like to do a cybersecurity bootcamp? Try a free lesson from Flatiron School. These online lessons are made to mimic what you would learn in a bootcamp so you can see if you like the content and pace of the program.
The free lessons available include:
Whatever your approach, there has never been a better time to get into cybersecurity as a career, even if you don’t have a background or degree in the field. With the options now available, anyone interested in cybersecurity should seriously consider the advantages of entering this fast-growing field.