The Ultimate Guide To A Securing Cybersecurity Career in 2023

How Important Are Degrees In Cybersecurity?

While a degree may benefit those looking to enter cybersecurity, it is not always necessary. Many employers are willing to hire individuals with relevant experience and certifications, even if they do not have a degree. This means that plenty of opportunities are still available for those without a degree to enter cybersecurity.

In our conversations with cybersecurity hiring managers, their primary focus is on the technical skills and competency of the candidate. They hone in on whether the candidate can perform the role competently through technical interviews.

Students in CFC undergo technical interview training towards the end of their course to prepare them for actual interview scenarios. 

According to a survey conducted by (ISC)², a nonprofit organisation for information security professionals, only about 44% of respondents said that a bachelor's degree was the minimum education requirement for cybersecurity positions at their organisation. Most organisations are willing to consider candidates without a degree for cybersecurity roles.

In addition, the (ISC)² survey found that experience and certifications were essential factors in hiring decisions for cybersecurity positions. About 84% of respondents said that relevant work experience was a top factor in their hiring decisions, and 81% said certifications were also necessary.

This suggests that many employers are willing to hire individuals with a combination of experience and certifications, even if they do not have a degree. 

Many graduates who have completed CFC's Career Kickstart course managed to secure a well-paid cybersecurity career without having a degree or having degrees in non-IT sectors.

Furthermore, (ISC)² survey found that professionals without a degree were just as likely to hold management positions as those with a degree. 25% of respondents without a degree reported being in a management role, compared to 36% of those with a degree. This suggests that a lack of a degree does not necessarily hinder one's ability to advance in cybersecurity.

In addition to the (ISC)² survey, other research has also found that a degree is not always necessary for a successful career in cybersecurity. 

A study by Cybersecurity Ventures, a market research firm, predicted that there will be 3.5 million unfilled cybersecurity jobs by 2025. This suggests a significant demand for cybersecurity professionals, and employers are willing to consider candidates without degrees.

Furthermore, pursuing a degree in cybersecurity or a related field can be time-consuming and expensive. A traditional four-year degree program can take several years to complete, costing tens of thousands of dollars in tuition and other expenses. 

In contrast, gaining relevant experience through hands-on training, such as on CFC's Cyberium Arena cybersecurity simulator that trains students with practical cybersecurity skills based on real-world scenarios, can often be done more quickly and cost-effectively.
 

Technical Skills Needed For Cybersecurity

It is crucial for cybersecurity professionals to have strong technical skills because they are responsible for protecting networks, systems, and data from various threats and vulnerabilities. 

To do this effectively, they must deeply understand different technologies, protocols, and security measures. They must also be familiar with a wide range of tools and technologies used to protect networks and systems and be able to write and understand code. 

With these technical skills, a cybersecurity professional may be able to effectively identify and mitigate potential risks to an organisation's networks and systems.

Here are the top 5 technical skills that every cybersecurity professional should have:
 

1. Networking and Information Security

​A strong understanding of networking and information security is essential for cybersecurity professionals. This includes knowledge of networking technologies, protocols, and security measures such as firewalls, intrusion detection systems, and encryption. Specific areas of knowledge include: 

​​

• TCP/IP

• DNS

• HTTP & HTTPS

• SSL/TLS 

• VPN

• NAT

• Firewalls

• Intrusion detection systems

• Encryption algorithms
   

2. Operating Systems

​

Cybersecurity professionals need knowledge of different operating systems, such as Windows, Linux, and macOS. This includes understanding how these systems work, their vulnerabilities, and how to secure them. Specific areas of knowledge include: ​​
 

• Windows

• Linux

• macOS

• Unix

• Mobile operating systems

• System Administration

• System Security

• Patch management
   

3. Programming and Scripting
 

The ability to write and understand code is essential for cybersecurity professionals. This includes proficiency in programming languages such as Python, Java, and C++, as well as the ability to write and use scripts to automate tasks and analyse data. Specific areas of knowledge include: ​​​

​

• Python

• Java

• C++

• JavaScript

• HTML

• CSS

• SQL

• Shell scripting

• Regular expressions

• API development
   

4. Cybersecurity Tools and Technologies

Cybersecurity professionals must be familiar with various tools and technologies to protect networks and systems. This includes knowledge of security software, such as antivirus and anti-malware programs, and experience with security appliances, such as firewalls and intrusion detection systems. Specific areas of knowledge include: ​​​​

​

• Antivirus and anti-malware software

• Vulnerability scanners

• Penetration testing tools

• Security information and event management (SIEM) systems

5. Risk Management and Compliance

​

Cybersecurity professionals must understand risk management and compliance to identify and mitigate potential risks to an organisation's networks and systems. This includes knowledge of industry-specific regulations and standards, such as the Personal Data Protection Act (PDPA), Public Sector (Governance) Act ("PSGA") and Payment Card Industry Data Security Standard (PCI DSS), and the ability to develop and implement effective security policies and procedures. Specific areas of knowledge include: ​​​

​​

• Risk assessment and analysis,

• Security policies and procedures,

• Industry-specific regulations and standards

• Data privacy and protection laws

• Business continuity and disaster recovery planning
   

These technical skills are essential for cybersecurity professionals to effectively protect networks, systems, and data from potential threats and vulnerabilities. By staying up-to-date on the latest technologies and best practices, cybersecurity professionals can help ensure the safety and security of their organisations. However, soft skills are equally important to excel and operate effectively as a cybersecurity professional.
 

Non-technical Skills Needed In Cybersecurity

In addition to possessing a solid set of technical skills, several non-technical skills are essential for cybersecurity professionals. These skills are vital because they help cybersecurity professionals communicate and collaborate effectively with others and manage and prioritise their workload. 

More often than cloud security or digital assets, human mistakes due to miscommunication, a lack of proper knowledge or oversight of data lead to the most significant cybersecurity incidents. 

At CFC, we focus on ensuring students understand the link between IT and business and equip them with business acumen and communication skills. This helps them effectively interact with all departments and levels of any organisation they become part of.

Here are the top 5 non-technical skills that every cybersecurity professional should have:
 

1. Effective Communication

The ability to communicate effectively is crucial for cybersecurity professionals. This includes explaining complex technical concepts to non-technical audiences and collaborating with others to develop and implement adequate security measures. 
 

2. Problem-Solving Abilities

Cybersecurity professionals must be able to think critically and creatively to solve complex problems. This includes analysing information, identifying potential threats and vulnerabilities, and developing solutions to mitigate risks.
 

3. Organisational Skills

Organisational Skills: Cybersecurity professionals must manage and prioritise their workload effectively to ensure that all security tasks and responsibilities are completed promptly. This includes the ability to plan and organise work, as well as the ability to manage multiple tasks and projects simultaneously.
 

4. Leadership Skills

Leadership: Cybersecurity professionals may be required to lead teams or projects and must have strong leadership skills. This includes the ability to motivate and inspire others, as well as the ability to delegate tasks and responsibilities effectively.

​

5. Adaptability 

Adaptability: The field of cybersecurity is constantly changing, and therefore cybersecurity professionals must be able to adapt to new technologies, threats, and challenges. This includes learning quickly, staying up-to-date on the latest developments in the field, and adapting to changing environments and situations.
 

These non-technical skills are essential for cybersecurity professionals to succeed in their careers. Cybersecurity professionals can effectively communicate, collaborate, manage their workload, and adapt to changing environments and situations by developing and refining these skills.
 

Prerequisites For Entering Cybersecurity

Another common question for those looking to enter the cybersecurity industry is, 'What skills do I require before learning cybersecurity?' or 'Do I need to know to program?'.

The short answer is: it depends. Depending on your career destination and the programme you are applying for, some curriculums may offer introductory courses in Python, Linux and Windows fundamentals as part of their training.

At Centre For Cybersecurity, our XE Basics Course (also known as Beginners' Course) equips all beginners with the necessary skillsets that will allow them to advance to more complex cybersecurity training. 

This allows people with no background in programming or cybersecurity to have a leg up in entering the cybersecurity market.

Learning the fundamentals of networking, Linux and Windows will help build a solid foundation for your cybersecurity education if you are looking for more information to get a better footing in cybersecurity.

Below are some relevant resources that we have found:

Cybersecurity Foundation Resources

​

1. Networking Fundamentals 

• For general knowledge in networking fundamentals, check out https://www.cisco.com/c/dam/global/fi_fi/assets/docs/SMB_University_120307_Networking_Fundamentals.pdf.

• Watch this YouTube channel for a comprehensive overview https://www.youtube.com/watch?v=n2D1o-aM-2s&list=RDCMUCK4ji45I-zxeWXAFKmu3p6Q&start_radio=1&rv=n2D1o-aM-2s&t=0.
   

2. Linux Fundamentals

Learning with a Linux system by your side is always best to be familiar with and explore commands and their piping.

• Free Linux Training (Note: some content is out of date, but the overall course is relevant): https://linux-training.be/

• Linux fundamental by tryhackme to be used with their free hands-on: https://www.youtube.com/watch?v=fz-ybaXdlGU&list=PL0iJrrpaWpyW9FQqI_TMJiuGpLJrXGVvA
   

3. Windows Fundamentals

• Helpful resources: https://www.sos.wa.gov/_assets/library/libraries/projects/ita/moac_mta_98-349_2e-windows-os.pdf

• Practical hands-on training: www.hackthebox.com and www.tryhackme.com

--[CYBERSECURITY COURSES]--

When choosing a cybersecurity course, there are several essential things to look out for to ensure you get the best education and training possible.

Here are the top 5 things to consider when selecting a cybersecurity training provider:

1. Course Curriculum: It is crucial to choose a cybersecurity course that has a comprehensive and up-to-date curriculum. This should include various topics, such as networking and information security, operating systems, programming and scripting, cybersecurity tools and technologies, and risk management and compliance. Cybersecurity evolves constantly, and training providers must keep up to date with changes and build these new findings into their curricula for students. At CFC, both our theoretical and practical components are subjected to review every month. Students are guaranteed to be learning the latest skills and knowledge in cybersecurity.
    

2. Instructor Experience: The instructor of a cybersecurity course should have a strong background in the field, with experience in both theoretical and practical aspects of cybersecurity. This will ensure that the system is taught by someone knowledgeable and experienced and can provide valuable insights and real-world examples. 
    

3. Course Format: The format of a cybersecurity course should be suitable for your learning style and schedule. Online courses may be a good option for individuals considering a mid-career switch, as they offer flexibility and convenience. It is important to consider the duration and intensity of the course, as well as any additional resources, such as study materials and support, that may be provided. The majority of our students are adult learners with full-time careers or caretakers. We considered these and built a training system that best supports them while studying with us. Students have access to course notes, class recordings, 24/7 access to practice labs, study sessions and 1-to-1 consultations.
    

4. Practical Skills: A cybersecurity course should focus on providing practical skills and hands-on experience. This may include hands-on labs, case studies, and projects that allow you to apply what you have learned to real-world scenarios. Students at CFC get hands-on experience with the world-renowned Cyberium Arena Cybersecurity Simulator. Additionally, there are capstone projects that help build their portfolios, which are used to showcase their technical abilities during cybersecurity job interviews. 
    

5. Certification: Most entry-level certifications such as CEH & CISSP are unfortunately entirely useless in employment. This is because these certifications are earned through multiple-choice questions that do not reflect a candidate's technical skills. It is important not to select a cybersecurity course solely to attain these entry-level certifications that will not help secure a cybersecurity career. Read more about why certifications do not help with employment here. 
    

Overall, choosing a cybersecurity course with a comprehensive and up-to-date curriculum is vital, is taught by experienced instructors, and has a format suitable for your learning style and schedule. You can get the best education and training possible by considering these factors and looking for a course that provides the practical skills employers look for.

Securing A Cybersecurity Career With CFC

At the Centre for Cybersecurity, bridging the transition from classroom best practices to real-life career demands is a crucial mission. CFC's curriculum enables students to fill unique niches that align with business digital transformation priorities and make themselves as applicable across organisations as possible. The CSA has recently launched toolkits to enhance cybersecurity investment for enterprise owners and business tech leaders. CFC strongly emphasises the cultivation of cybersecurity leadership and guidance for employee cybersecurity education to align with national cybersecurity priorities.

Hands-on training that reflects employer and industry demands is a central area of focus. Covering cyber fundamentals (Windows and Linux), Security Operations Centre (SOC) and Python as well as exposure to learning simulators such as the Cyberium Arena, students develop insight into cybersecurity trends and vulnerabilities so they can quickly adapt and apply skills gained in new contexts. 

To succeed in a cybersecurity career requires high reasoning and cognitive intelligence levels. CFC's unique programme enables new professionals to stand out from the talent pool and be effective from day one. CFC, in its push for digital transformation, develops individuals who desire to innovate and problem-solve by looking at cybersecurity issues with new lenses and challenges.