If you are a young person interested in pursuing a career in technology, it can be challenging to know where to start. While some schools may offer curriculum in technology, cybersecurity isn’t typically covered.
With any career, the earlier you begin learning the ropes, the better off you will be in the long term. This guide serves as a guide for students interested in learning more about the cybersecurity field. We’ll also cover some tips for parents to help get their children involved in cybersecurity and teach them how to be safe will browsing online.
What is the cybersecurity field?
Cybersecurity is the field responsible for protecting and securing digital assets and data. The cybersecurity field encompasses many different jobs that require varying skillsets. Let’s take a look at just some of the jobs available in the cybersecurity space.
Security analysts are responsible for monitoring security procedures and making sure that best practices are implemented and followed. Security procedures will vary from organization to organization, so the security analyst will need to adapt to each new position. A security analyst role is a general role in which the analyst may wear multiple cybersecurity hats. Security analyst roles can range from entry-level to senior-level.
Ethical Hacker/Penetration Tester
When we hear the term hacker, we often think of cybercriminals trying to break into systems illegally. However, not all hackers are criminals. Ethical hackers, also known as penetration testers, are cybersecurity professionals that use their hacking skills to break into systems to find vulnerabilities in the network legally. This type of test is known as a penetration test. Ethical hackers and penetration testers must have a wide range of hacking and cybersecurity knowledge.
Malware analysts focus on determining what a particular piece of malware can do and how it works. To assess how malware works, malware analysts use a process known as reverse engineering. Reverse engineering is the act of dissecting malware in a safe and isolated environment. By understanding the program’s purposes, companies can better defend against them.
Digital/computer forensics investigator
Digital and computer forensics investigators work with company officials or law enforcement after a data, network, or security breach to paint a picture of how a computer or computer system was compromised. They are responsible for collecting, preserving, and analyzing digital evidence. Digital and computer forensics investigators must follow a chain of custody to ensure that evidence is admissible in a court of law.
Cryptographers use algorithms and computer code to create (and decipher) encrypted software and related services. Anyone interested in working within the cryptography field should possess a strong understanding of and background in mathematics. Cryptographers are necessary for private-sector jobs and federal organizations such as the National Security Agency (NSA).
Chief Information Security Officer (CISO)
A chief information security officer (CISO) is an executive-level position tasked with developing and overseeing a company’s cybersecurity architecture, policy/planning, and execution. On average, a CISO position will require that the individual applying for the job has at least 7-10 years of hands-on cybersecurity experience. The CISO role is not an entry-level position, but rather one to strive for as a future role.
Skills needed for a career in cybersecurity
Before being successful in the cybersecurity field, students must also have an in-depth understanding of other skills in the technology field. Students should begin by learning the basics outlined in this section to prepare themselves for a career in cybersecurity.
The fundamentals of computer hardware and software are critical to a career in cybersecurity. How can you possibly secure systems if you do not fully understand how they work? Students should begin by learning the components of a computer such as a motherboard, RAM, CPU, graphics card, etc. Additionally, students need to understand how different types of software operate on a computer.
Computer operating systems (Windows, Linux, macOS)
The cybersecurity field requires knowledge of all kinds of different operating systems. It’s an incorrect belief that malware does not target macOS systems. All operating systems, including Windows, Linux, and macOS, are susceptible to cyber-attacks. Many organizations will operate using a combination of these operating systems.
Many cybersecurity tools are Linux-based. Students should familiarize themselves with the Linux-based cybersecurity operating systems Kali Linux and ParrotOS.
The best way to learn about these operating systems is to use them yourself. Understanding how to troubleshoot problems in each operating system is an important skill to have. Many cybersecurity tasks are performed from the command line. Students should learn about the various commands and command-line tools available for each operating system.
Linux-based operating systems are often the most difficult for individuals to learn to use. The book Linux Basics for Hackers is a great resource and tool for students interested in the cybersecurity field.
Networking is another essential skillset for anyone looking to pursue a career in technology. Computer networking is the process of connecting one or more systems together. Understanding how networks and systems communicate and transmit data will assist you in being able to protect these networks and systems.
Many roles in the cybersecurity field require engineers and analysts to analyze data as it travels across a network. Without an in-depth understanding of networking models, such as the TCP/IP model, this type of analysis is complicated.
While there are plenty of cybersecurity roles that do not require knowledge of programming or coding, understanding the basics of coding or being able to code in languages, such as Python, will be a massive advantage in your career. Cybersecurity analysts are less likely to require coding knowledge, while those interested in ethical hacking or malware analysis will most likely be required to have some coding experience.
CHECK OUT OUR CODING FOR CYBERSECURITY GUIDE TO LEARN MORE.
Resources for learning more about cybersecurity
More and more online resources are popping up to help teach students in K-12 about cybersecurity. These resources can help prepare students for secondary education, internships, or even an entry-level job in cybersecurity. Let’s take a look at some of the popular resources available on the market today.
US Cyber Patriot
CyberPatriot is a cybersecurity education program created by the Air Force Association (AFA) to inspire K-12 students to pursue careers in cybersecurity or other science, technology, engineering, and mathematics (STEM) disciplines. The US CyberPatriot program includes cyber camps, and the National Youth Cyber Defense Competition, the nation’s largest cyber defense competition. The competition allows high school and middle school students to compete by putting them in charge of securing virtual networks.
This type of hands-on experience is priceless and allows students to truly feel what it is like to work in the cybersecurity field.
National Cyber League
The National Cyber League is similar to CyberPatriot. The National Cyber Leauge is a platform that allows students to learn about cybersecurity and use what they learn in competitions. These competitions simulate real-life cyber threats in a safe environment for students to learn how to defend organizations against cyber-threats and keep them secure.
Hacker Highschool is a program created by the Institute for Security and Open Methodologies (ISECOM). Hacker Highschool is a self-paced self-learning curriculum. The Hacker Highschool curriculum is a continually growing collection of cybersecurity lessons explicitly geared toward teens ages 12-20. The curriculum covers topics such as Attack Analysis and Defensive Hacking.
Hacker Highschool is an excellent platform for students to use alongside labs and other complementary resources to learn about the cybersecurity industry.
Codecademy is not a site specifically for cybersecurity, but rather it is a free interactive platform to learn how to code. Depending on which cybersecurity specialty you are interested in, coding may be an essential aspect. Regardless of the specialization chosen, learning to code will give you a headstart in your career.
Codecademy offers courses in computer science, data science, PHP, Python, Ruby, and much more.
Cybrary is a free online platform designed towards teaching individuals cybersecurity skills. Cybrary isn’t explicitly designed for middle school and high school students like some other programs mentioned here. However, it is still a great resource to learn the skills needed for a career in cybersecurity. While all of the courses on Cybrary are free to view, students can choose to pay for a Pro subscription, which provides career pathways for specified careers.
Cybrary offers a wide range of difficulty levels in their courses. For instance, Cybrary offers beginner-level courses such as Introduction to IT and Cybersecurity as well as advanced-level courses like the Offensive Penetration Testing course.
Cybersecurity summer camps
Cybersecurity Summer camps are an excellent resource for learning about the cybersecurity field. Attendees also get the chance to meet friends who have the same interests as them.
GenCyber is one example of organizations that offer cybersecurity summer camps in states throughout the country. GenCyber camps are open to all student and teacher participants at no cost. Funding is provided together by the National Security Agency and the National Science Foundation.
Many universities also offer cybersecurity summer camps, so check around at the local universities in your area.
Capture the flag
Capture the flags, more commonly referred to as CTFs, are ethical hacking competitions. There are various types of capture the flag events, but the most popular kind of CTF challenges students to attack their opponent’s systems while also defending their own systems. Capture the flag events are an invaluable method to prepare students for real-life roles in the cybersecurity world.
Some high schools will have CTF teams already in place. Universities often have CTF teams as well, which will accept high school students. The Def Con CTF is one of the most notable and famous CTF events.
Another great way to learn about cybersecurity is to rub elbows with those in the field. Attending cybersecurity conferences is a fantastic way to accomplish this. Let’s review some of the best cybersecurity conferences to attend.
DEF CON is one of the most notable cybersecurity conferences. DEF CON takes place every year in Las Vegas during the summer. DEF CON consists of talks and sessions by experienced leaders in the cybersecurity field as well as various villages focused on lock picking, social engineering, and more. While there is no age requirement to attend DEF CON, parents should accompany their children to the conference as it is an “adult” atmosphere.
Black Hat is another conference that occurs in Las Vegas during the summer. Black Hat generally occurs the week before DEF CON. A significant difference between Black Hat and DEF CON is that Black Hat offers full-scale training classes as well as briefings, while DEF CON focuses on expert seminars and hands-on villages. Unfortunately, Black Hat attendees must be at least 18 years of age to attend.
For those residing on the East Coast, Shmoocon might be a better option than DEF CON or Black Hat. Shmoocon is held in Washington DC and is open to people of all ages. Shmoocon is a three-day conference comprised of speed talks and hands-on training.
Not everyone, especially many students, can fly to Las Vegas or Washington, DC, for a conference. On top of that, many students can’t afford the hefty ticket prices for conventions such as Black Hat or DEF CON. Sure, there are scholarships, but if you are not one of the lucky ones to receive them, it may seem out of reach. BSides conferences are a great alternative.
Security BSides conferences are held all over the country. The idea is to make cybersecurity events as accessible as possible to everyone. The cost of entry for a BSides event is typically free or low-cost. Check out the BSides website to see if there is a BSides conference near you!
In addition to the local BSides conferences, many cities and universities will host their own local cybersecurity conventions. Keep an eye out for listings in your area.
Believe it or not, many of the certifications required for cybersecurity jobs can be obtained while still in high school. Certifications are an excellent way to hone IT skills and open plenty of doors to entry-level IT jobs right out of high school. Students may even have an easier time preparing for these certification exams than adults because they are at a point in their lives when they are developing useful and healthy studying habits. Below are some of the certifications that are available for both students and adults.
CompTIA certifications are widely recognized throughout the IT industry as a whole. From my personal experience, obtaining a CompTIA certification, specifically the CompTIA A+ certification, at a young age opened many doors form. After passing the CompTIA A+ at age 16, I received a job offer to start as an entry-level network engineer at age 17. There is no age requirement for the CompTIA exams; however, they recommend that candidates are at least 13 years old. The recommended path for CompTIA certifications is A+ > Network + > Security +. After achieving the CompTIA Security+ certification, students can focus on more advanced certifications such as the Cybersecurity Analyst (CySA+) certification or the Pen Test+.
Microsoft offers a wide range of certifications that are available to individuals of any age. In fact, the youngest person to pass the Microsoft Certified Professional (MCP) was just five years old! Microsoft has varying levels of certifications, including the Microsoft Certified Professional (MCP), Microsoft Certified Solutions Associate (MCSA), and Microsoft Certified Solutions Expert (MCSE).
Like Microsoft, Cisco also offers specialized certifications. The Cisco Certified Network Associate (CCNA) is one of the most widely recognized networking certifications in the industry. The CCNA is also often a prerequisite for many jobs. Currently, minors under the age of 13 are not permitted to take the exam, but those between the ages of 13-17 may take the exam as long as they have parental consent. Cisco offers other, more advanced specialized certifications, such as the Cisco Certified Networking Professional (CCNP) Security, which is useful for those entering the cybersecurity field. While there is no prerequisite for taking the CCNP Security exam, Cisco recommends that candidates have passed the CCNA exam first.
How parents can help
As a parent, it can be challenging to know how to prepare your children for a career that you haven’t pursued. Fortunately, there are plenty of great resources for parents out there.
CHECK OUT OUR GUIDE FOR INTERNET SAFETY TO LEARN MORE.
First, begin teaching your children about cybersecurity and online safety from a young age. Whether your child decides to pursue a career in cybersecurity or not, everyone needs to understand how to browse the Internet safely.
Some rules for being cyber safe include:
- Never talk to strangers online.
- Never share personal information such as your age, birthday, and address online.
- If something feels fishy, tell an adult immediately.
- Do not click on links from people you do not know.
- Always report inappropriate behavior to adults.
As children grow and begin to show an interest in cybersecurity or other science, technology, engineer, and math (STEM) disciplines, parents should encourage them to continue learning by offering small projects to tackle. STEM subscription boxes such as KiwiCo, or Creation Crate deliver excellent hands-on projects that can be completed by children ages ten and up.
Once children enter middle school and high school, parents can look into local cybersecurity boot camps or summer training camps. These camps, such as GenCyber, provide an extraordinary way for students to learn about the cybersecurity field and find friends who share the same interests as them. Parents can also help their children by taking them to cybersecurity conferences, whether they are small local conferences or larger ones like Shmoocon in Washington, DC.
The need for cybersecurity and cybersecurity professionals isn’t going away any time soon. As cybercriminals invent more sophisticated ways to break into networks and systems, the next generation of cybersecurity engineers must be ready to take on these criminals head-on.
As with anything in life, the younger you begin training, the likelier you are to become an expert. This fact holds true for cybersecurity. Students who start learning about cybersecurity young are more likely to succeed in the industry.
However, cybersecurity itself is a massive collection of skillsets. To pursue cybersecurity, students must first learn skills such as computer hardware and software, computer operating systems, networking, and occasionally coding.
Fortunately, there are plenty of online resources that students can utilize to learn the skills mentioned. CyberPatriot, The National Cyber League, Hacker Highschool, Cybrary, and Codecademy are just a few online resources available.
Students are eligible to pursue certifications earlier than some would expect. CompTIA, Cisco, and Microsoft all offer certification exams to students that are still in high school. These certifications provide a head start for students in their career and may even translate into college credits.
Parents can help their children pursue a career in cybersecurity by taking them to cybersecurity conferences and teaching them how to stay safe on the Internet often and early.
Science, technology, engineering, and math (STEM) is essential if we want to raise a future generation of leaders, citizens, and workers to solve the complex problems they are sure to face in the future. Cybersecurity is a significant part of STEM, and by teaching children about it early, we can ensure a safe and secure digital future.