Make sure to check out these resources: Infosec Rock Star: amzn.to/35mHKrW US Cybersecurity Careers: amzn.to/3aU6Uzi Breaking into Information Security (Audio Book): amzn.to/3b5CrP2 Build Your Own Cybersecurity Testing Lab: amzn.to/2YDIeZ8
@@asmfunteam6169 although it's possible to do some lighter resource things on a system with specs like that, you'll be limited if you don't at least have what I recommend.
@@JonGoodCyber Yooo wsup Jon! I did have a question. I’m new into this space and have ZERO knowledge and want to start my path into cyber security/pentesting, etc. Should I start with Google Cert, CompTIA A+, or Security +?
You will definitely want to grab a copy of my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications to pursue. Specifically to address the A+, it's not a requirement for Cyber Security but it can be helpful to getting your first job in IT, which is frequently help desk. Outside of help desk, you won't really get much use out of the A+.
The spot I’m in is that I’m a former chemist, and that is my college degree. But I studied hard and passed the security plus this month. I have no prior IT experience but I want to change careers.
I actually started a business this year and it has nothing to do with IT haha. But I plan on pursuing more Certs and eventually looking into an IT career.
@@VinnyMartello congrats! Thanks for the update I’m currently trying to transition into tech and was looking into cyber security I’m trying to figure out how to get in it now
Thank you for this video! I’m just starting my journey and don’t really know where to begin. I’ve worked in the oil and gas industry for 15 years and have convinced myself that, at 40, I’m not too old to start a new career.
You are welcome and I'm glad that you enjoyed it! The first place to start is grabbing my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications that you should be pursuing. Also, 40 is definitely not too old!
Recently lost my job so I am expanding my education into this field to make myself more valuable. Ready for the long road of learning. Just found your channel and love the advice. Thank you!
Thank you for this video Jon. I’m currently a sys admin, and I’m learning everyday. Though I’m in IT, a roadmap like this helps me have a framework to go by. My bachelors was in criminal justice but I have been able to get sec+ and net+, but even then I still have to go back and study those ports and networking concepts. Thanks again.
This background gives a much needed perspective on foundation skills and timelines where sifting through the variety of courses is hard to navigate for someone new to the industry. Thank you Jon!
Excellent video. I am an experienced programmer who wants to get started learning cyber security information and I was completely overwhelmed with 1000 acronyms and certification names. This helped give me a path to follow.
I’m physical security now. I’m going about it a bit backwards. I’m starting with the study for the CISSP. It’s helping me to reverse engineer my true path of study. It shows a very broad set of knowledge and outlines what I’m missing very clearly. It may not show true benefit for years to come, but the door is now wide open and I’m becoming very knowledgeable on the professional language of the career.
In all honesty, I wouldn't recommend doing that because it's like getting thrown into the deep end of a pool and not knowing how to swim. It's true that you will see things that you don't know, but the CISSP is relatively high-level so there's a lot more that you should know and won't be able to identify that way. Additionally, skipping ahead will lead to a longer path because you'll constantly have to revert back to basic knowledge that you need to order to understand advance concepts. I recommend grabbing my free eBook ( jongood.com/getstarted/ ), which will put you on a much more ideal path.
@@JonGoodCyber A fair reply, Mr. Good. If I wasn’t halfway through the official study guide,( which is turning out to be a fun challenge) I might’ve turned the sands of time. I will read your book, thank you! I am in fact reverting back to more basic knowledge constantly. It is serving as a road map in that way. 😅. I’m putting in two hours in the fundamentals of IT, and an hour at the CISSP, a day at the moment. All criticism is welcome. I am finding the generosity of the IT community, to be rather invigorating.
If you have a 9-5, a wife, kids, this will take you much longer. Very doable. About to take my CCNA exam and I’m starting to see some clarity. This is my roadmap. CCNA - AZ 104 - Linux Plus and that’s it….for now..
You are absolutely right that everybody has a different situation with different time constraints that have to be considered. The key is to create discipline and use a schedule to your advantage so that you can set a specific time to study and to treat the learning process like a marathon instead of a sprint.
I already have the cloud practitioner cert. Currently pursuing the Security + and Network + after that. I will definitely check out your ebook. Thanks a ton for these videos.
Excellent information. I have been scavenging websites and other RUclips vids for a while now looking for this type of info. As a person who is trying to enter IT/cybersecurity, I think this video is PURE GOLD. Thank you!
I ended here because I'm a Diesel mechanic that's been 4 years in the industry and I'm tired of it. I'd like to make a career change in a year or 2. I started college as a cybersecurity major but changed to diesel technology since I was more interested in it at the time. I kinda regret it but hopefully I can get back into it as soon as I can. Thanks for this video man.
I'm glad that you enjoyed the video! The main piece of advice that I will give you is to really think about why you weren't interested enough in continuing to pursue Cyber Security because even though some of the technologies have changed or shifted, from a general perspective the career field is very similar. The last thing that you want to do is jump back looking for a better situation and then realize that you still don't enjoy Cyber Security for whatever the original reason was.
long time IT guy here 18+ years got my A+, Network+, Server+ years ago. Mostly worked as a Network Admin, System Admin the last 5 years (tech before then) Got laid off in October of this year and started focusing on cybersecurity. Got Security+ in November and working towards CySA+ in January. During these studies I have been very fascinated with the Digital Forensics so i might pursue that after CySA+. Hopefully will find an analyst position or employment in general soon... Covid and the holidays add another layer of complications
Thank you for your video! Recently I did a course on EDx about Cybersecurity Basics and I like it. I have a Manufacturing Engineer bachelor and I want to change my career. I will watch all those beginners videos and I will get in touch with you Jon.. Once again, thanks !!!
I probably shouldn’t be worrying so much about wanting to start from network security right now, I’m a junior in high school at the moment and one of my extra classes is a Info Tech class and basically we’re going through the Cisco curriculum helping me learn the basics of everything but there’s so many abbreviations to remember and keep track of
Awesome! I wish I would have taken advantage of the Cisco class that my high school had. As far as abbreviations and terms, that's just the nature of this career field but it does get easier the more experience that you have.
I am on my path to complete my master's degree in network and information security. Before that, I have over 3 years of working experience as an IT Support Administrator. But I don't have any certifications yet, so I am now motivated to get Cyber/IT certifications.
It really depends on what area you want to work in. The CCSP or even some cloud certifications on AWS or Azure would be really useful. If you have experience with cloud then you can be of tremendous value to a company.
@@JonGoodCyber I'm not sure exactly. I'd say accessibility and price point were major factors. It also seemed like a reasonable place to start to gain basic knowledge about the field.
@@JonGoodCyber I just started going through it. It is portioned in 5 modules and each consists 6 weeks of materials. They dont take nearly a week to complete. After a week, I have completed the whole first module, and the first week of the second module. I work 65+ hrs a week, so it could be completed faster with more free time.
Thanks a lot for this video! It really gave me insight on what I should pursue. I was so confused on what certificate to start working on, but now I know how to start! Currently I am working on compTIA security+
Hi. I just came across this video and it’s really interesting. I am quite new to this career and I’d love to access every necessary requirements to succeed in this new path. Thank you for doing this.
Great info. Just got my Security+ 3 weeks ago. Now trying to figure out my next step. Having a hard time choosing my next cert. Trying to decide between Linux, AWS, Azure, CCNA. At the same time trying to find entry level It/sec work asap. Leaning towards AWS solutions architect at this minute.
Both AWS and Azure certifications can help you standout as companies are beginning to migrate to the cloud because even many experienced professionals don't have cloud certifications.
I’m changing careers. Current active duty military and finishing up my masters in cybersecurity before getting out. Taking Sec+ next month and looking to follow up with eJPT, CySA+, Pentest+. Then CEH in 2022.
I finally got the answer to my question which was in my mind from very long. That is, what basic I have to have before start on cyber security? And I think I finally got the answer from your video. Thanks a lot and keep good work. Appreciated your efforts.
Just graduated with an engineering degree but want to transition into cybersecurity. I have been working on my Net+ and Sec+, then I'll work on CCNA & Linux+... I think (and hope) I prefer the IT/Cybersecurity realm over the work I've been involved with in engineering. I know IT fairly well, but I just don't have any certifications to prove that. Hopefully these certs put me on the fast track toward a career.
It's a great time to be getting into the field. Certifications can definitely be helpful in showing you have a specific skill or area of knowledge...especially early on in your career. As you progress experience becomes really important because not only do you have to know certain things, but also you have a lot more responsibility on your plate to make the correct call.
Such great advice and guidance ' Thankyou, I will hopefully start with CompTia itf then A , then network, security and linux , excited for the Journey ahead !!
Thanks Jon! I am through Net+ and Sec+ and was stuck on the next certification to go after. Was aiming at Linux+ next and that's just what you recommend.
Love it. Thanks, man, for stimulating this 70 y.o. mind. I took a single course in Fortran way back in 1969. We still used Hollerith cards! Haha... But life took me into healthcare, though I've always had a penchant for Science, Computers, and Math. Maybe I can get myself ready for the next round? Who knows. 😉
Thank you for this video. It was great! 'm working on a study plan for Network+ right now. I want to understand this subject better. This will be the first certification I get.
I'm glad that you enjoyed it! I tell people to start applying immediately to anything saying 2 years of experience (or less) in both IT and Cyber Security because you never know if you'll get an opportunity on a team that's willing to train you. As you learn more and get more experience, you'll start to get more opportunities, so don't be discouraged if you can't break into cyber security right away.
Thanks for this info. I'm on a path to change careers into cyber security and this gives me plenty to consider. Currently I'm working on an A+ certification. I have a technology background, but mostly informal training learned on the job. Figured I would start there just to review the material. Then I'm moving on to Network+ and Security+. For now I will let those be my focus, knowing that I will move on to other certifications, but I would rather wait and learn more about the field before telling myself which future ones I should focus on. For now I'm focusing on what's right in front of me, but this gives me a good road map to consider.
Currently working as a janitor taking a pre-apprentice IT fundamentals course that will assess my knowledge on compTIA A+ 1002 ,Net+ , and Sec+. I would like to just get my foot in the door anyway I can. I don't know what path I want to take yet.
Awesome and thank you for sharing. I would take a look at my Getting Started page ( www.jongood.com/getting-started/ ) where I provide a roadmap of skills and certifications in my eBook. That will give you a lot of answers to your initial questions.
I am a physical security professional and I want to dive into cyber security and grow into software development. I really want to be very indispensable in my security industry and with this roadmap I am sure I will get there. Thanks for sharing your knowledge. Let me download your ebooks and subscribe for your news letters. I am sure I am on the right path.
Thank you for sharing your excitement! Keep in mind that cyber security and software development are two entirely different areas. It's true that you can work in Application Security but typically we aren't the people who are developing software. My eBook and other resources can be found on my Getting Started page ( www.jongood.com/getstarted/ ).
@@JonGoodCyber I quite understand the difference. I just want to start executing my plans from the cybersecurity angle first and maybe I can move to developing physical security solutions through software development. All the same I am excited to follow your strategy to getting to my destination.
Glad to have you and I just didn't want you to go in thinking that either of those was a feeder into the other! With that being said you can definitely switch into different areas of tech as you increase your knowledge and evolve your skills.
When you say flexibility, what are you referring to? Like many different career fields, certain jobs in Cyber Security allow for more flexibility than others.
And I want to make myself more valuable the world is heading in the digital direction fast and I want to be part of that and create the life I want for myself and my family. I live in a developing country and it’s very hard especially that my parents can’t afford to send me to university
The requirements are going to vary based on the program but typically you don't need a heavy engineering or math background to get into cyber security programs. I would grab a free copy of my eBook ( www.jongood.com/getstarted/ ) where I talk about the types of programs that exist.
I recommend checking out my free eBook ( jongood.com/getstarted/ ) where I provide a career roadmap. You already have a lot of the fundamentals down but there are a few more areas that I list and that you'll need to make sure that you know.
The career roadmap that I recommend can be found in my free eBook ( www.jongood.com/getstarted/ ). The A+ is specifically targeted at giving you the skills that you need to get into a helpdesk or IT Support role, so in that sense it does have value but most higher level IT jobs and almost all Cyber Security jobs deal with the virtual world and don't require that deep level of hardware knowledge.
Currently working Help Desk & in the ~6 month sprint. Company I'm at has a 1 man Security team and says I can assist once I finish the Net+ Sec+. Do you think there is any value in the CySA+ exam? I was thinking of wedging it in the 9-12 month range. Saw a couple people at my dream company with a Sec. Engineer title had the CySA+, but didn't know if I should focus more on other things. Also is the Associate of CISSP the same exam as the CISSP but you have an Associate tag until you meet the experience requirement? Dream Job has it under "Nice to have" section and wanted to ask should I focus on Associate of CISSP first, to hopefully get the job then focus on Cloud. Great Channel, only a matter of time before it blows up!
The CySA+ is a relatively new certification but of the material that I have seen, it is pretty interesting. You probably won't see it listed on a lot of job postings quite yet but you could definitely get some useful knowledge about security monitoring from it. Correct, the CISSP exam is the same regardless if you are going for Associate. I don't know if anybody has had their passing score revoked for saying they were an Associate CISSP, but ISC2 will tell you straight up that you are an Associate of ISC2 and that you can't say you are an Associate CISSP or anything else. Honestly, Associate of ISC2 isn't worth anything and I wouldn't advise most people take that path unless you don't have anything else to attempt. The real value of the CISSP comes when you get endorsed because you have the experience to back it up. What's the short answer? You can go for it, but there is better value out there if you don't have the experience. Thanks for the feedback and support! I enjoy making the content and helping people. We need more people in Cyber Security and Information Security so I'm just trying to do my part and help!
I just passed my comptia A+, and currently looking to get into the work force. Cybersecurity is my end goal, but im having trouble deciding what job to go into to strat my career.
I recommend applying to any "entry level" job in both IT and Cyber Security that list 2 years of experience or less. You can't tell who will call you or give you an opportunity so you have to cast a wide net. Common job titles to search for include, but are not limited to: -Help Desk -Desktop Support -System Administrator / Network Administrator -SOC Analyst/Engineer -GRC Analyst/Engineer -Information Assurance Analyst/Engineer -Cyber Security Analyst/Engineer
Thank you for the great video! I am curious as to whether or not you think this timeline should be extended (and by how much) for someone who works full time and will be pursuing this stuff part time?
Good question! The timeline is entirely dependent on how much time that you can invest into learning. That's important to understand because some people work full time, yet are able to invest another 10-20-30 hours per week towards studying...while others might only be able to study a few hours. The roadmap discussed in this video and that I've provided in my free eBook should be entirely doable if you working.
I recommend checking out my Getting Started page ( www.jongood.com/getting-started/ ) where I've provided a lot of resources and a roadmap of what you should be learning.
It all depends on what you want to do and where your motivation is at. It might be a little more challenging (not impossible) to pick up a lot of the technologies if you are in your later working years but there are also non-technical paths like project management where you can still make an immediate impact.
You are correct that you can't just dive into Cyber Security without foundational knowledge. My Getting Started page will help you get on the right path ( www.jongood.com/getstarted/ ).
This is great stuff, thanks for posting. I got my Security+ CE this December and am studying for the CISSP. My new job has me working with Azure stuff quite a bit so that's the direction I'm going in.
Hello, how are you feeling today 🙄 I pray and hope ALL'S going well for you and your family 😇 I am currently working on my Security+ Certification, and would like to know if you have ANY definite suggestions 🙄 for passing the test 🤔
One of the best pieces of advice is to use multiple resources. I've found that most people who use one resource, which could be multiple items from one person, tend to not have as much success or feel as confident. Resources: -Professor Messer -CBT Nuggets -My course ( www.jongood.com/courses/ )
Jon I just downloaded your ebook. Is the information still relevant years later? Also is there free certification you would recommend instead of comptia like you suggest in the ebook?
I frequently update my eBook, so I'm not sure what you mean by "still relevant years later" because it's always current information. Free certifications aren't worth anything from a professional standpoint for too many reasons to cover in a comment. The roadmap in my eBook is what's expected, especially if you want to travel the path of least resistance with the most/quickest upside. Is it doable without the certifications listed? Sure, but it's going to take a lot more work to show employers that you have certain knowledge, and it will be a more difficult path to travel.
Great information. Thank you. I am a Business Analyst in the IAM domain. I am trying to get more into Cybersecurity. Can you suggest to me what area to focus on as a BA. I have been working as a BA/QA for 18 years.
Do you prefer a more technical or non-technical role? GRC roles are probably the closest transition for you but BA responsibilities vary from company to company. Either way, check out my eBook ( www.jongood.com/getstarted/ ) for the skills and certifications that I recommend to anybody looking to get into Cyber Security.
Great video, I’m so grateful to have stumbled across this. I’m currently completing IBM’s Cybersecurity Professional Analyst certification and looking forward to perhaps moving to start CompTia’s Linux+ certification. Do you have any recommendations of where to go after I complete IBM’s cert?
I'm glad that you enjoyed the video! You will want to grab my free eBook ( www.jongood.com/getstarted/ ) where I provide my recommended path of skills and certifications.
So basically it's all about how passionate you are about cybersecurity and IT No certificate can get you a job, (unless its OSCP) but it can highlight your profile Right?
Certifications are just another tool that you can use to help you learn and they give employers another criteria to evaluate candidates against. NO CERTIFICATION, including the OSCP, will land you a job but depending on the situation, there can certainly be certifications that will hold more value than others.
The value of the CEH in most cases has dramatically decreased over the last several years. EC Council added a practical portion that you can take but when you are looking a penetration testing, the CEH isn't typically at the top of the list. With all of that being said, penetration testing isn't really an entry level area of Cyber Security for most people unless somebody has a lot of experience with bug bounties or software development.
Hey Jon I have no experience in this field. I’m a delivery driver with a high school diploma. I don’t even have a computer. I would really like to know where should I start my journey to CS?
The best place to go is to grab my free eBook ( www.jongood.com/getstarted/ ) where I lay out a roadmap for you. There is plenty to learn but if you follow my roadmap, you'll be in a very good position.
I am just starting my IT Security career and right now am reading CompTIA security + and SSCP. Thank you for this video. I heard you speak about most of the security courses but you did not a give a hint on SSCP, CISA and CISM. what are your views with regard to following a path of CompTIA Security +, SSCP and SANs GIAC PenTest
I'm glad you enjoyed the video. As far as the CISM and CISA, both have experience requirements to get certified, which make them not possible for a beginner to qualify and they aren't applicable for somebody just starting out. The Security+ is much more well known and frankly it probably will be easier to pass than the SSCP. The SSCP does have an experience requirement as well but that wasn't really a factor because it's only one year, however that means you have to wait to get certified if you are just starting out. GIAC certifications are worthwhile IF you take the SANS training but given that they are roughly $7,000 USD they are going to be out of reach for many people...especially beginners. If you can get your employer to fund SANS training, I would personally take it nearly 100% of the time and the equivalent certification would be the GSEC. I'm not entirely sure if you were asking about Pentesting specifically or a GIAC certification...but pentesting relies on foundational knowledge at a minimum. It's like if you jumped into the deep end of a pool and tried to swim without ever learning how...except in this case you 100% will have to waste time circling back learning what you should already know instead of pressing forward.
Q: Do I need to have an IT background to get into cyber security? I am a lawyer but I want to get into this industry. Would lack of technical knowledge effect my taking the course?
Although I'm not sure which course that you're specifically talking about, it's entirely possible to get into Cyber Security without having worked in IT. With that being said, in order to work in a Cyber Security job you'll absolutely need to know foundational information that somebody with IT experience typically has. That information is all laid out on my Getting Started page ( jongood.com/getstarted/ ).
Both have their pros and cons as well as equally high paying jobs if you become an expert in a certain area. Offensive jobs typically are at consulting firms so your lifestyle is going to be different than if you work at a security operations center that doesn't require travel. Your level of job satisfaction will result from whether or not you enjoy the work you are doing each day because ultimately the compensation will be similar regardless.
Are you trying to break into penetration testing? If so, you need to work towards getting the OSCP because that is the certification that job will be looking for in candidates.
Appreciate the info, but my biggest concern is always these companies dismiss all these certifications, because I'm not already working in the field, or no experience. Covid laid me off, and now looking at this pathway as completely different and new career
Certifications are only part of the equation when it comes to getting a job. The more that you can show you are interested in the field (writing blogs, creating videos, professional networking, etc.), the easier time you will have. The strategies you need to land a job aren't always complex but people aren't always willing to do the extra work to improve their chances.
I wanna become a cyber security engineer what steps do I need? is it always the certification's route and after the degree. I do know I need a BS degree for that field.
Definitely grab a free copy of my eBook ( www.jongood.com/getstarted/ ) where I give a roadmap of which skills and certifications that you should pursue. Degrees aren't necessarily a requirement but I also discuss degrees vs certifications in my eBook.
I recommend grabbing my free eBook ( jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications. I don't know your level of experience but you need to make sure that you have a solid foundation before you jump any further ahead.
The A+ is specifically targeted at landing an IT technician job but outside of that, you aren't really going to use a lot of the information related to hardware troubleshooting in most technology-related jobs. For my full recommendations, check out my free eBook ( jongood.com/getstarted/ ).
The A+ can be helpful to get your first job in IT, usually in the helpdesk, but once you get past that and especially in Cyber Security jobs, you probably will rarely if ever use that knowledge. You can find my recommendations in my free eBook ( www.jongood.com/getstarted/ ).
I'm an older adult trapped in a career that I hate. Trapped, because it is high paying. To make matters worse, it has destroyed my body. Short of trying to go on disability, I need a new career that I can enter with no degree and needs to start at $80k without me relocating. Quite a tall order.
The majority of entry level Cyber Security jobs start out between $60-80k but not everybody is fortunate enough to start out directly in Cyber Security, which means you might have to start in IT jobs that typically start out paying less. With that being said, you can make jumps pretty quick if you can grasp the information quickly. Also, I am not sure which part of the country or world that you are in but higher cost of living areas might have a higher range just to make up for the difference but given what you said, it sounds like that does not apply to you.
If you are looking at an actual university, then I would look at the NSA's list of Centers for Academic Excellence ( www.nsa.gov/Academics/Centers-of-Academic-Excellence/ ) and the cost will vary program to program because there is no "standard" pricing. I would also check out my video on bootcamps ( ruclips.net/video/Hi9bci5gbw4/видео.html ).
I want to leave the construction security for cyber security but dont really know which profession to embrace cos there is forensic investigator, ethical hacker, cryptographer , security auditor ,etc. I really need help choosing a particular profession cos understanding my role will help me in the career.
Here is a write up with some brief descriptions of different roles: www.cs.seas.gwu.edu/cybersecurity-roles-and-job-titles Most people start their Cyber Security journey in IT jobs though, so I wouldn't worry too much about specific security roles and would focus on starting to build up your general knowledge.
Whats your opinion on skill bootcamps?Near my area there's a place that offers a 1 year program in it they give you network+ security + and Mile2 CPEH certifications. I was thinking of maybe taking that when I finish my bachelor degree.Im currently on my last year on college studying IT and web development. I took a free netacad course my uni was giving in introduction to cyber security and it really peaked my interest in this area.
Bootcamps can be useful but typically they are geared at passing an exam and not necessarily getting a strong grasp of the material. Depending on the specific bootcamp, some are more valuable than others.
Hi John, thanks for your priceless information , you are my light in the darkness . 😅 I was wondering..how much "geolocalized" is cybersecurity ? I mean, as a developer, that's never been an issue to me, code is code. But the more I dive into the world of infosec, the more I find a plethora of certifications whose acceptance vary worldwide. I understand that's got to do mostly with the different laws in each country or is there more to it?
Thanks for watching and for the question! Which certifications are you referring to? Professional certifications like the Security+/CISSP/etc. or compliance/industry certifications like ISO 27001/SOC 2/etc.?
@@mg508 I haven't seen any laws mandate specific certifications, but I suppose it's possible. In the United States, we have something called the DOD 8570/8140/etc. mandate that definitely impacts certifications in the military/government space and the private sector...but it's a contractual requirement, not a law. I'm guessing that other countries have similar requirements to consider. Generally speaking, a lot of the information is the same or similar, but understanding what's important locally is a crucial aspect of job searching in any career field.
Hey Jon. Your videos have helped me out a lot in looking towards where to go and what to do in the field of cybersecurity. I recently made a career change and earned both my Security+ce certification and AWS Certified Cloud Practitioner certification, but I’m struggling to get my foot in the door in terms of entry-level jobs. Was wondering if you had any advice on where to go from here in terms of certifications or perhaps entry-level positions to gain experience considering training for a more in-depth certification like the CCNA can be difficult and costly without a company willing to foot the bill?
I recommend checking out my Getting Started page ( www.jongood.com/getstarted/ ) where I provide the certifications and skills that I believe you should pursue. As far as jobs, you should be applying to any entry-level cybersecurity OR IT jobs, which means anything from help desk to SOC analyst...basically anything that lists 0-2 years of experience. If you keep at both of those things that I just recommended, you'll make your way into cybersecurity at some point if not right away. One of the biggest mistakes people make is they stay laser focused on applying to cybersecurity jobs but they never land a job and end up wasting a bunch of time when they could have been gaining relevant experience while still trying to make the switch.
Hey I'm 14 and living in Australia I have little coding background for only python and html my school does not provide any courses what do you recommend I do
I recommend spending more time on Python, learning bash and PowerShell, and learning more about both Windows and Linux. I wouldn't worry too much about certifications at this point in your journey but if you learn a lot about all of those subjects over the next couple of years then you can really hit the ground running as you start to hit the workforce.
Hi John, I am totally new in this area, I am a graphic designer, and really don´t know where to start. I am 54 and I am working. How can I study cybersecurity not a full time? I live in New Zealand, do you know I trustable place I can study? Do I study cybersecurity courses first and then do the certification or otherwise? Many thanks, Claudia
I recommend grabbing my free eBook ( www.jongood.com/getstarted/ ) where I not only talk about the skills and certifications that you should go after, but also the different training and certification vendors that exist. Keep in mind that there are others outside of what I mention, which is fine just make sure that you do your homework to make sure that they are legitimate.
Do you recommend for everyone that they self teach and get their own certs? I currently work midnights and I am terrible at learning on my own through self teaching. I was told by my best friend, who has been a soc analyst for over 4 or 5 years now, that boot camps were a good way to break into the field and his employer hires those coming out of boot camps. I was wondering what pathway you would consider best for someone like me who is working midnight shift full time with absolutely zero cyber security knowledge/background but is looking to switch career fields into cyber security. Thanks!
One of the main problems with bootcamps is they are typically expensive and the return cannot be guaranteed. Self study is inexpensive and can be done fairly easily since foundational knowledge isn't difficult for most people to pickup given adequate study time. Plenty of people have landed jobs by self studying but some people prefer the structure of a bootcamp. For your situation, your only option might be to go the self study route because a lot of bootcamps are going to be during the day. I made a video on why I hate bootcamps that you should check out: ruclips.net/video/Hi9bci5gbw4/видео.html
![Noob To Max With DRAGON REWORK In Blox Fruits [FULL MOVIE]](http://i.ytimg.com/vi/LnBMOinoOvA/mqdefault.jpg)
Make sure to check out these resources:
Infosec Rock Star: amzn.to/35mHKrW
US Cybersecurity Careers: amzn.to/3aU6Uzi
Breaking into Information Security (Audio Book): amzn.to/3b5CrP2
Build Your Own Cybersecurity Testing Lab: amzn.to/2YDIeZ8
The way you say it sounds so easy to get those certs. Not even sec+ is easy.
The advice isn't the difficult part but the execution definitely takes work.
I am a student of O level trying to learn cybersecurity but my processor has only 2 cores and 8 gigs of ram.
im very new to all of this. should i learn cyber security just to protect myself? cause thats all i want to do so i can browse safely
@@asmfunteam6169 although it's possible to do some lighter resource things on a system with specs like that, you'll be limited if you don't at least have what I recommend.
This video was been some time but the fact you replied to hella of the questions in the comments t section automatically earned a sub
I try to reply to as many comments as possible to keep helping out. I appreciate the support!
@@JonGoodCyber Yooo wsup Jon! I did have a question. I’m new into this space and have ZERO knowledge and want to start my path into cyber security/pentesting, etc. Should I start with Google Cert, CompTIA A+, or Security +?
You will definitely want to grab a copy of my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications to pursue. Specifically to address the A+, it's not a requirement for Cyber Security but it can be helpful to getting your first job in IT, which is frequently help desk. Outside of help desk, you won't really get much use out of the A+.
The spot I’m in is that I’m a former chemist, and that is my college degree. But I studied hard and passed the security plus this month. I have no prior IT experience but I want to change careers.
Awesome and good luck on your journey!
Same here bro
How’s it going now ?
I actually started a business this year and it has nothing to do with IT haha. But I plan on pursuing more Certs and eventually looking into an IT career.
@@VinnyMartello congrats! Thanks for the update I’m currently trying to transition into tech and was looking into cyber security I’m trying to figure out how to get in it now
Thank you for this video! I’m just starting my journey and don’t really know where to begin. I’ve worked in the oil and gas industry for 15 years and have convinced myself that, at 40, I’m not too old to start a new career.
You are welcome and I'm glad that you enjoyed it! The first place to start is grabbing my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications that you should be pursuing. Also, 40 is definitely not too old!
Recently lost my job so I am expanding my education into this field to make myself more valuable. Ready for the long road of learning. Just found your channel and love the advice. Thank you!
Thank you for the feedback and I'm glad I can help you in your journey!
Hope everything is going well :)
Thank you for this video Jon. I’m currently a sys admin, and I’m learning everyday. Though I’m in IT, a roadmap like this helps me have a framework to go by. My bachelors was in criminal justice but I have been able to get sec+ and net+, but even then I still have to go back and study those ports and networking concepts. Thanks again.
I'm glad the video has helped you!
This background gives a much needed perspective on foundation skills and timelines where sifting through the variety of courses is hard to navigate for someone new to the industry.
Thank you Jon!
Thanks for sharing and I'm glad that you found the content helpful!
Excellent video. I am an experienced programmer who wants to get started learning cyber security information and I was completely overwhelmed with 1000 acronyms and certification names. This helped give me a path to follow.
Glad it was helpful! We definitely have a lot of acronyms in Cyber Security but they get easier to remember and understand as you gain experience.
Agree! Once I had two years working experience with Linux , getting a job was even easier. Get comfortable with Linux. That’s my advice to anyone.
Getting comfortable with Linux is absolutely critical in cyber security.
I spent over twenty years working as a Database Administrator and Cybersecurity would be a great addition to my skills.
Awesome and thank you for sharing!
I’m physical security now. I’m going about it a bit backwards. I’m starting with the study for the CISSP. It’s helping me to reverse engineer my true path of study. It shows a very broad set of knowledge and outlines what I’m missing very clearly. It may not show true benefit for years to come, but the door is now wide open and I’m becoming very knowledgeable on the professional language of the career.
In all honesty, I wouldn't recommend doing that because it's like getting thrown into the deep end of a pool and not knowing how to swim. It's true that you will see things that you don't know, but the CISSP is relatively high-level so there's a lot more that you should know and won't be able to identify that way. Additionally, skipping ahead will lead to a longer path because you'll constantly have to revert back to basic knowledge that you need to order to understand advance concepts. I recommend grabbing my free eBook ( jongood.com/getstarted/ ), which will put you on a much more ideal path.
@@JonGoodCyber A fair reply, Mr. Good. If I wasn’t halfway through the official study guide,( which is turning out to be a fun challenge) I might’ve turned the sands of time. I will read your book, thank you! I am in fact reverting back to more basic knowledge constantly. It is serving as a road map in that way. 😅. I’m putting in two hours in the fundamentals of IT, and an hour at the CISSP, a day at the moment. All criticism is welcome. I am finding the generosity of the IT community, to be rather invigorating.
Right now I am starting my career and I am working to obtain the certifications: ITIL, Comptia A +, Network + and Security +
Awesome and thank you for sharing!
If you have a 9-5, a wife, kids, this will take you much longer.
Very doable.
About to take my CCNA exam and I’m starting to see some clarity. This is my roadmap. CCNA - AZ 104 - Linux Plus and that’s it….for now..
You are absolutely right that everybody has a different situation with different time constraints that have to be considered. The key is to create discipline and use a schedule to your advantage so that you can set a specific time to study and to treat the learning process like a marathon instead of a sprint.
I already have the cloud practitioner cert. Currently pursuing the Security + and Network + after that. I will definitely check out your ebook. Thanks a ton for these videos.
Awesome stuff! I'm glad that you are enjoying the videos and you are welcome!
I'm on a similar path. How are your studies coming along?
Excellent information. I have been scavenging websites and other RUclips vids for a while now looking for this type of info. As a person who is trying to enter IT/cybersecurity, I think this video is PURE GOLD. Thank you!
Glad it was helpful and you are welcome!
I ended here because I'm a Diesel mechanic that's been 4 years in the industry and I'm tired of it. I'd like to make a career change in a year or 2. I started college as a cybersecurity major but changed to diesel technology since I was more interested in it at the time. I kinda regret it but hopefully I can get back into it as soon as I can. Thanks for this video man.
I'm glad that you enjoyed the video! The main piece of advice that I will give you is to really think about why you weren't interested enough in continuing to pursue Cyber Security because even though some of the technologies have changed or shifted, from a general perspective the career field is very similar. The last thing that you want to do is jump back looking for a better situation and then realize that you still don't enjoy Cyber Security for whatever the original reason was.
just did the security+ in April. I got my CCNA many years ago.
Excellent and congratulations! What's next?
long time IT guy here 18+ years got my A+, Network+, Server+ years ago. Mostly worked as a Network Admin, System Admin the last 5 years (tech before then) Got laid off in October of this year and started focusing on cybersecurity. Got Security+ in November and working towards CySA+ in January. During these studies I have been very fascinated with the Digital Forensics so i might pursue that after CySA+. Hopefully will find an analyst position or employment in general soon... Covid and the holidays add another layer of complications
That's unfortunate but it sounds like you have a plan going forward! Security Operations Centers are a great place to build up those forensics skills.
Thank you for your video! Recently I did a course on EDx about Cybersecurity Basics and I like it. I have a Manufacturing Engineer bachelor and I want to change my career. I will watch all those beginners videos and I will get in touch with you Jon.. Once again, thanks !!!
Thanks for sharing and I'm glad that my content is helping!
I probably shouldn’t be worrying so much about wanting to start from network security right now, I’m a junior in high school at the moment and one of my extra classes is a Info Tech class and basically we’re going through the Cisco curriculum helping me learn the basics of everything but there’s so many abbreviations to remember and keep track of
Awesome! I wish I would have taken advantage of the Cisco class that my high school had. As far as abbreviations and terms, that's just the nature of this career field but it does get easier the more experience that you have.
I am on my path to complete my master's degree in network and information security. Before that, I have over 3 years of working experience as an IT Support Administrator. But I don't have any certifications yet, so I am now motivated to get Cyber/IT certifications.
Awesome! That prior experience will definitely be useful but definitely make sure to get some certifications because they will help.
@@JonGoodCyber what would you suggest as I'm stuck between CISSP, CCSP and C|EH
It really depends on what area you want to work in. The CCSP or even some cloud certifications on AWS or Azure would be really useful. If you have experience with cloud then you can be of tremendous value to a company.
Jon, good video detailing a career path for Cybersecurity.
Thank you appreciate the feedback!
This comment made me chuckle
John you are the man brotha! I stumbled across your video and I've been hooked on Cyber ever since!
I appreciate the feedback! That's awesome and I'm glad that I could get you interested in Cyber Security!
I am planning to switch fields to IT. I started with the Google Support Professional Certification and plan to take the COMP TIA A+ then N+ and S+.
Awesome! Out of curiosity, what drove you to getting the Google certification?
@@JonGoodCyber I'm not sure exactly. I'd say accessibility and price point were major factors. It also seemed like a reasonable place to start to gain basic knowledge about the field.
Got it...I was just asking because it's newer but I don't typically hear people looking at it. Did it help you land a job or get interviews?
@@JonGoodCyber I just started going through it. It is portioned in 5 modules and each consists 6 weeks of materials. They dont take nearly a week to complete. After a week, I have completed the whole first module, and the first week of the second module. I work 65+ hrs a week, so it could be completed faster with more free time.
Thanks a lot for this video!
It really gave me insight on what I should pursue. I was so confused on what certificate to start working on, but now I know how to start!
Currently I am working on compTIA security+
Thank you for sharing and I'm glad that I could help!
Bro I’m literally about to watch all your videos thank you!!!!!
Glad you like them!
Hi. I just came across this video and it’s really interesting. I am quite new to this career and I’d love to access every necessary requirements to succeed in this new path. Thank you for doing this.
Awesome and welcome! I recommend grabbing my free eBook ( jongood.com/getstarted/ ) to get you started down the correct path.
Great info. Just got my Security+ 3 weeks ago. Now trying to figure out my next step. Having a hard time choosing my next cert. Trying to decide between Linux, AWS, Azure, CCNA. At the same time trying to find entry level It/sec work asap. Leaning towards AWS solutions architect at this minute.
Both AWS and Azure certifications can help you standout as companies are beginning to migrate to the cloud because even many experienced professionals don't have cloud certifications.
Jon Good That’s what I was thinking about about the cloud certs. Thanks for the confirmation.
I’m changing careers. Current active duty military and finishing up my masters in cybersecurity before getting out. Taking Sec+ next month and looking to follow up with eJPT, CySA+, Pentest+. Then CEH in 2022.
It's a fantastic time to get into the career field!
Thanks Jon. Looking at doing cysa, cisp and probably ceh
You're welcome and thank you for sharing!
I finally got the answer to my question which was in my mind from very long.
That is, what basic I have to have before start on cyber security?
And I think I finally got the answer from your video.
Thanks a lot and keep good work. Appreciated your efforts.
Glad it was helpful!
Just graduated with an engineering degree but want to transition into cybersecurity. I have been working on my Net+ and Sec+, then I'll work on CCNA & Linux+... I think (and hope) I prefer the IT/Cybersecurity realm over the work I've been involved with in engineering. I know IT fairly well, but I just don't have any certifications to prove that. Hopefully these certs put me on the fast track toward a career.
It's a great time to be getting into the field. Certifications can definitely be helpful in showing you have a specific skill or area of knowledge...especially early on in your career. As you progress experience becomes really important because not only do you have to know certain things, but also you have a lot more responsibility on your plate to make the correct call.
Recently passed my Sec+ this weekend, going to start working towards cloud security & those AWS certs going into the new year. Thanks for the insight!
Congrats and best of luck!
bro, which aws certificate we should do in reference to cyber security ?
Such great advice and guidance ' Thankyou, I will hopefully start with CompTia itf then A , then network, security and linux , excited for the Journey ahead !!
I'm glad that my content is helping...You can do it!
Thanks Jon! I am through Net+ and Sec+ and was stuck on the next certification to go after. Was aiming at Linux+ next and that's just what you recommend.
Fantastic! You are welcome and I'm glad that I could help.
Love it. Thanks, man, for stimulating this 70 y.o. mind.
I took a single course in Fortran way back in 1969. We still used Hollerith cards! Haha... But life took me into healthcare, though I've always had a penchant for Science, Computers, and Math. Maybe I can get myself ready for the next round? Who knows. 😉
I'm glad you enjoyed the video!
next round haha
Currently studying for the A Plus exam. But, got Network Plus and Security Plus in my sights down the road
Awesome and thanks for sharing! Make sure to check out Cyber Training Pro ( www.cybertrainingpro.com/ ) as you continue your studies.
Thank you for this video. It was great! 'm working on a study plan for Network+ right now. I want to understand this subject better. This will be the first certification I get.
Glad it was helpful and good luck!
Just started school last spring such an amazing field
Awesome! Welcome to the community.
where where did you start school
Thank you - I will return to this video as I go through the steps
Great and I'm glad that you enjoyed it!
Taking Note
Net+, Sec+, CCNA , AWS or Azure and Linux +
Awesome!
Thank you for this information please I will like go into cyber security but I have no IT experience no. Where do I start
My Getting Started page ( www.jongood.com/getstarted/ ) is the best place to start.
Good road map. At what point would we start applying for cybersecurity positions?
I'm glad that you enjoyed it! I tell people to start applying immediately to anything saying 2 years of experience (or less) in both IT and Cyber Security because you never know if you'll get an opportunity on a team that's willing to train you. As you learn more and get more experience, you'll start to get more opportunities, so don't be discouraged if you can't break into cyber security right away.
Great video Jon! Thanks a lot for all the info, exactly what I was looking for.
Glad it was helpful!
Thanks for this info. I'm on a path to change careers into cyber security and this gives me plenty to consider. Currently I'm working on an A+ certification. I have a technology background, but mostly informal training learned on the job. Figured I would start there just to review the material. Then I'm moving on to Network+ and Security+. For now I will let those be my focus, knowing that I will move on to other certifications, but I would rather wait and learn more about the field before telling myself which future ones I should focus on. For now I'm focusing on what's right in front of me, but this gives me a good road map to consider.
Great strategy! As long as you keep making progress and taking steps, you'll get to whatever long term goals you have.
How did everything turn out?
Very useful, detailed information much appreciated.
Glad it was helpful!
Currently working as a janitor taking a pre-apprentice IT fundamentals course that will assess my knowledge on compTIA A+ 1002 ,Net+ , and Sec+. I would like to just get my foot in the door anyway I can. I don't know what path I want to take yet.
Awesome and thank you for sharing. I would take a look at my Getting Started page ( www.jongood.com/getting-started/ ) where I provide a roadmap of skills and certifications in my eBook. That will give you a lot of answers to your initial questions.
I am a physical security professional and I want to dive into cyber security and grow into software development. I really want to be very indispensable in my security industry and with this roadmap I am sure I will get there. Thanks for sharing your knowledge. Let me download your ebooks and subscribe for your news letters. I am sure I am on the right path.
Thank you for sharing your excitement! Keep in mind that cyber security and software development are two entirely different areas. It's true that you can work in Application Security but typically we aren't the people who are developing software. My eBook and other resources can be found on my Getting Started page ( www.jongood.com/getstarted/ ).
@@JonGoodCyber I quite understand the difference. I just want to start executing my plans from the cybersecurity angle first and maybe I can move to developing physical security solutions through software development. All the same I am excited to follow your strategy to getting to my destination.
Glad to have you and I just didn't want you to go in thinking that either of those was a feeder into the other! With that being said you can definitely switch into different areas of tech as you increase your knowledge and evolve your skills.
Heaving my considering switching my career from Administration to Cybersecurity mostly because I want to create the life of flexibility.
When you say flexibility, what are you referring to? Like many different career fields, certain jobs in Cyber Security allow for more flexibility than others.
@@JonGoodCyber I’m a family oriented person, I would to work remotely and also want to develop technical skills.
And I want to make myself more valuable the world is heading in the digital direction fast and I want to be part of that and create the life I want for myself and my family. I live in a developing country and it’s very hard especially that my parents can’t afford to send me to university
Enjoy your videos. It's very helpful
Glad you like them!
Video title is on spot... Nice question in title and nice answer
I'm glad that you enjoyed it!
Simple, consise, direct. I like your no filer direct to plan way of relaying this info thanks.
Glad it was helpful!
Best advice i have ever got on cyber cert roadmap
Thank you for the feedback and I'm glad that you enjoyed the video!
This is so much vital information! Thank you!
Glad it was helpful!
great stuff, clear and accessible.
Glad you think so!
Ordinary Graduate without engineering and without mathematics and without computer background can join Cybersecurity programs?
The requirements are going to vary based on the program but typically you don't need a heavy engineering or math background to get into cyber security programs. I would grab a free copy of my eBook ( www.jongood.com/getstarted/ ) where I talk about the types of programs that exist.
I have CCNA, CCNP and MCSE 2012 internationally certified and but now want to start cyber security so from where I have to start my career.
I recommend checking out my free eBook ( jongood.com/getstarted/ ) where I provide a career roadmap. You already have a lot of the fundamentals down but there are a few more areas that I list and that you'll need to make sure that you know.
Q: would you recommend getting ComTia A+ for someone who is a complete noob?
The career roadmap that I recommend can be found in my free eBook ( www.jongood.com/getstarted/ ). The A+ is specifically targeted at giving you the skills that you need to get into a helpdesk or IT Support role, so in that sense it does have value but most higher level IT jobs and almost all Cyber Security jobs deal with the virtual world and don't require that deep level of hardware knowledge.
Currently working Help Desk & in the ~6 month sprint. Company I'm at has a 1 man Security team and says I can assist once I finish the Net+ Sec+. Do you think there is any value in the CySA+ exam? I was thinking of wedging it in the 9-12 month range. Saw a couple people at my dream company with a Sec. Engineer title had the CySA+, but didn't know if I should focus more on other things.
Also is the Associate of CISSP the same exam as the CISSP but you have an Associate tag until you meet the experience requirement? Dream Job has it under "Nice to have" section and wanted to ask should I focus on Associate of CISSP first, to hopefully get the job then focus on Cloud.
Great Channel, only a matter of time before it blows up!
The CySA+ is a relatively new certification but of the material that I have seen, it is pretty interesting. You probably won't see it listed on a lot of job postings quite yet but you could definitely get some useful knowledge about security monitoring from it.
Correct, the CISSP exam is the same regardless if you are going for Associate. I don't know if anybody has had their passing score revoked for saying they were an Associate CISSP, but ISC2 will tell you straight up that you are an Associate of ISC2 and that you can't say you are an Associate CISSP or anything else. Honestly, Associate of ISC2 isn't worth anything and I wouldn't advise most people take that path unless you don't have anything else to attempt. The real value of the CISSP comes when you get endorsed because you have the experience to back it up. What's the short answer? You can go for it, but there is better value out there if you don't have the experience.
Thanks for the feedback and support! I enjoy making the content and helping people. We need more people in Cyber Security and Information Security so I'm just trying to do my part and help!
I just passed my comptia A+, and currently looking to get into the work force. Cybersecurity is my end goal, but im having trouble deciding what job to go into to strat my career.
I recommend applying to any "entry level" job in both IT and Cyber Security that list 2 years of experience or less. You can't tell who will call you or give you an opportunity so you have to cast a wide net.
Common job titles to search for include, but are not limited to:
-Help Desk
-Desktop Support
-System Administrator / Network Administrator
-SOC Analyst/Engineer
-GRC Analyst/Engineer
-Information Assurance Analyst/Engineer
-Cyber Security Analyst/Engineer
Thank you for the great video! I am curious as to whether or not you think this timeline should be extended (and by how much) for someone who works full time and will be pursuing this stuff part time?
Good question! The timeline is entirely dependent on how much time that you can invest into learning. That's important to understand because some people work full time, yet are able to invest another 10-20-30 hours per week towards studying...while others might only be able to study a few hours. The roadmap discussed in this video and that I've provided in my free eBook should be entirely doable if you working.
@@JonGoodCyber thank you sir!
I’m 26 starting from scratch and have absolutely no clue what the . I’m doing
I recommend checking out my Getting Started page ( www.jongood.com/getting-started/ ) where I've provided a lot of resources and a roadmap of what you should be learning.
i want a career change, .. do you recommend code academy for starters? like where do you start for a chap that is 50+ years old that wants a new path?
It all depends on what you want to do and where your motivation is at. It might be a little more challenging (not impossible) to pick up a lot of the technologies if you are in your later working years but there are also non-technical paths like project management where you can still make an immediate impact.
What should I study if I’m new to computers? I feel should start from the ground up before starting cyber security.
You are correct that you can't just dive into Cyber Security without foundational knowledge. My Getting Started page will help you get on the right path ( www.jongood.com/getstarted/ ).
This is great stuff, thanks for posting. I got my Security+ CE this December and am studying for the CISSP. My new job has me working with Azure stuff quite a bit so that's the direction I'm going in.
Thank you for the feedback! Sounds like you have a good plan that will make you quite desirable.
Hello, how are you feeling today 🙄 I pray and hope ALL'S going well for you and your family 😇 I am currently working on my Security+ Certification, and would like to know if you have ANY definite suggestions 🙄 for passing the test 🤔
Inquire98 watch Professor Messer and take lots of practice tests. 🙂
One of the best pieces of advice is to use multiple resources. I've found that most people who use one resource, which could be multiple items from one person, tend to not have as much success or feel as confident.
Resources:
-Professor Messer
-CBT Nuggets
-My course ( www.jongood.com/courses/ )
@@JonGoodCyber Wow; that's REALLY good 👌 to know 🙄
A very helpful video, much appreciated*
Glad it was helpful!
Jon I just downloaded your ebook. Is the information still relevant years later?
Also is there free certification you would recommend instead of comptia like you suggest in the ebook?
I frequently update my eBook, so I'm not sure what you mean by "still relevant years later" because it's always current information.
Free certifications aren't worth anything from a professional standpoint for too many reasons to cover in a comment. The roadmap in my eBook is what's expected, especially if you want to travel the path of least resistance with the most/quickest upside. Is it doable without the certifications listed? Sure, but it's going to take a lot more work to show employers that you have certain knowledge, and it will be a more difficult path to travel.
Great information. Thank you. I am a Business Analyst in the IAM domain. I am trying to get more into Cybersecurity.
Can you suggest to me what area to focus on as a BA. I have been working as a BA/QA for 18 years.
Do you prefer a more technical or non-technical role? GRC roles are probably the closest transition for you but BA responsibilities vary from company to company. Either way, check out my eBook ( www.jongood.com/getstarted/ ) for the skills and certifications that I recommend to anybody looking to get into Cyber Security.
@@JonGoodCyber Thank you Jon, I ll go through the eBook by you. Much appreciated.
Thanks John, much appreciated.
You're welcome!
Absolutely great!
I'm glad that you enjoyed the content!
This is great resource to know something were to start ...perfect bro
I'm glad you enjoyed the video!
Very very clearly explained thank u so much sir ❤❤
Thank you for the feedback and I'm glad you enjoyed the video!
Thanks. I got a lot of tricks from this video.
Happy to help!
Great video, I’m so grateful to have stumbled across this.
I’m currently completing IBM’s Cybersecurity Professional Analyst certification and looking forward to perhaps moving to start CompTia’s Linux+ certification.
Do you have any recommendations of where to go after I complete IBM’s cert?
I'm glad that you enjoyed the video! You will want to grab my free eBook ( www.jongood.com/getstarted/ ) where I provide my recommended path of skills and certifications.
So basically it's all about how passionate you are about cybersecurity and IT
No certificate can get you a job, (unless its OSCP) but it can highlight your profile
Right?
Certifications are just another tool that you can use to help you learn and they give employers another criteria to evaluate candidates against. NO CERTIFICATION, including the OSCP, will land you a job but depending on the situation, there can certainly be certifications that will hold more value than others.
When you say it's going to take 6 month, how many hours a day do estimate we should spend?
The time investment required is going to vary by the individual but you should aim for at least 1 to 2 hours per day.
How about CEH?
The value of the CEH in most cases has dramatically decreased over the last several years. EC Council added a practical portion that you can take but when you are looking a penetration testing, the CEH isn't typically at the top of the list. With all of that being said, penetration testing isn't really an entry level area of Cyber Security for most people unless somebody has a lot of experience with bug bounties or software development.
Hey Jon I have no experience in this field. I’m a delivery driver with a high school diploma. I don’t even have a computer. I would really like to know where should I start my journey to CS?
The best place to go is to grab my free eBook ( www.jongood.com/getstarted/ ) where I lay out a roadmap for you. There is plenty to learn but if you follow my roadmap, you'll be in a very good position.
I am just starting my IT Security career and right now am reading CompTIA security + and SSCP. Thank you for this video. I heard you speak about most of the security courses but you did not a give a hint on SSCP, CISA and CISM. what are your views with regard to following a path of CompTIA Security +, SSCP and SANs GIAC PenTest
I'm glad you enjoyed the video. As far as the CISM and CISA, both have experience requirements to get certified, which make them not possible for a beginner to qualify and they aren't applicable for somebody just starting out.
The Security+ is much more well known and frankly it probably will be easier to pass than the SSCP. The SSCP does have an experience requirement as well but that wasn't really a factor because it's only one year, however that means you have to wait to get certified if you are just starting out.
GIAC certifications are worthwhile IF you take the SANS training but given that they are roughly $7,000 USD they are going to be out of reach for many people...especially beginners. If you can get your employer to fund SANS training, I would personally take it nearly 100% of the time and the equivalent certification would be the GSEC.
I'm not entirely sure if you were asking about Pentesting specifically or a GIAC certification...but pentesting relies on foundational knowledge at a minimum. It's like if you jumped into the deep end of a pool and tried to swim without ever learning how...except in this case you 100% will have to waste time circling back learning what you should already know instead of pressing forward.
Q: Do I need to have an IT background to get into cyber security? I am a lawyer but I want to get into this industry. Would lack of technical knowledge effect my taking the course?
Although I'm not sure which course that you're specifically talking about, it's entirely possible to get into Cyber Security without having worked in IT. With that being said, in order to work in a Cyber Security job you'll absolutely need to know foundational information that somebody with IT experience typically has. That information is all laid out on my Getting Started page ( jongood.com/getstarted/ ).
Doing Linux + the new xk0-005
Awesome and thank you for sharing! Keep me updated on how it's going.
In coming 5-10 years, which has good career - Defensive or Offensive side???
Both have their pros and cons as well as equally high paying jobs if you become an expert in a certain area. Offensive jobs typically are at consulting firms so your lifestyle is going to be different than if you work at a security operations center that doesn't require travel. Your level of job satisfaction will result from whether or not you enjoy the work you are doing each day because ultimately the compensation will be similar regardless.
Hello Jon
I have cracked CEH but now I"m totally confusd what should i doo now ? It would be my Hounor if you help me...
Are you trying to break into penetration testing? If so, you need to work towards getting the OSCP because that is the certification that job will be looking for in candidates.
Appreciate the info, but my biggest concern is always these companies dismiss all these certifications, because I'm not already working in the field, or no experience. Covid laid me off, and now looking at this pathway as completely different and new career
Certifications are only part of the equation when it comes to getting a job. The more that you can show you are interested in the field (writing blogs, creating videos, professional networking, etc.), the easier time you will have. The strategies you need to land a job aren't always complex but people aren't always willing to do the extra work to improve their chances.
Where to find the Infosec Rock Star book?
See the video description for the link.
I wanna become a cyber security engineer what steps do I need? is it always the certification's route and after the degree. I do know I need a BS degree for that field.
Definitely grab a free copy of my eBook ( www.jongood.com/getstarted/ ) where I give a roadmap of which skills and certifications that you should pursue. Degrees aren't necessarily a requirement but I also discuss degrees vs certifications in my eBook.
Sir, I have done CISA & CEH. Currently going through Security Plus courses in udemy. Should I go for Network Plus before going for security plus?
I recommend grabbing my free eBook ( jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications. I don't know your level of experience but you need to make sure that you have a solid foundation before you jump any further ahead.
Do you not recommend the A+ or think it can be skipped starting out
The A+ is specifically targeted at landing an IT technician job but outside of that, you aren't really going to use a lot of the information related to hardware troubleshooting in most technology-related jobs. For my full recommendations, check out my free eBook ( jongood.com/getstarted/ ).
For a complete beginner would you recommend A+?
The A+ can be helpful to get your first job in IT, usually in the helpdesk, but once you get past that and especially in Cyber Security jobs, you probably will rarely if ever use that knowledge. You can find my recommendations in my free eBook ( www.jongood.com/getstarted/ ).
I'm an older adult trapped in a career that I hate. Trapped, because it is high paying. To make matters worse, it has destroyed my body. Short of trying to go on disability, I need a new career that I can enter with no degree and needs to start at $80k without me relocating. Quite a tall order.
The majority of entry level Cyber Security jobs start out between $60-80k but not everybody is fortunate enough to start out directly in Cyber Security, which means you might have to start in IT jobs that typically start out paying less. With that being said, you can make jumps pretty quick if you can grasp the information quickly. Also, I am not sure which part of the country or world that you are in but higher cost of living areas might have a higher range just to make up for the difference but given what you said, it sounds like that does not apply to you.
What schools do you recommend and what's the cost like
If you are looking at an actual university, then I would look at the NSA's list of Centers for Academic Excellence ( www.nsa.gov/Academics/Centers-of-Academic-Excellence/ ) and the cost will vary program to program because there is no "standard" pricing. I would also check out my video on bootcamps ( ruclips.net/video/Hi9bci5gbw4/видео.html ).
I want to leave the construction security for cyber security but dont really know which profession to embrace cos there is forensic investigator, ethical hacker, cryptographer , security auditor ,etc. I really need help choosing a particular profession cos understanding my role will help me in the career.
Here is a write up with some brief descriptions of different roles: www.cs.seas.gwu.edu/cybersecurity-roles-and-job-titles
Most people start their Cyber Security journey in IT jobs though, so I wouldn't worry too much about specific security roles and would focus on starting to build up your general knowledge.
Hi Jon,
Thank you for the video, any suggestions on the best cybersecurity news links I can follow?
Here are a few good ones to get you going:
- www.darkreading.com/
- krebsonsecurity.com/
- www.schneier.com/
Whats your opinion on skill bootcamps?Near my area there's a place that offers a 1 year program in it they give you network+ security + and Mile2 CPEH certifications. I was thinking of maybe taking that when I finish my bachelor degree.Im currently on my last year on college studying IT and web development. I took a free netacad course my uni was giving in introduction to cyber security and it really peaked my interest in this area.
Bootcamps can be useful but typically they are geared at passing an exam and not necessarily getting a strong grasp of the material. Depending on the specific bootcamp, some are more valuable than others.
Hi John, thanks for your priceless information , you are my light in the darkness . 😅 I was wondering..how much "geolocalized" is cybersecurity ? I mean, as a developer, that's never been an issue to me, code is code. But the more I dive into the world of infosec, the more I find a plethora of certifications whose acceptance vary worldwide. I understand that's got to do mostly with the different laws in each country or is there more to it?
Thanks for watching and for the question! Which certifications are you referring to? Professional certifications like the Security+/CISSP/etc. or compliance/industry certifications like ISO 27001/SOC 2/etc.?
@@JonGoodCyber the professional category
@@mg508 I haven't seen any laws mandate specific certifications, but I suppose it's possible. In the United States, we have something called the DOD 8570/8140/etc. mandate that definitely impacts certifications in the military/government space and the private sector...but it's a contractual requirement, not a law. I'm guessing that other countries have similar requirements to consider. Generally speaking, a lot of the information is the same or similar, but understanding what's important locally is a crucial aspect of job searching in any career field.
Hey Jon. Your videos have helped me out a lot in looking towards where to go and what to do in the field of cybersecurity. I recently made a career change and earned both my Security+ce certification and AWS Certified Cloud Practitioner certification, but I’m struggling to get my foot in the door in terms of entry-level jobs. Was wondering if you had any advice on where to go from here in terms of certifications or perhaps entry-level positions to gain experience considering training for a more in-depth certification like the CCNA can be difficult and costly without a company willing to foot the bill?
I recommend checking out my Getting Started page ( www.jongood.com/getstarted/ ) where I provide the certifications and skills that I believe you should pursue. As far as jobs, you should be applying to any entry-level cybersecurity OR IT jobs, which means anything from help desk to SOC analyst...basically anything that lists 0-2 years of experience. If you keep at both of those things that I just recommended, you'll make your way into cybersecurity at some point if not right away. One of the biggest mistakes people make is they stay laser focused on applying to cybersecurity jobs but they never land a job and end up wasting a bunch of time when they could have been gaining relevant experience while still trying to make the switch.
I am just starting out. I joined a boot camp.
Awesome! Make sure to soak up as much information as you can.
Hey I'm 14 and living in Australia I have little coding background for only python and html my school does not provide any courses what do you recommend I do
I recommend spending more time on Python, learning bash and PowerShell, and learning more about both Windows and Linux. I wouldn't worry too much about certifications at this point in your journey but if you learn a lot about all of those subjects over the next couple of years then you can really hit the ground running as you start to hit the workforce.
Hi John, I am totally new in this area, I am a graphic designer, and really don´t know where to start. I am 54 and I am working. How can I study cybersecurity not a full time? I live in New Zealand, do you know I trustable place I can study? Do I study cybersecurity courses first and then do the certification or otherwise? Many thanks, Claudia
I recommend grabbing my free eBook ( www.jongood.com/getstarted/ ) where I not only talk about the skills and certifications that you should go after, but also the different training and certification vendors that exist. Keep in mind that there are others outside of what I mention, which is fine just make sure that you do your homework to make sure that they are legitimate.
Do you recommend for everyone that they self teach and get their own certs? I currently work midnights and I am terrible at learning on my own through self teaching. I was told by my best friend, who has been a soc analyst for over 4 or 5 years now, that boot camps were a good way to break into the field and his employer hires those coming out of boot camps. I was wondering what pathway you would consider best for someone like me who is working midnight shift full time with absolutely zero cyber security knowledge/background but is looking to switch career fields into cyber security. Thanks!
One of the main problems with bootcamps is they are typically expensive and the return cannot be guaranteed. Self study is inexpensive and can be done fairly easily since foundational knowledge isn't difficult for most people to pickup given adequate study time. Plenty of people have landed jobs by self studying but some people prefer the structure of a bootcamp. For your situation, your only option might be to go the self study route because a lot of bootcamps are going to be during the day. I made a video on why I hate bootcamps that you should check out: ruclips.net/video/Hi9bci5gbw4/видео.html