Hello, this might be the right place to ask this question but I am going to college this year to study computer science at community college and transfer to a four-year school. I want to get into the cybersecurity and ethical hacking field. Right now I am studying HTML and CSS. I just wanted to know if anyone had any information on what I could try learning on my own for cybersecurity or what your cybersecurity experience was like. How do guys get started?
I’m not a cyber security expert at any level, but I was exposed to it during my time at college. (there was a large presence of cyber security at my school)
Learn all the things. Security is important at all levels of computing and software. There isn’t really anywhere where security isn’t important. This doesn’t mean you need to become an expert in everything, only be aware of the security risks that could occur in a given area. For example, if your just learning about HTML and CSS, there isn’t much cyber security risk as both of these are static files, however there still can be client-side only attacks, like XSS
Learn Linux. Linux is the OS that powers most servers today, which are the primary “target” for most modern security due to their position as “secured environments” when it comes to the internet. This makes them targets for attackers, as such learning the OS that most online servers runs on should be a given if you want to be serious. Install Linux on an old computer, or look into dual booting. Something like Kali Linux is also used by professionals and “script kiddies” to perform penetration testing too.
Don’t focus too much on the development side. Building software is a lot of work, don’t expect or aim to become super pro if your goal is cyber security. Rather get the “gist” of it and understand the risk, attack vectors associated with what your learning.
Don’t focus too much on the hardware side. Hardware or low level vulnerabilities aren’t something most people worry about as there are “to many layers” between the hardware side and the software side. Vulnerabilities like Meltdown and Spectre are a big deal, but unless you focus your time, research on finding, understanding those problems, you probably wont need know how to find those kinds of vulnerabilities.
Stay a jack of all trades and don’t specialize. If your just starting out and want to get into a given tech field, you should aim to learn as much as you can in breadth, rather than focus on only specifics in depth. This is because you will get exposed to more knowledge, and be able to gain more awareness. Eventually you may get a job and end up becoming more specialized, but until then you want to keep as many doors open as possible.
Cyber Security is a rising field due to the increase technology in our lives. Its a very broad field, but it wont go away any time soon. Its not the easiest tech field, but its definitely a good career path.