Sorry if this isn’t the place to ask this question. I didn’t know where else to ask this kind of question and have a real chance of someone responding.
Does anyone here know where I can get a reasonable education in cybersecurity for free?
My family doesn’t have a lot of money and it looks like a great opportunity, I just need to know where to look, what to learn, and how to gain real experience.
Note: I am not a cybersecurity learner — I can only give general advice. I am learning web dev.
@Mr.Green, I’m sorry on behalf of the forum that your topic hasn’t received a reply yet. I feel obligated to do my best, even though I’m sure someone with a cybersecurity background could do so much better.
It’s very possible to become a self-taught cybersecurity specialist. Many have done it, and you’re right, it’s a great opportunity if you’re interested in that kind of thing. If you love something, you’ll be good at it. However, if you’re just doing it for the sweet salary, I’m afraid that’s not enough. In the IT field, especially if you’re taking the self-taught journey, it’s highly likely you’ll get discouraged and want to quit somewhere along the way. There’s a lot of self-doubt you’ll go through, and you’ll need infinite patience with yourself. In my opinion, there’s no way someone can become a really successful, competent programmer (or cybersecurity specialist) without having some kind of love for the work they’re doing. So, my first advice would be to think a little about it, watch some videos, see if you like the idea of it. If you find your fingers being drawn to the keyboard like gravity and yourself daydreaming about warding off DDoS attacks in the middle of the night, then you might be the man for the job.
Only, you need get trained for that job.
In my humble opinion, where isn’t super important in IT. Sure, there’s Coursera, Udemy, edX if you’re interested in courses, and fCC has one too, at least for the basics: Learn Information Security. But all of these courses are simply good for the basics. They’re good for getting started. I see them as useful in showing you what to learn more than actual knowledge. Beyond foundations, (which are important!), they begin to lose their utility. So use them to get started. Earn their certifications if they’re free (usually paid certs are a waste of money as employers don’t value them much anyway and go more by projects in your portfolio, or by what real practical skills you can demonstrate on your technical interview), and never move on to another concept until you’ve grasped the one you’re on thoroughly. Computer science is that way: new concepts build off of past ones, kind of like mathematics.
Once you’re comfortable with the basics, take your own path. Be the independent learner. Try out new ideas, experiment a bit. Get comfortable with messing around with computers. Be brave.
Certifications, it seems to me, are more important in cybersecurity than web dev, so here’s a list of the ones I think are worth looking into. Again, certs mean nothing if you can’t show your knowledge with real, practical demonstration, but they can be necessary to land an interview.
CompTIA Security+
Certified Ethical Hacker (CEH)
Cisco’s CCNA Security
Learn the basics, and then let circumstances guide you. On the internet, there’s a little bit of knowledge everywhere. Collect tidbits. Learn tricks. And know that the amount of people actually wiling to put in the long, painful hours of practice, trial and error are few. Be one of those.
I would start with fCC’s information security course, linked above. It might require some knowledge of JS first, though, so maybe you could start with that. It’s always a good idea to have a good grasp of some major programming language in any field in CS, and JS is useful, relevant and not too advanced. Python is also fine if you prefer it. You don’t have to be a god at programming, but you do need to know it to understand how software works. If you don’t understand how software works, how can you build solutions to protect it?
Set up a home lab. Use virtual machines to practice penetration testing and explore tools like Wireshark, Metasploit, and Nmap. I really don’t know a much about these tools, but that’s my suggestion. I’m sure there are many more ways to practice, which you’ll discover along the way.
All in all, yes, you can get a reasonable education in cybersecurity for free (or minimal expense). You just need to be persistent, love the work and teach yourself how to teach yourself. And you need to have a little bit of faith too. When you’re learning stuff you don’t understand, writing code you’re convinced you’ll never need, panicking because you forgot the syntax of a simple if statement — it takes faith to believe that all of it will, in the end, work out in your favor.
“You can’t connect the dots looking forward; you can only connect them looking backwards . So you have to trust that the dots will somehow connect in your future. You have to trust in something - your gut, destiny, life, karma, whatever.”
~ Steve Jobs
Hope that helped and I apologize for being way too general.
The Microsoft exam isn’t free, but the learning resources are.
Like Nick said building a home lab with some used hardware, setting up virtual computers, monitoring and protecting them can get you some hands-on experience. Plus attend capture the flag and other cybersec events.
Learn Linux like the back of your hand, it will be your main language.
That said, prepare to compete against people with a professional IT-background like admins, cloud and network engineers. You have to really know your cyber security to get picked over them.