My path into cybersecurity
Everyone’s cybersecurity journey looks different. This is a notoriously difficult field to “break into”, and that is for a number of reasons. Some don’t find their way in until late in their career, while others are joining the ranks fresh out of college. My journey is still taking shape, but I figured I would jot down at least how I have arrived at this point.
I attended a four-year university near my hometown. It is a commuters’ school through and through, as many students work full-time jobs during the day and attend classes at night. They are driven and determined students looking to attain their degrees and move on to the next chapter of their lives. I fit part of this mold. Entering college, I was fixated on completing my education and getting out of there as soon as possible. Not because I had anything against the university; I just sought bigger and better things, and undergraduate school was merely a stepping stone.
I enrolled as a Business Administration major with no real plan or end goal. “Maybe I’ll start my own business someday, but who knows.”, I thought to myself. I coasted my freshman year, not really making any effort to explore any particular career path, but just performing well in my classes and going home. Eventually, halfway through my sophomore year, I took an interest in personal finance. Not the get-rich-ASAP-and-post-it-on-TikTok version, but more the Dave Ramsey approach, where utilizing time and discipline as your biggest investment tools could drastically change your life. I had wondered if I could make a career helping others do this as well. Unfortunately, this interest faded quickly as I did not find any real value for me in the work.
A man without a plan, I entered my junior year, hoping to find something, anything, that might call my attention. As I was looking through the course list preparing for class registration, one course caught my eye: Introduction to Information Systems. I had no idea what “Information Systems” even meant, but weird or unfamiliar things tend to catch my attention from time to time… so I obviously registered.
One of the overall objectives of the course was to demonstrate how businesses leverage technology to generate a profit and maintain a competitive advantage. I remember the professor (whom is by far one of the greatest instructors I have had to date) on the first day of class holding up a dollar bill in one hand and his smartphone in the other and shouting, “This class is about how you can use this (holds up smartphone) to MAKE MONEY.” Thanks for putting it so clearly, prof!
Another objective of the course was to provide an overview of cybersecurity. At this point, I had never taken a course in IT or computer science, so I knew I would have a bit of a learning curve to overcome if I wanted to perform well. I wasn’t expecting anything big to come out of this section, except for some newfound knowledge about a subject that interested me only slightly. Besides, my only real experience with tech was “fixing” my grandmother’s laptop when it wasn’t working (thank you for the power of turning off and on again!) and running Minecraft LAN nights with friends.
This is where my world began to open. The professor described how our nation is in a losing battle; how we are the greatest target for cyberattacks in the world, and we are not going to be able to stay afloat much longer. He highlighted the need for cybersecurity professionals to rise up and meet this challenge. Although the professor was certainly teaching us in this moment, I couldn’t help but get a sense that he was calling us all to action as well. The question was, would I answer this call?
After several months of thinking through this, I found that my desire was in this field, and I would answer the call. I pursued and acquired an internship in cybersecurity with a world-renowned university, where I really began to unpack all that this field had to offer. Just before graduation, I pursued and accepted a position with a prime Department of Defense (DoD) contractor as a cybersecurity intern, where I worked for several months and was eventually promoted to a full-time cybersecurity engineer; a role I have worked in for a while now. I even acquired some certs along the way, and I am pursuing new and exciting things which I hope to share more about in the coming months.
This is not the entirety of my cybersecurity journey. If anything, I hope it has demonstrated that your journey is yours and only yours. Don’t buy into the myth that there is a specific mold you must fit or a specific path you must take to become a cybersecurity professional. So long as you are willing to accept the call to action, as I did, you will have a place in this field.
— Nathan
