Can you be a cybersecurity professional just because you are passionate about it or overnight got a certificate?
Real quick answer: NO, not at all!
That is actually one of the main reasons behind hackers being always ahead of the security community. I hear people in this industry, well, I should say in this commercial zone called “cyber security,” that convince you that yeah it is okay, I myself am a mechanical engineer, or psychologist or so and so, go get your certificate and enjoy the big paycheck… they are basically not only fooling you, but also they are behind the main reason why the workforce lacks basic skills in computer security.
Don’t get me wrong, you can be a very good security pro if you were used to be a psychologist, but this thing, the transition does not happen overnight, it takes decades, and also it does not matter if you spend 20 years in an IT environment, relevant, but not enough at all, so just because you have 20 years of experience in IT management does not make you a security pro. Well, you can be a helpdesk for 10 years and end up the best security pro.
So what I am trying to tell you here, is the whole thing is a very tough journey where title and certification do not do anything with it. In fact, every single day I see IT professionals who have no idea of the dynamics of computer security, let alone understand the more complex cyber security ecosystems.
What makes you a computer security pro is knowing the computer software and hardware very deeply and then having the ability to magnify them and manifest them into your hacker mindset. Does it make sense? I am not surprised if you say no because I used to spend a quarter of each training course that I had on this logic.
When I say computer software and hardware, I am simply talking about coding for a system, at the level of the system, into the depths of the operating system and minimal interaction with high-level API. System programming puts you directly into touch with hardware, and in my opinion, that is the best way, not the easiest though, to understand and utilize the hardware. Even with 3 decades of experience in visual programming interfaces, you will barely be able to utilize the coding in your computer security deep concepts and techniques. Only after that do you need art and analytic skills. For sure you can build them but those skills to me, are typically hardcoded within people.
Sorry, I am not trying to disappoint you if you are just interested in cyber security, you need background. However, if you want to be part of the army of so-called security professionals with lots of useless degrees and certifications, you are more than welcome to join the market. The highly commercialized market of cyber security will assure you get a good paycheck sooner or later. But remember, that does not mean you are a security professional.
