Noob to Ethical hacker — the road map and complete Cybersecurity career guide

Cyber-security or ethical hacking or penetration testing is one of the most demanded career-making options out there. Shortage of skilled professionals, an increase in threats, lack of security-literature has made the scenario precise in the job market which resulted in high demand. Now this “high demand” word has made so much impact on students that they tend to get into this path with zero knowledge and get stuck onto somewhere leading to null. In the worst-case scenario, they admit themselves to some institution that claims to make them so-called “Industry ready” and charge a big amount of money which at the end of the day is nothing but a fraud act. In this guide, I will be talking about the successful engagement of an ethical hacking career and a roadmap that will for sure delete all the doubts you have and will prevent you from destroying your career.

Now because you are reading this blog means you already know what ethical hacking or cybersecurity is. For the sake of formality let me give you a brief about it. So basically Ethical hacking is nothing but finding flaws of a digital infrastructure before anyone else does. In layman’s term, you will be hacking legally to find out the flaws of digital infrastructure. Now when I am talking about legality I mean hacking with the owner’s consent. And digital Infrastructure means anything that is digitally connected, from your car and refrigerator to your T.V and smartwatch, it could be anything. Sounds perfect for a good career choice, isn’t it? well, we’ll come that in the latter part of this blog.

Okay now this is what Wikipedia says — “

Computer security, cybersecurity or information technology security (IT security) is the protection of computer systems from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide”

Let’s talk about pre-requisites now. So basically let me point out what knowledge you don’t need initially to get into cybersecurity or ethical hacking.

1. Programming language of any kind

2. Hardcore Networking knowledge

3. Hardcore Linux knowledge

4. Hardcore understanding of computer infrastructure.

Now let’s point out the knowledge you will need to get into this field.

1. a Basic understanding of network

2. Basic Linux commands and it’s usage

I have mentioned that you don’t need hardcore networking knowledge or hardcore Linux knowledge for cybersecurity initially as I have seen many institutions convincing students to take up a Networking certification and a Linux certification before proceeding for the main Cybersecurity or ethical hacking course. Now here’s the thing, the amount of Linux and networking knowledge you would need to start your career in cybersecurity initially is of a very basic kind which you can clearly understand from the internet’s content and blogs or by going through a youtube video.

However, you will need to have a deep understanding of network architectures, Linux usage, and a scripting language of any type, only if you want to master in this field, but initially opting for a certificate for networking or Linux would just be a waste of money.

As I am talking about training and certification let me just make this very clear for you, Getting certifications or a degree does not guarantee a job. You must continually practice what you’ve learned and build on that knowledge. This should come from both practical experience and personal practice. Speaking of which again you can’t be a professional or “Industry Ready” as the institutions claim within a particular amount of time. Cybersecurity is a field to understand. As I have mentioned earlier you would be breaking into things to find their weaknesses clarifies the fact that you need to understand the working of that particular thing before breaking it. Understanding cybersecurity requires time, it also requires a lot of patience.

But again for getting into the industry you need a certificate so if you have to go for a certificate get it from a recognized institution namely EC-COUNCIL, OFFENSIVE SECURITY, SANS, etc. but before proceeding for those make sure you have the basic knowledge. You can get that basic knowledge from any institution available but make sure the following factors are fulfilled:

1. Go through the course content thoroughly
2. Don’t overpay for the course
3. Choose a good mentor

The most important point from the above points is the second point, don’t overpay for the course. CEH from EC-COUNCIL costs around $500 which is equal to Rs.37000+, which includes 7-day training and certification. So if you are paying Rs.30000+ for certification and training from any other non-renowned institution then it’s nothing but useless. No matter what they say, trust my words, the industry accepts only recognized certification. Don’t overpay and choose your mentor wisely for basic knowledge, then proceed for a certification.

Another type of fraud people get into is about “Bug Bounty”. You will see advertisements like “Learn bug bounty and start earning legally” and kinds of stuff, but trust me it’s bullshit. Earning money is not easy. It will take months to find out your first bug and earn a bounty on the same. Also, this is the part that attracts most of the students and they get into ethical hacking and their career eventually gets destroyed. To be very honest Bug Bounty hunter as a career scope is not suitable. There are lots of bug bounty hunters out there (more than even you can imagine) and finding a bug consistently is an impossible task. So if you are up for ethical hacking and planning to choose Bug bounty hunting as your possible future scope, not to demotivate but in today’s world, it’s near to impossible. However, there are lots of other opportunities in the field of cybersecurity you can look down for.

So how exactly the map looks like?

1. First, get the basic knowledge- choose a mentor, understand the basics and in that process try to determine, whether cybersecurity is for you or not.
2. Get a certification from a renowned authority
3. Practice, practice, and practice — there is no end of knowledge.

Hope this helps, if you have any further queries you can reach out to me via

email: fardeen.exe@protonmail.com

LinkedIn: https://in.linkedin.com/in/fardeen-ahmed-833bb8184

Instagram: https://www.instagram.com/f4rd33n__

We are in this together :)