Getting Into Cybersecurity Part 2: Timeline, FAQ

In part 1 of our getting into cybersecurity series, we covered our process that will help you get into cybersecurity faster.  If you haven’t gone through that article and the steps in it, it’s worth your time to go back through that now.  However, to summarize, in that article we said that in order to get into cybersecurity faster, it’s helpful to:

  • Get working in a technical position as soon as possible, regardless of how much “security” it involves or if it’s in the exact sector of cybersecurity you’re shooting for
  • Pursue your education now in some documentable way, and continue doing that moving forward.
  • Build experience in a variety of small ways through opportunities that are around you and that you can access quickly.
  • Attend events and network with professionals in your area.
  • Keep in mind that the process of getting into cybersecurity takes effort and diligence.

With that covered, here in part 2 of this series, we want to answer the frequently asked questions that people ask as they’re following our Getting Into Cybersecurity steps.  Let’s get started.

Getting Into Cybersecurity FAQ

Let’s take a few moments to answer some of the frequently asked questions that we hear from people that are following our recommended steps to get into cybersecurity.

Are all of the steps to getting into cybersecurity necessary?  The steps aren’t absolutely mandatory, but done together they will give you the best chance of success.  Many people have and will be able to get into cybersecurity without volunteering, or getting a certification, or going to networking events, for example, but all of the steps are advisable because when they are done in combination, they give you the best opportunity to accelerate your timeline to get into cybersecurity.

What is the biggest mistake people make when following the steps?  Many people like to skip certain steps because they’re hard or they take a lot of work, or because they push them out of their comfort zone.  Unfortunately, this often harms their overall progress, even though they don’t realize it at the time.  Don’t skip anything so that you can have the best odds of succeeding.

Someone advised me to focus on school first, then look for jobs.  What about that advice?  That advice is bad for most people.  I’ve seen parents, spouses and even college guidance counselors recommend to people to focus on their schoolwork exclusively, or upon graduation only focus on applying for jobs.  This approach is the same as just about everyone else’s on the planet, and it therefore makes it nearly impossible to differentiate yourself from the crowd.  I know people that followed that advice and are still looking for jobs years later.

How long should I expect this to take?  If you’re really following all of the steps, it could take between two and four years, although I’ve seen it done in as little as 12 months.  It depends on where you’re starting from and how hard you work.  For some people, especially those that work full time while pursuing this goal, it could certainly take somewhat longer.  We’ve covered in detail how long it can take someone to get into cybersecurity in this article, including some additional strategies you can use to speed up the process.

How hard can I expect this to be?  Getting into cybersecurity takes a lot of time, dedication and persistence, but it’s also important to keep in mind how hard your job will be in the end.  We’ve covered how hard cybersecurity can be in our article here.

Is cybersecurity changing too fast to keep up?  As you’re working to get into cybersecurity, it’s important to know that cybersecurity is a wide field with many different specialties, and those will continue to change and evolve over the years.  There are job titles and specialties in cybersecurity that will exist 15 to 20 years from now that don’t now.  That’s why in some ways we do children a disservice when our school systems force them to pick a career path so early, often in junior high school.  The reality is that the jobs these children will be working in as adults don’t even exist yet, just like cybersecurity didn’t exist when I was in school.  How do you prepare for a job that doesn’t even exist yet?  You learn to be a great lifelong learner.

If you do complete the process of getting into cybersecurity and stay in the field for the long haul, you’ll probably have many different jobs, including ones you haven’t even thought of or maybe even heard of.  And that’s okay.  You’ll be ready and prepared as long as you’re always learning and increasing your cybersecurity knowledge.

What are some of the downsides of the jobs that I may get?  We covered this is great detail in our post on the pros and cons of cybersecurity jobs, but to summarize, as you’re getting into cybersecurity you should be aware that many of the jobs that you’ll be applying for will:

  • Require some amount of odd hours or on-call work, because people and cybersecurity attacks don’t just happen from 9 to 5.
  • Require that you learn new things daily, and continue to learn new things outside of work on your own time.
  • Require you to utilize non-technical soft skills, such as customer service and teamwork.
  • Have many interesting parts, as well as some tasks that are not as enjoyable.

Have you ever seen the process not work?  No. Not when all of the steps are followed.

Have you ever seen someone be unsuccessful in their effort to get into cybersecurity?  Yes.  No career field is for everyone, and some people find out early on that they don’t enjoy the work or are not cut out for it.  Others are unsuccessful simply because they will not apply themselves to these steps.


In this article, I tried to cover some of the most common questions and stumbling blocks that I’ve seen people have.  If you haven’t read our recommended steps for getting into cybersecurity, you can view them here.  If you’re serious about getting into cybersecurity, commit now to following the steps listed there in order to give yourself the best chance for success.  Good luck on your journey.

Matt Day

Matt Day

Matt Day is a cybersecurity professional with over twenty years of experience in the IT, cybersecurity and technology training fields. He holds CompTIA A+, Network+, Security+ and Cisco CCNA certifications, and is the author of the book CCENT Troubleshooting Guide.