Getting into Industry: expectations and realities
At Cygenta, we're passionate about supporting the next generation of cybersecurity professionals. So, for this post, we've turned to Callan Garratley for his perspective on growing up with hacker aspirations and why university is a great building block in a security career, but certainly not everything. Whatever stage you are at in your career, we're sure you'll be interested in what he has to say.
When I first started thinking about getting into computer security, it was the thrill and excitement that pulled me in. I would be surprised if you meet someone in industry that didn't think the movie 'Hacking' was fun to watch and that it gave you that "oooh" feeling. I used to get chills when seeing the hero or villain use hacking or any form of super technical computing wizardry in movies and games. I wanted to do it and see it for myself.
This pushed me to study computing at school. I had a knack for it and moved up pretty quick through my studies. This gave me a lot of free time to play around and to just experiment in lessons. I remember bringing up (supposedly disabled) command prompts, finding out my local IP address and small, simple things like that. It was exciting, it made me feel clever and "leet". I spent a lot of my personal time playing around on the family computer, too. I wasn't limited in the time that I had to play, and I learned quickly. From here, I chose to study Ethical Hacking at Abertay University. It was close to home and had a reputation for being one of the best. After all, it was the original. I have proudly thrown myself in here and learned so much about a multitude of subjects. I have had formal training in attacking websites, networks and everything in between. I've conducted digital forensics investigations and legally hacked the video feeds of CCTV cameras all as part of my course. It's been an invaluable experience.
However, it's not everything. Academia has merely been an entry point into my security career. When I first got to university, I was full to the brim with expectation, excitement and the thought that I would be a super cool, all-powerful hacker. Sadly, it wasn't that easy. I got to university and my modules were Introduction to Programming, Computer Hardware and Operating Systems. They taught me how to design websites and the OSI model for networking. I mean, it's all useful, don't get me wrong. As an ethical hacker, learning the basics of a technology is a great way to learn how to break it. But, Uni can never be expected to teach you everything, it just gives you the foundation of knowledge so that you can learn yourself. It's helped me to where I got to today. For people looking for an intro to computing before they get into security, it's good too. But I wanted to hack. I wanted to break things. After all, I had done a lot of computing growing up so felt I knew most of what was being taught. So, I continued to experiment. This time, with direction. Tutors are great at helping you out when you're bored.
At university, I've been fortunate enough to do some really cool projects. After what felt like the year of general computing, we started getting security modules. It was extremely fun! They gave us a network and told us to hack it, after teaching us the building blocks of how to. This is where, for me, I thought I belonged. I started doing some of my own projects. I looked into blockchains because everyone was talking about them and then even presented on them and got an internship at a bank.
University sets you up to do great things. Your passion is what moves you forward and motivates you to do cool projects and put yourself out there. I've spoken at conferences in front of over 100 people and at society meetings and hacking meet ups on a wide range of projects. It looks great on my CV and has allowed me to get experience and offers for internships from large companies that are well known in the industry. If you're the nervous type and don't feel comfortable public speaking, even just attending these conferences shows passion and an interest in learning about the industry.
With the right attitude and determination, this is an industry to thrive in. Doing things on your terms in your own time is invaluable but takes passion. Security is always changing so you need to stay passionate about it because learning is probably the biggest part of it. You have to be excited to learn new things and excited about what these new things do. But, with that, you can go far. That's what you should take from this post.
Thanks for taking the time to share your experiences in cybersecurity so far, Callan! We're excited to see your career go from strength to strength.