Creative Approaches to Gaining Cybersecurity Experience

The Skills Combination We Need to Address the Global Cybersecurity Skills Gap
Author: Sakinah Tanzil, CISA
Date Published: 1 April 2024
Read Time: 5 minutes

People always ask me how I got started in cybersecurity. The story I tell them began back in the late 1990s, with my teenage self watching a local news story about the feared Year 2000 (Y2K) computer disaster.

Many computer programs represented four-digit years with only the final two digits, making the year 2000 indistinguishable from 1900. A widespread crisis was therefore expected when these digits would change from “99” to “00.” Predictions went as far as anticipating disaster all across the globe for businesses, corporations, nonprofits, governments, schools, and individuals, and many people were urging that action be taken to prevent this from happening.

I was in my last year of high school, unsure what I was going to do next. But this news story inspired something inside me to see how I could help my country face this critical issue. I wondered if I could learn more, so I researched local colleges to see if any of them offered a computer science degree. Luckily, my local community college had an associate degree program in computer information systems. That was the first step on my journey toward building my career in information technology (IT) and later in cybersecurity.

Today, with computers so much more a part of daily life, there are so many new ways to learn about careers in IT and cybersecurity. Programs are widely available in trade schools, community colleges, universities, and online, not to mention the possibilities for mentorships, apprenticeships, career coaches, workforce development programs, and many more places offering cybersecurity education. Indeed, with so much of life now intertwined with the online realm, it’s crucial that all of us learn the basics of IT and cybersecurity hygiene so that we can safely and securely conduct our lives and businesses online.

This starts with parents safeguarding their children with countermeasures and parental controls early, before they are exposed online to bad actors who are looking for opportunities to get their attention in order to steal precious details and private data to use against them. We all have a role to play in creating a safe space online and in our communities, workplaces, and schools to safeguard ourselves and one another against the possibility of sensitive information falling into the wrong hands and being used against us. I am hopeful that more people will join me in the cybersecurity industry, where millions of people worldwide are needed to help combat this threat head-on. I have made it my mission to advocate for the inclusion of science, technology, engineering, and math (STEM) career disciplines like cybersecurity as early as possible in K-12 education and beyond, so that everyone is prepared for these jobs of the future.

How do I gain experience in the cybersecurity industry so that I am prepared for the challenges ahead?

When I graduated with my first degree in information technology in 1999, it was a new, fascinating, upcoming industry. I did not know how to gain the experience I felt I needed to feel confident in job interviews, so I created my own lab at home, bought a lot of self-help computing books and used free software tools so that I could accumulate skills that I would use later when I got hired.

I also volunteered to implement and build computer networks for nonprofit organizations and started taking classes on building websites in this new world of e-commerce. It was tedious and grueling work; I had no one to mentor me or advise me what to do next, so my progress was often two steps forward and one step back. Nevertheless, I stayed curious and adaptable, and did a lot of staying up late at night drinking coffee, reading and surfing the internet, pushing myself to learn everything I could.

Over time, I built up my knowledge and skill set by learning the key principles of design and software engineering and other best practices. This hard work paid off down the line, helping to secure me a job in the IT industry and to build the habits I would need to sustain a career.

Continuous learning is crucial in this industry if you want to have a long-lasting career. I am always looking for growth opportunities, industry insights and new trends so I don’t lose my edge, and I believe you should, too. Finally, join industry associations like ISACA. By joining, you will stay up to date about certifications and job opportunities by networking with like-minded people and attending meetings and events that employers attend to find new talent like you for that next job opportunity.

About the author: Sakinah Tanzil is a cybersecurity professional passionate about Science, Technology, Engineering, and Mathematics (STEM). She holds a Bachelor of Information Technology and Security, a Master of Science in Information Assurance (MSIA), a Master of Science in Software Management (MSCIS), and many professional certifications, including Certified Information System Security Professional (CISSP), Certified Information Systems Auditor (CISA), Network + Certified, and Internet and Computing Core Certification (IC3).

Over my 20-year cybersecurity career I’ve had the privilege to become an industry leader. My varied career has given me in-depth knowledge of the industry, from my work as an IT technician to my current role as CEO of STEM Coaching, LLC, which offers career coaching and advisory services to professionals entering the STEM field. My first book, Breaking the Cyber Code, was prompted by the growing opportunities in this exciting field. In 2012, while in graduate school at the University of Detroit Mercy, I was asked to work on the newly created National Initiative for Cybersecurity Education (N.I.C.E) Workforce Framework. I mapped 52 Information Technology Work Roles to the appropriate functional tasks, skills, abilities, and knowledge (TSAK) desired for these newly defined jobs in cybersecurity. The resulting work [2] became the official publication reference document for describing the interdisciplinary nature of cybersecurity work (and workforce), and the rest is history.

References:
Tanzil, Sakinah (2020), Breaking the Cyber Code: A Game Changer That Prepares Our Workforce and Secures the Future, Sakinah Tanzil Executive Management Coaching. Amazon.com: Breaking the Cyber Code: A Game Changer That Prepares Our Workforce and Secures the Future eBook : Tanzil, Sakinah , A: Books

National Initiative for Cybersecurity Careers and Studies (n.d.), N.I.C.E Framework. http://niccs.cisa.gov/workforce-development/nice-framework

Morgan, Steve (2023, April 14),Cybersecurity Jobs Report: 3.5 Million Unfilled Positions In 2025, Cybercrime Magazine. http://cybersecurityventures.com/jobs/