• CSNP

Unpopular Opinions in Cybersecurity



Author Swetha Kannan


Cybersecurity is the most wanted career today. As the industry evolved, so much has changed. Today there are several blogs/writeups/posts on how to break into Cybersecurity, but some unfortunately are far from ground reality. This article has some hard pills to swallow, with unpopular opinions that you don’t see on LinkedIn every day. These are my personal opinions based on observing this industry over the years and would love to respectfully engage with anyone with a different perspective.

Common Myths:

  1. You need not be technical to break into cybersecurity.

  2. This bootcamp/certificate/course will ensure your entry to cyber security right away.

  3. Maximizing connections and posting on LinkedIn is the only way to get a foot in the door.

  4. Cybersecurity is the most lucrative career.

  5. Build a wall of Certificates/Achievements.

Unpopular opinion:


1. Myth - You need not be technical to break into cybersecurity

Reality - This is the most common one I see on LinkedIn posts and blogs related to cybersecurity careers. Career changers are assured that they can still be a pro in cybersecurity without technical knowledge. You might have been part of conferences where speakers mentioned how their diverse background helped them become a great security professional. While I have great respect for them, the ground reality in 2022 is very different. There is a huge pool of entry level talent in the cybersecurity job market and the competition is cutthroat. ‘You need not be technical’ worked 5 years ago when there was a skill shortage at entry level, but won’t anymore

My 2 cents: Do your research on which domain of cybersecurity you want to pursue, gain technical knowledge in that domain. Technical always doesn’t mean you need to be hacker, the term ‘technical’ means you need to know the rules of the game you play. Build knowledge in the domain you are interested. In an interview, your technical skills will be tested. If you can’t differentiate between HTTP & HTTPS or understand what a firewall is, chances of winning an entry level role are thin.

2. Myth -This bootcamp/certificate/course will ensure your entry to cyber security right away

Reality -There are several bootcamps, training programs, certifications, degrees catering to the cybersecurity industry, and this seems to grow year on year. While some of them offer hands-on training and help aspirants to gain knowledge, beware of those programs that promise results of huge salary right after the course. Cramming lot of information (instead of continued learning)in a 3 day bootcamp or using brain dumps to pass a certification will not help in the longer run

My 2 cents: With the oversaturated entry level market in cybersecurity, knowledge and skills are your greatest strengths. There is a treasure trove of resources (including hands-on labs) available for free online, you are a google search away. Make use of them and build your skillsets. If instructor led trainings/certifications interest you, do your research before spending your savings on a course. Persistence and hard work is key to breaking into any industry and cybersecurity is no exception. 3. Myth -Maximizing connections and posting on LinkedIn is the only way to get a foot in the door

Reality - This one has been the latest and most circulated advice of late. There are posts by content creators that ask you to connect with everyone on the comment section and send connection requests to 50 people a week. Job seekers are told posting every day is the only way to get noticed by people in the industry/recruiters and in turn land an entry level role. While the good intention of these claims is to be appreciated, connecting randomly with 50 people a week or posting copied content everyday might not get you the golden ticket. Instead, your feed might be brimming with content from different industries, and you might lose track of your goal in the process.

My 2 cents: Connect with people in your industry/desired job profile. There are amazing content creators in our industry who post valuable insights on LinkedIn regularly, connect/follow and be benefited. Connect with recruiters who recruit for cybersecurity teams/companies. Reach out to mentors, professionals whom you as aspire to be like and grow your network, (the cybersecurity community on LinkedIn loves to help grow talent in this space). By channelizing your LinkedIn connections, you will increase your chances of coming across the right opportunity and the ability to get a foot at the door. Introverts, don’t lose heart, you can be a content consumer and still land your dream role if you do it the right way. 4. Myth -Cybersecurity is the most lucrative career

Reality - Tech jobs have a great pay, true. But cybersecurity is not the only field that pays well. Also, entry level cybersecurity is not paid 6 figures in the beginning. A college faced a lot of heat recently for advertising that it’s graduates (cybersecurity course) were securing jobs with a pay of $200k. This is far from the truth and aspirants must be aware that while this is indeed a lucrative career, it is not the only one and, you can’t mint money on day one.

My 2 cents: Chances of shining in this field is more if you have genuine passion and interest in the work you do rather than having money as your only goal. Don’t chase the $$!! Keep learning, grow your skillset, do the grind and the right opportunity will show up. That said, never undersell yourself, know your worth and negotiate. 5. Myth -Build a wall of Certificates/Achievements

Reality - Getting certified and building a wall of accomplishments is a good thing if done out of interest and curiosity to learn. But we can’t deny the fact that junking up certification can burn a hole in your pocket. Do not look at certificates as your ticket to entry level roles. Certifications can get you a chance to interview, but can’t ensure that you secure a job

My 2 cents: Do your research before pursuing a certification. The learning in the process is more valuable than the certificate in itself. And always, experience >>> certification. So go ahead and discuss about your personal projects in the interview, impress the hiring team with your passion.


About the Author: Swetha Kannan has over 6 years of experience in cyber security consulting working across several industrial sectors. She currently works at Tesla and volunteers with Cybertrust America, a non-profit organization, as a Tech Lead and Director. Swetha is also actively involved in mentoring beginners and spreading awareness around cyber security

37 views0 comments