1.) How do I start in the world of IT security? I am only 22-years-old and computer literate, but I have no idea what to do first. Getting a computer degree is a must, correct? But, what kind of degree -- Computer Science? I want the degree to be related to the security field.
2.) What's your opinion about getting a degree online? I am thinking about pursuing a degree in Information Systems Security online from a technical institute, because I have two jobs. Is it possible to "learn" that particular subject online even without the hands-on or laboratory exercises? I don't want to waste my hard-earned money and time. Also, would you recommend a technical institute as opposed to a community college?
1.) Based on your interest (if you are US-based) I agree a Computer Science or related degree -- depending on the university -- is definitely the direction you should pursue. If you are working two jobs, I would encourage your company to sponsor you for security training classes (if possible) or ask for additional time off to take security classes. If you're not working at a network job, get a network position as soon as possible. The benefits of this work will ensure your success, and you'll gain valuable network experience. (The best security pros are network professionals first, security second -- a great combination.) And this type of position will provide additional training in the field of your choice -- security.
2.) Choosing between a technical institute and a community college is a big question. A community college with a smaller budget is providing less skilled instructors (based on cost of instructor and experience) and less qualified training materials. Check the class, the instructor and get testimonials before you put down your credit card.
Security classes by a qualified provider are the best way to go. Also, find out what are your "skills gap" and search the Web for classes on those topics. Assess what you need, what they offer for classes and what quality you're looking for.
For more info on this topic, check out these SearchSecurity.com resources:
This was first published in July 2003