Getting started in security on a tight budget

Getting started in security on a tight budget

I want to get into computer security but have no computer background. I have asked my employer for financial assistance for classes (even though I am not a computer tech) and have been subsequently turned down. These classes are very expensive and books become outdated quickly. Deals offered on "virtual" training seem cheap unil you find out that class (or certification program) has just expired. How can I get started without moving into the poorhouse? Are more companies these days turning down employee requests for computer training?

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

With no computer background, you've got a long way to go to get to where you want and need to be. I'd suggest that you start out by working on the CompTIA A+ and Network+ certifications -- you need not necessary get these credentials, but you will want to learn the material involved to make sure you're ready to deal with even elementary infosec (information security) topics, tools, concepts and so forth.

After that, I suggest you visit www.informit.com and search for "tittel security bookshelf" (omit the quotes) from the home page. This will turn up a two-part bibliography of the very best books on infosec topics. Start with the Dieter Gollman and Kaufman/Perlman/Speciner books and begin working your way systematically through that bibliography.

Once you've got three or four of those books under your belt, you can start thinking about an introductory infosec certification. I recommend the CompTIA Security+ as a good place to start. After that you'll be pretty well able to follow your interests and the market without my help.

Total cost for A+, Network+, Security+: about $625 for exams and another $450 for books and practice exams. That's not a terrible cost to have to bear over the 12-18 months it will probably take you to complete this work ($1075 over 12 months is about $90 a month; over 18 months about $60/mo).

Good luck and best wishes! You'll have to put in some serious time and effort to reach your goals, but you can do it. As for the whole "employer funding of certifications" issue, reports from Certification magazine do indicate that funding is down 20% or more over last year, but in your case I suspect the lack of support dervies more from the possibility that you are asking for IT training support when it may be likely that you're not even working in IT at present (how else could you have no computer background?).

For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: First certification for breaking into security
Ask the Expert: How long does it take to get up to speed on security?
Ask the Expert: Suggested reading for infosec novice


This was first published in December 2002