I don't think it will be a difficult career change at all. In fact, when I counsel computer science majors on pursuing...
an information security career, the first thing I tell them is that they need to take some business courses to gain an understanding of how the business operates. You're simply approaching it from the opposite point of view: You have the business education and experience and need to gain technical skills.
Networking is a good start, as it's an important part of the foundational knowledge for any security professional. I'd also recommend a good, broad introduction to the information security field. You can achieve that by pursuing either the Security+ or Associate of (ISC)2 certification. Once you've gained some experience, you'll definitely want to pursue the industry standard CISSP certification.
With that basic foundation, the next step is choosing an area of specialization. Information security is an extremely broad field: You can choose to focus on network security, security policy, application security or many other areas. When you find one that appeals to you (and your employer, if you're looking for an internal move), take some specialized courses to learn the ropes of that field and get some hands-on experience.
For more information:
Dig Deeper on Information Security Jobs and Training
Related Q&A from Mike Chapple
The FTC was granted authority in enterprise cybersecurity regulations. Expert Mike Chapple explains what this means for organizations.continue reading
PCI DSS is pretty specific about security, but does it do enough for mobile payment security? Expert Mike Chapple explains why he says yes.continue reading
The U.S. government has been criticized for its lack of updated privacy regulations. Expert Mike Chapple advises enterprises that want to bolster ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.