Reflections on My Cyber Security Self-Directed Learning journey: What I Could Have Done Differently
Hello World! This year, instead of the usual year in review, I’d like to share something different. I want to explore what I wish I could have done differently if I were to start my cybersecurity journey anew. The beauty of being in tech is that lessons from one field can be applied to another, making this relevant even if you’re not in cyber security.
In titling this blog, I intentionally chose ‘self-directed’ over ‘self-taught,’ acknowledging the ongoing debates surrounding the two. ‘Self-directed’ aptly describes my journey into cybersecurity, which began in the midst of the COVID-19 era around mid-2020. The abundance of free learning resources during that time facilitated an easy entry into security. However, with no specific direction, I allowed these resources to dictate my learning path, a decision I now view as a challenge. Let’s delve into what I could have done differently.
1. Creating a structured learning map from beginner level to probably… advanced.
In self-directed learning, you will most probably suffer from the problem of plenty. I mentioned of how during the covid times, we had a lot of free/ discounted learning resources. This was a blessing but also a challenge in disguise. Without a structured learning path, I was thrown into confusion and would take any course that came my way. Although the knowledge was great, it deterred me from learning what I really needed to learn in-depth. Looking back, I would ensure I take time to research on the cybersecurity career, why I developed interest in the field and what I wanted my security career to look like. With this information, structuring a learning path would have been easier. Knowing the why is important for crafting the learning journey to the specific area of interest. Here is how I would have broken my learning levels:
a. Beginner
b. Intermediate
c. Advanced
Please note that each level would have different learning areas e.g
<Access the chatGPT Query >
2. Setting timelines for each learning level (Days, Weeks, Months)
Both schools and companies set timelines for different projects/ coursework. These timelines govern how resources are used and when they should be used. Basically, when you should be doing what. In self-directed learning, you are the governor for a lot of things…well everything. This is where the self-discipline conversation starts. Without proper rules and structure, projects fail. Your self-directed learning is a project too! I am really starting to feel like a life coach hahaha. In my cybersecurity journey, I sometimes found myself learning the same thing over and over again. This is because I hadn’t blocked time for different learning areas, e.g in 2 weeks, I need to have completed the network basics topic. If I started studying networking today and found it interesting for 3 months, I remained stuck there for that time. For you to see progress in learning, structure and timelines are important.
Remember to stick to your timelines and beat your own deadliness.
3. Having GREAT Quality learning resources for each level
See how I stressed quality? Don’t use all resources that come your way. Some contribute to more beginner level confusion. I mentioned that there were plenty learning resources when I started my security journey. Almost everyone had a free course. When looking for learning resources, rely on the best ones. Some courses might be so basic, making you not ready/ not confident enough to move to the next level. Ensuring you have quality is essential since in the whole learning map, you will be building onto what you learnt. For me, I could have asked reviews from seniors in the industry about courses I was unsure about. Just imagine spending 2 weeks learning a course then finding out you don’t have enough prerequisites to move to the next level. Very disappointing! If you are looking for learning resources, feel free to check out my previous blogs.
4. Setting Milestones for Each level/ Projects to assess my skills
One thing that I lacked when I got into cyber security was ways to measure my learning progress. This is because it was theoretically structured and not practically structured. Although having an idea of how to set up your own home lab is OK, you will only have the full experience by setting up the lab. If I was to start over again, I would use technical projects to measure my progress or do activities that would require my active involvement more. For each level, I would also have a practical task as part of the learning map. These practicals would serve as milestone measures. In short, I would have started using platforms like hack the box, tryhackme etc. earlier on. Essentially, I would have gotten my hands dirty earlier enough.
5. Learning path Curriculum review
With self-directed learning, there is always something to review. This is because the more you grow in learning, the more insights you get. What you swear by now might change in 3 months’ time. Hence, the need for being open to change. For this step, I would either remove unnecessary learning modules, or add new modules based on things like, new industrial trends, recent attacks. E.g. Learning Log4j vulnerabilities when the Log4j incident happened.
6. Sharing the technical side of things more on the blog
One way of measuring growth and documenting it is through ‘learning publicly’. Although I shared my theoretical learning journey online, I would also share what I was doing technically. This would have killed the self-doubt I had slowly, and replace it with confidence. Learning publicly enables one to look back and actually see progress. Learning publicly on platforms like Twitter (X) will also connect you to your tribe. You will find other people on the same journey as you, and share insights.
Those are the 6 things I would have done differently if I was to go back in time and start my cyber security journey afresh. Other things that I did very well was seeking mentorship, sharing my content publicly, being part of communities and being consistent in my learning. I believe these insights will come in handy for you who is trying to begin. All the best in your cyber security/tech journey!
