Why I'm Learning Cybersecurity with Zero IT Experience

The Decision That Changed Everything

Six months ago, if you’d told me I’d be studying networking protocols and Linux commands, I would have laughed. My background? Real estate in India, aged care in Adelaide, and delivery driving in Sydney. Not exactly the typical path to cybersecurity.

But here I am, and I want to tell you why.

Why Cybersecurity?

The cybersecurity industry has a significant skills shortage. According to the Australian Cyber Security Strategy 2023–2030, Australia needs approximately 17,000 additional cybersecurity workers by 2030 to meet growing demand (source: Department of Home Affairs, 2023). But what caught my attention wasn’t just the job numbers — it was this: you don’t need a computer science degree to start.

Many cybersecurity professionals come from non-traditional backgrounds. Customer service teaches you communication. Aged care teaches you attention to detail and compliance. Delivery driving teaches you problem-solving under pressure. These are transferable skills that matter in security.

I kept reading stories of people who’d made the switch — nurses, teachers, military veterans, tradespeople — and I thought, why not me? The industry is literally begging for people, and the barrier to entry is lower than I’d assumed. You need curiosity, persistence, and a willingness to learn. I’ve got all three in spades.

The Numbers That Convinced Me

I’m a practical person. Feelings are nice, but numbers seal the deal. When I started researching cybersecurity as a career path, the statistics were overwhelming — in the best possible way.

The global shortage is staggering. The ISC2 Cybersecurity Workforce Study 2024 reported a global gap of approximately 4 million cybersecurity professionals (source: ISC2, as of 2024). That’s not a rounding error. That’s an entire workforce that doesn’t exist yet.

In the United States alone, CyberSeek reported over 500,000 unfilled cybersecurity positions as of 2025 (source: CyberSeek/NICE, as of 2025). The US Bureau of Labor Statistics projects information security analyst roles to grow 33% between 2023 and 2033 — much faster than the average for all occupations. The US median salary for information security analysts sits at approximately US$112,000 per year (source: BLS Occupational Outlook Handbook, as of 2024).

Here in Australia, the picture is just as promising. AustCyber projected the Australian cyber security sector revenue to reach AUD $7.6 billion by 2026 (source: AustCyber Sector Competitiveness Plan, 2020). The Australian Cyber Security Strategy 2023–2030 identified that approximately 17,000 additional cybersecurity workers will be needed by 2030 (source: Department of Home Affairs, 2023). Entry-level cybersecurity analyst salaries in Australia range from AUD $60,000 to $85,000 (source: PayScale Australia, as of 2024), with experienced analysts and specialists earning significantly more.

The cybersecurity industry doesn’t have a talent surplus problem — it has a talent pipeline problem. If you’re willing to build the skills, there’s a seat at the table waiting for you.

These numbers told me something important: this isn’t a saturated market where I’d be competing against thousands of computer science graduates for a handful of positions. This is a field that is actively struggling to find enough people. For a career changer, that changes the calculation entirely.

What Transferable Skills I Bring

One of the biggest myths I had to unlearn was that my previous experience was worthless in tech. It’s not. When I actually sat down and mapped out what I’d done in my career against what cybersecurity roles require, I was surprised by the overlap.

I’m not pretending this is a perfect one-to-one match. Nobody is going to hire me to be a penetration tester because I used to deliver packages. But the soft skills — communication, compliance mindset, attention to detail, working under pressure — are genuinely valued in cybersecurity. Multiple hiring managers I’ve read about say they can teach technical skills far more easily than they can teach someone to write a clear incident report or communicate calmly during a breach.

What Scares Me (And Why That’s OK)

I want to be honest about the fear, because I think too many “career change success stories” skip this part.

Impostor syndrome is real. There are days when I’m watching a cybersecurity tutorial and the instructor casually throws out five acronyms I’ve never heard of, and I think: Who am I kidding? I didn’t grow up tinkering with computers. I didn’t study IT at university. I’m starting from genuine zero, and some days that feels like an impossible gap to close.

The technical depth terrifies me. Networking, operating systems, scripting, cloud infrastructure, cryptography — the sheer breadth of what a cybersecurity professional needs to know is daunting. I’ve had moments staring at a subnetting exercise where I’ve genuinely questioned whether my brain is wired for this kind of thinking. (Spoiler: it is. It just takes longer than I expected.)

The financial risk keeps me up at night. I’m studying while working part-time. Every hour I spend learning is an hour I’m not earning. If this doesn’t work out, I’ve invested months — maybe over a year — into something that doesn’t pay the bills. That’s a real risk, and I don’t minimise it.

But here’s what I’ve come to understand: fear and growth are not mutually exclusive. Every career changer I’ve spoken to or read about felt exactly the same way at the start. The difference between those who made it and those who didn’t wasn’t talent or intelligence — it was consistency. Showing up, day after day, even when it felt pointless. Even when the concepts didn’t click. Even when the little voice in your head said you weren’t smart enough.

I’ve decided that feeling scared is not a signal to stop. It’s a signal that I’m doing something meaningful.

The Honest Truth About Starting

Let me be real: this is hard. There are days when networking concepts make my head spin. There are moments when I stare at a Linux terminal and feel completely lost.

But there are also moments when something clicks — when I finally understand how DNS works, or when I successfully capture my first packet in Wireshark. Those moments make it worth it.

The first week was the roughest. I tried to set up a virtual machine and spent four hours troubleshooting an error that turned out to be a simple BIOS setting. I felt ridiculous. But when that VM finally booted into Ubuntu, I felt like I’d climbed a mountain. That ratio — four hours of frustration for one minute of triumph — is what learning from scratch actually looks like. Nobody tells you that part in the slick YouTube thumbnails promising “become a hacker in 30 days.”

I’ve also learned that the cybersecurity community is genuinely welcoming to beginners. I expected gatekeeping. Instead, I found Discord servers where people patiently explain concepts, Reddit threads where career changers share their timelines honestly, and free platforms like TryHackMe that are designed for people with zero experience. The resources exist. The community exists. The gap isn’t access — it’s persistence.

What I’m Doing Differently

Instead of hiding my beginner status, I’m documenting everything. Every concept I learn, every mistake I make, every resource I find helpful. This website is my learning journal and, hopefully, a guide for others on the same path.

Here’s my approach:

• Start with CompTIA A+ to build a solid foundation — see my week 1 study plan
• Set up a home lab to get hands-on experience
• Learn in public — share progress, not just results
• Follow a structured roadmap instead of random YouTube videos

My 12-Month Plan

Having a vague goal like “get into cybersecurity” wasn’t enough for me. I needed a concrete plan with milestones I could track. Here’s what I’ve mapped out — quarter by quarter — knowing full well that plans change and timelines slip.

Months 1–3: Foundations. This is where I am right now. The focus is entirely on IT fundamentals — understanding hardware, networking basics, and getting comfortable with the command line. CompTIA A+ is the target certification, and my home lab is where I practise. I’m spending roughly 2–3 hours per day studying, split between video courses and hands-on practice.

Months 4–6: Core Security. Once A+ is done (or close to done), I’ll shift to CompTIA Security+. This is where things get properly interesting — threat models, vulnerability assessment, cryptography basics. I’ll also ramp up my TryHackMe practice to build practical skills alongside the theory.

Months 7–9: Security Focus. Security+ exam, portfolio building, and ramping up this blog. By this stage, I want to have documented enough hands-on work — write-ups, lab walkthroughs, tool demonstrations — that a hiring manager can see evidence of real capability, not just exam passes.

Months 10–12: Job Ready. Resume tailored for SOC analyst roles, LinkedIn profile optimised, and active job applications. I’m targeting entry-level SOC analyst and junior security analyst positions. I know the first role might not be glamorous, but getting my foot in the door is what matters.

Is this timeline ambitious? Absolutely. Is it realistic for someone studying part-time while working? I think so — with discipline. And if it takes 15 months instead of 12, that’s fine too. The direction matters more than the speed.

My First Goal

Pass the CompTIA A+ certification within 6 months while working part-time. It’s ambitious, but having a clear target keeps me focused.

If you’re thinking about a career change into cybersecurity, you’re not alone. Follow along as I figure this out — mistakes and all.

Further Reading

• Career Roadmap — the structured path I’m following
• CompTIA A+ Study Guide — my first certification target
• My Week 1 Study Plan — what the first week actually looked like
• How I Set Up My Home Lab for Free — getting hands-on from day one

Individual results vary based on location, experience, market conditions, and effort invested.