Why Cybersecurity Training is a SCAM

summary of this video: First learn Network before learning Cyber Security if you want to be successful.

"You cant secure what you dont understand"
When I tell people that they call me a gatekeeper.

This man is absolutely right. Ive been in the field for almost 14 years, Masters, CISM, CISSP, CEH....Getting 1 cert just to get an instant $120K job does not happen 90% of the time. Trainers are making a living, remember that. If you pass or fail, they got paid. I'm a huge believer in self-study.

I'm retired now, I worked as a Network Engineer, than I worked for the Defense Information Security Agency (DISA), working to secure Unix based military computer systems, you would not believe the number of attempted intrusion on a daily bases at the Pentagon and other military installations, trying to convince admins to lock-up certain ports, filter IP address, or reconfigure Cisco routers for security reasons was a nightmare, 100K doesn't cover the amount of stress, from all the travel involved or not seeing your family but one week a month. One time I was gone 2 months straight that's a whole story in it's self.

I totally agree. Once, I made a comment on another CZcams cyber content creator's video where I mentioned that starting with the CompTIA trifecta (A+, Network+, and Security+) is a good idea rather than jumping straight to the Security+ exam. This way, people build a strong foundation, even if they are just learning the material. Needless to say, that idea was not well-received. In their view, A+ and Network+ content was a waste of time. The point is, if you lack the fundamentals, it's unlikely that you will be able to actually secure anything.

great insight i been in this 8 yrs & still learning - no way u can learn it all in 6 wks or even 6 months - start at A+ & work up thru certs & training - these bootcamps are all marketing & money grabs

I've learned more by failing OSCP than any of the certs I've passed....and after about 8 years of infosec following over 20 years of IT, there's still so much more to learn.

Superb perspective. I have 12 years experience in networking and now foraging into Cybersecurity. And you are right on pint.
Many people want to jump on the bandwagon and soon get lost when the jungle matures. Build the foundation. Build!

I don't have IT background but I have always known that one need to know how network, OS works, including the hardware. Just like someone in web development must know how the client communicates with the server whether you are frontend or backend reason why It took me more time than others to learn web dev and still learning why also learning OS and network fundamentals. I am 31 with no job and my aim is cyber security but I know it will take me many years that is why I am into web dev I also love it. Self taught , maybe I will go back to school for a degree some time in the future.

I have been studying cybersecurity through google, and i can tell you this, google touches on the basics of all the subjects you mentioned except the hardware part. However, i am fortunate enough to know the basics of computer hardware.
I've assembled and dissembled motherboards, CPU, graphics card, RAM, internal HDD, internal SSD, power supply, water cooling system, and electric circuits that were not functioning properly. I know what to protect i just dont know how yet, and that's what i am learning now.
Also, people can learn on the job. Practical skills are better than multiple choices exam. You can study, have degrees, and all. But all that goes out the window, the minute you graduate.

Thanks for the Video..
I'm not in CyberSecurity but I know basic Security Concepts.but I am Now Learning DevOps but I started first with the Basics of Networking by getting my CCNA, Comptia Network+, A+, etc. which took some years.. then I spent 2 years learning coding Python, JS, HTML. You are right this Stuff Takes Time. Even with all of that there's Still So Much I don't know.. I need som Microsoft Certs..
CyberSecurity aint No Joke,
Devops aint no Joke,
System Administration aint No Joke..
Cloud Engineering Aint no Joke

University of Maryland University College - cybersecurity program: I was told "don't bother with that university program" but did it anyway. The first course in the actual subject matter was a "introduction to networks" class. It cost $700 or $800 and the materials consisted of a net+ "crash course" book with access to the publisher's online videos. In spite of what the course was advertised as, a lecture with lab, there was NO lecture - only the lab. And the lab was only the contents of the Net+ program we bought, there was no instructor involved at all. And you weren't allowed to work ahead in the content, you had to do everything the week it was due. But wait, there's more!
If you already had a Net+ cert they could give you credit for that class...so the school was charging people nearly $1000 to babysit them as a scheduler for a program that any fucking person could finish in a week for $100.
I complained about the class and demanded a refund. The administrator's response was "[fuck you, DHS and other government agencies say we're great!]"
I laughed out loud because they were talking about the people who told me "don't bother."
And the program is still trash to this day.

This guy is the real deal right here. Probably the only guy talking Cybersecurity as it should be.

Bravo!! Great Video.. 100% agree. I’m doing the CompTIA fundamentals and was able to answer all the questions.. it’s a process but you gotta start from the bottom

You're definitely right Sir, my kid bro is an IT Engineer and I'd studied Electrical wiring as well but i wanted to engage on IT, so i called my kid bro and he told me to start with Comptia A+ [core 1&2] and that was what i did. i had to start from the basic hoping to get the necessary knowledge require to kick start my career on IT

Im 15 with a father in IT with Network+, security +, etc. He said everything that you did and he started me off with network+. Im going through that course and next going to take security+. good thing to keep in mind. Very nice explaining and I agree.

As someone who just graduated with their bachelors in IT I am so glad to have found a channel that admits those trainings, and bootcamps are lying to you. I want to get into cybersec and I still have so much to learn to become an expert. You earned my subscription by just being straight up about getting into the field but not being negative about it.

Pay attention. I've been in the business for over 20 years. This man is speaking the truth.

You're very right Sir. I am currency a Cyber Security Specialist and I can also testify for a fact that I have evolved from various fields of study/experience to where I am now. I studied Information Technology in India (Chitkara University, Chandigarh, Punjab), also with courses/certifications CCNA, MCITP, OCA/OCP and RHCE (ReHat) alongside my course and got those certifications but that wasn't all. I have been working with an IT company for over 12 years now. With all these wealth of knowledge from school, I have worked as a web developer for 1 year and 6 months (frontend to backend) to a network administrator for about 2 years, to an Active Directory Server administrator (both on Windows and Linux platforms), DevOps Engineer, Linux server configuration (automations with shell scripts and lots more) for over 4 years and now I do almost all of these things at once to still achieve success in my role as a Cyber Security Specialist for over 3 years and counting. Not even talking about all the various training/certifications I have done within these 12 years of working experience and I am still in a continuous process of development with new challenges everyday, even with over 15 years of IT experience in general.

I am a CISO and I agree with you 100%. I have interviewed many people and they have just passed the exam but not learnt the material and they can not explain how to secure a basic SOHO network.

Glad I found your channel, I've been studying on my own for the last two years, doing udemy courses and getting certifications and I still feel like I wouldn't hire myself lol

Straying off topic a bit, but I can't say enough about how amazing of a teacher Andrew is. Like many people in I.T. are told, I have relied on various resources(books, content creators, teachers, etc.) in my studies over the years, when it comes to presenting detailed information in an encouraging way, Andrew is top notch! *Context* I've purchased and gone through most of his courses on Udemy.

I 100% agree. I took two seperate courses and they both take your money and leave you high and dry after you're finished. Avoid all Cyber Security courses and just go straight to school for computer science or study and keep your hands and head in the PC world as much as you could.

You are 100% RIGHT! I've been doing this for almost 30 years and I find it crazy that some company's are promising 6 figure income in 3 - 6 months of training, without being in the trenches first!

Thank you so much for this.I work at a company that offers courses for its employees for free through coursera and they have great courses and of course i was interested in the cyber security courses and the first thing i noticed was that i didnt understand half the terminology and that it seemed you needed some coding experience and i felt completely lost and this was supposed to be the beginners course. So of course i stopped and kind of gave up on this path because ive tried coding before and i just dont seem to have the head for it. I'm glad you made this video cause it shows that a lot of this stuff you see online about the high paying jobs in months is garbage. You are correct, put the time in and learn what you need to learn.

That is very informative video, have bn in it for over 10years. wanted to take S+, I have to go back to my N+ and A+ tutorials to refresh my memory and my target is Cyber security. In IT world so much to learn, if you want to succeed.

You are so very right. Have done this for over 25 years.

Thanks, I have been in IT for 15yrs and Cyber Security 8yrs. IT TAKES ALOT of work and experience to get to that level. Getting hire is the hard part. I thought I was the only person who notice this. Thanks for setting the record straight.

Thanks for this video. I’m currently enrolled in a program. They have us learning A+, Azure, Ai, Linux, Net+, and Sec+. I like it because it shows me the basics. Haven’t passed a cert yet but I will. My dream is to be a network architect. I’m 46. Send positive vibes my way, please. I really want this. If anyone knows of more that I could be doing, please tell me. Thanks guys.

I'm working on learning Linux Os and then going over to learning windows os, only to learn how the os works, but this was a really good advice. Thx for the video. 👍

Truth!! Thanks for posting and fixing the video AR! I took a 6 month CS Bootcamp and am going to take your advice and get my A+ first!!

99% agree with you. I just finished my cybersecurity degree and it didn't come easy. There was a lot of work and certificates I had to get.
I had to work for:
- A+
- Network+
- Security+
- CySa+
- Pentest+
- ISC SSCP
- ISC CCSP
- Python learning
- SQL learning
- Probably like 100 different tools
Even then I still feel like I have a lot to learn. It's never enough in this field, constantly changing and you need to be updated and upgraded.
For the 1% that I don't agree with is because I did all this in 6 months, 10 hours a day for 7 days a week. So if anyone is doing it quicker is full of bulls***.
Got my comptia A, net, and security using your courses, the most amazing instructor every, much appreciated sir.

Thank you - That is the reason i went for my CCNA , ccnp r/s and now i am doing ccnp security before branching to Cyber security after 8 years of Experience in IT networking
i always find odd why so many are saying you can get certify in 3 month - it is taking me a year to complete my ccnp because i am doing Labs on every topic .

You nailed it Sir. I have been a victim of this. I started them I quickly realized i doesn’t work like that. I didn’t understand the language. So I had to go back to the basics, google cybersecurity professional course then I took your security plus course and question. I had my security plus , I’m still on that journey, progressing

He is speaking the truth, the whole truth and nothing but the truth! I have over 30 years in IT. Boot camps and 'Cert Factories' usually yield very disappointing real world results if a person doesn't have a firm grip on the underlying principles. I have made the mistake of hiring based on certs over actual experience. Not saying certs have no value, they do. But, it still takes a year to get a year's experience. Just like in get rich quick schemes they are selling shortcuts.

Thanks for the video. Seems like really good advice. I’m trying to pivot into IT / Cyber later in life and it’s overwhelming. I can see why there’s the temptation to skip some steps and go for the finish line.

You are right, maybe a bit relaxed, what I said in my initial comment is how you go about this. That was just a core summary. See, besides a Masters in Computing, I have 3 more degrees, Behavioral Science, philosophy and another (I do not mention this, for a reason, but I do mentioned the others for a reason. This will only make sense to those who have been around for a while (I am 42) and who have been doing this for quite some time, I am not from the USA nor the Western world for that matter so English is not my native language. I did some degrees locally some in Europe (northern) mostly in terms of those (2) which I obtained my Masters, this meant I had to learn for one Flemish.
Point of me posting two comments is because I wanted to see how channels on YT is giving tips in terms of this context and I watched quite a few, thus far you are the only person who are not using jargon, the only person thus far telling the truth, I am only adding to your narrative.
I will stick to what I know for a fact is true and make no mistake, if you were wrong, I would say why and explain why. In the world of hacking, you have three choices, GET GOOD, BE GOOD (means you NEVER stop learning) or GIVE UP...
I give the same 'advice' to all, some follow it, many do not, those who do will ALWAYS outmatch, outlast and outsmart those who do not. I have come across many 'experts' in my life and by this I mean in terms of 'arrogant ignorance' not in terms of what hacking. Again, if some want to use lingo such as 'cyber warriors' sure... but frankly as you have mentioned, courses focus on money not what is needed to be a real 'security expert' (I mentioned that already). Be it this comment or the other, once said I stick by it. If you are good at this, conviction so tell you to be ethical and responsible because YOU are rare and your skills ARE VALUABLE... humility goes a long way... remember this

Working in government IT, I have seen and worked with people who recently graduated from college and have a Security Plus cert, making $100k. I have also seen cyber folks with years of experience who are clueless about the tech. That's the part that bugs me the most - the (cyber) people making the rules (policies and requirements) but don't understand the tech and can't speak to it with approving authorities. Cyber should be made of experienced IT folks who have "graduated" out of the trenches and enjoy paperwork.

Agree 100%, need to understand hardware topology.

Absolutely right, this makes a lot of sense!!! Good auditors are expert accountants, top-notch lawyers are experts at law, great teachers are subject matter experts.... so it should be for prolific network security professionals at computer systems & networking matters!!!

You're absolutely right... learn the basics first 😊

this video has been quite eye opening for me in particular. thanks

My Cybersecurity class teaches us about networking etc. They say the same thing too.

hearing this video helped me feel more confident starting by learning the basics and building a strong base. a+ about to take part 1 but i understand you want to try to learn and start practicing real life skills like soc analyst training, grc, learn some python, some defend me or hack the box, and free internships offered by largest companies in the world to add to your resume while building your knowledge base and certifications at the same time. good luck to everyone on their journey

you are 101% right.. algorithm is almost like a lifetime process to learn and master..

I agree with this because if you can’t explain what a router does, NAT, how the router determines the fastest route then it is almost impossible to visualize how to secure or defend a network. You won’t even understand how VPNs keep you safe or at what point they keep you safe. I clicked on this video expecting to be disappointed only to feel a lot more confident about the work I’ve put in.

I do make over 6 digits in my first cybersecurity role but....
that role is based on my 20 years experience of software engineering and 4 years of SRE/DevOps.

You're right, sometimes these training only teach how to use tools that is available for free online to secure without knowing how these tools works or how anything on the network works.
Then when they try to apply it and a breach break a hole on the security they don't know how to fix it and just using things that they learn

Newbie here. You are dead right. As one of those people you speak about, on the journey to a career transition into IT, with focus on cybersecurity, I fully endorse what you say.
I quickly realised this myself and while completing an introductory short cybersecurity diploma, have focused my learning on the fundamentals you mention. I'm 42, earn a good salary, however, realise fully that I will have to take a significant step back where salary and organisational position is concerned. I am ready for this because I ultimately want to be successful in this theater.
I am expecting to he hunkered down for at least 2 years before I expect anyone to take me seriously.
In closing, it seems more people need to explain and understand that cybersecurity is merely a facet of IT. It is not a standalone subject anyone can just integrate into.

💯. You're absolutely correct. I think people should take A+ first and while doing that, build a new computer from scratch and understand all the internal components. The next step should they understand the Operating System(Client/Server), and learn it's administration . The step they should earn their CCNA and spend a couple years gaining experience. While doing that they can learn Linux, Python and AWS or Azure cloud.

True! And the Bootcamp say no experience required !

I've been in IT and Cybersecurity for 20 years when I went into Cybersecurity 7 years ago after being in IT for several years I didn't remember all these folks selling programs. I went into security because there is only so much to learn in IT. Cybersecurity the field is constantly changing and you always have to educate yourself. When you see people saying you can make 100k with no experience in the field I'm thinking what are you smoking. This is not an easy field and I still don't know it all. It kinda pisses me off that people think it's sexy and you can make sooo much money. Yes you can make good money with commitment to the field and wanting to learn.

You’re 100% right. I do have my SEC+ but working as an IT Analyst , and it’s my first True IT job. The more I work, the more I understand cybersecurity

Thanks you for this eye opener video . Can you please send me the link to your following courses : A+, Network + and Security+

the first real network guy so mny people out their who wanna sel their stuff thx

I agree. I’m in networking now, ready to go to cyber now.

I agree 1000%, this is what I have always advised anyone around me, to be successful in cybersecurity, go and learn IT basics and networking first. You can’t secure what you don’t understand.

I took the Google Cybersecurity Professional Certificate and this course is amazing and it's not one of those scam ones mentioned in this video

This man is speaking facts, I know personally (whom I love dearly) that has a Masters in Cybersecurity but does not know basic IT.

The truth is bitter. You are very right and I want to say you are one of the best Cybersecurity trainers.

Been in IT support for many years with no certs at all, worked in small businesses that outsourced to big organizations, the stupid outsourcing trend really degraded the value of IT over the past decade as some well known companies would just simply offshore some parts of their IT to India, really shocking as it transformed IT into a industry full of cheap labor with any type of monkey just allowed to TeamViewer in, this industry has become a nightmare to work in with rubbish companies that insist on degrees for any IT role and full of companies with horrid glassdoor ratings. God help us all IT people.

You got a new subscriber, you are totally RIGHT!

Awesome video!

If u believe this was my thought about them. Which is good course for linux?

What's your opinion on the Google Cybersecurity Professional Certificate?

This 100% true. The reason why it was been marketed in that way was because in the pandemic and people were working from home so naturally security would come a concern. Somewhere long the line someone in marketing saw that and run with that and start to scam people. I been in the industry for the past 4 years and am telling you this for sure, no company will just let you touch any network systems even if you have a certificate. It takes time to build up. So to end off, their is no going around that "You cannot secure what you don't understand".

Sure, you need a solid networking basic like CCNA, have a strong understanding of OSI model and then after you can go in pentesting.

Great advice 👍🏻

insighful content as always,i couldnt stop laughing throughout this one,was funny but truthfull...can you please make a video for us detailing a roadmap to becoming a pentester,ive alraedy started my journey just wanna hear what you would recommend for absolute begginers.thank you

What are the prospects for a retired database programmer if they study all the things recommended in this video? I know and have, at one time or another, wrestled with things from the UI down to the hardware. But there are missing details here and there that I want to fill in just for the sake of learning and keeping my mind active

You’re the man Andrew. You have a good heart.

I do know I'm skilled enough for help. desk. I already know like 70% of the basics, but the jobs I apply to related to even that won't hire me. I want to get all the necessary certs to move up while doing that. Those certs are proof that I'd know what I'm getting myself into.

I agree with the video that there are many issues within the industry, but each issue can also be an opportunity to advance your career. Instead of just working your way up the traditional ladder, you can leverage these knowledge gaps (presented in the video as a general example) that many people overlook. Success isn’t just about technical expertise it’s about understanding and maneuvering people. By using this strategic approach you can turn industry challenges into stepping stones for career growth as well. I would argue that IT Security and Cloud Security are two entirely different paths. One can be plugged in and unplugged while the other is always on. Having expertise in both areas is somewhat redundant. We don’t need to know how to make a Big Mac to order one, as it’s always available, hot, and ready at any McDonald’s, whether in New York City or Tokyo. Alternatively, if you cook at home, you already know what devices and items you need to prepare your meal but it required you do it on site in your specialized kitchen.

Yea, but I checked into college for computer science, they also don't teach computer engineering beside the software development programs. I tried to get answers about this logic problem i was noticing, but no responses. Unfortunately the industry is just going to have to change the way they do things. The amount of knowledge they want vs the amount of work that needs to be done do not equate. College, simply put, takes too long. I'm 40 years old. I bet $1 that in 10 years all the programs you are using now will be obsolete, the infrastructure completely changed, and the coding completely rewritten.
So what good is your Masters degree then? If you stay in college to learn everything, but the time you are done with full time school you knowledge is obsolete relative to the pace at which computational technology advances. We had floppy drives 30 years ago, I remember when a zip drive was a fancy drive for storing large amounts of data. Cd's were luxury technology. In 20 years CDs became retro.

You’re a friend of the community. Please teach people how to build their own labs at home. Windows ad, gpo, linux, ssh, containers, gns3 servers, all of this can be learned from home with a good instructor. Udemy and youtube will jump start you years on top of certs and experience.

This is exactly what I say for sure! You need to know networking basics not jump right into “cyber”

Do you think the cisco courses are a good way to start? There are a lot of courses about network basics that i think are a good place to start.

You can't wait untill you know everything! start and learn as you go, information is available but what maters is what you do with it.....

you are right right right ( 20 years experience in ICT and security )

A+, i dont know about spending money on that. There are free courses that teach A+. Take the Network+ and practice and play around.
Next Cysa or/and Casp+ if yiur thinking about 6 figure jobs. Practice and read.

Finally, someone has spoken up!

Well said, big thanks to you ❤❤❤

What if I want to become an sdr for sales tech and break into sales?

Thanks for the video and for sharing your idea about Cybersecurity Training.
Most training and boot camps are garbage - agreed.
Do you need a background in I.T. - not necessary. Because the I.T. Security is as deep and wide as the Pacific Ocean. For Network Security you need to know CCNA or Aruba, yes. However, for I.T. Compliance / GRC no I.T. experience requires. I know many folks from Finance and Legal are in the Compliance field. All you need is to be a talker, a good one.
As far as CompTIA certs - a good foundation, however, you will not get a job in security. Moreover, most I.T. security jobs are outsourced to you know where.
The bottom line is that it does not matter how good you are but who you know! Build your network!
Good luck to you all!
God bless America!

Currently taking your course on Udemy! You're a great teacher.

After I take your course on udemy for A+ will I pass with just your videos teaching or do I need to buy a book also ??? Is your course all we need to pass ???

Unfortunately, many IT / Security NOOBS don't know just how much knowledge is required in order to do systems administration, security, …. hence they fall prey to "learn this in 6 mo and make six figures". Sad. On top of that, the economic environment doesn't help as there is a big push to make money while costs / expenses perpetually rise. Appreciate you putting your heart ~ integrity into your video.

Interesting when you said: You can't secure what you don't understand. Funny story: I was able to confidently create a 'secure local LAN' in the late 90's when the Internet was just starting and all the hype (Similarly, to what's happening with AI now) and after a big technical gap of almost 20 years when I was in a management role and then terminated because the company was making cuts, I want to go back to my technical roots. What's funny is that now I feel probably as lost as some of the folks who want to dive into cybersecurity now. When I see what the hackers are doing and what there needs to be known to counter them, it's mind-boggling. I know, you don't usually go at it alone at a company, you are supposed to be backed up by a 'cybersecurity infrastructure' but still, the expectations are way out there. So yes, I totally agree, I don't know how someone can tell you that you can get job ready with a couple of courses or so. In any case, good luck everyone!

Yup, understanding A+ is crucial, but one can study A+ through self-learning and then proceed to Network+ Certification instead of taking the A+ exam. Eventually its about how the understanding is and how the skills are applied in practical field like iam just at networking basics but deploying my own dns server hosted at vm I learned alot of networking practically .

tanks you sow much for the advice

I'm doing the A + right now,giving myself a good while before I take core 1,then im September I'm off to start a degree in CS and digital forensics.i want to be able to say I have my A+ plus before i start collage

I chose a very traditional route to cybersecurity. I enrolled in technical college that goes from the very beginning learning all of net working, Cloud infrastructure, Penetration testing, scripting, network architecture. I’m in a 4 year program. Cybersecurity requires understanding of not just network but understanding frameworks, and privacy Laws. It’s not a one and done program like web development. You not only have to be technical, and observant, but you also have to be a good communicator. Can you explain in detail, using language that can be understood by those who are not in IT, what’s happening during a threat/risk analysis. Are you a strong writer, can you do reports and consistently document? People who get sucked in for the money will be disappointed when they realize how underprepared they may be.

See as a ChemE with intermediate level cybersecurity knowledge I know that it’s something I am not a professional in BUT I also know NIST standards is a great place to start because they standards for us as well as you guys for a reason

Unfortunately the hiring industry is paper biased. So never ignore base certification. There is no other structured way to start a career in Cybersecurity or Information security. You will learn the rest when your foot is at the door.

What a coincidence, I took a course 4-5 weeks ago and have started to feel exhausted. And then this video comes to my timeline and it is like to add insult to my injury 🤕

I lack IT experience, but I’m currently participating in the Google Cybersecurity Professional Certificate program. I opted for this program because it provides a discount for the CompTIA Security+ exam. Should I first complete CompTIA A+ and Network+ before pursuing Security+?

Based on your video, Is a 30 credit masters degree in cyber security worth it?

Absolutely right. I teach cyber security too. When I start with the basics, they usually lose interest fast because they think it's boring. Pffft! I always tell them, it will catch up with them soon. Get your basics right

The basic IS to Begin with CCNA and purchase with cyber security

The coupon codes aren’t working 😢