July 12, 2026
#2“I wasted 2 weeks before I figured this out” — the 5 things I wish someone told me before I…
The moment I decided I wanted to get into cybersecurity, I went the way every novice does. I turned on my YouTube page and searched “how to…

By Nijas N
4 min read
- 1 1. Stop watching. Start typing.
- 2 2. Learn how a computer actually works before you learn how to break it
- 3 3. Pick ONE learning path and ignore every other roadmap you see
- 4 4. Get comfortable with the terminal early, even if it feels pointless right now
- 5 5. Document what you're learning, publicly, from day one
The moment I decided I wanted to get into cybersecurity, I went the way every novice does. I turned on my YouTube page and searched "how to become a hacker." And then, I got myself stuck down the rabbit hole for two weeks in a row.
I learned how to use Kali Linux. I learned how SOC analysts spend their days. I even learned about Metasploit from someone who took it as granted that I knew what a shell is. I added seventeen roadmaps to my bookmarks. I joined four Discord channels. I was doing something, and I felt productive.
At the end of those two weeks, I had no idea what the actual function of a firewall was. I didn't open a single terminal. I didn't write a single code line.
After that two week I realized I was consuming cybersecurity content. I wasn't learning cybersecurity.
There is a difference, and no one will tell you that difference when you are getting started. Hence this week, I would like to help you save those 2 weeks. Here are the 5 first things that I would have advised myself had I known from day 1.
Read the whole list, because #5 is the game-changer that no one will talk about.
1. Stop watching. Start typing.
I know it's easy and efficient to watch people getting things done. It's comforting. No one will judge you for failing at something.
Here's the thing: cybersecurity is an applied subject that pretends to be a theoretical one. You might learn everything there is to know about TCP/IP from 100 videos but freeze when you have to trace a packet yourself.
That's why from the first week on, you need to get your hands dirty even though you might not like it or understand what you're doing.
What I would have done differently? I would have chosen beginner platforms (and chose TryHackMe) and started working my way through it and explored it Slowly. But before that Ichoosed the youtube videos with the help of gemini and claude to identify the best basic videos to teach me the basics and essential theory before stepping into the practical.
Confusion is part of the process. Watching videos only removes the confusion artificially, and that's exactly why it doesn't stick.
2. Learn how a computer actually works before you learn how to break it
This one humbled me hard.
I wanted to jump straight into "hacking." Everyone does. It's the exciting part. But you can't break something you don't understand.
Before touching any hacking tool, you need a working mental model of:
- How a network actually sends data (what even is an IP address, really)
- How operating systems manage files, users, and permissions
- The basics of how the internet routes traffic from your laptop to a server
This isn't the fun part. I won't lie to you about that. But it's the part that makes everything after it make sense. Once I understood what a port actually was, suddenly every tool I used afterward made ten times more sense. I know i just touched the tip of iceberg still, but am still learning even after writing this medium post afternoon.
Think of it like this — you can't be a good burglar if you don't understand how doors and locks work. Same logic here.
3. Pick ONE learning path and ignore every other roadmap you see
This is where I really wasted time.
Every day someone posts a "cybersecurity roadmap 2026" with a different order, different tools, different starting point. If you try to follow all of them, you'll spend more time comparing roadmaps than actually studying.
Pick one. Just one. It doesn't need to be perfect. It needs to be consistent.
I built mine with the help of claude AI. But before that I just decided a path inside the vast field of cybersecurity . And after that I just made a structured relevant curriculum to do with my college days and am on the starting point of its execution.
**I will write a detailed step on how to make a relevant structured curriculum to run with college days with the help of claude AI in the upcoming days. **Don't forget to follow me!
A mediocre roadmap you actually finish beats a perfect roadmap you keep switching.
4. Get comfortable with the terminal early, even if it feels pointless right now
I avoided the command line for way longer than I should have. It felt intimidating. Black screen, blinking cursor, no buttons to click — it felt like it was built to make me feel stupid.
But almost everything in this field eventually routes back through a terminal. Whether it's Linux basics, scripting, or later on, actual security tools — they all expect you to be comfortable typing commands instead of clicking.
You don't need to master it in week one. You just need to stop being scared of it. Open a terminal. Move a file. Delete a file. List a directory. Small wins, but they matter more than they seem.
Am currently using linux journey website to learn the linux and I practice it on free google cloud shell because the google cloud shell work on any low end devices.
5. Document what you're learning, publicly, from day one
This is the one nobody tells beginners, and it's the one that actually changed things for me.
Here's why this also matters with any tool or roadmap:
When you document what you're learning, you're forced to actually understand it well enough to explain it. And also when you build a responsible medium page or newsletter you will be internally forced to learn new things and update. Because every week you need to meet with the subscribers and give them something valuable. That's a different level of learning than just watching or reading.
And there's a second reason. Nobody starts this field already knowing everything. The people who get noticed, get opportunities, get taken seriously early — they're usually not the ones who know the most. They're the ones who show their process. Recruiters, mentors, and communities respond to visible growth, not silent effort.
You don't need to be an expert to start writing about this journey. You just need to be honest about where you are.
That's genuinely why I started this newsletter. Not because I know cybersecurity inside out — I very much don't, yet — but because I figured if I document this properly, I'll learn faster, and maybe someone else starting from zero, like I did, will feel less alone doing it.
So that's it. Five things. None of them are flashy. None of them involve a fancy tool or a certification. But if I had known these on day one, I wouldn't have wasted those two weeks scrolling and bookmarking instead of actually starting.
If you're just beginning too, pick one of these five and start today. Not tomorrow. Today.
See you next week — where I'll be breaking down how to make the road map step by step.
-Nijas N