My self-learning approach involves using resources including, but not limited to, formal curriculum from school, reference books, online articles and tutorial videos to create a customized framework/guideline to build cybersecurity know-how.

There are four areas identified as seen in the diagram above; software, systems, security and human factor.  Here is a brief description of these areas along with some of their sub-areas.


This area involves how to code and script, and understanding how software works and how it is developed/engineered.


This area involves understanding how IT systems work. Sub-areas may include computer networks, databases, operating systems, computer architecture etc. Apparently, this is very important for learning more complex security-related topics.


This area involves the details directly related to information security. Sub-areas may include cryptography, forensics, malware analysis, reverse engineering, pen-testing etc.

Human Factor

This area is interesting. More often than expected, cyber attacks happened as a result of human error. Learning subjects related to the human factor such as psychology, social engineering, management etc. may be useful, and perhaps a breather from the heavily technical areas.

There seems to be a lot to cover.

After experiencing much “freedom to fail”, I shall follow a bottom up approach to learning; starting with the basics before moving up to more advanced related topics.

To make life easier, I also plan to choose and focus on doing a few things and do it well first before moving on.

And do check out my blog to find out more about my progress.