Read what Mikhail Nabiullin had to say on LinkedIn: https://www.linkedin.com/pulse/how-i-get-involved-cybersecurity-mikhail-nabiullin-1c/
I’m from Kazakhstan and graduated from the military academy in Russia. Just before finishing my studies, I was offered a job as a cybersecurity specialist in the Ministry of Defense of Kazakhstan, which was outside the specialized field I studied for. I agreed because I saw excellent prospects for developing my career in this industry. So after my graduation, I started to work in the information security monitoring group. The incredible number of cyberattacks struck me, and I tried to learn more and more how to defend against them. But I was facing a knowledge gap. I needed to know how do hackers carry cyberattacks and how do they think. That’s why I started learning penetration testing. I think two things have helped me – my engineer education and my desire for learning. But the most important things are understanding your goals, perseverance, and patience to achieve them. Apart from that, Certified Ethical Hacker (C|EH) gave a needed boost to my career. Initially, the global recognition and high demand for C|EH attracted me, but later I realized that it actually deserves all that. The program helped me to structure my knowledge and skills, as well as I truly appreciate the exposure to an incredible number of secure environment attacks and tools. A few of the powerful tools include Nmap, Metasploit, Burp Suite, dirsearch, Acunetix, Nessus, and Wireshark.
Beginners should not try developing new skills at once, but make coherent plans on topics of interest. Also, I would recommend integrating any theory with practical tasks. Try participating in CTF challenges, Bug bounty programs, and try attaining one of the globally recognized IT security credential like C|EH.