As employers across every sector seek cybersecurity talent, an increasing number of professionals are drawn to the opportunity. But motivation can stall in the face of uncertainty about where to begin.
The prospect of gaining certifications, learning coding skills, or entering a realm of high-level tech expertise can be overwhelming. But according to Kedar Mendhurwar, these aren’t the real prerequisites.
Mendhurwar, a cybersecurity consultant with more than 15 years of experience, emphasizes that the path starts with fundamentals.
“Cybersecurity is basically a mindset,” he says. “It is part of everything we do. How we act at work, how we check our emails, how we protect our data.”
Whether an employee works in accounting, marketing, or management, every decision touches security in some way.
Kedar Mendhurwar, IT security architect and instructor
Mendhurwar, an IT security architect and instructor in Concordia Continuing Education’s Certificate in Cybersecurity Proficiency program, believes that success in cybersecurity starts not with technological savvy, but with human awareness.
“Cybersecurity is not just about defending systems,” he notes. “It’s about thinking before you click, questioning what you see, and understanding that small actions have big consequences.”
If the barrier is not a lack of interest but uncertainty about where to begin, structured learning can be an important first step. However, Mendhurwar also cautions against the idea that any single program can instantly transform someone into a cybersecurity expert.
“Courses can help people get introduced to a cybersecurity topic, which then triggers curiosity.”
Mendhurwar speaks from experience. In 2009, a mentor steered him toward cybersecurity at a time when the field was far from mainstream. His interest piqued in a formal program, and ongoing study and professional practice carried it forward.
He notes that continuous learning is part of every cybersecurity professional’s journey, and it has been central to his.
“Every day is about learning.”
Mendhurwar has taught learners from a range of backgrounds. Some come from outside the realm of tech altogether, while others are already in IT or software development.
Each sees security as a way to diversify their profile, strengthen their resume, or take on new responsibilities within their organizations.
Such diverse motives point to a larger reality. Cybersecurity touches every industry and discipline, and every organization depends on keeping information secure and policies up to date.
“From management to operations and HR, everyone has to understand the value of information and how to protect it,” Mendhurwar explains. “That shared responsibility is where real security begins.
What matters most, he says, is how well an organization and its teams learn to apply core principles in practice.
Attackers are now using artificial intelligence to craft convincing phishing emails and refine password-cracking tools. For people who are new to cybersecurity and trying to find their footing, it can be tempting to chase whatever new exploit, framework, or defensive tool appears on the scene. That instinct makes sense, but Mendhurwar stresses that a more durable foundation comes from learning and applying time-tested, core cybersecurity principles.
“Even if you learn a certain technology today, in five years it may not be relevant,” he says.
Rather than specific tools or technologies, cybersecurity is built on a small set of core principles. The first is confidentiality, which means keeping information private so only the right people can see it. Integrity ensures data remains accurate and isn’t altered without permission. Availability means systems and information remain accessible and reliable when they’re needed most.
Together, these principles provide a framework that organizations and teams can rely on, no matter how an industry or field evolves.
Mendhurwar remains energized by cybersecurity’s constant change and its multi-dimensionality, which makes space for hands-on specialists as well as those drawn to policy, risk, or education. What unites everyone, he believes, is the drive to stay curious.
“Every day in security, you learn something new,” Mendhurwar notes. “The possibilities are limitless, and a very big part of it is just common sense.”
For Mendhurwar, that endless evolution isn’t a burden, but rather the best part of the job.
“If you enjoy problem-solving, you’ll never be bored in this field.”
© Concordia University
