Starting an IT security business can be a beneficial career. Justin Collins, n application security engineer at SurveyMonkey said there are very few formal paths into security and the everyone has a different story on how they started their careers.

CSO Online reported that they have gathered individual anecdotes or details to help illuminate how a career can be built in information security. HackerOne co-founder, Michiel Prins shared how he and his best friend Jobert Abma, co-founder, began learning to program at 11-years-old. They discovered quickly how easy it was to make programming mistakes that could have a security impact.

The realization made them think that other developers could be making those mistakes too, and they were right. They tested their skills on each other's systems and then on the internet. Their parents encouraged them to keep learning and basically forced them to start a busines, he said.

They launched a security business when they were teenagers. Prins said they literally walked around the neighborhood trying to find wireless networks to break into and would ask people if they wanted them to fix it.

HackerOne's first user was the Internet Bug Bounty initiative, which is a non-profit that offers bounties to security researchers that help improve security of core internet infrastructure and open source software. Since then HackerOne has taken on commercial clients that included Slack, Coinbase, CloudFlare and Twitter.

Another successful career in infosec is Teddy Phillips who currently works in cyber security at Hewlett Packard Enterprise. He knew he wanted to work in IT when during his college days at the University of Alabama. Phillips said they learned about the cloud and how in the future it was where we would all store more and more sensitive information. Knowing cloud adoption would depend on the level of data protection so he did more research and saw the demand for cyber security professionals.

Phillips worked with an IT recruiter at a campus career fair to land his first job. He made sure to connect with security hiring managers once he was working inside the company.