You want to break into cybersecurity. You don't have £2,000 for a bootcamp. You're not sure you're ready to pay for a certification you might not pass.
So you search "free cybersecurity certifications" and find 50 options. Some are free to take but worthless to employers. Some are genuinely useful but feel like a waste of time if you're serious about landing a job.
Here's the real talk: You need a mix. Free certs alone won't get you hired. But free certs combined with paid credentials and hands-on labs will.
The Free Cert Myth — What Actually Counts
Before we list them, let's clarify something: Free to take ≠ valuable to employers.
There are three types of certifications: (1) Free to take, paid to earn (like Security+ study materials), (2) Free to take and earn (like Google Cybersecurity Certificate), and (3) Paid to take, free to earn (some bootcamps).
Employers care about what you earned, not what you studied for free. A recruiter doesn't care if you watched 100 hours of YouTube. They care if you passed an exam or have hands-on proof.
The 5 Free (or Cheap) Certs Worth Your Time
1. Google Cybersecurity Certificate (Coursera)
Cost: Free to audit, ~£30–40 for credential
Time: 6 months part-time
What you learn: Foundations, risk analysis, incident response, security tools
Why it's good: Structured curriculum, you earn a credential, includes hands-on labs, completion looks good on LinkedIn.
Catch: It's entry-level only. Employers view it as "beginner training," not "ready to work."
2. CompTIA Security+ (Study Free, Exam Paid)
Cost: £240 exam
Time: 6–8 weeks
What you learn: CIA triad, cryptography, network security, incident response
Why it's the best ROI: DoD 8570 mandated, nearly every job mentions it, salary bump of £5–8K, globally recognized.
How to study free: Professor Messer's YouTube course, flashcard apps, practice exams (£10–15 on sale).
3. SANS Cyber Aces (Completely Free)
Cost: £0
Time: Self-paced (2–4 hours per topic)
What you learn: Hands-on technical topics (firewalls, malware, SQL injection, etc.)
Why it's valuable: Hands-on labs, free, self-paced, covers practical skills not just theory.
Catch: No final exam or credential. You have to be self-motivated.
4. Coursera Individual Security Courses (Audit Free, Cert Paid)
Cost: Free to audit, ~£30–50 for credential
Time: 4–8 weeks per course
What you learn: Deep dives into specific topics
Why it's good: More specialized than Google cert, structured, legitimate credentialing.
5. TryHackMe / HackTheBox (Freemium)
Cost: Free tier available, premium £20/mo
Time: Self-paced
What you learn: Hands-on hacking and defense in realistic scenarios
Why it's valuable: Closest to actual security work, free tier is substantial, fun and addictive, builds practical skills.
The Sequencing That Actually Works
Months 1–2: Build Foundation
Start Google Cybersecurity Certificate or SANS Cyber Aces. Join a TryHackMe free room, complete 2–3 beginner labs.
Months 3–4: Get Your Credential
Main focus: CompTIA Security+. Study 1–2 hours daily. Keep TryHackMe rolling (1 room per week).
Month 5+: Specialize
Based on your path: GRC/Analyst (compliance course + portfolio), Infrastructure (Linux+ or Azure), or SOC (TryHackMe incident response).
Timeline: 6–8 months from start to job-ready.
How to Stay Motivated (Because Free Certs Are Easy to Abandon)
Free certifications have a 70% dropout rate. Here's how to actually finish:
1. Join a Community — Find a Discord or Reddit group, post your goal, check in weekly.
2. Set Weekly Milestones — Not "finish by X date," but "complete Section 3 by Friday."
3. Link Certs to Real Job Postings — Find 3 jobs you want, highlight the required certs, study toward them.
4. Study with a Buddy — Weekly 30-minute check-in call.
The Salary Impact
Let's be concrete:
- No cert: £22–25K (help desk)
- Free certs only: £25–28K (junior analyst, rare)
- Security+: £30–36K (junior analyst, compliance)
- Security+ + specialized: £35–45K (mid-level analyst)
Key insight: Free certs alone don't get you hired. But free certs + one paid credential (Security+) = entry job in security.
The jump from £25K → £30K is worth 3–4 months of study.
When to Stop Free-Certing and Pay
Keep doing free certs if: You're truly undecided, have zero technical foundation, or are building a portfolio while employed.
Pay for Security+ if: You're serious about switching careers, ready for a job within 6–8 months, and want the highest ROI.
Security+ is £240. A security analyst entry job is £30K+. That's a 125x return.
Your Next Step
You have two paths: Slow and free, or fast and mostly free (with one paid cert).
The fast path gets you employed 3–6 months faster. The £240 pays for itself in your first month at a new job.
Pick a start date. Tell someone. Finish.
If you want a structured roadmap with recommended resources for each path, check out the Cybersecurity Career Jump — it includes free cert sequencing, lab recommendations, and the exact study timeline to pass Security+.
Or just start today. YouTube, Professor Messer, Security+. You've got this.
Go deeper
Cybersecurity Career Jump
Includes free cert sequencing, lab recommendations, and the exact study timeline for Security+.
Get the guide →