18 y/o want to start a cybersecurity/AI business but don’t know where to begin — need
Hi everyone,
I’m 18, currently on a gap year and I’ll be starting a Cyber Security BSc in September 2026. I want to use this gap year to build a real online business — ideally something scalable, subscription-based, and mostly automated long-term.
I’ve been exploring the idea of building a Digital Protection as a Service (DPaaS) business — basically providing small businesses with AI-assisted cybersecurity monitoring, scam/phishing detection, breach alerts, and simple automated “digital safety checks.” I like this direction because it solves a real problem, and I can start with low-tech manual processes and grow into automation as I learn more.
However, I’m feeling overwhelmed. I don’t know what the first steps are, what skills I need to prioritise, or whether this idea even makes sense for someone my age with beginner-level experience. I don’t have much capital either (around £100), so I need something lean.
My goals:
build something profitable during my gap year
learn real cybersecurity/automation skills
work towards a business that could eventually scale (SaaS / subscription model)
long-term goal is something that could grow into a serious company
My questions:
Is a DPaaS-style service realistic for a beginner to start small and grow?
What skills should I focus on right now? (AI automation? cybersecurity fundamentals? programming?)
What would be the best “stage 1” version of this business?
How do I get my first small business clients with no reputation?
Should I build a website, or start scrappy first?
Any books, videos, mentors, or resources you recommend?
I’m happy to put in consistent work, I just need direction from someone who’s done this or understands the industry.
Any advice, mentorship, or straight-up criticism is genuinely welcome.
Thanks.
I’m 18, currently on a gap year and I’ll be starting a Cyber Security BSc in September 2026. I want to use this gap year to build a real online business — ideally something scalable, subscription-based, and mostly automated long-term.
I’ve been exploring the idea of building a Digital Protection as a Service (DPaaS) business — basically providing small businesses with AI-assisted cybersecurity monitoring, scam/phishing detection, breach alerts, and simple automated “digital safety checks.” I like this direction because it solves a real problem, and I can start with low-tech manual processes and grow into automation as I learn more.
However, I’m feeling overwhelmed. I don’t know what the first steps are, what skills I need to prioritise, or whether this idea even makes sense for someone my age with beginner-level experience. I don’t have much capital either (around £100), so I need something lean.
My goals:
build something profitable during my gap year
learn real cybersecurity/automation skills
work towards a business that could eventually scale (SaaS / subscription model)
long-term goal is something that could grow into a serious company
My questions:
Is a DPaaS-style service realistic for a beginner to start small and grow?
What skills should I focus on right now? (AI automation? cybersecurity fundamentals? programming?)
What would be the best “stage 1” version of this business?
How do I get my first small business clients with no reputation?
Should I build a website, or start scrappy first?
Any books, videos, mentors, or resources you recommend?
I’m happy to put in consistent work, I just need direction from someone who’s done this or understands the industry.
Any advice, mentorship, or straight-up criticism is genuinely welcome.
Thanks.
Reply 1
Honestly? The idea’s fine, but DPaaS sounds way more complicated than what you should start with. Small businesses don’t want “AI cybersecurity”, they want “please stop my email getting hacked.” Stage 1 should be boring as hell. Phishing awareness, password audits, basic MFA setup, monitoring breach alerts manually. Sell outcomes, not tech. You can automate later.
Reply 2
12
Original post
by greg654Honestly? The idea’s fine, but DPaaS sounds way more complicated than what you should start with. Small businesses don’t want “AI cybersecurity”, they want “please stop my email getting hacked.” Stage 1 should be boring as hell. Phishing awareness, password audits, basic MFA setup, monitoring breach alerts manually. Sell outcomes, not tech. You can automate later.
Please could I talk to you more about this? I appreciate youre feedback a lot, thank you.
Quick Reply
Related discussions
- Concern for Southampton University Delhi Campus
- Can cybersecurity really chnage your life?
- is a computer science degree worth it nowadays?
- Cyber Security Questions
- Seeking advice for Cybersecurity MSc at University of Southampton.
- Comp sci vs comp sci ai?
- Which modules should I choose?
- Cybsecurity a good degree?
- Help RE: Choosing Course(s) and applying.
- IT For a levels
- Which course for programming?
- Is studying Computing from 2nd year in Greenwich worth it?
- HND Computing Students & Grads – Quick Survey on AI Cybersecurity in Smart Cars
- Choices Choices Choices!
- Is Maths with Computer Science at Uni of Lincoln worth it?
- How do i use linkedin properly ?
- access to he course
- Cybersecurity degree + year abroad programme
- Cybersecurity
- Access to higher education in business help
Latest
Trending
Last reply 6 months ago
#HotTopics: What do you call your evening meal and when do you eat it?Chat
3
26
Last reply 7 months ago
Does anyone else think Chavs get demonised too much? Kindest people I know are chavsChat
2
9
How The Student Room is moderated
To keep The Student Room safe for everyone, we moderate posts that are added to the site.
