At the moment, I am going into my Sophomore year majoring in Cybersecurity at a state university. Overall, the learning process has felt comparatively slow with others my age. While the courses I am taking at college are teaching me many of the fundamentals of infosec, such as networking and data organization, it seems like I am missing out on the element of real-world experience that so many people my age seem to have.
For example, three years back, I met a guy at a Cybersecurity Camp who was already well versed in subjects like vulnerability testing and cryptology, or at least for his age. I had asked him how he had already acquired so much skill by just his senior year in high school, and he recommended that I go to as many "competitions" as possible. The problem is, most of these "competitions" seem to have some sort of prerequisite skillset needed for entrance.
Another example is the NSA's requirements for employment on their website. They allude to only accepting the "best and the brightest." For a summer program they offer, the description reads:
The Cyber Summer Program (CSP) is the National Security Agency's (NSA) premier outreach effort to the very best undergraduate and graduate computer science, engineering, mathematics, network security and information assurance students in the country. Each summer we invite up to 24 exceptional students to participate in a 12-week program where they work together, and in teams, directly with NSA technical professionals on mission-critical cyber-related problems.
Where on earth do these people get the experience necessary for something like that? I understand that I have a lot more to learn in my college career, but it just feels like I am stuck in a rut compared with so many others out there.