I often get asked this question: How do I get started in InfoSec?  Well, Brian Krebs posted 5 interviews on this topic several years ago.  The posts are a bit dated, but still contain good advice.

The Takeways

1. Encourage people to read Krebs blog and develop 1, 3 and 5 year plans. Ensure plan includes skills to develop and a mechanism to document skills or successes achieved (e.g. blog).
2. Get as much practical experience. For example, has the AZ Cyber Warfare range that people practice will real systems and step through real hacking scenarios
3. Have fun!