I'll echo awesec's advice, in that it's a long path, but that there are ways you can work up to it.
First off, find somewhere where you can seriously study / take courses, to really get the fundamentals down to a science - by fundamentals, I mean learning how things work together, such as a getting a GOOD understanding of the OSI layer, TCPIP, etc. Then move on to bigger and better things. But without first having that stuff down pat, you'll find other concepts harder to grasp.
Next, look into places like the local ISSA chapters, etc, to see if someone there can point you in the rights direction, such as locally offered courses, and events where you can begin to get a better feel for IT security, in general. That way, you can 'network' and talk to folks who have like interests, and see exactly which direction you want to go, in security. Not all of us wanted to be ethical hackers, pentesters, etc. Some just like to be on the secure programmer / software or malware analysis side of the fence. You could even see if you could shadow, or do some free internship with a company who does some of this type of work, as a way to get some 'free' experience, and exposure.
Finally, look to places like EH-net, Offensive Security, SecurityTube and others, and watch the videos, read the posts, and learn from their tutorials, etc, until you get to the point where you're either going to go to college and take some classes to further you, or you can find a job where you can afford to get some deeper training.
I know sometimes these answers seem repetitive, but they truly are the way to go, especially if you're a younger person, with limited / no budget to spend.
~ hayabusa ~
"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'
OSCE, OSCP , GPEN, C|EH