10 answers
1
Question
Asked
898 views
What does it take to work In cybersecurity?
I'm a Computer science major and I wanted to see if anyone could give some advice on places to train or software to use to help me.
10 answers
Updated
Peter’s Answer
May I ask why would you be interested in Cyber Security work? Is it because there are more jobs opening? Is it because you curious the prestige it can bring? Is it because you want to understand security issues and like to fix/avoid them? It is a fairly large area and it takes time to be good at it. So to be successful, you need to be broad in many disciplines and fair deep in a couple areas. As you doing computer sciences, you're already getting expose to many area, just need to pick area you have interested to study deeper. For example, crypto is an interesting area but require lots of math background. Network security is important but require keen interest in networking protocols. OS security is important but one need to be good in computer architecture and not mind the low level details. there are other areas like big data.... Hope this help.
Loved reading this, thanks!
Daris-diamond
Updated
Matt’s Answer
The main thing being looked for, at least from my perspective, is applicable skills and experience.
Companies are hurting for folks that can hit the ground running and address the challenges that they are facing right now.
If you're just starting out, this may seem like a considerable cliff to climb - and it can be. I've talked to quite a few folks trying to "get into cybersecurity" only to be repeatedly turned down.
However, there's still hope by following a few practices and steps that will get you equipped.
The main thing to build are capabilities that are immediately applicable.
Consider getting entry-level certifications, such as CompTIA Security+
Join local cybersecurity chapters and working groups to get in touch with what is happening right now
Do capability-based cybersecurity projects, such as Hackthebox or Tryhackme that will award you with micro-certifications and hands-on experience
Adjust your job prospects to target entry-level jobs, such as being a SOC Security Analyst (think 911 dispatcher but for cyber)
Do side-projects, like building your own home network lab and get comfortable with firewalls, network management, etc.
Companies are hurting for folks that can hit the ground running and address the challenges that they are facing right now.
If you're just starting out, this may seem like a considerable cliff to climb - and it can be. I've talked to quite a few folks trying to "get into cybersecurity" only to be repeatedly turned down.
However, there's still hope by following a few practices and steps that will get you equipped.
The main thing to build are capabilities that are immediately applicable.
Matt recommends the following next steps:
Updated
Yumi’s Answer
Here are a few online resources that I would recommend:
TryHackMe: https://tryhackme.com/
Hack The Box: https://www.hackthebox.com/
KC7: https://kc7cyber.com/
Security Weekly Podcast: https://www.scmagazine.com/security-weekly
TryHackMe: https://tryhackme.com/
Hack The Box: https://www.hackthebox.com/
KC7: https://kc7cyber.com/
Security Weekly Podcast: https://www.scmagazine.com/security-weekly
Edmond Momartin ☁️
Public Cloud Security & Compliance AT&T | MBA InfoSec | OWASP-LA Board
75
Answers
Updated
Edmond’s Answer
My suggestion would be to attend monthly meetings of infosec related non-profits in your area and ask the practitioners and professionals in person! Check the websites for issa.org, isc2.org, owasp.org and isaca.org - all have NY chapters. This would give you a broad view of all aspects of cybersec and help you decide the path you want to take.
Thank you for sharing your perspective.
Daris-diamond
Updated
Mark’s Answer
There is only one skill you need to have.
You need to be able to identify the limitations of (hopefully high-tech) security implementations. If security exists, then secrets or money are somewhere. You will get a lot of respect by showing security people where they screwed up.
You need to be able to identify the limitations of (hopefully high-tech) security implementations. If security exists, then secrets or money are somewhere. You will get a lot of respect by showing security people where they screwed up.
Thank you for the advice, Mark.
Daris-diamond
Updated
Timothy’s Answer
Usually training in college in Computer Science focuses on programming, while most (not all) cyber security positions are focused primarily on network infrastructure. I would strongly encourage seeking out these types of courses if possible and maybe augment with training in Network+, Security+, or similar certifications. If you have any control over what programming languages you take at your university, I would steer you to more scripting languages such as Python. Also, not sure how you feel about the armed forces, but they are probably the best path into getting into the field as you will get valuable experience (and pay!) while you learn.
Updated
Jo Ann’s Answer
Hi Daris, even though I'm not a Cybersecurity expert, I'm aware that it's a fantastic sector with numerous opportunities across different industries.
I'd recommend you check out this excellent, free resource hub for students where you can delve into various cybersecurity courses and listen to insights from professionals in the cybersecurity field.
You'll be able to grasp the fundamentals of cybersecurity, including key terms, roles, and concepts like encryption, cryptography, and the diverse strategies employed by cyber attackers.
Here's the link you need: https://skillsbuild.org/students/course-catalog/cybersecurity
Wishing you all the best on your journey to success!
I'd recommend you check out this excellent, free resource hub for students where you can delve into various cybersecurity courses and listen to insights from professionals in the cybersecurity field.
You'll be able to grasp the fundamentals of cybersecurity, including key terms, roles, and concepts like encryption, cryptography, and the diverse strategies employed by cyber attackers.
Here's the link you need: https://skillsbuild.org/students/course-catalog/cybersecurity
Wishing you all the best on your journey to success!
Updated
Walter’s Answer
Hello there,
I want to address your question in two parts. First, as far as software and training for cybersecurity, you could find both by way of cybersecurity bootcamps and online training/lessons from a number of the certifying agencies like CompTIA, (ISC)2, EC Council, etc. For example, for the Certified Ethical Hacker certification, the provider company, EC Council, has a training course you can take to help prepare you for the certification exam. In that training course, you are provided access to recorded lessons, online lab work, and online study guide. Of course, unless they are done through a school or job providing the training, there could be a significant cost for the training sessions/access.
Now, secondly, to be successful in Cybersecurity field, I believe the person has to be willing and wanting to be learner for their entire career. This field changes and evolves over time. Unfortunately, cyber criminals are a significant factor in that change. They smarter they get, the smarter we good guys have to be. So if you feel you would like to be a learner from now until retirement, are truly interested in the field, and are tech savvy, I think you would do well in the career field.
I suggest researching Cybersecurity as a whole, find the area within it that most interests you (incident response, hacking, security engineer, etc,) and focus on finding out all you can about that area. Once that is done, you will be better prepared to find a path that's best for you to get to that job.
Hope this helps...
I want to address your question in two parts. First, as far as software and training for cybersecurity, you could find both by way of cybersecurity bootcamps and online training/lessons from a number of the certifying agencies like CompTIA, (ISC)2, EC Council, etc. For example, for the Certified Ethical Hacker certification, the provider company, EC Council, has a training course you can take to help prepare you for the certification exam. In that training course, you are provided access to recorded lessons, online lab work, and online study guide. Of course, unless they are done through a school or job providing the training, there could be a significant cost for the training sessions/access.
Now, secondly, to be successful in Cybersecurity field, I believe the person has to be willing and wanting to be learner for their entire career. This field changes and evolves over time. Unfortunately, cyber criminals are a significant factor in that change. They smarter they get, the smarter we good guys have to be. So if you feel you would like to be a learner from now until retirement, are truly interested in the field, and are tech savvy, I think you would do well in the career field.
I suggest researching Cybersecurity as a whole, find the area within it that most interests you (incident response, hacking, security engineer, etc,) and focus on finding out all you can about that area. Once that is done, you will be better prepared to find a path that's best for you to get to that job.
Hope this helps...
Updated
Clint’s Answer
Hi Daris,
What an interesting, developing, and well needed career path. Personally as a former school counselor, this is a question I provide as much resources and ideas for understanding rather than direct experience or 'advice.' Since this appears to be an area of passion and intrigue for yourself, I am assuming you actively engage/understand various computer platforms, software, systems, A.I., predicted growth areas, as well as possess more than the average understanding of cybersecurity/software development.
Make sure to talk to your teachers & school counselor, as well as process through any possible connections you may have that are professionals in this area. Most high schools do have extra-curricular opportunities geared towards coding, software development, programming, etc. and I would make sure to connect/join that club. Additionally, many of the local universities/colleges in the surrounding areas (NYC) most likely offer entry level courses which most likely would count as dual credits for both your high school diploma as well as progressing towards your college degree.
With such an evolving and rapidly expanding industry, I would devote an hour or two a day to reading and researching the industry and where the market views the trends to go. Simple Google Alerts can be a great resource, while gaining a comprehensive understanding of the different publications out there would provide the knowledge to which publications are typically cutting edge, progressive, more creative, as well as how niche they could possibly be.
Be a sponge and focus on the process not product/end results!
What an interesting, developing, and well needed career path. Personally as a former school counselor, this is a question I provide as much resources and ideas for understanding rather than direct experience or 'advice.' Since this appears to be an area of passion and intrigue for yourself, I am assuming you actively engage/understand various computer platforms, software, systems, A.I., predicted growth areas, as well as possess more than the average understanding of cybersecurity/software development.
Make sure to talk to your teachers & school counselor, as well as process through any possible connections you may have that are professionals in this area. Most high schools do have extra-curricular opportunities geared towards coding, software development, programming, etc. and I would make sure to connect/join that club. Additionally, many of the local universities/colleges in the surrounding areas (NYC) most likely offer entry level courses which most likely would count as dual credits for both your high school diploma as well as progressing towards your college degree.
With such an evolving and rapidly expanding industry, I would devote an hour or two a day to reading and researching the industry and where the market views the trends to go. Simple Google Alerts can be a great resource, while gaining a comprehensive understanding of the different publications out there would provide the knowledge to which publications are typically cutting edge, progressive, more creative, as well as how niche they could possibly be.
Be a sponge and focus on the process not product/end results!
Thank you, Clint for the advice.
Daris-diamond
James Nagata, CISSP
Senior Director, Information Security & IT Operations
3
Answers
Updated
James’s Answer
Most Cybersecurity professionals do not start without having a foundation or discipline in another area (e.g., Computer Science). As an example, I worked in the banking industry for seven years before changing careers to Technology. I then pursued some certifications (AWS and CISSP) and built up my resume to eventually enter a managerial role by finishing my MBA. The certificates and degree will definitely help you decide if the subject matter is where you want to be for your future career path!
Delete Comment
Flag Comment