Cybersecurity: a versatile career landscape

In today's world, Cyber Security is one of the most relevant and rapidly evolving topics. With the increasing threats and virtual attacks, the demand for qualified professionals in Cyber Security is growing. If you are interested in entering this promising field, starting with a strong foundation in computer science and computer networks is crucial.

Computer science is the central pillar for understanding the fundamental principles of information technology. It covers concepts such as programming, data structures, operating systems, and computer architecture. Computer science knowledge will allow you to understand how technologies work and how systems can be protected.

Similarly, knowing computer networks is essential, as most cyberattacks occur through networks. Understanding network protocols, topologies, network security, and network administration is crucial to identifying potential vulnerabilities and protecting systems. To exemplify the practical application of this knowledge, let's explore some areas within the field of Cyber Security:

- DevSecOps: This area combines software development with Cyber Security. It involves integrating security practices at all stages of the software development lifecycle, from conception to deployment.

-‍ Application Security: Focuses on identifying and mitigating vulnerabilities in web and mobile applications. It involves techniques such as code analysis, security testing, and architecture reviews to ensure system protection against attacks.

-‍ Blue Team: Refers to the teams responsible for the defence and protection of an organisation's systems. These teams monitor and respond to security incidents, implement security controls, and perform vulnerability analysis to keep the infrastructure secure.

‍- Governance in Security: Involves establishing cybersecurity policies, procedures, and guidelines within an organisation. This area aims to ensure compliance with security regulations and standards and define strategies to deal with risks and manage incidents.

-‍ Network Security: Focuses on protecting computer networks from external and internal threats. It involves secure network design, firewall configuration, intrusion detection and prevention, among other measures, to ensure the integrity and confidentiality of transmitted data.

‍- Vulnerability Management: Involves identifying, classifying, and addressing vulnerabilities in systems. Through scanners and security testing, Vulnerability Management teams identify weaknesses and implement corrective measures to reduce the risks of attacks.

-‍ Red Team: Specialised teams that perform simulations of cyber attacks, acting as internal adversaries to test the effectiveness of an organisation's defences. Their goal is to identify vulnerabilities and provide recommendations to improve security. To start your journey in the field of Cyber Security, it is essential to seek knowledge and constantly update yourself. There are several ways to acquire this knowledge, such as books and online courses.

- Threat Hunting/Intelligence: This is a vital aspect of cybersecurity, focusing on the proactive search and analysis of threats within an organisation's network. Professionals actively hunt for advanced persistent threats (APTs) in this role and delve into dark web investigations to uncover and mitigate sophisticated cyber attacks. They use advanced tools, techniques, and intelligence gathering to detect threats often missed by traditional security measures. By investigating the dark web and analysing patterns of APTs, threat hunters are crucial in identifying stealthy, long-term attacks and understanding emerging cybercrime trends, thereby significantly enhancing an organisation's defence against complex cyber threats.

- Digital Forensic: Digital Forensics, also known as DFIR (Digital Forensics and Incident Response) or CSIRT (Cyber Security Incident Response Team), plays a crucial role within the Blue Team. Professionals in this field are responsible for investigating and analysing cyber attacks after they occur. They work closely with the Blue Team to understand the nature of the security breach, collect and preserve evidence, and assist in the recovery process. Their expertise is essential in identifying the attackers, understanding their techniques, and preventing future incidents.

 

T‍ips to start your journey

To start your journey in the field of Cyber Security, it is essential to seek knowledge and constantly update yourself. There are several ways to acquire this knowledge, such as books and online courses. Some recommended books are "Computer Networks" and "Modern Operating Systems," by Andrew S. Tanenbaum. These books provide a solid foundation in computer networks and operating systems. Below are some other examples that come to mind:

 "The Web Application Hacker's Handbook" by Dafydd Stuttard and Marcus Pinto: This book covers techniques and methodologies for web application hacking, providing valuable insights into common vulnerabilities in this environment.

‍"Hacking: The Art of Exploitation" by Jon Erickson: In this book, the author explores the fundamentals of ethical hacking, providing a detailed understanding of exploitation techniques and security vulnerabilities.

"Security Engineering: A Guide to Building Dependable Distributed Systems" by Ross Anderson: This book covers the principles and practices of security engineering, including secure system building and risk analysis.

‍"The Tangled Web: A Guide to Securing Modern Web Applications" by Michal Zalewski: This book addresses the security challenges modern web applications face and guides how to protect them against threats.

‍"Applied Cryptography: Protocols, Algorithms, and Source Code in C" by Bruce Schneier: This book is a classic reference in the field of cryptography, covering the basic principles, cryptographic algorithms, and protocols.

"Digital Forensics with Open Source Tools" by Cory Altheide and Harlan Carvey: This book focuses on using open-source tools for conducting digital forensics investigations. It provides practical guidance on how to collect, examine, and analyse digital evidence effectively using these tools. The book is beneficial for both beginners and experienced professionals in the field of digital forensics.

"The Practice of Network Security Monitoring: Understanding Incident Detection and Response" by Richard Bejtlich: This book offers a comprehensive guide to network security monitoring, with a strong emphasis on threat intelligence. It covers the fundamental concepts and strategies for detecting and responding to network intrusions. The author provides insights into various tools and techniques used in threat intelligence and how to apply them in real-world scenarios.

These books are just a few suggestions and represent a diverse sample of relevant topics in cybersecurity. As your career progresses, it is important to continue exploring other materials according to your interests and specific needs.

Stay tuned! The next blog post will provide a study plan for starting a career in Cyber Security.