4 min to read
College to Cyber Security Journey
Learn to Earn .
We have been raised by watching Sci-Fi hollywood movies and hacking series. We often heard xyz company site has been compromised, hackers has released sensitive user data to the public ? But lemme clear one thing in the beginning of the block Hacking is the word for non tech or media people. And anyone who writes code, makes policy, debug code all are hackers in tech.
Now point is what actual name of those professionals who do such thing in cyber security world? Hold on…..
Before Jumping to the fancy words , let’s understand why security is important and what is cyber security ?
” Prevention is better than cure “ .This world is full of good and bad guys, one can’t trust easily on general things. When it comes to the cyber world, your site/product might be attacked from different region , country .That’s why importance of security comes to the role.
cyber security is the practice of ensuring the integrity, confidentiality, and availability (ICA) of information. It is built upon an evolving set of tools, a risk management approach, as well as technology, training, and best practices designed to protect networks, devices, programs and data from attacks or unauthorised access.
The must have prerequisite for this field are :-
- common sense (common sense is very uncommon thing)
- Bash/Python Scripting
- Networking (OSI Model,Protocols etc)
If one have basics clear, good to go with different options in cyber Security
Network security :- By limiting network traffic and managing incoming and outgoing data, this is put into practise. Data loss prevention (DLP) is the process of preventing data loss by safeguarding data based on its location and categorization and by keeping track of data when it is in use, at rest, and in motion.
Cloud Security :- offers data protection for applications and services that use the cloud. To find potentially hostile cyber activity, intrusion detection systems (IDS) or intrusion prevention systems (IPS) are used.
Identity and access management (IAM) :- uses authentication services to limit and track employee access to protect internal systems from malicious entities.
Antivirus/anti-malware solutions:- scan computer systems for known threats. The latest solutions are even able to detect previously unknown threats based on their behaviour.
Soc Analyst :- Soc Stands for the Security Operation center Analyst . They are the part of blue teaming which acts as defensive security. They are also known as 1st line of security.
IT security consultant: IT security consultants meet with clients to advise them on how to best protect their organisations’ cyber security objectives, efficiently and cost effectively. Working as an IT security consultant can require long, flexible hours and often involves a fair amount of travelling to client business locations.
Security systems administrator: A security systems administrator’s core responsibilities are quite similar to those of many other cyber security jobs — installing, administering, maintaining and troubleshooting computer, network and data security systems. The main distinction between security systems administrators and other cyber security professionals is that the former is normally the person in charge of the daily operations of those security systems.
IT security engineer: Security engineering provides a specialised engineering approach to cyber security, specifically regarding the design of security systems to counter potentially catastrophic issues. Security engineers are often involved in systems maintenance, performing security checks, as well as keeping logs and developing automation scripts to track security incidents.
Security architect: Security architects are responsible for establishing and maintaining network security for their organisations. They work in all sectors of the economy for companies, government agencies, and non-profit organisations. They may be employees of companies or independent contractors. In addition to working on specific security systems, security architects develop and implement an organisation’s security policies and procedures for employees and others who have access to computers, networks and data systems.
Penetration tester: Penetration testing involves the proactive authorised deployment of testing techniques on IT infrastructures to identify system vulnerabilities. Simply put, penetration testers attempt to (with authorisation) hack into computer and network systems to pre-emptively discover operating system vulnerabilities, service and application problems, improper configurations and more, before outside intruders have the opportunity to cause real damage.
Information security analyst: Information security analysts are responsible for the protection of an organisation’s computer systems and networks. They plan and execute programs and other measures, including installing and using software for data encryption and firewalls.
Forensic computer analyst: Forensic computer analysts are the detectives of the cyber security world. They review computer based information for evidence following a security breach or other such incidents. Their responsibilities include handling hard drives and other storage devices, and employing specialised software programs to identify vulnerabilities and recover data from damaged or destroyed devices.
Chief information security officer: The chief information security officer (CISO) is typically a mid-executive level position. The job involves overseeing a company’s IT security division. CISOs are directly responsible for planning, coordinating and directing all the computer, network and data security needs of its employers.
List of a few open source cyber security tools :-
- Cuckoo Sandbox
- Security Onion
Thanks for reading this article, Keep learning keep troubleshooting.