topic Re: Advice for cybersecurity newbies in Career Discussions

Advice for cybersecurity newbies

mnold — Mon, 09 Oct 2023 08:17:17 GMT

What is the most useful advice you have for future cybersecurity professionals?

Re: Advice for cybersecurity newbies

vistauxx — Sun, 08 Oct 2017 14:50:46 GMT

Tactical76 is very correct. HOWEVER, security is often a make or break issue for companies, and breaches and successful attacks are reputationally devastating.

Security is more and more becoming THE issue. You will make mistakes. This is not about fair and balanced advice. Represent the risks accurately, and do not "go quietly into the night" unless and until you are sure that management has UNDERSTOOD the risks and accepted them. Terms have different meanings to different people. As an expert witness it has often been required to bring a judge or jury up to speed on terms that I use. But until they understand what I am offering, they cannot make a informed decision.

Re: Advice for cybersecurity newbies

Anne — Sun, 08 Oct 2017 15:06:32 GMT

Advice: stay positive with yourself and your business. It’s hard to do in our industry, but if you use the “sky is falling” card sparingly, it’ll yield great results.

Advice: Learn to let the “no’s” slide off your back, but fight for what you really need. Many of your wants will be dismissed and you will feel like that is injustice. Focus on the needs of good business and making incredible arguments that are focused on the business to get needs fulfilled.

Advice: Network. You can’t keep up on everything. Get a personal network or one through and industry organization and keep up with them. Having others in our industry you can bounce ideas off of and share insights is invaluable.

Advice: your skills are perishable, keep learning.

Advice: unplug when needed. Cybersecurity can eat your life; have something where you can forget about the crazy that is this profession.

Re: Advice for cybersecurity newbies

John — Sun, 08 Oct 2017 15:36:40 GMT

I get this question a lot.

Infosec is not a very good first stop for those new to technology. I always recommend IT/IS students to spend a couple years doing something else (appdev, sysops, networking, etc.) before circling back around to security. All practisioners have their strengths and without a good industry baseline, those strengths are hard to forge. That said, starting your career as, let's say, a Web developer and always incorporating OWASP Top 10 into your testing will make you a better developer and a huge asset to any team you join. There's a good chance after a year or two, they'll actually send you off for training to be their appsec person.

Be a part of the community. I worked in infosec for over a decade before taking part in community events. I went to small one-day conferences and such, but never the local meetups or week-long cons. My knowledge and local network for advice and reference improved drastically since becoming a part of the local scene. That led me to attend a few cons, where I got to meet people who are at the leading edge of security practisioners.

Say hi. A lot of us in cyber-security are kind of introverted. We get into our little circles of friends and end up staying there. We're pretty friendly, though. When you attend a social event, make it a point to meet 3-4 new people. Let them know you're new to the event and there's a good chance someone will take you around to meet people. Add the people you meet to your Twitter feed. You'll probably learn more there than anywhere else.

And when you do get into infosec, keep in mind that most people dislike us. You can change that perception. People see us as an obstacle to innovation, deadlines, and profit. A good infosec team is a resource to the different departments to improve their stability and long-term profitability. Sometimes we have to be the bad guys, but that's just so the real bad guys don't pwn us and our customers.

Re: Advice for cybersecurity newbies

erasparsa — Sun, 08 Oct 2017 16:03:08 GMT

Not sure where to start as this is a huge area to cover and may differ if you are working in an organization (end user) or a consulting company;

If you are working in a company and need to

A) Convince your boss:

Make a gap analysis and note the prioritize the risks.
If boss does not care, shock and awe; create a real case from all CIA point of view, that you can showcase, usb attacks, mitm, lateral movement etc. Mind you that there are people in some industries that may think that data breach (confidentiality) is not a biggie, but for them not being able to access the data and use the ERP is (availability, integrity), thus when prioritizing risks make sure you see from all angles.
Educate them constantly to the point of nagging :D.

B) To team mates, staffs and everyone else:

Create awareness and educate them, if, they are not aware yet.
Share videos, stories, best practices, guidelines and such.

C) And as for oneself:

Learn psychology, and how to communicate properly, you will be meeting and need to convince lots of people of the risks related to information security.
Never stop learning, you can only improve yourself and everything else if you know what is better than what is already implemented / known by others.
Be humble, you are both everything and nothing at the same time, no one likes an a-hole.
Learn to code, it trains yourself on how to be orderly.
And might want to to focus on one area of interest, IT security is a big world, and every industry vertical is kinda unique.

Re: Advice for cybersecurity newbies

bamisanu — Mon, 30 Oct 2017 16:43:23 GMT

I am glad I can get someone local that can help me to really navigate this field. I have attempted the CAP certification exams twice now with score of 599 and 661 respectively. I understand that I can re-test again until 90days. I still have 78days to go. Do you or anyone you know or have a clue on how best i can prepare gor the exams? Apart from the time it is getting very expensive for me to do the exams now and I can not afford to fail again. Can you guys pls help ?

Re: Advice for cybersecurity newbies

CISOScott — Tue, 31 Oct 2017 17:56:37 GMT

1) Get experience by building your own lab. Insecure.org has lots of free tools.

2) Do not become the Department of No. The biggest knock on INFOSEC community is that we are the people that will always tell you no. We need to learn that the customer has a need and they do not know the best way to secure it. That is our job to help the find a solution that reduces the risk to an acceptable level to the executives.

3) Look for things that are not being done. I got into INFOSEC because I was changing tapes on out backup server 14 years ago and noticed that it had an anti-virus console on it. I asked my boss who was monitoring it daily and she said "No one." I asked if I could do that and she said yes. I kept looking for duties I could add to my resume. This allowed me to gain experience in many of the domains.

4) Security podcasts. Use your downtime to listen to them. I used to have an hour and a half commute. Security podcasts kept me company and informed the whole time. I used "dead" time as training time. Some of my favorites are:

Paul's Security Weekly

The Social-Engineer Podcast

SANS Internet Storm Center

Re: Advice for cybersecurity newbies

JPBTech — Tue, 31 Oct 2017 18:32:36 GMT

A few things to keep in mind:

Always look for ways to disrupt the cyber kill chain at every step.
Keep your personal cyber arsenal up to date.
Become a lifelong learner in every aspect of your professional life.
Give back to the "cyber" community.

Re: Advice for cybersecurity newbies

Dakotad — Tue, 31 Oct 2017 23:28:05 GMT

Don't expect 6 figures after getting your CISSP. If you are one of the lucky ones to land a six figure salary after getting one certification, good for you, you won the lottery.

I have mentored several folks and all but one of them lacked the delusion of making a hefty salary. A career in Cyber Security will definitely command an excellent salary for years to come and if you focus your efforts on cloud services and or white hat practices, we are going to need more folks like you.

Just be patient and stay the course, the salary will find you if you love what you do.

Re: Advice for cybersecurity newbies

CISOScott — Wed, 01 Nov 2017 11:13:13 GMT

The most important advice is this:

FIND WHAT YOU LOVE TO DO.

If cyber security is not your passion and you got into it because you thought the money would be good, you are setting yourself up for a miserable experience. Find what you really love to do. The money will find you.

Re: Advice for cybersecurity newbies

vistauxx — Wed, 01 Nov 2017 21:23:25 GMT

Cyber "kill chain" . . . . from JBPTech

Most think this ("kill chain") comes from the old military usage referring to the Structure of an Attack.

I think it is much better to think of it the way the FAA does. It is the chain of events that happened leading to an accident. Each accident is studied to determine the chain of errors/mistakes that lead to the accident. Break one chain link and the accident doesn't happen. Each of those failures had to happen or there would have been no accident. Each link in the chain contributed to the accident, and no specific one "caused" the accident.

And the FAA doesn't let you off easy. The pilot, weather, and aircraft are stringently reviewed. Not just we know what happened and let it go. The light bulb in the "gear up" enunciator was burned out. The pilot didn't cross-check against different instruments. The inspection before takeoff didn't catch it. They talk to witnesses. If the find a bearing burnout they go backwards to the manufacturer and see if there are other occurrences, they see if there are service bulletins that havn't been complied with, they see if the bulletins give a full enough picture to indicate the urgency. Then they make recommendations. They LOOK AT EVERYTHING that contributed to the accident, not just the first easiest item.

Would that that was the way done today in cypersecurity. Once your systems are compromised, that is what the experts do for the court case. It's much cheaper to do it up front and save all the court costs and embarrassment.

Don't let up once you have fixed an issue on a single system. Make sure that you understand the ramifications, everything that contributed to the issue3, and that all related or similar systems are not subject to the same issue. Who built the machine, is there a pattern? It maybe time for counseling for that indivicual. Try to understand the issue, what hardware it applies to (all systems with an AMD processor? ; all dell 320's; everything with an Adaptec 2100 controller, whatever -- there will be a pattern) what versions and patches of software are involved? Is it localized to a Rack, UPS supplying multiple systems; a Data Center?

The better you understand the issue, the better 2 things happen (yep, believe it!) ---- 1) The quicker the repairs/modifications will be made, and 2) the lower the cost of the repairs/modifications (in $, downtime, man-hours, and generalized stress on the team (the team includes everybody up to the chief executive of your organization)).

And document everything. It is a teaching tool.

jes sayin . . . .

Re: Advice for cybersecurity newbies

JPBTech — Wed, 01 Nov 2017 22:12:20 GMT

Good points!

The kill chain to which I refer is the one put forth by Lockheed Martin: https://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html

This specific one is good, but most adopt their own version of it.