You have a CISSP (Certified Information System Security Professional) or CompTIA Security+ or Certified Ethical Hacker (CEH), now you’re a cybersecurity expert right? Well, maybe. Cybersecurity is a vast field and you can’t possibly master it all.
Becoming certified gives you a good base, getting experience gives you a background and insights to draw from, and a niche makes you invaluable.
Just like an MBA, it takes more than just going to school or taking some courses and passing an exam to become an expert. So how do you become a real expert?
IT Support company, Data First Solutions, have provided some tips below for a career in cybersecurity.
You have to be both technically inclined and analytically oriented to excel as a cybersecurity expert. Technology is all around us and it takes an understanding of how technology works, how it can be implemented and a grasp of how it can be exploited or circumvented to master the mindset. Remember, becoming an expert in this field requires patience and commitment too. This is a long road and takes years to become good and even more to become respected.
Cybercrime is on the rise and is set to reach unprecedented breaches this year. Cybersecurity is an all-encompassing field that ranges from policy writing and risk assessments to code reviews and database analysis. Find an area that interests you. The CISSP handbook is a great place to start – so are several forums and groups like SANS org. Take a look at currently advertised positions, follow the trends and identify where we are today. With your niche in mind, delve into what’s required to become an expert in that field and pay special attention to people’s backgrounds and the career paths that got them there.
Now you have an understanding of what it takes to get into the field. Can you spot the next trend? Can you see yourself doing this for the next 10 years? If so, you now have a niche, an area of study is eroded as a stepping stone in cybersecurity. Remember, just because you feel it’s your niche today doesn’t mean that’s what you will do by the time you get there. There are many advances and threats with new ones constantly emerging. Start getting comfortable with being uncomfortable.
Firewalls, encryption and monitoring could be considered the initial areas of study to focus on. Yes, a CISSP is a great place to start – but then what? If you don’t have a thorough understanding of the fundamentals start there. Then sign up with the mainstream vendors of these products, review their case studies and their market position documents. Look for any comparisons and then sign up for their implementation courses. You may be wondering what’s next? Many vendors will even sell you their older models or send you current models on a trial basis. Nothing beats hands-on. And most importantly stay current!
If you have a passion and pension for programming then this is a field for you. Definitely not for the faint of heart, the best white hats are those that can grasp what they are trying to protect, why it needs to be protected and can visualize the vulnerabilities. What separates this unique and well-coveted group is the side of the law they are on and their strong sense of ethics. Perhaps they may have even dabbled in the forbidden. This is one of those skills you either have or you don’t.
The study of the what with the art of the how. You decode, uncover and analyze what happened, how it happened and then identify the skill set required to do it. Just like forensic accountants or investigators, you apply the skills of your craft to get to the bottom of things. A strong analytical and technical background comes in very handy here as do other skills, often most often business-related.
Technical skills include data recovery, data analytics, tracing, coding and a thorough understanding of methods and procedures. Just like at a crime scene, you can’t afford to contaminate evidence or data trails and you can’t consume your only markers and evidence either.
There are several areas of study to choose from in the field of cybersecurity. To become a true expert you need not only the education, but the passion and the experience to support the claim of being a cybersecurity expert. There are many resources to draw from to help you become an expert. Take the first step and do your research. There is no replacement for doing something you like and that you are good at. These are often the making of the best cybersecurity experts.