So you’re interested in Cyber Security and wonder now what? Maybe you know a little something about computers, or maybe you aren’t technical at all. Either way, this document should help you understand what it takes to understand and break into the vast field.
What is Cyber Security?
Understanding what exactly Cyber Security is crucial to understanding the role you could potentially be taking on. Many textbooks will describe Cyber Security as maintaining the confidentiality, integrity, and authenticity of data. It can be your data or someone elses but really its all just about data. What’s in that data is of no importance to anyone other than the one who finds the data important.
https://wikiless.org/wiki/Information_security?lang=en#Basic_principles
Anyway, thats the quick summary of it. Feel free to debate me.
How to get started
Finally, we’re at the good stuff right? Nope.. sorry. But keep reading just a little more. Especially if you are truly interested in security and absolutely new to the field. Figure out what you want to DO in security first. Security is too vast of a field to hit it all at a once and in today’s world of instant gratification you will be left miserable and burnt out if you try to cover everything off the start. (Not saying don’t hit on everything, just not now, especially if you’re looking for employment.)
What you want to do
Cyber Security is HUGE. There are literally hundreds of job titles that can fit under security. Do your research as I can’t list them all here. To get you started, I will begin with what I think are some of the most popular titles (again, up for debate):
# | Title | Desc |
---|---|---|
1 | Penetration Tester | The self acclaimed hackers of the industry who know just enough to to talk the talk but fail to deliver results 99% of the time. |
2 | Security Engineer | Professional at installing and configuring security tools. |
3 | Security Analyst | Professional at reading reports from the tools from (2). |
4 | (Secure) Network Engineer | When this guys shit stops working, no one on this list can get any work done. |
5 | Secure Software Developer | Make the tools that (2) installs and (3) reads reports from. |
6 | Security..Architect? | Decides what tools (2) installs and configures |
7 | Vulnerability Researcher | Chases down endless rabbit holes of application errors proclaiming ‘This is the one!!’ everytime. Time wasted debugging: > 800hrs. |
8 | Security Consultant | Does any number of the above roles for a large amount of money in exchange for always been seen as the guy starting problems at the new gig. |
9 | CISO | He’s like the kid at home who learned how to install minecraft on his own so is instantly made tech support for his entire family.. except for the CEO of billion dollar companies. |
So take a look at the list, and start googling around, and decide what you want to chase. The rest of this page can really be seen as “Good to know” with no real focus on any of the above titles.
But but… I hear there were teams? I wanna be on the Red Team!!
So the teams just really categorize how work is done by the titles aboves. The above roles don’t really fit perfectly and there is always overlap, but here’s a quick observation maybe from the eyes of a newcomer:
Red Team (lowest paid) | Blue Team (mid. pay) | Purple Team (high pay) | … | CISO (stupidly well paid) |
---|---|---|---|---|
1, 6 | 2, 3, 4 | 5, 6, 8 | 9 |
Technical Skills to Learn
(Writeup in progress)
Non-technical Skill
(Writeup in progress)
Conclusion
(Writeup in progress)