Getting Started in Cyber Security?

[GLaDOS]

Hi Everyone,

(I'm not entirely sure if this is the correct forum to place this question, so if I was mistaken I apologize.)

I have become very interested in the field of cyber security and I was wondering if anyone could provide some useful resources, advice, or general guidance that could possibly help me get started in the field.

To give a very brief background I graduated college last May with a degree in Business Management and Marketing. I have been working for an insurance company doing data entry. I have always had an interest for computers but only recently decided to look into the idea of pursuing a career in the IT industry. I'm still doing a lot of research (as IT is a very broad field) but a job somewhere in Cyber Security has moved its way to the top of my list so far and I was hoping I could get some information from the users here. I am aware I'd have to take a number of different classes (I would imagine either for certifications or for maybe even a masters?) and that is fine by me. I am just happy to have a professional goal that I can be excited about - so far my employment after college has not been very fulfilling.

If anyone could give me an idea of how to get started and possibly even an idea of what a career in cyber-security is like day-to-day, I would REALLY appreciate it! I always felt that talking to people who actually work in the field was the best way to learn.

I hope everyone enjoys the rest of their week!

 

[Sheepykins]

IT depends what you do in cyber security, its a pretty broad field.
I'm an intrusion analyst, which is something that has a steep learning curve even for people familiar with ICT.
Basically, we have network taps placed on customers internal/internet facing networks and we sift through and make sure none of it is bad.
For new beginners its terrible, the IDS vendors all have their own unique way of writing attack signatures, the rate of false positives is quite high and you pretty much just end up examining data packets all day and its hard to get an idea of a clients network just from looking, it takes a good 6 months on the job to know whats routine user activity and what isnt.

then theres the networking support, setting up the systems and maintaining them - new attack signatures get updated every week, sometimes twice and customers doing maintenance without telling you is a big issue as everything turns off!

then theres penetration testing, using a range of tools and known exploits to try and crack someones hardware and software which unfortunatly i cannot attest to as i dont do it much.

depending on what you want to do there is a large range of qualifications available, and unfortunatly many companies dont want to entrust the safety of their network to people underqualified. You'll see a lot of GIAC qualifications, cisco security, comptia security diplomas tagged to job advertisements. As well as familiarisation with SQL, a range of other coding techniques - linux, microsoft, apple and the core softwares java, adobe etc.

its a very interesting field to get into mind you. But its not for everyone and it can be a little more demanding than most as security is a 24/7 business

 

[GLaDOS]

Thanks for the information Sheepykins! I'm starting to learn that, like most of IT, cyber security is a very broad industry! Would you have any recommendations on where to begin as a college graduate looking to get a foot in the door in this industry? From what I've read so far, it would look like I would either need to get certified or go back to school for a master's even (both of which I'm willing to do, I'm just really looking for some direction).

 

[Sheepykins]

any IT job will help you get your foot in the door, experience is valued.
hell, find the right employer and learn how to interview right. I wasnt the most qualified candidate for my job - but i was open, honest and tried my hardest in the interview (which had tests and such, many do nowadays or basic competancy tests) and i got offered a position as a trainee.

My boss isnt sorry he took a risk, i've only been there two years but i've surpassed most of my colleagues on enthusiasm, learning curve and i've started setting the bar higher for them to hit which they hate

the right job in the right company can look after you in terms of qualifications, mine have been learned on the job or the company have taken the cost and sent me on a few courses too.

But if you're not confident start somewhere small, helpdesk or call centre and work your way up. The great thing about IT is that i've known people move into several different departments with generic knowledge and the aptitude to learn and a few people on the forums will know people who have done the same - alot of the stuff doesnt change too rapidly and keeping yourself ahead of the rest is important. IT is a constant battle of knowledge lol which is why i love it.

Personally, and many people wont agree but from what i've seen going to university etc is a waste of time - the qualifications are quite generic and dont tell you alot about the course on a CV and typically by the time you finish the knowledge you have (depending on the course) is out of date.
My advice is to get an IT job, any IT job, and pay for some courses for yourself by professional bodies - Comptia, LPI, Cisco etc. On a CV they are more recognisable and getting your CV recognised by an employer is half the battle.

For instance, your college course might already have given you the knowledge for Comptia A+ and N+, i'd recommend doing some tests online, read a book (go to library, online or buy for like 20 bucks) and then just pay for the test at a local testing centre.
I almost guarantee you more success based on those than your college course

 

[hewitcm]

Great advice. I have had better luck with jobs with my A+ and Net+ than with my math degree. I passed my CCNA this past weekend. What are the most valuable certs right now? I am trying to think about what to get next. I never heard about GIAC, but I am considering CCNA security.

 

[Sheepykins]

GIAC are a big name in the IT security industry:
GIAC Forensics, Management, Information, IT Security Certifications

Their courses cost a bomb, and cover penetration testing, system admins, certified analysts of which i shall be soon

 

[Yami]

Good replies, Sheepy.

Personally, and many people wont agree but from what i've seen going to university etc is a waste of time - the qualifications are quite generic and dont tell you alot about the course on a CV and typically by the time you finish the knowledge you have (depending on the course) is out of date.

I'm doing just such a course at uni (Ethical Hacking and Networking Security, Coventry University), and have to agree. The actual course isn't much use in terms of content as pure learning on your own, but what it really gives you is:
1) Access to resources (premium software, daily access to people with expertise, labs). For example, I get to do some security qualifications with a large discount.
2) It's an excellent platform for learning on your own as well with others
3) Gives a university degree to show for it, which unfortunately nowadays a lot of recruiters will throw your resumé away without (just the fact you have a degree, not what the actual degree is since it establishes a baseline for competence).
4) Links to industry via people you meet there, and through trips to security conferences etc. which the uni may sponsor.

 

[GLaDOS]

This is all great advice guys, I really appreciate it. I have two other questions regarding cyber security that I'm hoping you may be able to give some insight on:

1.) Are there entry level type positions in Security or do most people start in something like Networking or something else and then just get hired in to Security once they have X number years of experience? In other words, are there opportunities where you can learn security on the job?

2.) I would really be interested to know if someone could give a description of what working in the cyber security industry is like? I know there are many career options within the industry, but I would love to hear someone's personal take on what a day-to-day life would be rather than just reading various job descriptions online as those don't always match up with what the job is.

I'm really trying to get an idea of whether or not this is something I want pursue as a career. I'm still kind of on the fence about it but I'm starting to lean more towards a yes. I'd just like to have a good idea of what to expect out of it (in general terms) before I commit a lot of time and money towards it. Your help here is REALLY appreciated. This is the first time in my life I've been excited about the potential of a new career and all the information I've been getting from everyone has been so helpful!

I hope everyone has a great week!

 

[Yami]

1.) Are there entry level type positions in Security or do most people start in something like Networking or something else and then just get hired in to Security once they have X number years of experience? In other words, are there opportunities where you can learn security on the job?

Having spoken to a good dozen or so very experienced people at security conferences, this has actually been the common way they entered the security. Many of them didn't even have formal qualifications specifically relating to security until years after they'd been in the industry (or ever). These were all people at least in their late 30's, though, so their experience might apply less to those of us just entering the industry (since, essentially, they got in before there was the wide variety of qualifications that now exist).
In fact the most common route into security I've seen is going from a basic sysadmin job and then expanding into security as the needs of the job required, and then realising they particularly enjoyed that aspect, before moving into jobs more focused on security.

2.) I would really be interested to know if someone could give a description of what working in the cyber security industry is like? I know there are many career options within the industry, but I would love to hear someone's personal take on what a day-to-day life would be rather than just reading various job descriptions online as those don't always match up with what the job is.

I can't give you an answer from personal experience, since I won't start my placement year until a year from now, but I can give you accounts from the people I've met and talked with. What I really recommend you do is follow people in the netsec/cybersec business, to get an idea of what life is like for them - Bruce Schneier is a good example ('Schneier on Security') and David Lacey's IT Security Blog is good too. Twitter is something that's been clasped wholeheartedly by the cybersec community, since the instantaneoncy (not a word) is especially useful. If you'd like a list of more people I'm sure I can find some

I'm really trying to get an idea of whether or not this is something I want pursue as a career. I'm still kind of on the fence about it but I'm starting to lean more towards a yes. I'd just like to have a good idea of what to expect out of it (in general terms) before I commit a lot of time and money towards it. Your help here is REALLY appreciated. This is the first time in my life I've been excited about the potential of a new career and all the information I've been getting from everyone has been so helpful!

I can't help you with this as much as I'd like - being relatively inexperienced with the whole thing so far - but the reason I'm getting into it is, I love tech. I love controlling tech. I love messing with it, getting it to work for me in the way I want, whether that's rooting phones or hacking wireless networks. That, and the fact that I'm really quite good at it. It's the rare combination of 'something I'm good at', and 'something I love'.

I suggest you read through the comments in this Reddit submission I made on /r/netsec (a useful resource if you want to ask about real-world experience!). While the original subject doesn't particularly pertain to your situation, the comments do give you some good insights (at least, they did for me).
Hacking degrees and their relevance/usefulness in the real world : netsec

 

[hewitcm]

Very interesting. I went to uni and got a math degree, which has done me no good up to this point. Only now that I have a few good certs are potential employers wanting someone that has a degree. Luckily, math has some relevance to what I'd be doing.

Yami, I am doing the Cisco cert route and this discussion is making me feel like I should follow the security path especially since I would want to possibly do ethical hacking at some point. I have been considering what I should do, and I think security would bring me back full circle to some things I studied with my degree.

GlaDOS, I am fairly new to the IT field, but I do believe that you need to start from the bottom and work up. Especially since you do not have a degree in this field, I think that it is important to start from the basics because you will not get the job that you want with no experience. I want to get into networking but for the past year I have been doing desktop/helpdesk IT jobs that I've gotten from my A+ and network+. It would be difficult to get a networking tech or engineer job with a CCNA and absolutely no experience. A year later of experience and a CCNA less than a week ago, and I'm already getting attention from employers. And everyone needs networking people, so I think getting into security would be even more difficult. Personal opinion, I believe that you would have to start off in networking or something similar and transfer over to security, which is something I might try to do. Take it from me, going into a whole new field will not be easy and working at entry-level jobs can be frustrating and you will not get results overnight, but I think it's something you will have to do to get to where you want. For me it's been worth it. I would rather have knowledge in a field that is needed and has growth potential than having to struggle to find work because my degree alone will not get me a job.