Cybersecurity awareness

Security+ is nothing more than the DoD giving Comptia a hand job really. Only DoD cares about that cert, and there is nothing of actual value in the material that somebody in the field shouldn't already know. I would easily replace both of those with recommending a CISSP if you want hardcore security knowledge.
Yea thats totally true.. I had this conversation with a few younger people and just told them to go get Certified in Unix, Linux and CCIE.
 
What are golden rules in cyber security and how can they be implemented?
Also, I am a beginner. how can I slowly dive into the technical side of it?
  1. Regular Updates and Patching: Keep all software up to date to protect against vulnerabilities.
  2. Strong Passwords and Multi-Factor Authentication: Use complex passwords and enable multi-factor authentication for an added layer of security.
  3. Data Encryption: Encrypt sensitive data both in transit and at rest to prevent unauthorized access.
  4. Regular Backups: Regularly back up your data to recover it in case of a breach or failure.
  5. Employee Training: Educate employees on cybersecurity best practices and phishing scams.
  6. Access Controls: Limit access to sensitive information to only those who need it.
For beginners wanting to dive into the technical side of cybersecurity, start with the basics:

  1. Learn the Fundamentals: Understanding basic networking, operating systems, and how the internet works is essential.
  2. Online Courses and Certifications: Platforms like Coursera, Udemy, and Cybrary offer courses on cybersecurity fundamentals.
  3. Hands-On Practice: Set up a home lab or use online platforms like Hack The Box to practice your skills.
  4. Stay Updated: Follow cybersecurity news and blogs to stay informed about the latest threats and trends.
For a comprehensive guide on SaaS security best practices, you can check out this blog post on SaaS security practices.

Hope this helps!
 
On top of general aspects, we should all be familiar with, there are specific areas of cybersecurity to focus on, depending on the person's line of work/interests. For example, we use QR codes for several purposes in my department, and I often read about reducing QR code security risks and learn about things like quishing. Makes sense to me. I also read, "Around half (49%) of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats." (source). This is worrying. And coming from the IT teams. Seems like CEOs could use some education on the topic before it's too late.
 
Back
Top Bottom