How You Can Get Started in Cybersecurity Field

As the technology advances, cybersecurity has gained popularity and increased demand in recent years. Many media have reported that there are lack of cybersecurity professionals and many jobs have gone unfilled. If you're interested to join the cybersecurity field, here are the key steps you should do to get started:

1. Understand the Basics of Cybersecurity

Before diving into specialized areas, it’s important to have a solid understanding of what cybersecurity is and its role in protecting digital assets. Focus on these foundational concepts:

• Confidentiality, Integrity, and Availability (CIA Triad): The core principles of cybersecurity.
• Types of Cyber Threats: Malware, phishing, ransomware, and social engineering.
• Basic Networking: Understand IP addresses, TCP/IP, DNS, VPNs, firewalls, and routers.

2. Get Familiar with Key Tools & Technologies

To be effective in the field, you need hands-on experience with the tools that cybersecurity professionals use. Some important tools to explore include:

• Firewalls and Intrusion Detection Systems (IDS).
• Encryption tools for data protection.
• Security Information and Event Management (SIEM) platforms like Splunk or ELK Stack.
• Vulnerability scanners such as Nessus or OpenVAS.
• Penetration testing tools like Metasploit, Burp Suite, or Wireshark.

3. Choose a Specialization

Cybersecurity is a vast field, so narrowing down a specific area of interest can help. Some common specializations include:

• Network Security: Protecting the network infrastructure and preventing unauthorized access.
• Application Security: Securing software and applications from vulnerabilities.
• Incident Response: Managing and responding to security breaches and incidents.
• Threat Intelligence: Analyzing and understanding cyber threats and their origins.
• Compliance and Risk Management: Ensuring organizations meet legal and regulatory requirements (e.g., GDPR, HIPAA).

4. Obtain Relevant Certifications

Certifications help validate your skills and demonstrate your competence to potential employers. Some well-recognized cybersecurity certifications include:

• CompTIA Security+: A great entry-level certification that covers the basics of cybersecurity.
• Certified Information Systems Security Professional (CISSP): For professionals with more experience.
• Certified Ethical Hacker (CEH): Focuses on penetration testing and ethical hacking.
• Certified Information Security Manager (CISM): Focuses on managing and governing cybersecurity programs.
• Cisco Certified CyberOps Associate: Useful for those interested in network security.

5. Hands-On Practice

Cybersecurity is a practical field that requires hands-on skills. Set up a home lab or use online platforms to practice real-world scenarios. Some options include:

• TryHackMe and Hack The Box: Interactive platforms with labs for practicing penetration testing and other skills.
• Build a Home Lab: Set up virtual machines and test security tools and configurations in a controlled environment.
• Open Source Tools: Play with open-source tools like Wireshark, Snort, or Kali Linux to improve your practical knowledge.

6. Stay Current with Threats and Trends

Cybersecurity is a constantly evolving field, with new threats emerging every day. To stay ahead:

• Follow Cybersecurity Blogs and News Sites: Sources like Krebs on Security, Dark Reading, and Threatpost will help you stay informed.
• Participate in Forums: Join cybersecurity communities like Reddit’s r/cybersecurity, or specialized forums like StackExchange or InfoSec World.
• Attend Conferences & Webinars: Look for events like Black Hat, DEF CON, RSA, or local meetups to network and learn.

7. Build a Network

Building relationships with other professionals in the industry is vital for your growth:

• LinkedIn: Engage with cybersecurity professionals on LinkedIn to learn from their experiences.
• Local Meetups: Join local groups to meet people in person and exchange ideas.
• Mentorship: Find a mentor in the field who can offer advice and help you grow.

8. Understand Cybersecurity Governance & Risk

As a leader, it's crucial to understand how to align cybersecurity strategies with business goals:

• Cybersecurity Frameworks: Familiarize yourself with standards like NIST, ISO 27001, and the CIS Controls.
• Risk Management: Understand how to assess, mitigate, and manage cybersecurity risks in an organization.
• Compliance: Learn about laws and regulations like GDPR, HIPAA, and PCI-DSS.

9. Consider the Soft Skills

While technical skills are vital, soft skills are equally important for a successful cybersecurity career:

• Communication Skills: You’ll need to explain complex technical issues to non-technical stakeholders.
• Problem-Solving: Cybersecurity is about solving puzzles and identifying vulnerabilities.
• Teamwork: Collaboration with other IT professionals, executives, and departments is key.
• Attention to Detail: Cybersecurity requires a keen eye for identifying even the smallest security gaps.

10. Seek Entry-Level Opportunities

Start with entry-level roles to build experience. Some possible starting positions include:

• Security Analyst: Monitoring and analyzing security systems.
• Network Administrator: Managing and securing network infrastructure.
• Incident Responder: Responding to and investigating security incidents.
• SOC Analyst: Working in a Security Operations Center to monitor for threats.

11. Invest in Continuous Learning

The cybersecurity landscape is always changing, so continuous education is essential. Regularly take courses, read books, and participate in webinars to enhance your skills and stay relevant.

Conclusion

Cybersecurity is a dynamic, high-demand field, and getting started involves both acquiring the necessary technical expertise and developing a broader understanding of security concepts. It requires dedication, a continuous learning mindset, and the ability to adapt to new challenges. By following these steps, newcomers can lay a solid foundation and eventually build a successful career in cybersecurity.

Books I Used to Get My Cybersecurity Certifications

Disclaimer: I'm a big fan of Mike Chapple books and I've been using his books to prepare for all my three cybersecurity certifications CISSP, CCSP, CISM. I read the whole official study guide books and usually start to do the practice questions from the practice tests books 1 month before the actual exam day.

You can find the link to get the books from Amazon on each link.

 CISSP Official Study Guide (link included)

Read on how I prepared for my CISSP exam here

CISSP Official Practice Tests (link included)

I recommend to do practice tests around 1 month before the exam day.

CCSP Official Study Guide (link included)

Read on how I prepared for my CCSP here

CCSP Official Practice Tests (link included)

CISM Official Study Guide (link included)

My other post:

Things I do to stay relevant in tech/cybersecurity industry

Things I Do to Stay Relevant in the Tech/Cybersecurity Industry

 I have been working in tech industry for more than 10 years and the past few years in Cybersecurity space. It's been a great journey so far. But tech and cybersecurity industries are like our galaxy. There are so many categories inside them and so much things to learn (this what excites me actually, everyday is learning day).

It's undeniable, the industry is so fast evolving everyday. There's always new innovations appear on the market. That's why, we, tech/cybersecurity workers, need to stay relevant as well. Here are few ways that I do to stay relevant in the fast-moving tech and cybersecurity industry.

1. Connect with people and follow relevant organisations/groups on LinkedIn

I got so much benefits from my circle on LinkedIn. I got to know about new vulnerabilities or new features update or relevant events from posts that my circle member posted or liked or shared. You'll be surprised by how information-rich your LinkedIn feed can be. 

2. Join relevant physical events and network with fellow professionals

I personally joined my professional body's local chapter and I've learned a lot from other experts. I got so much other opportunities as well which I wouldn't get if I never join the chapter, like hosting relevant events locally and regionally, both physically and virtually. And, it has expanded my network too, which I am grateful for. When I was affected by layoff last year, there were so many people reached out to me and extended their help.

3. Keep checking on job vacancies although you're not looking for a change

I always do this until now. Not only I get the glimpse of the salary market, but also what are the skills needed in the market for my current role or my next target role. This will help me to prepare on what skills to polish for the next 1-2 years time. By then, when I'm in the lookout for new job/opportunity, I know that I'm ready for my jump.

Hope my above two cents are useful for you. I'm interested to know what other ways you do to stay relevant in your industry. Feel free to share!

The importance of cybersecurity awareness programs and it can be your first defense against cyber attacks

 Cyber attacks are getting sophisticated and growing in numbers everyday. Small medium businesses and healthcare are the new target of the cyber threat actors. Big companies are not escaping from attacks as well. A lot of cyber attacks in form of phishing and social engineering have been the main concern in the industry. This is why it's important that all staffs in your company are well-equipped with knowledge of various cyber attacks and how to protect themselves and the company. Cybersecurity awareness programs, if done in consistent and right way, can provide the company with strong defense against various cyber attacks.

There are few things that company can start doing in boosting the cybersecurity posture, such as having effective phishing campaigns, launching periodic cybersecurity awareness newsletter, reviewing and socializing company's security policies, and holding targeted cybersecurity training for specific groups of staff.

Effective Phishing Campaigns

In order to have effective phishing campaigns, they must take recent trending topics and are designed as close as possible to the actual email so staffs would naturally think that they are legitimate and "fall" for the suggested actions, such as clicking links, opening attachments or providing their credentials. Once the campaign ends, you can then send campaign closure email to all staffs and put some "hints" to help them identify phishing emails.

Cybersecurity Awareness Newsletter

It's good to have periodic newsletter about various domains in cybersecurity and remind all staffs on company's acceptable use policy. With these newsletters, all staffs will be reminded on what can and what can't be done when they are under your company's employment period and handling company's data.

Company's Security Policies

Policies are important to be established within the company as operational guidelines to safeguard the company's business continuity. Policies usually contain general clauses and standard or procedure documents can be created to have more detailed information related to the policies.

Targeted Cybersecurity Training Programs

Various training programs can be set with relevant content for different groups of people in the company. For example, you can setup secure coding practice workshop for developer team or third-party risk assessment workshop for procurement or sourcing team.

Cybersecurity awareness programs can be your first defense method in countering cyber threats. You can always start small by creating few basic policies, publishing some security related newsletters or posters, or launching a few simple phishing campaigns. Once you have done the first steps, you can review the results and consider improvements for next steps. 

How Small Medium Businesses Can Improve Their Cybersecurity Posture

 

As a small business, you may not realize just how vulnerable your organization is to cyberattacks. A cyberattack can damage your business' reputation, disrupt operations and even lead to financial losses.

To protect your business, follow these tips:

1. Train your employees on best practices. A lack of cybersecurity awareness among employees can lead to compromised accounts and stolen data. Ensure that all employees understand your organization's security policies. You should also train your employees to recognize phishing emails and other forms of social engineering attacks.

2. Invest in tools that limit information loss, monitor your third-party risk and fourth-party risk exposure, and help you respond to incidents effectively. A comprehensive incident response plan can also help you minimize business disruption if an attack occurs. Theses tools and plans can also help you better manage compliance requirements and meet other industry regulations.

3. Develop an incident response plan. Incident response plans should address how your organization will respond to a cybersecurity incident. Incident response plans should address not only technical responses, but also legal, public relations, and executive communications. The plan should include appropriate communication steps for informing employees, customers, and third parties about the status of incident and how the organization is responding.

4. Implement secure systems. You should ensure that all of your critical IT systems are properly secured to reduce the risk of data breaches and other attacks. End-user systems should be at least protected by anti-virus. Servers should be behind a strong firewall and it should be updated regularly with the latest security patches and firmware. Password should be complex and changed regularly. Backups should be regularly tested to ensure data can be restored quickly in the event of an attack. 

5. Conduct regular risk assessments. Conducting regular risk assessments can help you identify potential risks and secure your sensitive data. You should conduct risk assessments on all of your systems, including computer system, wireless networks, physical systems and mobile devices.

6. Implement multi-factor authentication where possible as additional layer of protection, including for remote access, privileged users and critical assets. Most passwords can be easily cracked using password cracking tools or brute force attacks. Using multi-factor authentication can help protect your accounts from being hacked. In addition, it can also help reduce your risk of data breach by limiting access to systems and data from unauthorized users.

Quiet Quitting in Cybersecurity May Not Work for Women

Quiet quitting has become a trend recently. Basically, people are just doing their bare minimum at work because they've been having burn out as a result of COVID's work from home culture which blur the work and life boundaries. 

To be honest, this is not something new. I've encountered some people doing this quiet quitting attitude in my previous workplace. They don't bother to pick up new projects to showcase their leadership or skills. They're not after the career advancement and they're content with where they are now.

But, can we do quiet quitting if we work in cybersecurity field, especially women? Firstly, women in cybersecurity has been outnumbered by men and they're treated unequally. Women are often assigned with non-meaningful tasks which don't contribute to their performance review nor career advancement. 

What I'm saying is women are already in unfair place, to begin with. I know women are in general burnt out because they need to take care both career and house chores. And joining the trend of quiet quitting seems to be tempting. But I believe it'll pose higher consequences to women if they're quiet quitting compare to men.

When women do quiet quitting, they will be labelled as slackers or under performer. There's bias that weighs towards bad impression once women stop doing extra. Unfortunately, this won't do women any good for their career advancement. Women will get pushed away from promotion although they're actually more capable than other men coworkers. 

What women can do?

I won't suggest women to take up more work when they're already burnt out and barely surviving. I suggest that women to continue working smarter, not harder. As much as possible, advocate for your work and yourself at work. Speak up when you have better ideas and don't afraid to be wrong (this is how you increase your visibility). Have growth mindset and think challenges as improvement opportunities.

Preparing for CISSP Exam

 I'm currently in the midst of preparing for the CISSP exam. I have been contemplating since last year whether I should go for CISSP exam (in the end I did my CCSP and I passed - read my post on the preparation here). This year I decided to prepare and take the CISSP exam.

Why I want to take the CISSP exam?

1. High Paying Jobs

I read many articles which mentioned that CISSP is always in the top 5 cybersecurity certifications to have high paying jobs.

2. Improving my cybersecurity knowledge

As a beginner in cybersecurity field, I definitely have a lot to catch up. My another intention is as I  prepare for CISSP, I can actually brush up my cybersecurity knowledge and fill the gaps that I have as much as possible.

What materials I use to prepare for the CISSP exam?

1. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide

I bought the book and have been reading it since the beginning of my preparation. I think the book has good structure and there's definitely a lot of information on it. I think this book can be considered as the holy grail book when people are preparing for CISSP.

Buy CISSP Official Study Guide Bundle here at Amazon

2. LinkedIn Learning

I'm fortunate that my company provides LinkedIn Learning subscription to staffs so I actually watch the CISSP course by the same book author, Mike Chapple.