How You Can Get Started in Cybersecurity Field

As the technology advances, cybersecurity has gained popularity and increased demand in recent years. Many media have reported that there are lack of cybersecurity professionals and many jobs have gone unfilled. If you're interested to join the cybersecurity field, here are the key steps you should do to get started:

1. Understand the Basics of Cybersecurity

Before diving into specialized areas, it’s important to have a solid understanding of what cybersecurity is and its role in protecting digital assets. Focus on these foundational concepts:

• Confidentiality, Integrity, and Availability (CIA Triad): The core principles of cybersecurity.
• Types of Cyber Threats: Malware, phishing, ransomware, and social engineering.
• Basic Networking: Understand IP addresses, TCP/IP, DNS, VPNs, firewalls, and routers.

2. Get Familiar with Key Tools & Technologies

To be effective in the field, you need hands-on experience with the tools that cybersecurity professionals use. Some important tools to explore include:

• Firewalls and Intrusion Detection Systems (IDS).
• Encryption tools for data protection.
• Security Information and Event Management (SIEM) platforms like Splunk or ELK Stack.
• Vulnerability scanners such as Nessus or OpenVAS.
• Penetration testing tools like Metasploit, Burp Suite, or Wireshark.

3. Choose a Specialization

Cybersecurity is a vast field, so narrowing down a specific area of interest can help. Some common specializations include:

• Network Security: Protecting the network infrastructure and preventing unauthorized access.
• Application Security: Securing software and applications from vulnerabilities.
• Incident Response: Managing and responding to security breaches and incidents.
• Threat Intelligence: Analyzing and understanding cyber threats and their origins.
• Compliance and Risk Management: Ensuring organizations meet legal and regulatory requirements (e.g., GDPR, HIPAA).

4. Obtain Relevant Certifications

Certifications help validate your skills and demonstrate your competence to potential employers. Some well-recognized cybersecurity certifications include:

• CompTIA Security+: A great entry-level certification that covers the basics of cybersecurity.
• Certified Information Systems Security Professional (CISSP): For professionals with more experience.
• Certified Ethical Hacker (CEH): Focuses on penetration testing and ethical hacking.
• Certified Information Security Manager (CISM): Focuses on managing and governing cybersecurity programs.
• Cisco Certified CyberOps Associate: Useful for those interested in network security.

5. Hands-On Practice

Cybersecurity is a practical field that requires hands-on skills. Set up a home lab or use online platforms to practice real-world scenarios. Some options include:

• TryHackMe and Hack The Box: Interactive platforms with labs for practicing penetration testing and other skills.
• Build a Home Lab: Set up virtual machines and test security tools and configurations in a controlled environment.
• Open Source Tools: Play with open-source tools like Wireshark, Snort, or Kali Linux to improve your practical knowledge.

6. Stay Current with Threats and Trends

Cybersecurity is a constantly evolving field, with new threats emerging every day. To stay ahead:

• Follow Cybersecurity Blogs and News Sites: Sources like Krebs on Security, Dark Reading, and Threatpost will help you stay informed.
• Participate in Forums: Join cybersecurity communities like Reddit’s r/cybersecurity, or specialized forums like StackExchange or InfoSec World.
• Attend Conferences & Webinars: Look for events like Black Hat, DEF CON, RSA, or local meetups to network and learn.

7. Build a Network

Building relationships with other professionals in the industry is vital for your growth:

• LinkedIn: Engage with cybersecurity professionals on LinkedIn to learn from their experiences.
• Local Meetups: Join local groups to meet people in person and exchange ideas.
• Mentorship: Find a mentor in the field who can offer advice and help you grow.

8. Understand Cybersecurity Governance & Risk

As a leader, it's crucial to understand how to align cybersecurity strategies with business goals:

• Cybersecurity Frameworks: Familiarize yourself with standards like NIST, ISO 27001, and the CIS Controls.
• Risk Management: Understand how to assess, mitigate, and manage cybersecurity risks in an organization.
• Compliance: Learn about laws and regulations like GDPR, HIPAA, and PCI-DSS.

9. Consider the Soft Skills

While technical skills are vital, soft skills are equally important for a successful cybersecurity career:

• Communication Skills: You’ll need to explain complex technical issues to non-technical stakeholders.
• Problem-Solving: Cybersecurity is about solving puzzles and identifying vulnerabilities.
• Teamwork: Collaboration with other IT professionals, executives, and departments is key.
• Attention to Detail: Cybersecurity requires a keen eye for identifying even the smallest security gaps.

10. Seek Entry-Level Opportunities

Start with entry-level roles to build experience. Some possible starting positions include:

• Security Analyst: Monitoring and analyzing security systems.
• Network Administrator: Managing and securing network infrastructure.
• Incident Responder: Responding to and investigating security incidents.
• SOC Analyst: Working in a Security Operations Center to monitor for threats.

11. Invest in Continuous Learning

The cybersecurity landscape is always changing, so continuous education is essential. Regularly take courses, read books, and participate in webinars to enhance your skills and stay relevant.

Conclusion

Cybersecurity is a dynamic, high-demand field, and getting started involves both acquiring the necessary technical expertise and developing a broader understanding of security concepts. It requires dedication, a continuous learning mindset, and the ability to adapt to new challenges. By following these steps, newcomers can lay a solid foundation and eventually build a successful career in cybersecurity.

Books I Used to Get My Cybersecurity Certifications

Disclaimer: I'm a big fan of Mike Chapple books and I've been using his books to prepare for all my three cybersecurity certifications CISSP, CCSP, CISM. I read the whole official study guide books and usually start to do the practice questions from the practice tests books 1 month before the actual exam day.

You can find the link to get the books from Amazon on each link.

 CISSP Official Study Guide (link included)

Read on how I prepared for my CISSP exam here

CISSP Official Practice Tests (link included)

I recommend to do practice tests around 1 month before the exam day.

CCSP Official Study Guide (link included)

Read on how I prepared for my CCSP here

CCSP Official Practice Tests (link included)

CISM Official Study Guide (link included)

My other post:

Things I do to stay relevant in tech/cybersecurity industry

Things I Do to Stay Relevant in the Tech/Cybersecurity Industry

 I have been working in tech industry for more than 10 years and the past few years in Cybersecurity space. It's been a great journey so far. But tech and cybersecurity industries are like our galaxy. There are so many categories inside them and so much things to learn (this what excites me actually, everyday is learning day).

It's undeniable, the industry is so fast evolving everyday. There's always new innovations appear on the market. That's why, we, tech/cybersecurity workers, need to stay relevant as well. Here are few ways that I do to stay relevant in the fast-moving tech and cybersecurity industry.

1. Connect with people and follow relevant organisations/groups on LinkedIn

I got so much benefits from my circle on LinkedIn. I got to know about new vulnerabilities or new features update or relevant events from posts that my circle member posted or liked or shared. You'll be surprised by how information-rich your LinkedIn feed can be. 

2. Join relevant physical events and network with fellow professionals

I personally joined my professional body's local chapter and I've learned a lot from other experts. I got so much other opportunities as well which I wouldn't get if I never join the chapter, like hosting relevant events locally and regionally, both physically and virtually. And, it has expanded my network too, which I am grateful for. When I was affected by layoff last year, there were so many people reached out to me and extended their help.

3. Keep checking on job vacancies although you're not looking for a change

I always do this until now. Not only I get the glimpse of the salary market, but also what are the skills needed in the market for my current role or my next target role. This will help me to prepare on what skills to polish for the next 1-2 years time. By then, when I'm in the lookout for new job/opportunity, I know that I'm ready for my jump.

Hope my above two cents are useful for you. I'm interested to know what other ways you do to stay relevant in your industry. Feel free to share!

The importance of cybersecurity awareness programs and it can be your first defense against cyber attacks

 Cyber attacks are getting sophisticated and growing in numbers everyday. Small medium businesses and healthcare are the new target of the cyber threat actors. Big companies are not escaping from attacks as well. A lot of cyber attacks in form of phishing and social engineering have been the main concern in the industry. This is why it's important that all staffs in your company are well-equipped with knowledge of various cyber attacks and how to protect themselves and the company. Cybersecurity awareness programs, if done in consistent and right way, can provide the company with strong defense against various cyber attacks.

There are few things that company can start doing in boosting the cybersecurity posture, such as having effective phishing campaigns, launching periodic cybersecurity awareness newsletter, reviewing and socializing company's security policies, and holding targeted cybersecurity training for specific groups of staff.

Effective Phishing Campaigns

In order to have effective phishing campaigns, they must take recent trending topics and are designed as close as possible to the actual email so staffs would naturally think that they are legitimate and "fall" for the suggested actions, such as clicking links, opening attachments or providing their credentials. Once the campaign ends, you can then send campaign closure email to all staffs and put some "hints" to help them identify phishing emails.

Cybersecurity Awareness Newsletter

It's good to have periodic newsletter about various domains in cybersecurity and remind all staffs on company's acceptable use policy. With these newsletters, all staffs will be reminded on what can and what can't be done when they are under your company's employment period and handling company's data.

Company's Security Policies

Policies are important to be established within the company as operational guidelines to safeguard the company's business continuity. Policies usually contain general clauses and standard or procedure documents can be created to have more detailed information related to the policies.

Targeted Cybersecurity Training Programs

Various training programs can be set with relevant content for different groups of people in the company. For example, you can setup secure coding practice workshop for developer team or third-party risk assessment workshop for procurement or sourcing team.

Cybersecurity awareness programs can be your first defense method in countering cyber threats. You can always start small by creating few basic policies, publishing some security related newsletters or posters, or launching a few simple phishing campaigns. Once you have done the first steps, you can review the results and consider improvements for next steps. 

How Small Medium Businesses Can Improve Their Cybersecurity Posture

 

As a small business, you may not realize just how vulnerable your organization is to cyberattacks. A cyberattack can damage your business' reputation, disrupt operations and even lead to financial losses.

To protect your business, follow these tips:

1. Train your employees on best practices. A lack of cybersecurity awareness among employees can lead to compromised accounts and stolen data. Ensure that all employees understand your organization's security policies. You should also train your employees to recognize phishing emails and other forms of social engineering attacks.

2. Invest in tools that limit information loss, monitor your third-party risk and fourth-party risk exposure, and help you respond to incidents effectively. A comprehensive incident response plan can also help you minimize business disruption if an attack occurs. Theses tools and plans can also help you better manage compliance requirements and meet other industry regulations.

3. Develop an incident response plan. Incident response plans should address how your organization will respond to a cybersecurity incident. Incident response plans should address not only technical responses, but also legal, public relations, and executive communications. The plan should include appropriate communication steps for informing employees, customers, and third parties about the status of incident and how the organization is responding.

4. Implement secure systems. You should ensure that all of your critical IT systems are properly secured to reduce the risk of data breaches and other attacks. End-user systems should be at least protected by anti-virus. Servers should be behind a strong firewall and it should be updated regularly with the latest security patches and firmware. Password should be complex and changed regularly. Backups should be regularly tested to ensure data can be restored quickly in the event of an attack. 

5. Conduct regular risk assessments. Conducting regular risk assessments can help you identify potential risks and secure your sensitive data. You should conduct risk assessments on all of your systems, including computer system, wireless networks, physical systems and mobile devices.

6. Implement multi-factor authentication where possible as additional layer of protection, including for remote access, privileged users and critical assets. Most passwords can be easily cracked using password cracking tools or brute force attacks. Using multi-factor authentication can help protect your accounts from being hacked. In addition, it can also help reduce your risk of data breach by limiting access to systems and data from unauthorized users.

My cybersecurity journey just started

 Last year, I decided to move to cybersecurity role after my maternity leave ended and joined a local bank in Singapore.

I was lucky that I had ex-colleague who refer me to the position of cyber solutioning as my stepping stone into the field.

It was a steep learning curve, definitely. A lot of new cybersecurity terms that I didn't know before and I needed to spend extra time to research on them. 

I would say it's not an easy beginning, added with postpartum depression that might kick in. 

I stumbled upon mentorship program organized by (ISC)2 Singapore Chapter and immediately registered for it. My mentor was great and smart. He provided me with information that I needed when I just started my cybersecurity job. He also encouraged me to take CCSP exam because I have recent background in cloud. I was so inspired that I signed up to be the chapter's volunteer. Check out the (ISC)2 Singapore Chapter website for more details on our activities.

If you want to know how I prepared for my CCSP exam, I wrote a short post about it. 

I decided to leave the bank after 10 months to joined a tech company as IT GRC (Governance Risk Compliance) analyst. Here I get exposure to different role in cybersecurity. It's been 5 months now, there's still a lot to learn for me. But I enjoy this part of cybersecurity for now.

I'll sure update more on this cybersecurity journey here at my blog. Stay tune! :)