Tag Archives: information-security

Navigating the Infinite Training Resources for Cybersecurity

This is going to be brief as the sheer amount of training to become a cyber security specialist is overwhelming and can be filled with deceptive language that will promise a career in a specialized field filled with specialists. They commonly have over 10 to 20 years of experience through the military, where a person can be asked to apply cyber security skills daily. This field also has aspiring CTOs & CISOs from Fortune 500 companies that want to play a more supervisory/managerial role in cyber security. Training can benefit them faster than it can an average person with no technology work experience, but that is not to say with the right amount of time and discipline, one cannot succeed in cyber security without a military background or an officer boardroom position in IT or related field with the right amount of time.

With the right amount of time being in of itself a huge obstacle, if surmounted one can better be enabled to learn standardized practices. That enables a business or person to be excellent in the applied utilities of cybersecurity.

Here’s a brief list of industry-standard teaching resources available to the public:

CompTIAProfessor MesserISC2CourseraCybrary

The above can serve to enhance and build upon a foundation of understanding Cyber Security.

There are a lot of places online that discuss at a professional level how cybersecurity methods are implemented every day. Still, without the ideal foundational training to go along with standard teaching resources, you can be missing and wasting that “right amount of time” you will need to learn any worthwhile concept.

Here are two great examples of professionally developed resources, that take a more tactile approach to teaching (in the sense your keyboard will be used at a greater rate).

TryHackMeHack The Box

A cybersecurity expert must be aware that there are a lot of cybersecurity experts, and these cybersecurity experts are more than willing to teach for a price. The resources I have mentioned are justifiable in the prices they set for the learning objectives they make you meet.
Institutions of learning are becoming more “wise” to develop curricula that are attractive for anyone aspiring to be a cybersecurity specialist; these curriculums may not encompass every single thing a cybersecurity professional needs to know, as the traditional amount of credit hours may not be sufficient to provide these numerous skills that need to be developed or meet a standard. It is a daunting task, and that is why there are so many resources available for someone who wants to pursue this industry.

There should always be a few questions that need to be answered before taking a course. You believe can enhance your foundational knowledge of cybersecurity and information technology.

These questions are:

What reputation does this resource possess?

Does a cybersecurity professional deliver this training?

Is this the specialized training I need to perform my desired job?

Is the training resource updated to reflect the latest cybersecurity developments?

Is there a cost, and is it justifiable in perpetuity?

You must develop your own questions so you can get the most out of these courses, resources, and institutions. You must answer them before you agree to or participate in any training. Many people are blinded by the perceived success of the future through unvalidated training resources and institutions. That may or may not allow a person to be attractive to an employer or have the correct deliverables when they are complete with their training.

Cyber security encompasses many avenues of approach for information technology in general, so if a resource is promising that you will become a cyber security professional through their course, it is a bold and hard-to-achieve objective. Still, with the right mentorship, challenges, and amount of time, you can have the same skills a cyber security practitioner uses every day, making yourself situationally aware while using the internet. Allow yourself to practice clean cyber hygiene and develop safeguarded hardware and software practices that are not only shareable and teachable but also provide safety. To those around you, and has the possibility to allow yourself a more attractive opportunity in the job market.

I would like to include for those with inquisitive minds that https://academy.hackthebox.com/ has an excellent learning module named Learning Process that provides great insight into the vastness of cybersecurity information and how to ingest that information meaningfully.

The Reality of Cybersecurity LetsGoIT

Real life cyber crimes happen on a daily basis. This isn’t a post that is tailored to scare individuals or companies from having a presence on the web. It has the intention to educate, those of us who are uninformed when it comes to Cybersecurity.

Whether or not you know the difference between Black Hats and White Hats or hackers and crackers. You must understand you cannot underestimate the knowledge a person holds going off of what, they title themselves as.

The ability to cause mayhem through theft and shutting down web applications may not have a big enough barrier to entry for those who find it valuable and not of consequence.

The absolute amount of boot camps and instructional videos granted to the population at large is staggering. The nature of these two resources enables those with no background or academic history. To learn malicious skills which would traditionally be taught through higher education for combating against them. This is not to say that all persons who  seek out a bootcamp or use Instructional videos in Cybersecurity are of bad character but it is to say the ability to weaponize these resources for personal gain is troubling.

We have seen through public fear or being overcautious of the unknown, cause incorrect circumstances befall on those that would have otherwise gone about their day as usual. One case comes to mind that made national headlines in September 2015 where a young boy was arrested for being in possession of a disassembled digital clock, the link is below if you are interested in the full story. This fear of the unknown only requires knowledge to combat against.

Fear is also a tool which can be wielded by bad actors or hackers, that also can be found with a short search. How to effectively produce whatever the bad actor aims for. This is also another reason why knowledge of these sophisticated manipulations can be important to combat against bad actors.

Cybersecurity is not only through the web, the pursuit to steal information can be conducted offline. Use of physical means to break into a system is a cybercrime. The selling or procurement of illegal items through the web is also a cybercrime. The reality of combating against bad actors with cybersecurity is  knowledge.

The clock incident:

https://en.m.wikipedia.org/wiki/Ahmed_Mohamed_clock_incident

https://www.cnn.com/2015/09/16/us/texas-student-ahmed-muslim-clock-bomb/index.html

*JD MC holds multiple degrees in IT and is an experienced writer for LetsGoIT.data*