Get into Cyber Security!!
*** There is no Golden Certification to get you in Cyber Security ***
Many individuals contacted me to inquire about how they might begin a career in cyber security or transition from their current positions into cyber security.
This is what I recommend to folks who want to get started in Cyber Security: learn networking fundamentals! You should be familiar with the fundamentals of networking, including RFCs, packets, and TCP/IP stacks, as well as a basic grasp of network equipment such as switches, routers, and firewalls. Also, knowing how to log is crucial since logs are everything.
Get to know the Three Way Handshake, which describes how a session is started, established, and ended.
Understand basic fundamentals of security, security tools like firewalls, IDS/IPS, HIPS, AV, DLP, EDR, SIEM, SOAR, vulnerability scanners, etc. Also know about security concepts like RBAC, least-privilege, zero-trust, CIA, Federated access etc.
Know about Security compliance frameworks and standards like PCI-DSS, NIST, OWASP, CIS Benchmarks etc. It is very important to have basic understanding of them as all security policy & control revolve around them.
Understand Enterprise Management. Understand how end-point OS interacts via the network within a larger authority environment. Understand the use of AD, permissions sets, groups, enrollments, software and policy management.
Learn any programming language (Python, JavaScript, SQL, PowerShell etc.). Learn about CI/CD and integration between various tools using any open framework like Ansibles, Chef, Jenkins etc.
Get some relevant certifications. I said it earlier “There is Golden Certificate to get you in Cyber Security”. However, it depends on the security field you want to get into. But there are some basic certifications you can do which help you in fundamentals like CCNA Security, Security+ and then you can do various other certifications like CCIE Security, CISSP, CISA, OSCP, GPEN etc.
Certifications will help you to get you an interview, but in order to crack the interview and qualify for the job, you should be able to demonstrate your technical knowledge and have intelligent conversations about cyber security. You will get that when you do lot of research and do hands-on labs. Set up your own virtual lab either on VMWare or in Cloud… Create some simulations, play around it and get your hands dirty.
Stay Raw, Stay Productive. Never stop learning…
If you are looking for any help, advice, tips etc. feel free to reach out to me on LinkedIn.
