When starting out in the field of cyber security, whether that is on your own or through higher education, you are confronted with a massive problem. There are so many skills and information out there! You probably have asked yourself, where do you start first? In this blog, I hope to ease your mind and point you in the right direction. We are going to talk about the first skills you should focus on before venturing out and specializing.
Understanding Cyber Security Basics
This may seem like a stupid suggestion but understanding what cyber security means to the world of business. Fundamentally, we only have jobs because companies find this skill necessary. I urge you to take a brief survey course on this topic. Khan Academy has a great short course on this topic in normal person language.
Grasping the topics covered by Kahn Academy will allow you to associate other information to these bits of data and speed up your overall learning. Believe me, I know skipping to the juicy technical stuff is tempting but take a second to get a bird’s eye view of the battlefield.
My next suggestion is geared towards those with a limited IT background. If you have limited your computer time to writing papers and cruising the internet, you should take a sec to learn more about the operating system you have been using this whole time. WINDOWS!
Get familiar with a few key ideas such as the file structure, the software installation process, the boot-up process, command line, windows networking, anti-virus, firewall, troubleshooting, and other fundamentals. Here is a free IT Support course from Microsoft to get you going.
You will be working with Windows on a deeper level when you jump into this industry. This knowledge is meant to teach you about normal behaviors in the Windows environment so you can detect outliers.
Network all the things
How do systems talk to each other? That is a likely next inquiry. Networking accomplishes this feat, and honestly, the topic can get as complex as you let it. Stick to the basics, such as topics covered in the Network+ certification.
I do not intend to be push certs. These are just great structured approaches to topics needed in the given area. Use the free training programs and don’t worry about the certification exams. If you have the cash go for it but remember you will have to pay a maintenance fee on most certifications and these can get expensive quickly.
For topics under networking, make sure to understand the OSI Model, TCP/UDP, essential ports and services, how routers and switches work, and subnetting. These will all most assuredly pop up daily when working in an Analyst role. Check out Cybrary’s free course on the Network+ certification.
Malware on the Loose
One of the most impactful pieces of software in the wilderness of the internet is malware. This word encompasses all those things that attackers use to infiltrate, persist, and control systems. Malware is so prevalent that I can guarantee that your system has had malware on it at one point.
As an analyst, it will be your job to understand the specific malware threats you come across and properly triage the activity. Take time to understand the fundamentals, the different varieties, and a brief history of how malware has impacted the world.
Cybrary has a really short course by Dustin Parry called malware Fundamentals, that cover these topics. If you want to learn more, just about any Security + material will include what you need to know to get started.
This section, I actually struggled with deciding if I wanted to include it as basic information. I then began to think about everything that uses some form of cryptography. It is everywhere! Understanding the concepts and how it is used is required for triage work.
I feel like I am beating a dead horse, but the Security+ does a great job of covering this information.
There are some other great resources out there. If you are an absolute beginner, PixelPrivacy does a great job of getting right to the important stuff. If you want a more thorough introduction, Khan Academy’s “Journey into cryptography” is a great place to learn topics such as the history of crypto and how modern cryptographic algorithms work.
There are plenty of other topics to consider, but these I believe are the most important to a beginner analyst. If you knock all of these areas and get the Security+ knocked out, dig into areas you find interesting. There are loads of free resources out there.
I don’t get paid for recommending any certifications but after being in plenty of interviews and conducting twice as many, these topics come up consistently. Those with a foundational security certification almost always do better. Those who do great without are the exception to the rule.
A second benefit of the certification is that even without a completed degree you will be eligible for some entry-level positions. How awesome would it be to get real on the job experience and get paid for it, while in school?
Make sure to check out other analyst related blogs:
CYBERSECURITY ANALYST 101: METHODOLOGY
TOP THINGS TO KNOW WHEN GOING INTO YOUR FIRST TECH INTERVIEW