Cybersecurity is one of the growing fields of technology. In the era of smart devices with wireless connectivity, it is very easy to hack into the systems to access sensitive and personal data. The vulnerability of technology is exploited by the Deep Web and black markets across the world. It is critically important to protect data and devices from such threats.
In this session, Gotham Sharma educates us on the topic of Cybersecurity, the cautions of the profession, and opportunities in the market.
As a Managing Director of the Exeltek Consulting Group, Gotham Sharma is an expert Cyber Security Consultant. Besides being a licensed technology instructor, he currently manages the daily operations of the New York based Consultancy Group.
How to Build a Cyber Career Portfolio
In this session, Gotham Sharma discusses the sensitive details of the topic Cybersecurity as a career option. He kicks off his discussion with a pop quiz on some facts and figures in Cybersecurity industry:
1. 230,000 new malware files are created daily across the internet, according to the Kaspersky research labs.
2. A cyber attack takes place approximately every 39 seconds, as per the research conducted by James Clark School of Engineering.
3. $1,000,000,000 is expected to be spent globally on Cybersecurity between 2017 and 2020, according to Cybersecurity Ventures.
4. Facebook, Pentagon and many other popular sites were recently hacked.
5. According to Cybersecurity Ventures, a global shortage of 3.5 million security professionals is expected by 2021. The ratio division of the same is 11% women and 12% minorities.
6. According to Bureau of Labor Statistics, the average salary of a Cybersecurity professional is $116,000. It may however vary according to the expertise and experience.
What is Cybersecurity?
Before plunging into Cybersecurity, understanding what the term security means is crucial. Security is the safety we provide to our belongings and assets through locks, doors, lockers, etc. in our daily life. These are the physical security systems for the tangible assets.
Cybersecurity can be understood as translating physical security into digital security.
According to Wikipedia, Cybersecurity is defined as “…technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access.”
There are a lot of factors that come under cyber/information security:
- Confidentiality – accessed only by those who are authorized
- Integrity – Information is accurate, disallow unauthorized changes.
- Availability – Resources (files, networks, etc) are accessible when needed to those who are authorized.
Jobs in Cybersecurity
There are many roles that require different states of expertise in Cybersecurity. They are:
- Security Auditor
- Security Software Developer
- Security Analyst
- Penetration Tester
- Computer Forensics Expert
- Incident Responder
- Security Architect
- Security Engineer Security Consultant
- Chief Information Security Officer
- Cybersecurity Lawyer
No one can be an expert in the beginning. It is just a matter of experience and domain expertise. There are many ways one can learn concepts in Cybersecurity and get exposed to various challenges:
- Online courses (MOOCs)
- Wide Variety of Certifications
- Some degree programs
- Online Labs/activities:
Mere online learning, sometimes, doesn’t expose us to the wide reality of the industry requirements and challenges. Gotham then informs us about many online hackathons and competitive exams/programs that bolsters the basic learning.
- Compete (CTF) Practice in a controlled environment = no jail time (woohoo!)
- National Cyber League
- Global Cyberlympics
- US Cyber Patriot
- US Cyber Challenge
- National Collegiate Cyber Defense Competition
The speaker says that once you are well equipped with sufficient experience and knowledge, you must start to practice independently as a researcher or join with a private company to provide security services. The companies that will pay you for this are:
- Internet bug bounty
Note – Unauthorized use of a computer carries a maximum sentence of 20 years in prison and fines.
Engage with community
There are a multitude of ways to engage with communities of Cybersecurity:
In the real world:
Meetup, Eventbrite, conferences, conventions
Reddit, Security, Stackexchange, Ars Technica, Wired
- Free/discounted membership for students
- OWASP, ISSA, ICMP, National Cybersecurity Students Association, mentorship
It is through sharing the knowledge, the community of Cybersecurity grows. One can do this through any of the social media platforms by writing small posts with some concrete information, at regular intervals.
One need not be an expert to do this, initially. It is through the constant efforts, one can grow to become an expert.
You can choose a platform (LinkedIn, Twitter, Facebook, website, etc) and share resources that you find useful and start engaging with professionals in the industry.