1. introduction to cybersecurity
digital forensic investigator (red team position)
gathers evidence of digital information in systems to determine how cybercrimes were committed
ethical hacker (red team position)
hired by organizations to legally hack into their networks and identify weak entry points
vulnerability assessment analyst (red team position)
hunts for critical flaws and vulnerabilities in networks, often as a third-party consultant
cybersecurity engineer (blue team position)
keeps computer information systems secure and controls access based on user classifications
security operations center (SOC) (blue team position)
monitors and manages networks; works with intrusion detection/prevention systems
industry recognized certifications
not tied to a specific vendor or product and focuses on broader industry standards or best practices
specialty certifications
offered by technology vendors or manufacturers to validate proficiency in their products
incident detection engineer (red team position)
replicates real threats to understand how they operate and how to neutralize them
network security administrator (blue team position)
responsible for the management and monitoring of organizational network security
GIAC Certified Forensic Examiner (GCFE) - next level certification
"certification holders can conduct typical incident investigations including e-Discovery, forensic analysis and reporting, evidence acquisition, browser forensics, and tracing user and application activities on Windows Systems"
Computer Hacking Forensic Investigator (CHFI) - next level certification
"validates that you have the knowledge and skills to detect hacking attacks" and "to properly obtain evidence needed to report the crime and prosecute the cybercriminal"
CompTIA Security+ (entry level certification)
"validates the baseline skills necessary to perform core security functions and pursue" a career as a SOC analyst
blue team career
- maintain system security - prevent security breaches - monitor systems for potential threats - respond to incidents - research security technology
career pathway options after gaining some experience in the cybersecurity field
- technical lead analyst - security consultant - director of information security - chief information security officer
red team career
- test defense efficacy and resilience - search for weaknesses and vulnerabilities - provide security assessments
cyberseek
- website that provides details on cybersecurity-related positions in the US job market - helps find job seekers, employers, educators, and career counselors - provides career pathways and cybersecurity job possibilities - provides details such as average salaries and available positions
how breaches affect an organization
1. financial impact 2. reputational loss 3. loss of productivity 4. legal liability 5. business continuity
primary concerns of cybersecurity
C - confidentiality I - integrity A - availability
availability
ensuring timely and reliable access to and use of information
IT auditor (blue team position)
assesses technology for potential security, efficiency, and compliance issues
Systems Security Certified Practitioner (SSCP) - (entry level certification)
covers security best practices in implementing, monitoring, and administering IT infrastructure
what is cybersecurity?
cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information
integrity
the ability to ensure that information or data remains unchanged and accurate
confidentiality
the act of sharing or revealing information only with authorized personnel