4 answers

What classes will better prepare me for the emerging market of IT Security?

Asked Hebron, Kentucky

4 answers

Seeja’s Answer

Updated San Ramon, California

That are a lot of classes that will help you, specifically for Cyber security its good to have a solid background in software engineering and design, understand software architecture and the common software vulnerabilities. Ethical hacking and penetration courses are also good to take.

if you are interested in risk and IT governance there many classes for security and risk management, The CISSP certification is also a good one to have. you can find a lot of information here

www.isaca.org/‎ and also here https://www.isc2.org/ there are security certifications that can be pursued.






Michael’s Answer

Updated Reston, Virginia

Programming skills such as Python and Powershell along with Perl or Java would be my recommendation that will set you apart to hiring managers. I would also recommending courses in Linux or Unix Administration where you learn vital terminal command-line skills. Any network security appliance if offered such as prep classes for Cisco Certifications will teach you the basics of network security and looks good to decision makers and hiring managers.

Training:

The majority of training in your career will be self taught so become familiar with github or gitlab and start downloading and testing open source projects. Download and install different linux flavors such as Redhat, Ubuntu, CentOS etc and use one everyday as your primary OS to use for school or testing often enough so you become familiar how to tune, fix and troubleshoot.

Certifications:

Pick a IT Security Certification and get certified. Certs such as Security +, Certified Ethical Hacker CEH, Systems Security Certified Practitioner SSCP and many others do help early on to stand out among a growing field of Cyber Professionals.

Getting Started:

One recommendation I have seen work and given to others is to consider starting with a security vendor as a support engineer. Once your employed with a vendor you have opportunities to network with other cyber professionals while learning and growing in the field. Always be proactive, motivated and not afraid of change and a good self learner.

Bill’s Answer

Updated Atlanta, Georgia

Hi,

Seek courses in fundamental concept areas such as networking, OS, software engineering, and search for professors that can help you look for courses that are more tailored for your potential job interests. Focus on building relationships with those teachers who have industry knowledge from their experience in IT Security. The more well versed you are in commanding multiple Operating Systems, Apps, Products will expose you to optimal success in emerging industries.

I would specifically recommend you study courses that discuss data breaches or cyber incident response, forensics, and crisis management methodologies. Please feel free to reach out if you wish to chat more. All the best.

Bill

Bill recommends the following next steps:

  • Attend a cybersecurity networking event
  • Research Academic Catalogue or another professional institution (SANS Institute) for training regarding cyber incident response.

G. Mark’s Answer

Updated

First I'll give you the more obvious answer. You should start with a survey of computing languages and then operating systems. Without knowledge of a lot of operating systems, I would have been severely hampered in attacking a lot of security problems. Sometimes the bad guys will use lesser-known technologies to circumvent security measures. Since lots of people are familiar with a smaller number of popular technologies, these hacks are solved more quickly. But now, I'd say a very practical approach is to read books on hacking and computer security. The reason for the first step -- learn programming and systems and computer architectures -- is obvious. A second step of simply looking for a class in computer security or reading texts on computer security is to understand existing countermeasures. The downside to this is that many hacks are perpetrated by folks who have studied these same books and outwit the countermeasures. The next step is to read books about hacking. Beginning Computer Hacking by Alan T. Norman is a good start. Then there are other books that go deeper.


Now I'll give you some advice that will be a little less predictable than, say, a book of computer protocols. It may be less often that you'll need this information, but if confronted by such a problem, you'll be congratulated. Read a book on psychology. Get a taste for the motivation of your hacker. Most fall into two categories. First is for gain or control. Second is just for fun. I was once tasked with finding out why a system was going down for two minutes at seemingly random intervals. That was pretty straightforward because I did the standard thing of looking through system logs, nailing the failing module, and looking through actual code for vulnerabilities. But another time I was tasked with finding out why a telecommunications system was falling down every now and then. In that case, there were tons of control interfaces to look at. I decided that the outages didn't seem to gain anyone anything. So I thought of where control interfaces would be exposed to, say, college kids, who would be more prone to do something just to see if they could. Psychology. And looking through some hacking magazines of the time, I stumbled on an exploit that was nothing more than initiating a database update that could be corrupted. If you are confronted with a system that is behaving badly -- outages, slow-downs, etc. -- it may simply be a bug. But if it's someone messing with the system, it might be nice to understand what attracted a hacker to that particular attack.


Cybersecurity is like engineering maintenance. The vast preponderance of work is done to design a system that does what's required. Cybersecurity, like engineering maintenance, is done to address every other possibility in the universe, so it pays to understand the motivation of the perpetrator to at least pare that set of possibilities down a bit.