Intro: Just like every other article on the web, we'll start with a definition.😂 God! I hate formalities but here you go:✨
Cybersecurity is the ongoing efforts and practice of protecting computer systems, networks, and data from unauthorized access, damage, theft, or disruption. In simpler terms, it means securing anything on the internet and off the internet(i.e. Your mobile devices).
Who is a Cybersecurity specialist?
This is anybody that has knowledge and skills in areas such as network security, data protection, cryptography, secure coding practices, risk assessment, incident response, and ethical hacking. Either actively employed or unemployed(like me)🤣
What does a Cybersecurity specialist do?
Comically, we sit behind computer screens all day, blow bubbles and fight crimes. Of course, it's a joke but certain parts of it are somewhat true(The sitting behind computer screens all day) part is very much true.
In professional terms, a Cybersecurity specialist protects computer systems, networks, and data from security threats, breaches, and unauthorized access. Back to informal terms, we're more like the "Justice League of the internet", with each member of the league working to protect various cities around the world just like Superman protects Metropolis, Batman protects Gotham, and The Flash protects central city. I'm a Marvel fan tho!🥱 The cities represent many companies all over the world and the superheroes are the cybersecurity specialists working around the clock to ensure the companies' systems are operational and readily available to end-users(Their customers).
What should I study in college to become a Cybersecurity specialist?
On the surface, any science-related course you study in college is enough to give you a head-start in Cybersecurity, if you're looking for university course recommendations then I will suggest you study computer science or computer engineering. It's not a guarantee that you will get the necessary knowledge needed but at least it provides you with basic computing skills and understanding of the computer domain.
Then of course you start intensive learning on the internet, search for free cybersecurity courses and enroll. Learn and test your skills, build your portfolio, and keep going.
Are Cybersecurity specialists hackers?
Well, this is a tricky question, and yeah I keep getting such questions all the time and honestly, I don't know how to explain to people and they will understand, some might go as far as asking you to hack their partner's device🤦♂️ or help recover a hacked Facebook account from the hackers and punish them😹 Yes I know it's a big field and the expectations are high, I get it! and the movies aren't helping matters at all!!!! especially movies like Mr.Robot which portrays hackers as godly beings who control the internet. In reality, there are various job roles in cybersecurity, and not all require the technical hands-on hacking and all that being portrayed in movies. Let's look at the job roles or career paths in Cybersecurity.
Job roles in Cybersecurity
There are various job roles in cybersecurity, each with its specific responsibilities and requirements. Here are some common job roles in cybersecurity:
Information Security Analyst: Analyzes and assesses security vulnerabilities, monitors and investigates security breaches, and implements security measures to protect an organization's data and systems. They're kinda in-between hackers and average IT guys.
Security Engineer: Designs, develops, and implements security systems, including firewalls, encryption methods, and intrusion detection systems. They also conduct security assessments and tests to identify vulnerabilities. These are the smart guys who build the tools that cybersecurity specialists use.
Security Architect: Designs and builds the overall security structure and framework for an organization's systems and networks. They develop security policies, standards, and procedures, and work on creating secure architectures for new projects. Well, these guys sit behind the computer screens imagine a cybersecurity tool, write it down, and send it to the security engineers to build.
Incident Responder: Responds to and investigates security incidents, such as data breaches or cyber-attacks. They identify the source of the incident, contain the damage, and implement measures to prevent future incidents. They are more like the CIA of Cybersecurity but the term "CIA" which means Confidentiality, Integrity, and Availability is widely used in cybersecurity but for a different purpose(don't worry you'll come across it frequently as you advance).
Ethical Hacker/Penetration Tester: Conducts authorized simulated cyber attacks on systems and networks to identify vulnerabilities. They help organizations identify weaknesses in their security infrastructure and recommend appropriate mitigation measures. These are the bad guys, they're the ones who break into systems and do the cool stuff(If things go well it should be my major)😎 things are gonna go well, they're are categorized into BlackHat, GrayHat & WhiteHat but this is beyond the scope of this topic and will be discussed later on.
Security Consultant: Provides expert advice and guidance to organizations on their overall security posture. They assess risks, develop security strategies, and help implement security solutions based on industry best practices. To be honest, I don't know where exactly these guys operate but to be able to provide consultancy services you should have more than basic knowledge of the field.
Security Operations Center (SOC) Analyst: Monitors and analyzes security events and incidents in real-time, using security tools and technologies. They investigate alerts, conduct threat analysis, and respond to security incidents. These are the boring guys, they just sit behind big screens every day and monitor traffic waiting for a hacker to attack.
Forensic Analyst: Investigates and analyzes digital evidence related to cybercrime. They collect, preserve, and analyze data to determine the cause and extent of security breaches, and may assist in legal proceedings. They are the lab guys, the accept digital evidence from the incident response team, then analyze it to determine if it is fit for intelligence.
Security Auditor: Evaluates an organization's security controls and practices to ensure compliance with industry regulations and standards. They perform audits, identify weaknesses, and provide recommendations for improving security. Aha! the law guys, ensure companies meet up with industry standards by running audits and compliance tests.
Security Manager: Oversees the overall security operations and strategy of an organization. They develop security policies, manage security teams, coordinate incident response, and ensure compliance with security requirements. They're like your boss at the office who supervises all the activities within the security team.
There are more roles but these are the most popular ones, which brings us back to the initial question: Are Cybersecurity specialists hackers? If you read the above you will observe that certain cybersecurity roles do not require hands-on hacking exercises, most roles are associated mostly with paperwork and general operations. So next time, if you meet a cybersecurity specialist do well to ask what role they perform so as not to offend them with inappropriate questions.
I hope I was able to cover critical aspects of cybersecurity, and also the processes involved. In future articles, I would be sharing useful links and resources. I hope you found this article helpful, feel free to leave a comment or ask a question.