Must-know topics to start a career in Cyber Security
March 5th, 2021
How to kickstart a career in cybersecurity? What are the basic skills required to bag a job in a cybersecurity company? These were the questions that came to my mind when I aspired to get into McAfee with an internship experience of 6 months.
Being a fresher in the field of cybersecurity, I went through a lot of blogs, videos, and courses to understand cybersecurity. Few topics helped me to crack the interview at McAfee and I am going to discuss the same in this blog.
Let me start with answers to these questions, What is cybersecurity and what do employees in a cybersecurity company do?
What is Cybersecurity?
The year 2020 was filled with unexpected events and most of us would have experienced the impact of the COVID’19.
A computer virus is not any different. How many of you know the COVID’19 has affected the systems too?
The pandemic was a fruitful period for the hackers as the internet was the only solution for us to stay connected virtually.
The entire world has adopted and managed work from home in a very efficient way, this would have not been possible without the cybersecurity companies which has protected us from all possible security breaches.
As researchers have developed the COVID’19 vaccine to protect us from the COVID’19.Similarly, the work of cybersecurity specialists is to protect the systems, network, enterprise from different viruses, malware, trojan, etc.
2.5 quintillion bytes of data are produced by humans every day. Data plays a vital role in fast-growing technologies like 5G, AI, Bigdata, IoT, Machine learning, etc. We have data stored in different formats like photos, videos, files, documents on different devices like Personal Computers, mobile phones, etc. We always make sure that the data we value a lot is taken care of with utmost safety and security. Starting from an individual to an enterprise generates data that is of high importance and requires privacy.
Data protection is highly valued among technologies like Bigdata, Machine learning which comprises a large amount of data. How can a huge amount of data be protected from viruses and malware? This question inspired me to choose cybersecurity as my career path.
Cyber Security refers to the techniques and practices designed to protect stored, transmitted data from unauthorized access, modification, and deletion. It aims to protect software programs, computers, networks from cyber attacks.
What do employees in a cybersecurity company do?
Cybersecurity can be the best career path for those who want to experience or learn new things daily. Choosing cybersecurity can make you a superhero! Every day starts with a new problem/malware against which protection has to be given.
We come up with different approaches to solve the problem and finalize with the most optimized approach. These are the few keywords that every cybersecurity engineer come across daily and uses frequently :
Malware is a broad term that includes Viruses, Worms, trojan, Ransomware.
Malware is designed for stealing confidential information from the victim machine. A computer gets infected by malware in various ways, it can be through an email with malicious attachments, while installing a new application, through pop-up messages or advertisements we receive while browsing the internet, any malicious link we receive through SMS or chat, there is also a possibility of downloading additional files which contains virus while downloading music, movies or software.
1.Viruses: A virus is a piece of malicious code that is intended to perform an action, like stealing credentials, corrupt files, or erase data. To be more technical, A Computer virus is an executable file that gets itself attached to another legitimate computer program, file or document. Once the infected program is executed by the victim, the virus gets activated and the system gets infected. Computer viruses cause billions of dollars' worth of economic damage each year.
2.Worms: This is a standalone malicious software that spreads through the network.
3.Trojan: A trojan is malicious software that pretends to be legitimate. It tricks the victim to execute the software and gets access to personal and financial information. It also provides cyber criminals access to the victim machine.
4.Ransomware: Ransomware is malicious software when executed encrypts, locks, and conquers all the files and folders on the victim machine. It demands money in form of cryptocurrency in exchange for the decryption key.
5.Phishing: The attackers send an email to the victim and convince the victim by tricking that the message is legitimate. The attackers gain the trust of the victim by sending emails related to their need, for instance, a request from bank notice, or a notice from their company which directs them to click a malicious link or download an attachment.
What are the topics needed to be covered to bag a job in cybersecurity?
The most important quality required for entering into a cybersecurity company is problem-solving. Apart from this, there are a few must-learn topics before sitting for a cybersecurity company.
1.Operating system :
Since the major part of protection and security is given to an operating system, it is very essential to have a fundamental knowledge of how an operating system works. The most common operating systems are Microsoft Windows, Linux, Apple macOS, Apple's IOS, and Android. From the Cybersecurity point of view, the most important operating system we need to know is Linux OS. Kali Linux plays a major role in cybersecurity, it has a lot of pre-installed security tools. Learning these tools helps in understanding the latest vulnerabilities, malware, and exploits. These exploitation tools are used for penetration testing and application testing. Hands-on on Metasploit in Kali Linux will help understand exploitation tools.
It is also necessary to know about the basics of windows OS, explore the various built-in applications in windows like Powershell, cmd. System Administrative tools also help us to understand OS practically. Also learn to create user accounts, group policies, and deal with registries.
To explore various Operating systems you can use Virtual Machines, this gives the flexibility to get trained and research in an isolated environment. Virtual Machines are operating systems which run on top of host OS, it is managed by a software called a Hypervisor. The hypervisor allocates resources like CPU, disk space, Memory. Some of the popular Hypervisors are Virtual Box by Oracle, Hyper-V by Microsoft, Vmware.
2.Computer Networking :
A strong foundation in networking will help you to become a great troubleshooter. Understanding the working of the router, configuring the router, configuring switches, how the device interacts with each other, data transfer from point A to point B, understanding VLANS, OSI Layers, TCP, UDP, Firewall, how to configure and troubleshoot servers is the best start into cybersecurity.
Command-line gives the lowest level access to software functionality that comes with an operating system. This is the most efficient way to interact with the operating system. In the windows operating system, PowerShell provides powerful windows administration abilities, it has a lot of commands and features which is taken advantage of by the attackers.
In Linux, Most of the security tools don't have a Graphical User Interface, hence shell scripting plays a major role. The best way to start with shell scripting is to learn BASH (The Bourne Shell).
Ethical hacking is an authorized practice of bypassing system security to identify possible security threats. Ethical hackers analyze if a system or network is vulnerable in the view of improving the security of the systems and networks by fixing the vulnerabilities.
Learning ethical hacking can help you to think from an attacker's perspective.
5.Programming languages :
Programming languages help to identify vulnerabilities and develop protection against potential attacks. SQL plays a major role when it comes to managing a huge amount of data generated by an individual or an enterprise efficiently, attackers look for SQL vulnerability and then exploit it. SQL injection attacks are a widely used hacking technique. By learning SQL, you can help to fix vulnerabilities and make databases more secure.
Low-level languages such as C, C++ provide low-level access to IT infrastructure that can be easily exploited, mastering these languages can help in responding to attacks targeting lower-level operations.
To conclude, a budding cybersecurity learner could start building and use virtual machines. Install Hypervisors, create and explore different operating systems. Get hands-on on kali-Linux and exploitation tools. Learn Ethical hacking through online courses and certifications. Hope this article provided a clear picture of how to learn cybersecurity for an upcoming enthusiast to kickstart a career in the field of Cybersecurity.
ABOUT THE AUTHOR
Srinishi is a graduate student of computer science from PSG College of Technology, who is a software quality engineer at McAfee. She also has the experience of interning with reputed organizations such as Ericsson and NUS Singapore.
It started off in a more hectic manner than I could expect. However, in the course of time, I have really enjoyed this experience in a completely different environment. I have gotten more insights in the field I aspire to study in. Overall a complete internship for people with serious aptitude and attitude.
- Priyanshi Somani, Manipal Institute of Technology
“GAIP is perfectly aligned with someone's goal who wishes to experience an outburst of academic challenges while working on projects with the amazing support of all the organizers, faculties and teaching assistants along with exploring the city.”
- Sukriti Shaw, SRM Institute of Science and Technology
“Combining different characters and skillset from different institutes and domains in a new country and fantastic institute, it was a pleasure to be a part of this winter internship. I loved every bit of it and would cherish this forever.”
- Shaolin Kataria, VIT, Vellore
“An enriching and enthralling experience. The course was extensive but worth every penny. I'd recommend it to anyone interested in delving into the world of AI-ML.”
- Arudhra Narasimhan V, SASTRA DEEMED TO BE UNIVERSITY
“I personally learned quite a bit here but the 6-month project or LOR aren't as easy to get as was portrayed before. However, the faculty were quite knowledgeable and it was a great experience learning from them, and my peers.”
- Dwait Bhatt, BITS PILANI
“It was a great experience for me, and far beyond my expectations. The diversity of people from different institutions, and the impressive curriculum, gave me tremendous inspiration and insight in the subject. Through the various sessions, assessments, and discussions with NUS faculty and HPE professionals have been able to take a big step forward in developing my technical abilities and aspirations”.
- Shrikant Tarwani, LNM Institute of Information Technology
“This Internship is the perfect balance of theory and practical application. Coming from a beginner’s level, I felt that the instructor/professor was accommodating towards all levels of previous knowledge that a student may hold on the subject. It was truly a worthwhile experience and I hope to apply whatever I’ve learnt and further my knowledge through projects of my interest. Kudos to Team CG!”
- Mahima Borah, Manipal Institute of Technology
“This Internship has strengthened my concepts on Artificial Intelligence and Deep learning which are the hot words of today’s technology and I will forever be indebted to Corporate Gurukul for providing me with great opportunities that will give me the necessary impetus and a perfect launch pad to propel my career in the desired direction.”
- Mansi Agarwal, Delhi Technological University