If you’re reading this, I’m assuming you have an interest in “cyber security” as a job. It’s a buzzword that you hear a lot about nowadays, but what does it really mean to work in this field? There are many different paths to take, but what’s the right one? How hard is it? Is it worth it?
First of all, reading about this kind of job can be confusing to start with, as different organisations call it different things.
What is the correct term for this line of work?
- IT Security
- Cyber Security
- Information Security
- Information Protection
- Information Risk Management
Well, to be honest, it depends on what kind of job you want to do! There are ‘Technical’ IT security roles, Operational security and Managerial security, risk advisory and… the list goes on!
As a general rule, IT / Cyber Security is usually referring to a technical role, using IT knowledge to configure firewalls and analyse network traffic to spot potential intrusions, and configuring intrusion detection/prevention systems on a network. Within this domain, there are roles such as Security Architect (designing secure networks), Security Network Administrator (like a regular network admin, but focusing on Security) etc.
Information Security / Protection / Risk management usually refers to a non-technical job, which requires the carrying out of risk assessments to assess the likelihood of information being stolen/compromised / destroyed by criminals (or staff…), and then advising the business how to avoid the risk. This also includes the creation of business Policy to attempt to mitigate risks, and ensuring compliance with these policies or guidelines.
[That is a very general rule, and I’ve seen exceptions, so don’t take that as fact! I’m sure some will disagree…]
The best way to find what line of work you’d like to enter into is to scour job sites. Have a look at the kind of roles that are being advertised. What skills do they ask for? What’s the pay like? What experience do they expect?
Remember, this is an area where demand outstrips supply, so even if they ask for “desirable experience” for a role, that doesn’t mean you won’t get the job without it!
So, here we are, on the starting blocks! You know you want to start a new career in whatever form it may take, but you’re not too sure where to start!?
You might already be in IT, and have a fair amount of knowledge on the basics of computing and networks. Or you might have no formal experience with computers, you just have one to browse the internet and edit photos.
That was me about 6 months ago. I’ve always been interested in computers, but never worked in IT or had any training. What I did have was a desire to start a rewarding and varied career in one of the worlds fastest growing industries…
If that also sounds like you, read on! You might find it inspiring, or you may find it puts you off? Either way, this is my story on how I entered into cyber security. I’ll post snippets of my experience, training I’m doing, and anything else that I think is interesting!
I’m going to post some Cyber Security / InfoSec news too. My main goal is to build my own understanding of the subjects I mention, but hopefully also inform others.