Breaking into Cybersecurity: Where do I start? [PART 1]

Breaking into Cybersecurity: Where do I start? [PART 1]

Introduction

A lot of people out there get excited when they hear about cybersecurity - perhaps you're one of those people. In as much as you might not understand about it in-depth, well it's usually related to stuff to do with hacking - so yea, that's cool right? The main issue is, from a beginner's standpoint cybersecurity as a whole might actually be an intimidating field that seems impenetrable, and as much as you look for resources online about what happens on the inside - you seldom find anything beginner friendly.

In this article, I try as best as I can to give you a foundational understanding of the field of cybersecurity from a very high-level perspective. It's targeted at beginners starting in the field, IT specialists that are considering diverting into cybersecurity and even non-technical people that are interested in a career change altogether. I have also compiled a short glossary with definitions of some of the terms I used within the article for your convenience.

About the field

Cybersecurity is a rapidly growing field within the IT domain and for a field that still has a tremendous shortfall of experts - it's about time people get the appropriate insight into the daily roles of professionals working in 'Cybersecurity'. One thing I've come to learn and realise within the field is that there are more duties and roles encompassed within the name 'Cybersecurity' - and for beginners, that fact might not be as apparent.

The term cybersecurity, according to Wikipedia, "is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide". This definition infers that any person that works with the intent of maintaining the confidentiality, availability and integrity of data is a security expert. And from a simpler perspective - those three aspects implie that if there is any sort of information stored on a device - it should

  • be accessed only by the person/people who should access it,

  • only be edited by the person/people authorised to edit it

  • and it should be readily available whenever it's needed for use.

Cybersecurity on both spectrums (large and small)

Life is now heavily dependent on computers, and that means an incredibly large volume of our information is stored on computers - either on the devices that we use daily - or in the organization's computers (sometimes known as servers). This information can be valuable in many different ways. An organisation that operates for any reason collects data from the general population, and they usually make promises to the interested stakeholders that this data is secure in their systems. If a malicious actor was to 1. attain this information 2. edit this information or 3. make this information unavailable then we as cybersecurity experts have failed to carry out our duty of maintaining the confidentiality, integrity and availability of information. Another point worth noting is that cybersecurity just doesn't apply to large volumes of data stored on an organisation's servers, but is also relevant even to the small devices we use as individuals. Security controls and technologies should be put in place to protect information that's stored in your smartphone - because if it's accessed, edited or locked away from you as its owner then you might imagine the amount of inconvenience it could cause to you.

IoT Security is another blooming field within the cybersecurity domain, and it focuses on security mechanisms that aim at protecting information within smart devices we now own in our homes - smart fridges, smart TVs, smart cars, digital pacemakers, IP cameras - any device in your house that can be accessed remotely. Here is a random and gruesome example to paint the picture of the possible consequences of having not proper security mechanisms within IoT devices: imagine you're having heart problems and your doctor recommends that you get a pacemaker to regulate your heart rate and help your heart pump blood. You go into surgery and you're equipped with the latest next-gen pacemaker that can be monitored from any computer or mobile phone through an account - just like how you log into Facebook. Now imagine that someone by some chance manages to guess that username and password used to access your pacemaker app - and he/she decides to shut down your pacemaker. Imagine!!!!

Conclusion

Now, as I mentioned above, cybersecurity is all about protecting information from getting into the wrong hands or being abused. And to achieve this ultimate goal as a prospective cybersecurity expert I want you to imagine three possible stages: an incident hasn't happened, an incident is happening and an incident has happened. People working in the field of cybersecurity fall under one or more of those categories based on their line of work and assigned duties.

An incident is an occurrence that may disrupt the normal operation of a process. Examples:

  • you're in the middle of streaming a movie then your phone suddenly freezes,

  • an employee tries to access their work laptop but their usual credentials are not working or you try and,

  • you try and access a website but it just keeps loading.

All these sample scenarios are meant to paint a picture of how 'incidents' in cybersecurity can potentially inconvenience users, and in some cases even cause harm. In the next article (PART 2), we will take a look at the various job roles encompassed by the term 'cybersecurity' and categorise them as mentioned above.

Glossary

  1. Cyberspace - This is a 'virtual' environment created by links/interconnections between internet-enabled devices, servers, routers, and other related components.

  2. Threats - Anything that can take advantage of a vulnerability to breach a system and possibly erase or alter objects of interest within the system.

  3. Integrity - The state of being whole.

  4. Confidentiality - Related to privacy. Refers to measures that prevent sensitive information from unauthorized access.

  5. Availability - Ensures timely and reliable access to information.

  6. Servers - A device or computer program that provides a service to another computer program and its users (clients).

  7. Stakeholders - Anyone with an interest in an existing or proposed system.

  8. Malicious/Threat Actor - A person or organization that intentionally causes harm in cyberspace.

  9. IoT - Acronym for "Internet of Things". This refers to a network of physical objects that are embedded with sensors, and software to exchange data with other devices and systems over the Internet.

  10. Security Mechanisms - These are tools and techniques that are used to implement security services.

  11. Incident - An occurrence/event that jeopardizes the0 confidentiality, integrity and availability of information.

  12. Credentials - A means of authorization (usually password).