Bulgaria's new eGov minister is a software developer, ranked #40 all time on Stack Overflow and the founder of a blockchain-based cyber security startup. stackoverflow.com/users/2…
👍︎ 13k
💬︎
👤︎ u/mugpilot
📅︎ Dec 14 2021
🚨︎ report
Bulgaria's new eGov minister is a software developer, ranked #40 all time on Stack Overflow and the founder of a blockchain-based cyber security startup. stackoverflow.com/users/2…
👍︎ 2k
💬︎
👤︎ u/AdBig7514
📅︎ Dec 14 2021
🚨︎ report
🍀 WeGro 🍀 Welcome's Android Co-Founder and Former Chief Cyber Security Officer for Department of Homeland Security AJ Jaghori to Their Team

WeGro Coin Welcomes AJ Jaghori as Chairman, Crypto & Data Boards

Crypto, Data and Tech expert provides expertise for WeGro’s Expansion Plans from Token to Blockchain

Wilmington, DE, 01/04/2022

Hanover, PA-based blockchain solutions provider, WeGro, is looking to expand on its successful launch of the Wegro token (WEGRO) for it’s phase two plans with it’s own blockchain operating system and implementation a consumer-facing business with a focus towards B2B and B2C data science and analytics. AJ Jaghori's career spans an illustrious twenty-five years, during which he held influential positions at the top of some of the world’s most preeminent tech companies.

A 40 under 40 nominee in the Fortune Magazine for the Most Influential People in Business, Jaghori has had 7 successful multi-exits as a technopreneur and has helped with the US Government’s expansion of open-source software usage. Moreover, he is a Blockchain 1.0 (Hyperledger) pioneer and a distinguished TED speaker that holds degrees from George Mason University (Engineering), Massachusetts Institute of Technology (Fellowship), and Harvard Business School (sabbatical).

A self-taught programmer, Jaghori cemented his entrepreneurship early; selling his first company at 19. He has lived through the Silicon Valley mantra 7 times, learned unconventional business tactics through failures, and rode a billion-dollar “unicorn”; all before the age of 30.

In his roles prior to joining WeGro Coin, Jaghori has demonstrated his technical leadership capabilities in both the commercial and federal government industries and has become one of the leaders in the national and global technology marketplace, including organizations like L3 Communications and a founding principal at Android/OHA.

Jaghori will serve as the Chairman of WeGro’s Crypto & Data Advisory Boards, bringing in leaders, operators, and tacticians from Web3, 5IR, cyber security, and FinTech industries, and will work to help navigate these ever evolving industries.

Walt Rampata, CEO of WeGro Coin, said, "With Jaghori's experience in entrepreneurship and globally significant cyber and tech solutions, WeGro Coin will be able to rapidly scale a revolutionary decentralized project within the blockchain space. Jaghori's track record of entrepreneurship, combined with his significant contributions to the world's technology community, make us excited about his addition to the WeGro team. We have some important and impactful goals for WeGro t

... keep reading on reddit ➡

👍︎ 1k
💬︎
👤︎ u/MustHoge
📅︎ Jan 07 2022
🚨︎ report
Confessions of a cyber security hiring manager

EDIT: There seems to be a huge disconnect between hiring managers and potential candidates. This post is meant to shed light on why you might not be getting jobs. If you're a hiring manager and have a different experience, throw it in the comments, shed some light on it. If you're a candidate and salty that this is how it works in most places, air your grievances below...

I've hired approximately 25 people into various cyber security roles recently. Primarily, entry level SOC Analysts, Penetration Testers and Risk Analysts.

Every entry level (and senior) role I advertise, gets maybe 75 - 100 applicants.

30% of these applicants have 0 cyber experience, 0 certifications and a cover letter that says basically "cyber security pays well, give me a job."

30% of these applicants have a degree in cyber security and/or Security+ and one or two other certs. But no IT experience and no cyber security experience. They are usually grads / young.

30% of these applicants have a security+ certificate and 10+ years of experience in management/accounting/lawyering/Consulting. But now want to make a change into cyber security. They know how to handle tough stakeholders, project manage, communicate, etc.

5% of these applicants are the ones you have to sift through. They have 3 or 4 years experience as a IT helpdesk/sysadmin/netadmin or developer. They have 100s of hours on Hack the box. They have spoken at a local security conference on a basic topic, but one they know inside out. They have a degree and/or Security+ and/or Azure/AWS cloud experience. They are really passionate about cyber security and you can see they spend all their spare time doing it. Some of my team will know them (cyber security is a small industry) and red flag them as "they're hard to work with" or "they made racist comments at a bar during a conference". Some will be flagged as "seems nice" or "helped me once with a CTF".

Then you've got the final 5% of the applicants, they have the same as the above BUT they went to uni with one of my existing team, or my existing team know them through CTFs/conferences/discord, etc. My team vouches for them and says they're hard working.

I know people will respond and say "but i don't have time to do 100s of hours of hack the box". I get that. I'm not saying you have to. I'm saying this is what you're competing against.

As a hiring manager, I'll always hire guys who are passionate about cyber security. It'd be a disservice to me and my team to not

... keep reading on reddit ➡

👍︎ 1k
💬︎
📅︎ Dec 08 2021
🚨︎ report
Just did a Insta dive on Leah's new boo.. and I know jobs and degrees aren't everything, but compared to others in the franchise, she might have picked her a winner! Jaylan earned his Master's in Cyber Security from WVU this year. reddit.com/gallery/rhw6va
👍︎ 586
💬︎
👤︎ u/bubaphets
📅︎ Dec 16 2021
🚨︎ report
It's time to take your cyber security seriously

After seeing numerous horror stories of fraud and identity theft here on PFC, among my friends and family, and being a victim myself, I thought I'd make this post for others to benefit from. I may be preaching to the choir here at PFC but chances are someone out there needs to hear this. Putting a little time and effort to protect yourself can save you from waking up to your own horror story and compromising your personal finances.

This list is by no means exhaustive or perfect and I encourage others to comment below with their own tips.

*I am not affiliated/sponsored with any service that I mention below.

PASSWORDS

  • Use a substantially different password for EVERY online account. If one account is leaked in a data breach, your other accounts will still be safe.
  • A place where you can see if your e-mail/password has ever been leaked in a known data breach is: haveibeenpwned.com
  • Use strong passwords. My passwords are 21 characters with a mix of upper/lower case, numbers and symbols that are randomly generated. I don't memorize passwords. I wouldn't be able to tell you my passwords even if you put a gun to my head.
    • Example of a generated password: 2$J52*9UZS@9s&@a&c6D#
  • Your e-mail password especially should have a unique and strong password since it is a gateway to having access to all of your other accounts.
  • Enable 2FA for critical accounts where possible
  • Put a port block/transfer block on your cell phone number through your carrier. This prevents scammers from porting your number out to a new carrier, giving them access to your phone number and bypassing 2FA. A hacker has attempted to port out my number in the past.
  • Use a proper password manager. You probably have over a hundred online accounts without realizing it. A password manager can auto-fill your username and password on your computer/phone so you don't have to. Not only does this make your life easier but it prevents keyloggers from intercepting credentials when you type out your password. Password managers also randomly generate strong passwords for you so you never have to think of one.
  • The pw manager I personally use is Bitwarden. I like Bitwarden because it has rock solid security and the free version has most features that people need. The premium version is among the cheapest out there at only $10 USD a year. It also integrates well into my PC, browser and phone. Comment below with the password manager you prefer if y
... keep reading on reddit ➡

👍︎ 2k
💬︎
👤︎ u/_souldier
📅︎ Dec 08 2021
🚨︎ report
After 7 months of job searching I was so close to being offered a cyber security position. But of course I was ghosted after 4 interviews and a month of waiting.

I've been working in IT for about 2 and a half years doing help desk support. July of 2021 I decided to start pursuing a cyber security or sysadmin job. I sent out over 300 resumes and attended close to 35 interviews. I usually don't make it past the 1st or 2nd round but with this company I actually made it through all 4 interviews. During all the interviews I received nothing but praise, everyone said they think I would be perfect for this position. I was expecting to receive a call from them on Dec 23rd to either get an offer or not, instead they sent an email saying the hiring manager was sick and they would follow up on Tuesday Dec 28th. The recruter called me on the 28th and basically said that everyone loved me but they are still making a decision and to give them one more week. He specifically told me that he would call me today with a yes or no. Now its 5:00PM and nobody called or emailed me. I saw that the same position was posted on LinkedIn on Friday.

Another let down. I really thought this was the one, after half a year of searching. The company is really big name in Cyber Security to, if you work in security you almost definitely have heard of it. I'm absolutely devastated.

Edit: The recruiter responded to my email and said that the hiring manager is still interviewing one more person and will definitely have a decision by Friday, apparently there is more than 1 opening for this same position, which I was not aware of. The recruiter also said that he feels confident that they will offer me the position on Friday, I know that means nothing until it actually happens.

👍︎ 257
💬︎
📅︎ Jan 04 2022
🚨︎ report
Just got my first cyber security job!

Last February I started studying for the sec + with no prior experience. Past it in May. Started studying for net +. Passed it in November. Currently studying for the a +. Decided to write an email to the sec op department for this large company I work for and they told me to apply since I already had the sec + and net +.

After a few weeks and some interviews they offered me a position as a control analyst! So I would definitely reach out to your current employer if they have an it or security department and just see what they have to say.

My studying consisted of professor messor, udemy and ITProTV. Each gave me a different perspective and each practice exams was very helpful.

👍︎ 211
💬︎
📅︎ Jan 10 2022
🚨︎ report
What are some good cyber security nonfiction books?

When I ask for your favorite book, I’m not asking for your favorite textbook, I’m talking about stories or books on cyber security theory. I just read “countdown to 0 day” and I absolutely loved it, but when I try and find other books like it I am just met with educational textbooks.

Edit: thank you everyone for your submissions, you definitely gave me plenty of reading material and I’m sure the newbies coming here will have a great resource to use when it comes to choosing books that help them understand cyber security and it’s infinite scope.

👍︎ 204
💬︎
📅︎ Jan 05 2022
🚨︎ report
Will cyber security vulnerabilities ever "stop existing" ?

Hey guys,

Everything is in the title. As the question suggests, i don't know anything about cyber security. My thinking process : With all the experiences developers and auditors acquired throughout decades, can we ever come to a point where there are no vulnerabilities anymore?

Real life examples of this are Iphones for example, not from a cyber security angle, but more how throughout the years, they made it really difficult, near to impossible, to jailbreak it, same for consoles like XBOX and PS4. So can we imagine something like this happening for, say, web dev vulnerabilities?

Maybe not something as nihilist as saying that there will be no security vulnerabilities anymore, but more like it would be veeeery difficult to find any. Maybe it's already the case today?

One vulnerability i know is for example SQL injections, these are so well known, that i'm like, there is no way they can still exist, or do they? Maybe just stuff developped by amateur programmers?

I code as a hobby, and i'm interested in cyber security but i am like it's too late to get in the wagon because of the reasons i cited above.

Regards.

👍︎ 161
💬︎
👤︎ u/throwmeici
📅︎ Dec 27 2021
🚨︎ report
Nell'indifferenza nazionale, il 3 Dicembre l'ULSS 6 del Veneto ha subito un attacco hacker che paralizzerà la sanità padovana per settimane. Quanto si sta investendo sulla cyber security della sanità?

Sono giorni molto frustranti per chi lavora nell'ULSS 6 e per chi si serve di questa azienda sanitaria. Non so se riuscirò a mettere abbastanza enfasi su quanto la situazione sia GRAVE.

La notte del 3 dicembre l'Ulss 6 Euganea del Veneto (sud di Padova) è stata oggetto di un pesante attacco ransomware, vi lascio i link di qualche articolo che ne parla: (pochi e locali)

https://corrieredelveneto.corriere.it/padova/cronaca/21_dicembre_05/ricatto-hacker-all-usl-6-ospedali-caos-convocata-l-unita-crisi-baa9633e-55d9-11ec-9e73-1ece0a821338.shtml

https://www.padovaoggi.it/cronaca/attacco-hacker-ulss-6-euganea-padova-07-dicembre-2021.html

A quasi una settimana da questo attacco hacker, in tutta la provincia della bassa padovana non è possibile prenotare visite (molte delle quali sono state annullate e rimandate a data da destinarsi), eseguire esami di laboratorio, accedere al fascicolo sanitario e ai propri referti, le ricette dematerializzate sono inservibili e non è possibile nemmeno il tracciamento dei positivi al covid senza contare che in centinaia stanno aspettando i risultati di tamponi molecolari fatti nei giorni scorsi che non arriveranno più. Pronto soccorso e i vari reparti stanno andando avanti a fatica tornando a carta e penna.

Data la mole di lavoro che si prospetta alla task force informatica per ricostruire da zero l'infrastruttura, i tempi di ripristino stimati per tornare alla normalità sono di un mese.

In tutto questo poi si aggiunge il fatto che nessuno ci sta informando se sono stati rubati dati personali, sappiamo solo che è stato chiesta una cifra ricattatoria e che non verrà pagata.

La cosa che più mi spaventa è che, dal punto di vista dell'informazione, se ne sta parlando poco a livello locale e per niente a livello nazionale quando invece dovrebbe esserci una discussione generalizzata su quanto sia fragile la sicurezza informatica delle aziende sanitarie. Perché in passato è toccato alla regione Lazio, oggi a noi, e domani? La sanità sta diventando, o è già diventata, una preda facile.

👍︎ 699
💬︎
👤︎ u/Caesar_VII
📅︎ Dec 08 2021
🚨︎ report
What coding languages are best to learn for cyber security?

I’m not necessarily thinking of going into red team or pen testing right now, but I think being able to code would obviously be helpful to know. Are there any languages I should focus on or does it vary? I’ve seen on the internet that C++, python, and Java are all good.Seems like a cool thing to be able to do and it’s applicable to my degree. Thanks!!!

👍︎ 186
💬︎
📅︎ Dec 28 2021
🚨︎ report
Top 3 cyber security stocks

What are your top 3 picks?

Cyber security could win big time in the markets in 2022.

So many attacks in my country lately, on large well run companies.

The cloud based security companies will feast imo.

Who ya got?

👍︎ 59
💬︎
📅︎ Jan 01 2022
🚨︎ report
How did you find your way into cyber security.

Everyone takes a different path that gets them where they are today. Where did you start your path into the cyber security feilds like penetration testing or a cyber security analyst? Was it your main goal starting out or did you start off in a non cyber industry? Finally how long did it take you to achieve your goal/current position?

Edit: Thank you everyone for your replies. I did not expect this post to take off like this. Cant wait to graduate and find my first position. Im hoping to end up in red team but after reading some of these replies maybe i will end up somewhere else in the security field.

👍︎ 36
💬︎
📅︎ Dec 28 2021
🚨︎ report
What would be a good gift for someone into hacking gear, programming and cyber security?

I am researching online but I thought it wouldn't hurt to ask here as well!

I'd appreciate every single response.

👍︎ 321
💬︎
📅︎ Dec 01 2021
🚨︎ report
News piece on more cyber security risks stating log4j seriously vulnerable. Threatens corporate operations and more. Widespread risk. They are pushing their agenda so usually after a month of stating these things it comes to reality. Imo january we will see an attack.
👍︎ 239
💬︎
📅︎ Dec 16 2021
🚨︎ report
Getting a Master’s in Cyber Security. Don’t even know where to begin to find a job

As title says, I’m getting a Master’s in cyber security. My bachelor’s was getting me nowhere, so I decided to do a career change. I have about a year and a half left in the program, but I can’t even begin to think what jobs to apply to as most cyber jobs I look up want SO MUCH experience and random certifications I’ve never heard of, even the “entry level” jobs…. I hope I didn’t make a mistake and out myself further into debt over nothing.

👍︎ 22
💬︎
📅︎ Jan 05 2022
🚨︎ report
Got a first hand experience of identity theft. The security hole isn't always cyber.

Long story short, my neighbor stole my mail and impersonated me, called my local credit union and changed my login info over the phone. Only reason I found out is because he put down his actual phone number on my account for verification. It wasn't too hard to pin a name and face to the phone number.

Luckily I caught it soon enough. Let this be a reminder that most thieves will resort to conventional methods.

👍︎ 71
💬︎
📅︎ Jan 05 2022
🚨︎ report
Work in Cyber Security, Fell for a phishing email test at work, now I think I have to quit my job

I'm honestly thinking about quitting my job tomorrow. It is going to be too embarrassing having to stay at a company where I accidentally failed a phishing test. I work in cyber security and have a lot of experience in IT, but I was busy, stressed out, multi-tasking, and you know the rest.

I just keep cringing thinking about how dumb I look and how much credibility I lost. It's really embarrassing to the point where I want to quit before I'm approached about it or punished. I really hate myself right now.

Would you guys quit your job over this? It just feels like it will be too uncomfortable having to be there and be known as the idiot tech guy that did this.

👍︎ 495
💬︎
📅︎ Nov 12 2021
🚨︎ report
What area of cyber security should I focus on?

I’m a college student studying cyber security obviously, and I’m curious as to what areas I should have a focus on if any? The things that popped into my mind is cloud storage, financial services, pen testing. Even blockchain has popped into my mind but schools don’t really offer courses in that. What are modern day companies looking for from people studying cyber security and areas of cyber security are seeing increasing needs? Thanks!!

👍︎ 52
💬︎
📅︎ Dec 22 2021
🚨︎ report
Google will acquire Israeli cyber security company Siemplify for US$500 million realmicentral.com/2022/01…
👍︎ 138
💬︎
📅︎ Jan 04 2022
🚨︎ report
Bulgaria's new eGov minister is a software developer, ranked #40 all time on Stack Overflow and the founder of a blockchain-based cyber security startup. reddit.com/r/europe/comme…
👍︎ 269
💬︎
📅︎ Dec 14 2021
🚨︎ report
What made you get into Cyber Security.

I'm studying it now at university and was wondering about others. How did you all get into this career field and why?

👍︎ 40
💬︎
📅︎ Dec 23 2021
🚨︎ report
Could You Please Help Me Understand Cyber Security Better? (General Questions)

Hello, Cybersecurity subreddit community!

I am a Technology and Management master's student. I am doing some unofficial research to help me understand the cyber security world a bit better, and I am so happy to have found this sub because I already learning a lot from all of you.

My expertise leans more towards the management/business sector. This community is much better acquainted with the nitty-gritty of the cyber security field. So, I would love to get your insight on some of the more general (and maybe technical) questions I have. I would appreciate any and all input from you :)

Thank you in advance!

. How do you keep yourself updated on what is happening in the IT system landscape? Do you think it's possible to always be up to date?

. Considering cyber security is a super broad field, what do you think a cyber security consultant should focus on? Would it be dependent on the sector or individual firm/job requirements?

. How do you decide which level of security is important to achieve? and how do you maintain it?

. Where do you see the significance of risk evaluation? Does it make your job easier or is it more just to appease upper management? (or both?)

. Do you see any difference between “Information Security Management” and “Risk Management”?

. Where do you believe the future of Cyber Security is headed? and who or what are the key actors in this evolution?

👍︎ 38
💬︎
📅︎ Jan 04 2022
🚨︎ report
Till er inom cyber security/IT säkerheten en fråga

Hur vanligt är det i sverige med physical pentesting?

Kan inte hitta några IT säkerhets/cyber security företag som erbjuder detta i Sverige.

Är svenska företag så naiva med att "vi behöver inget sådant, vi har bra it-säkerhet på kontoret ingen kommer åt våra grejer "

👍︎ 8
💬︎
👤︎ u/gr0danb011
📅︎ Jan 12 2022
🚨︎ report
Landed first job in cyber security!

Hi guys, it's been a long way since I've wanted to start pentesting. Now as I have the full legal possibility on the new job I've landed I'm trying to find a way to become better. We don't have a senior pentester and the team is small. I want to combine work with studying but the best way to do that is to do it on the move.

I've been researching methodologies and watching few YouTube channels and checking few books for ideas. I'm currently checking the owasp guide for methodology tips and using few books for information. So far for scanning I've be using the owasp zap tool which is very buggy(crashes 100% of the time), having most success with finding directories with gobuster and reflected XSS attacks(but still can't do anything after obtaining some control), found a way to execute an reverse shell on one of the targets (but again could not obtain root privilege afterwards). Also I use Burp and nmap regularly. Had been testing sqlmap and trying to find CSRF vulnerabilities and have a lot of struggle with reports. If you can recommend me an better way to approach new projects, or to be more effective at learning the right way to do it.

Ps. We don't have any paid tools and mainly do web application hacking.

👍︎ 165
💬︎
📅︎ Dec 24 2021
🚨︎ report
100%OFF | Comprehensive Introduction To Cyber Security udemycoupons.me/it-softwa…
👍︎ 7
💬︎
📅︎ Jan 07 2022
🚨︎ report
Getting updated on cyber security space

How do you get to know the latest stuff?

Cybersecurity is rapidly updating and changing.

What blogs/magazines/YouTube channels do you use to update your self on whats new?

👍︎ 99
💬︎
📅︎ Dec 26 2021
🚨︎ report
Protip: Cyber security is an incredibly broad industry. You need to be specific about your interest and intentions.

I browse this subreddit quite regularly and do my best to answer questions where I can. I tend to specifically target anything relating to cyber security as that's what I do for a living and there seems to be a reoccuring issue relating to people interested in cyber security as a career.

Everyone keeps saying "I want to work in cyber", but that is such an incredibly broad statement that no one could possibly help you.

There is cyber architecture, penetration testing, GRC, incident response, network security, red team, blue team, vulnerability research, AppSec... the list goes on and on.

These all are very different jobs, they all have different skill sets, half of them don't even need a CS degree to do.

So, please, do yourself a favour and research what part of cyber security interests you so that your future conversations and efforts can be more focused towards your goals.

👍︎ 133
💬︎
📅︎ Dec 14 2021
🚨︎ report
$XOM gain porn YTD. Had to grab profits after it ran up 12% in the last week. Going to wait for reentry around 66. If it doesn't come in rotating into some defense and cyber security.
👍︎ 23
💬︎
👤︎ u/cj-the-pj
📅︎ Jan 11 2022
🚨︎ report
Bulgaria's new eGov minister is a software developer, ranked #40 all time on Stack Overflow and the founder of a blockchain-based cyber security startup. stackoverflow.com/users/2…
👍︎ 120
💬︎
👤︎ u/steamyp
📅︎ Dec 14 2021
🚨︎ report
Cyber security in project management

Many companies are today providing to their clients combination construction, industrial processes, process technologies and automation systems with remote connections.

How do these companies take care of cyber security in their projects? For the project documents and for the final product? Are there procedures available?

If you have worked with this subject, please share your experience or give me a hint where I could find out more about this one.

👍︎ 17
💬︎
👤︎ u/PuzzledPM
📅︎ Jan 11 2022
🚨︎ report
Gartner predicts 75% of CEOs will be personally liable for cyber-physical security incidents by 2024 blog.cymulate.com/ceo-sec…
👍︎ 358
💬︎
👤︎ u/tarrug587
📅︎ Nov 28 2021
🚨︎ report
Anarchist orgs should have IT cyber security departament or division.

Because with modern technology, who knows how many fascists or cops are lurking to sabotage our liberation projects.

Edit: I shouldn't have used the word "department"

👍︎ 165
💬︎
📅︎ Dec 04 2021
🚨︎ report
Cyber Security Roadmap - Follow or Not?

I am beginner and want to become a Cybersecurity Analyst.

After searching, I found this awesome cyber security roadmap on internet. I want your suggestions and feedback whether I follow this roadmap or not.

Cyber Security Roadmap

ONE OF THE FASTEST GROWING FIELDS IN COMPUTER SCIENCE IS THAT OF CYBERSECURITY. THE WORLD IS DIGITIZING AND TODAY, WE HAVE MORE COMPUTERS AND SMARTPHONES THAN EVER BEFORE.

LARGE CORPORATES HAVE A LOT OF DIGITAL INFORMATION AND SO, THE SECURITY OF THIS DATA BECOMES CRITICAL. AS A RESULT, THEY ARE INVESTING HEAVILY IN DATA SECURITY.

THIS OPENS UP A LOT OF JOB OPPORTUNITIES IN THE MARKET FOR ENGINEERS WHO ARE LOOKING FOR JOBS IN A CUTTING-EDGE, FAST-GROWING FIELD.

IN THIS ROADMAP, WE WILL TALK ABOUT THE VARIOUS DOMAINS OF CYBERSECURITY AND HOW YOU CAN BUILD A CAREER IN IT.

THIS ROADMAP HAS BEEN CONTRIBUTED BY NIMIT JAIN. NIMIT WORKS AT A REPUTED CYBERSECURITY FIRM AS A SENIOR SECURITY ENGINEER.

SURPRISINGLY, NIMIT IS NOT FROM COMPUTER SCIENCE - HE HAS LEARNT IT ALL BY HIMSELF, SETTING UP A GREAT EXAMPLE FOR ALL THOSE WHO ARE NOT FROM COMPUTER SCIENCE, BUT WANT TO BUILD A CAREER IN THE TECH DOMAIN.

CYBERSECURITY IS A BROAD DOMAIN AND IT CAN BE CLASSIFIED INTO THE FOLLOWING 5 SUBDOMAINS:

WEB APPLICATION SECURITY

NETWORK SECURITY

ANDROID/IOS SECURITY (MOBILE SECURITY

FORENSIC

CYBERSECURITY TRAINING

FOR A BEGINNER WHO HAS RECENTLY GRADUATED FROM COLLEGE AND IS LOOKING TO BUILD A CAREER IN CYBERSECURITY, THE FIRST 3 (WEB APPLICATION SECURITY, NETWORK SECURITY AND MOBILE SECURITY) ARE GREAT STARTING POINTS.

IN FACT, FOR THOSE WHO HAVE SOME PRIOR EXPERIENCE OF CYBERSECURITY IN COLLEGE, EVEN CYBERSECURITY TRAINING IS A GREAT OPPORTUNITY. ALL 3 OF THEM HAVE COMMON STARTING STEPS:

LEARN THE BASICS OF THE SECURITY DOMAIN AS A WHOLE TO GET A HIGH-LEVEL UNDERSTANDING OF ALL THE CONCEPTS

FOR NETWORK DOMAIN, YOU SHOULD CONSIDER BRUSHING UP WITH THE FUNDAMENTAL CONCEPTS OF COMPUTER NETWORKS (TCP, UDP, IP, DNS, ETC

FOR WEB DOMAIN, YOU SHOULD BE AWARE OF THE RELATED TERMINOLOGY LIKE WEB BROWSER, HTML, JAVASCRIPT, HTTPS REQUEST AND RESPONSE, ETC

FOR ANDROID/IOS, IT IS RECOMMENDED THAT YOU HAVE SOME PRIOR EXPERIENCE (OR A PROJECT) OF MOBILE APPLICATION DEVELOPMENT SO THAT YOU HAVE A BETTER UNDERSTANDING OF WHAT’S HAPPENING UNDER THE HOOD.

NOTE THAT THE ABOVE CONCEPTS HAVE NOTHING TO DO WITH CYBERSECURITY. THE ABOVE ARE ALL RATHER DOMAIN-RELATED CONCEPTS WHERE YOU ARE TRYING TO FIRST UNDERSTAND WHAT IS WEB AND HOW DOES IT WO

... keep reading on reddit ➡

👍︎ 92
💬︎
📅︎ Dec 27 2021
🚨︎ report
What is a career in IT/ Cyber Security really like? (Starting in IT Industry vs Getting a Trade)

I plan on doing a career change next year, or at least putting myself in such a position. I have been scrolling through some online courses, TAFE courses and of course checking out Indeed/ Seek for what various jobs pay, require etc.

Firstly, what is actually useful to get your foot in the door? I come from a trade background and my tips would be: Go to TAFE open days, look for some labouring work and see what you fancy maybe even do a Pre Apprenticeship. The toughest part would be getting an actual apprenticeship (hopefully with a decent boss). What would you say about IT/ Cybersecurity or anything in this area?

Secondly, what is the pay actually like? A lot of posts say you can easily hit 200k + after a few years? What is the starting salary really like starting out? If someone asked this about getting a Trade I'd say that you'll be on average money as an apprentice but mature ages (21+) will get a bit more, however you get a Trade Support Loan (TSL) 20k over the course of your apprenticeship which is very helpful. You can also make more working on weekends and doing overtime. Once you're qualified you'd generally be making around 100k (give or take 15-20k) once you're signed off. (Before anyone comments, yes, you can make 150-200k but just keeping it general).

Thirdly, what is the demand/ future like? Sometimes I read people say that IT has a huge shortage but then other people will say that everyone wants to be in IT/ Cybersecurity because of the money? In terms of trades, I'd say there's always work and the only tough thing would be getting an apprenticeship as a Spark, Plumber or Chippy 'the sexy trades' and trying to work on Union jobs $$$ (heard lots of stories of Sparkies doing their own thing in the 'burbs/ domestic work and making very ordinary money).

Finally, anything else? What is day to day life like in the IT/ Cyber Security world? Do you get to work from home much? Do you get to work by yourself? In small/ mid/ large teams? I guess for Trade I'd say that there's lots of pricks but some good people as well, it's good moving around to different jobs and that your next pay increase isn't 'far away'. I'd also say stay away from small/ family run companies (Yes, there are obviously good ones to work for but working with your boss whilst he's stressing about money, next pay cheque, quoting, getting the next job, hiring and firing can get very draining and toxic).

Thanks in advance, I just threw in my trade experience to help anyone interes

... keep reading on reddit ➡

👍︎ 22
💬︎
📅︎ Dec 20 2021
🚨︎ report
Amazon Career choice-- Flatiron School Cyber Security Voucher amount?

Does anyone know how much is a voucher amount for Flatiron IT/Cybersecurity path? Thanks!

👍︎ 4
💬︎
📅︎ Jan 12 2022
🚨︎ report
"Entry Level" Cyber Security Jobs Are Not Entry Level

This is meant to explain the disconnect between hiring and job seekers in cyber security roles to 1st timers. I will be referencing the NICE roles framework.

tldr; The marketing Lie*:* Get a certificate = Get into CSEC. The reality: "Entry Level" CSEC roles are actually mid-career because you need experience in the feeder roles to get in. Obviously this is not written in stone.

NICE breaks out roles that we would call standard entry level into "Feeder Roles".

https://www.cyberseek.org/pathway.html

A software developer can write APIs, UX, db calls, automated testing, server scripts, desktop apps, etc. A software developer is a generalist using secure coding "best practices". In a CSEC role, a software developer would be a Cyber Security Analyst or PenTester -- you can't thrive in those roles if you only know enough code to pass a high school Comp-Sci class. Walking in the door you are expected to know best practices, frameworks, how to decompile packages and analyze the source, and explain what the code is doing to management.

Network engineers getting into CSEC would be expected to know packet analysis, intrusion detection, several hardware configuration specs (not just CCNA), how to deconflict subnets, how to cause a broadcast storm + how to stop it, multiple ways to block a DDoS, setup of an E2EE VoIP/Video communications system, etc. You've got to know more than how to setup hardware. You need to understand how an attacker might exploit a weak configuration.

And on, and on, and on.

You can't just walk into an entry level cyber role and expect someone to mentor you through what they would consider the basics. Knowing enough to be good as a Tier 1/2 help desk isn't enough to get you in (mostly). We all know how to configure user accounts in AD and walk a boomer through Outlook connections. Everyone knows ping/traceroute/netstat. Everybody can pull log files in their field. We pretty much all know the OWASP Top 10. Basically everyone has Sec+.

A few minimum knowledge points I believe would benefit anyone trying to get in are:

  1. CLI - Powershell in Windows/Terminal in Linux
  2. SSH remote connections
  3. At least 1 coding language (Python/Java/C-series)
  4. At least 1 SEIM tool (even if it's a free trial of an enterprise tool)
  5. At least 1 method for decompiling an executable (don't worry about being an expert unless you're trying for PenTester)
  6. Read security policies - t
... keep reading on reddit ➡

👍︎ 18
💬︎
📅︎ Jan 13 2022
🚨︎ report
How much experience to transition from help desk into cyber security?

I just got my first job at the help desk for a government contracting company and I’ve just started studying to get my security+. How long would I have to be here before I can have enough experience to apply for cyber security jobs? Also what advice would you give me ?

👍︎ 30
💬︎
👤︎ u/ryukingu
📅︎ Dec 26 2021
🚨︎ report
Any good cyber security programs in the area?

I've been nerding out for a few years now and its time for me to formalize and capitalize on my nerdhood. does anyone have recommendations for cyber, IT, coding courses or boot camps in the area?

👍︎ 15
💬︎
📅︎ Jan 04 2022
🚨︎ report
What titles to look for first Cyber Security Job? How did you get your first job?

Hello my brother is looking for his first Cyber job and I’m trying to help him. He has a CompTIA security+ cert and he has worked as a technician at a computer and phone repair shop before it went under. But he does not have a college degree and now his working as a truck driver. What job titles should he search for ?

👍︎ 4
💬︎
📅︎ Jan 12 2022
🚨︎ report
Cyber security incident under investigation in GoC Departments

Our department has been having VPN and Network issues since last week. Many others have reported the same issue.

We received this message today from our IT team.

“A cyber security vulnerability is affecting organizations around the world. As a precaution we have taken down some services while we address the situation…the following applications are unavailable due to a major incident currently under investigation…”

Anybody else receive similar messages in their departments? I’m wondering if this may be a state actor attack or another issue? Any CS IT people able to provide some insight?

👍︎ 38
💬︎
📅︎ Dec 13 2021
🚨︎ report
“The people breaching your organization don’t have certs either.” Simply the best comment I’ve seen regarding discussions on if you MUST have a certification to get a job in Cyber Security.
👍︎ 923
💬︎
👤︎ u/jpc4stro
📅︎ Oct 25 2021
🚨︎ report
I’m so grateful for this Reddit. You guys talked me out of public accounting and I am now doing cyber security. I was miserable in PA. I felt I had no purpose in life. Now I feel I actually am adding value. If I didn’t listen to you guys who knows where I would be.
👍︎ 115
💬︎
📅︎ Dec 09 2021
🚨︎ report
Cyber security AMA

Moikka /r/Suomi

Nousi kuume yöllä joten olen jumissa vanhemmillani.

Ajattelin voivani vastaa Kyber/Infosec aiheisiin kysymyksiin. Työskentelen SOC-palvelussa eli ns. Blue team puolella.

Koulutus AMK Ins.

Työkokemukseni: kansainvälisen ilmailualan tuoteturvallisuustutkija.

Ja nyt SOC. Toimiin mm. Teknisenä konsulttina suurelle suomalaiselle finanssialan yritykselle viikonlopun aikana kun rajasimme heidän potentiaalista haavoittuvuutta uudelle log4Shell-haavalle.

Kiristäkää foliohattunne ja kysykää hyvin. Pyrin vastaamaan parhaalla mahdollisella kyvylläni ja käymään keskustelua kysymyksistä. Myös meta-tason kysymykset ovat tervetulleita. Pyrin peittämään identiteettini ja mille yritykselle työskentelen. Jos joku sen kuitenkin selvittää, kuulen mielelläni miten teit sen.

Aloitan vastaamisen noustuani ylös. Varmasti ennen klo 12:00.

E:muotoilu

👍︎ 41
💬︎
👤︎ u/Log4shelly
📅︎ Dec 13 2021
🚨︎ report
Any OE people working Cyber security?

I work in cyber security as a private contractor, supporting the federal government. I work from home, and I’m looking for J2 in a more commercial cyber related job vs. defense contracting. Anyone have luck with this?

What’s the best way you found J2? LinkedIn?

👍︎ 6
💬︎
👤︎ u/LocoWombat
📅︎ Jan 06 2022
🚨︎ report
Cyber Security CCAF

This may be a really dumb question but do any of you know which AFSC gives you a associates in cyber security? or would give me a CCAF that transfers well enough for me to get a bachelors in cyber security?

👍︎ 3
💬︎
📅︎ Jan 13 2022
🚨︎ report
Did cyber security end up being less interesting than you thought it would be?
👍︎ 138
💬︎
👤︎ u/Yavlia
📅︎ Nov 21 2021
🚨︎ report
Cyber security stocks

Any cyber security stocks you are holding or that are up and coming?

👍︎ 7
💬︎
📅︎ Jan 05 2022
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.