Fundamentals of Cybersecurity: Education and Career
The rapid advancement of technology today has significantly altered our computer and internet usage. We no longer have just five or ten websites we can access; every day, dozens of new software and websites emerge. Imagine an average user visiting hundreds of websites daily and using dozens of new software. This is the reality we have reached, and it raises an important question: What about security?
While it's natural for many people to draw some conclusions about cybersecurity when they hear the words "cyber" and "security," in this article, we'll not only address the question, "What is cybersecurity?" but also delve into topics such as cybersecurity training, how to learn cybersecurity, what a cybersecurity specialist does, cybersecurity in our country and the world, and prominent cybersecurity courses.
What is Cybersecurity? Basic Information About Cybersecurity
The term cybersecurity is generally defined as the protection of all assets in the information world—such as computers, servers, mobile devices, IoT devices, electronic systems, networks, and data—from external threats or malicious attacks.
To better understand the term cybersecurity, we need to expand on the question, "What about security?" that we posed in the introduction. This is because cybersecurity can be thought of as a large structure encompassing many subfields.
The following is a list of the subfields that make up the area of cybersecurity:
- Network Security: Network security can be defined as detecting and correcting vulnerabilities that may exist in network systems and identifying and removing any malware that may be present.
- Endpoint Security: The sections of applications that open to the outside world or exchange data at sensitive endpoints are always a significant threat factor. Endpoint security focuses on identifying and correcting vulnerabilities in these areas.
- Application Security: While some sources also refer to this as web and mobile application security, we wanted to address it as application security for clarity. Application security involves conducting security tests on applications released by companies or developed individually, implementing secure coding principles, and maintaining the software's currency.
- Information Security: Information security, abbreviated as CIA, aims to prevent all attacks that could compromise the confidentiality, integrity, and availability of data. It also implements necessary principles to prevent data loss, improper backups, or unauthorized use, ultimately preventing data within a system or company from being leaked outside without authorization.
- Cloud Security: Cloud security covers the actions responsible for the security of data stored in cloud systems or services and the security of applications running on them. Essentially, it is responsible for the security of the cloud service in use.
- Identity and Access Management (IAM): IAM is responsible for managing logins to applications or systems, determining user roles and permissions, and establishing access control models such as Multi-Factor Authentication (MFA) or One-Time Password (OTP). This department is typically responsible for correctly verifying user identities and assigning roles and access.
- Incident Response: People working in this field are often the first responders to cyberattacks. This process usually involves several stages, including detecting the attack, responding to it, and fixing it.
- End-user Education: The most important aspect of cybersecurity is, without a doubt, the human factor. For example, even if all your systems are secure (which is rare in large companies), if your employees lack the necessary awareness and understanding of cybersecurity, attackers will inevitably succeed in social engineering attacks.
Cybersecurity Training and Courses: How Can I Learn?
One of the biggest mistakes when learning cybersecurity is thinking of it as a separate field from other IT areas. Instead, it is more accurate to view cybersecurity as the pinnacle of the IT pyramid because to develop a good cybersecurity perspective, you must understand how the systems you are examining for vulnerabilities work. For example, understanding how a website works in application security requires basic software and network knowledge such as HTTP, JS, and HTML. In summary, having even basic software and network knowledge will greatly impact someone new to cybersecurity.
At this point, for someone new to cybersecurity and with basic software and network knowledge, we can recommend Cisco's free cybersecurity courses (1 and 2). Additionally, you can find many paid or free courses on platforms like Coursera and Udemy. Remember that the important thing when learning cybersecurity is the process. If you progress in application security, you can learn about the most common security vulnerabilities from the OWASP TOP 10 list after reaching a certain level, solve lab challenges on sites like PortSwigger Security Lab and HackTheBox, and improve your skills by discovering real vulnerabilities in areas like Bug Bounty.
Who is a Cybersecurity Specialist or Engineer? What Do They Do?
Today, when we talk about a career in cybersecurity, the title "cybersecurity specialist" often comes to the forefront, but there are many different roles in this field. While the roles and labels are constantly changing, here are some prominent ones:
- Cybersecurity Specialist: These individuals are responsible for the security of the network infrastructure and computers within companies. Cybersecurity specialists detect and correct potential threats within the company. They also use various software such as firewalls, antivirus programs, and intrusion detection systems to ensure the security of systems.
- Penetration Tester: These experts search for security vulnerabilities in target systems under contract with companies and provide reports for their correction. This field has three different approaches: black box, white box, and gray box. Black box penetration testing typically involves limited knowledge of the target application or company, with no access to the source code. In contrast, white box testing involves having information about the system or company and often access to the source code or structure of the target. Gray box testing lies in the middle, involving scenarios where limited information is available.
- Cybersecurity Engineer: These individuals design the security structures of existing systems, develop security approaches, and closely engage with the structures of the systems. They can create security architectures in various areas, from security coding to network infrastructure.
- Blue Team Member: Blue teams can be described as the defense teams within companies or institutions. They take various preventive measures with defensive approaches to networks, systems, or applications.
- Red Team Member: Red teams are responsible for offensive security. These teams identify potential security vulnerabilities, report them for correction, and conduct research based on scenarios that may occur in real life and apply these scenarios to their target systems.
- SOC Analyst: SOC analysts monitor the systems or software they are responsible for in real-time, analyze changes, and respond to threats or suspicious activities in the systems.
- DevSecOps Engineer: DevSecOps engineers are responsible for the security of software development processes. They provide a cybersecurity perspective to ongoing projects and implement security configurations.
In summary, the field of cybersecurity is constantly evolving with current technology. You can be confident that the current educational resources in the industry will take you much further. If you are interested in this field, you can research the roles in detail, choose the one that suits you best, and take your first step toward a cybersecurity career!