During Cyber Security Awareness Month we hear about how important being #CyberAware is. "Do your part! Be careful!" It's important to take this seriously. But additionally, this field offers job opportunities.
You Need a Multi-Part Foundation
Cyber security builds on fundamental knowledge and skills.
What does it take to harden a server, then a network, and finally an entire ecosystem of connected computers? Much of it comes from being careful and complete.
Three Pillars of Cyber Security
The field relies on three main technical areas. They are networking, operating systems, and, finally, cryptography. You need to understand those pieces, and then see how they fit together. Let's look at them one at a time.
You hear about networking protocols. Those are formal rules for communication across a network. A device must follow these rules to send data. What's more, the rules define how to respond to incoming data.
There are many protocols. They accomplish different tasks at different layers. First, Ethernet transmits data frames across a local-area network. One hop, over a short distance. Then, IP gets a packet to a specific host on the other side of the world. Many hops, around the world. Later, UDP delivers a short message to a specific program on a host. Also, TCP connects a two-way data stream to a specific program. Finally, application-layer protocols do what we users think about. "Show me that web page." "Next, store this file." "Now, connect me to the database."
The protocols define a language. In human terms, it's like "Here's how to speak French", and also, "When someone speaks French, here how to understand them."
However, what if they're not really following the rules? Maybe you've switched the DVD audio to French and Jean Reno is using some tough-guy slang. It's French, sort of. But now you may become confused.
On a network, you see, bad guys may send slightly incorrect or inappropriate data. Maybe they're trying to avoid detection. Or, maybe they hope to slip data past firewall rules.
Know the network language. Certification exams like CompTIA Security+ and ISC2 CISSP and CCSP will assume you're fluent.
How can you get up to speed? Learning Tree's Introduction to Networking Training course is a great overview. If you don't have the time or training budget, try self-study with an older edition of Internetworking With TCP/IP by Doug Comer.
Now, what are we connecting?
System administration builds on top of user skills. First, become an adept user. Later, you can advance to running servers.
Learn PowerShell on Windows. Good system administrators use PowerShell to automate tasks, because it is both a command-line shell and a scripting language.
For Linux and other UNIX-family operating systems, learn the fundamentals of system administration. Learning Tree's Linux Administration and Support Training builds on top of user command-line skills learned in the Introduction to Linux Training.
Then, make sure you can tie the operating system to the network.
Let's say you take the CompTIA Security+ exam. And, let's say you haven't taken Learning Tree's CompTIA Security+ Training course. You may have an unpleasant surprise.
Security+ now shows you network command output. Next, it asks you to diagnose the problem causing what you see. This surprises people, because CompTIA's study books don't mention this. Many people taking Security+ are blindsided by the questions about IP configuration.
You see, it's those network protocols or rules plus command output specific to both Windows and Linux.
Next, things get cryptic.
Cryptography is the third major component of cyber security. It contains several parts.
Its three basic components are hash functions, symmetric encryption, and asymmetric (or public-key) encryption.
Next, combine a hash with asymmetric encryption. Now you have a digital signature.
Next, wrap a public key inside a digital signature by a trusted third party. Now you have a digital certificate.
Web security requires digital certificates. You must trust these in two ways. First, you must have confidence in the mathematics -- did we use an appropriate hash and cipher? Second, you must trust the issuer, the Certificate Authority -- are they careful and ethical?
Things change in cryptography. For a while, everyone used RC4. It's a fast stream cipher. But then cryptographers found weaknesses. Therefore, we quit using RC4. In fact, we had no trustworthy stream cipher for a while. But now, new strong stream ciphers have come along.
Everyone has reconfigured their servers again and again over the past few years, because our understanding of what is secure has changed.
While cyber security is a challenge, it can be rewarding. What's more, there's job security. Something always needs fixing! Consider the career path. However, don't start down the path unprepared.