Are you considering a career in cyber security? Perhaps you’re new to the industry, or you’re an experienced IT or security professional who wants to step into the exciting world of ethical hacking. Cyber security professionals are in high demand right now, and that demand is only going to increase within the next few months and years.
Working from home has now become normal for hundreds of thousands of people, offices have gone remote and service delivery has completely changed in the wake of the current pandemic. COVID-19 has seen a large increase in cyber-attacks such as phishing scams and other online fraud.
Even before the pandemic, “digital by default” has been somewhat of a buzzword with Governments and businesses for many years now. Technology is the most efficient way of delivering services, it’s made countless improvements to the way that we live our lives.
We have virtual reality, robotic vacuum cleaners, home security cameras and 3D-printers all connected to the internet. Yet, all these devices can (and probably will) be hacked at some point – that’s if they haven’t been hacked already.
The impact of a cyber-attack can be devastating for both individuals and companies, something as simple as hacked Social Media account could destroy someone’s personal life and damage their livelihood.
Every new device manufacturer and software company needs to employ cyber security professionals to ensure their devices are secure for the end user. Every large company also needs in-house cyber security experts in permanent full-time positions and small businesses will need ongoing consultancy and advice.
There’s never been a better time to get into cyber security and there’s a high chance you’ve got many of the required skills to get started.
Here is a list of 8 essential skills for a cyber security professional.
Problem Solving & Troubleshooting
You’ll need to be able to identify problems with files, software and databases at a high level. You’ll do this by monitoring systems and spotting any unusual patterns of activity.
If you already work in IT or technical support, you’ll likely have an excellent foundation in problem solving to begin with so moving into cyber security is an excellent way to improve your skills.
Cyber security professionals solve complex problems on a daily basis, such as network architecture design for thousands of users, or looking for bugs and backdoors in code. You may also be required to diagnose and repair issues with company networks, including hardware, software, networking and other communication equipment.
Problem solving is also an important part of Continuous Professional Development for seasoned cyber security professionals and experienced ethical hackers.
As a cyber security professional, you’ll be required to analyse data and carry out audits, spot checks and other monitoring activities. You’ll be proficient at reading, editing and displaying data in various formats.
You’ll be confident working with large databases, querying data and creating user-friendly dashboards. This also means careful analysis and drawing meaningful conclusions from the data using your own experience, helping to make data-driven decisions within your organisation.
Coding and/or Software Development
Most cyber security professionals will know one or more programming languages. The most common include:
It’s also common for cyber security professionals to know popular operating systems inside out (Windows, Mac OS, iOS, Android and Linux) more than an average user. They will be able to confidentially navigate the computer and carry out day-to-day tasks using the Command Line Interface (CLI).
Cyber security professionals need to analyse code to identify and patch possible backdoors that could lead to security breachers, so in-depth knowledge of at least one programming language is required.
Cyber security professionals will have an excellent grasp of networking infrastructure. From access points, switches and routers to cabling, patch panels and telephony, you’ll need to know exactly how this equipment functions to determine where the weak spots are.
In a modern office, there are thousands of packets of data being sent and received every second. There are wired workstations, laptops, mobile phones, visitors and guests connecting to WiFi, and you may ever have smart devices like speakers or light bulbs too. That’s a lot of different opportunities for hackers to make their way in!
You’ll need to keep a networked environment secure and difficult for hackers to break into, as well as audit existing networks for back doors or other weak areas.
Pen Testing & Ethical Hacking
Penetration testing and ethical hacking – to stop a hacker, you have to think like a hacker!
Pen testing and ethical hacking involve actively attempting to break-in to a computer system or network, for the sole purpose of highlighting the security issues. Improvement is the ultimate intention of ethical hacking. Ethical hackers are sometimes hired by a company to test how robust existing security systems are.
They will test security by attempting to use methods such as brute forcing, dictionary password attacks, social engineering and Distributed Denial-of-Service (DDoS) attacks. Attempting many of these methods is illegal in most countries, so ethical hackers are highly trained individuals with prior permission to “hack” into a company in order to help them make improvements.
Attention to Detail
You will always need to be vigilant and alert to ensure that no threats slip through, as tiny mistakes can have major consequences.
Imagine being an air traffic controller at a busy Pre-Covid airport, except you’re dealing with virtual traffic and packets of data. You need to ensure that every potential outcome has been accounted for.
Cyber security is meticulous, ever-changing, and even the most minute detail, such as an extra set of parentheses or a stray curly bracket can cause entire networks to go down. Plus, criminals are always looking for new ways to launch cyber-attacks, it’s your job to stay at least two steps ahead of them.
This may sound like a generic job description, but communication skills are vital for a successful cyber security professional. Presenting complex or technical information in an understandable way is no easy task.
You’ll be required to collaborate with staff at different levels within a company, so you’ll need excellent written and spoken communication skills.
Common communication tasks may include presenting risk reports to management and communicating important updates to end users. Remember that cyber security is about user behaviour as much as it is about technical protection, getting people to change their behaviour is hard, so you’ll need to use persuasive language to influence best practice in cyber security.
That’s why communication skills are so important in any cyber security role.
If you’re a cyber security professional in a large organisation, you’ll most likely be part of a team. When delivering new projects, companies use methodologies such as PRINCE2 or Agile Project Management principles, which are more efficient and flexible than traditional project management.
Agile project management methodology is mainstream within the general IT sector. This means having knowledge of agile principles and ways of working, as well as taking ownership of your work, communicating progress and meeting deadlines.
Cyber security professionals require a mixture of general and specialist skills:
- Problem solving and general troubleshooting
- Data analysis – reading data, drawing conclusions, making recommendations
- Coding or software development – Java, Python, PHP, etc
- Networking design and infrastructure
- Pen testing and ethical hacking
- Attention to detail
- Excellent communication skills – turning complex/technical data into easy-to-understand information
- Project management – Agile, PRINCE2, or other modern methodology
In addition to this, you’ll also need to be extremely passionate about cyber security in general. Remember that things are always changing, so you need to be especially willing to continuously improve and learn new skills.