BEST STEPS AND RESOURCES TO BECOME A CYBER SECURITY PRO
Here are five things that have impacted me in my career and
have helped me grow as a security person and as a human being. These things are
prepared me to become a cybersecurity professional engineer.
1. Get a solid understanding of systems and networks.
Systems and networks are the basis of everything we do in security. If you want
to be better in security, you must have a base in TCP / IP. Both the
theoretical side and application side. The easiest way to get this experience
is to become a system administrator. The lessons I learned as a systems
administrator allow me to talk about things in security, such as DNS, that if I
had never fought, I would only be talking about theory. Since I have had a DNS
server and configured zones in my hands, I really understand the DNS security
challenges.
2. If you don't have Virtual Box installed on your laptop,
do it now. Virtual machines are your friend. With virtualization you can
configure different machines (Windows, Linux, etc.) and connect them to each
other. You can practice with the best security distributions (Kali, Web
Security Dojo, etc.) without being arrested! Learn to use Virtual Box and
create virtual machines to test things and learn how they work. Have a system
administrator mentality.
3. Read like crazy. In the security business, things are
always changing. Be it new technologies (threat intelligence is the most
popular now) or new techniques, this is not a stagnant industry. To advance in
any industry, you must continue to grow and learn. Become an avid reader and
learn from the books you read. Although the university is over, take notes on
the things that catch you in the book and act on them. Don't think you should
limit yourself to nonfiction. Sprinkle fiction to expand your mind.
4. Take advantage of the training resources available on the
Internet. There are so many free security courses and training opportunities,
from universities (Stanford and MIT), Security Tube, where all local
conferences are archived, and Udemy. Take advantage of the content that is
available and learn from it. Choose a specific topic and focus on it for a
month. If you don't know anything about Javascript, then learn it. You do not
need the skill of someone who builds websites daily, but knowledge can be
applied when the situation arises.
5. Network, and not in a cheesy walk and hand out business
cards. Make friends in the security industry. Do this on twitter. Do not use
Twitter as a news source. Respond to security people and participate in
conversations. The worst thing that happens is that they ignore you. Go to
conferences and do not stay alone in the back of the room as if you were in a
high school dance. Introduce yourself to people, talk before sessions begin,
become part of the community. You will benefit greatly from the relationships
you establish with real security people.
Source from Quora