BEST STEPS AND RESOURCES TO BECOME A CYBER SECURITY PRO

BEST STEPS AND RESOURCES TO BECOME A CYBER SECURITY PRO

Here are five things that have impacted me in my career and have helped me grow as a security person and as a human being. These things are prepared me to become a cybersecurity professional engineer.

1. Get a solid understanding of systems and networks. Systems and networks are the basis of everything we do in security. If you want to be better in security, you must have a base in TCP / IP. Both the theoretical side and application side. The easiest way to get this experience is to become a system administrator. The lessons I learned as a systems administrator allow me to talk about things in security, such as DNS, that if I had never fought, I would only be talking about theory. Since I have had a DNS server and configured zones in my hands, I really understand the DNS security challenges.

2. If you don't have Virtual Box installed on your laptop, do it now. Virtual machines are your friend. With virtualization you can configure different machines (Windows, Linux, etc.) and connect them to each other. You can practice with the best security distributions (Kali, Web Security Dojo, etc.) without being arrested! Learn to use Virtual Box and create virtual machines to test things and learn how they work. Have a system administrator mentality.

3. Read like crazy. In the security business, things are always changing. Be it new technologies (threat intelligence is the most popular now) or new techniques, this is not a stagnant industry. To advance in any industry, you must continue to grow and learn. Become an avid reader and learn from the books you read. Although the university is over, take notes on the things that catch you in the book and act on them. Don't think you should limit yourself to nonfiction. Sprinkle fiction to expand your mind.

4. Take advantage of the training resources available on the Internet. There are so many free security courses and training opportunities, from universities (Stanford and MIT), Security Tube, where all local conferences are archived, and Udemy. Take advantage of the content that is available and learn from it. Choose a specific topic and focus on it for a month. If you don't know anything about Javascript, then learn it. You do not need the skill of someone who builds websites daily, but knowledge can be applied when the situation arises.

5. Network, and not in a cheesy walk and hand out business cards. Make friends in the security industry. Do this on twitter. Do not use Twitter as a news source. Respond to security people and participate in conversations. The worst thing that happens is that they ignore you. Go to conferences and do not stay alone in the back of the room as if you were in a high school dance. Introduce yourself to people, talk before sessions begin, become part of the community. You will benefit greatly from the relationships you establish with real security people.

Source from Quora