Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Posted By Jessica Weisman-Pitts

Posted on December 6, 2021

How to become a cybersecurity expert

By Dearbhail Kirwan, Information Security Consultant at Edgescan 

Fending off sophisticated attacks, maintaining a secure environment through vulnerability scanning and patch management, monitoring complex networks and securing an increasingly flexible and dispersed IT infrastructure are serious challenges. Never as much as today has it been necessary to attract bright minds to the cybersecurity industry to face those challenges and protect our way of living from attackers.

However, there is, and there has been for many years, a significant gap between the security jobs that need to be filled and the qualified candidates available. This is due to a number of factors, among which is the non-linear path that a lot of people took to end up in this industry. There are misconceptions around what a cybersecurity professional does, how they get into their profession, and what skills they are required to have.

The truth is that there is no right or wrong route into cybersecurity. It is an incredibly fulfilling career, all it requires is passion, commitment, and a good dose of common sense and critical thinking.

The Basics 

The importance of a firm understanding of the basics cannot be emphasised enough. Cybersecurity presents a unique challenge in the IT sector in that it factors into everything. Therefore, theoretically, an expert would need to know about every technology, how to protect it, and how it can be abused or broken.

This is a slightly unrealistic goal, but a combination of a strong understanding of underlying concepts and technologies, and a small amount of informed research goes a very long way when presented with an unknown technology. Knowledge about different technologies is always valuable, but it is the ability to combine existing knowledge and skills with new information that define an expert, more so than someone who has rote-learned about a wide variety of different technologies.

Learning 

Cybersecurity is a constantly developing field, new methods of protecting and exploiting are always under investigation. The body of knowledge of the field now is vastly different to what it was 20 years ago, and will be vastly different in 20 years’ time, so learning is always going to be part of the job. A proactive and interested approach will serve you well in this respect.

Time 

Time is an important part of the process and equates to exposure and practice in a variety of areas. These are hugely beneficial and in addition to increasing your knowledge, they can also serve to hone your instincts which is something you can’t learn from a book or the internet, and can be extremely valuable.

Critical Thinking and the Details 

“The devil is in the details“ is a phrase that is particularly relevant in cybersecurity. Most exploits are a consequence of an oversight in the details. Not everyone is detail oriented, but it is a skill that can be learned, and leveraging critical thinking and common sense along with detail orientation is a valuable skill for an expert.

Training and Certifications 

There’s a variety of routes in and no single route is best. The field is made up of a mixture of people who converted from other fields, and those who set out on a targeted route straight out of school. If you have relevant real-world experience in the field, a college degree (any level) is often not necessary but it may help in some situations.

There is also a wide array of certifications available and they can set you apart in many circumstances. The best certifications to get can change over time and differ depending on each individual’s interests and goals. Research the areas you want to work in and what the most valued certifications for that area are. If you do not have a specific area that you are interested in, or do not have any existing relevant qualifications such as a degree, start with a general entry level cybersecurity certification.

Who can become a cybersecurity expert

The short answer is: everyone. The reality of today’s threat landscape is that the industry needs as much diversity as it can have. Attackers have a variety of backgrounds and certainly don’t belong all to a single demographic. Opening up the industry to more groups that wouldn’t normally consider a career in cyber is essential to fill the blind spots that a homogeneous cohort inevitably ends up having.

It is time for the cybersecurity industry to push for inclusion by promoting training and mentoring initiatives that are open and accessible to everyone: together we’ll only get stronger and better at what we do.

Recommended for you

  • SoftwareOne to buy Norway’s Crayon in $1.4 billion Microsoft-focused takeover

  • Apple hits out at Meta’s numerous interoperability requests

  • Netherlands plans to include AI, biotech to investment screening law