Lesson 9: Pillar 4: Cybersecurity
Cybersecurity professionals protect information systems from theft, damage, or unauthorized access. This field is high-stakes, fast-paced, and requires constant vigilance.
What Does a Cyber Professional Do?
Cybersecurity roles fall into three main domains:
- Defensive (Blue Team): Monitoring, incident response, patching, and hardening systems.
- Offensive (Red Team): Ethically simulating attacks (Penetration Testing) to find vulnerabilities.
- Governance, Risk, and Compliance (GRC): Creating policies, auditing adherence, and ensuring legal compliance.
Core Skills Needed (Highly Interdisciplinary)
- Networking Fundamentals: Deep understanding of how data flows and where it can be intercepted (CompTIA Network+ level knowledge is baseline).
- Operating System Security: Knowing how to configure and audit both Windows and Linux securely.
- Threat Modeling: Thinking like an attacker to identify weak points.
- Cryptography: Understanding encryption and hashing principles.
Major Sub-Specialties
| Specialty | Focus Area | Entry Point/Certification |
|---|---|---|
| Security Analyst | Monitoring security feeds (SIEM) and triaging alerts | CompTIA Security+, Cisco CCNA Security |
| Penetration Tester | Finding and exploiting vulnerabilities | OSCP (Offensive Security Certified Professional) |
| Forensics Analyst | Investigating breaches and gathering evidence | CEH (Certified Ethical Hacker) |
Your Starting Roadmap
Cybersecurity is not a beginner's entry point; it requires foundational knowledge from Infrastructure or Development first.
- Build Your Foundation: Achieve solid knowledge in networking and system administration (Lessons 7 & 16).
- Learn Ethical Hacking Basics: Understand scanning tools like Nmap and vulnerability analysis (use platforms like TryHackMe).
- Set up a Safe Lab: Practice techniques in isolated virtual environments (Kali Linux is a standard tool).