Rocco Posted April 4, 2014 Share Posted April 4, 2014 Hello. I am very interested in getting into Computer Security. It is a very interesting field, but from what I have seen it isn't that easy to get into. Most jobs require 5+ years of work experience before hand. Also I have been told that I should get some sort of IT Security Certifications. So, If I am just starting out, and have no job experience in the field. How would you recommend I get into Computer Security? What certifications would you suggest I should get? What courses should I take? How should I get involved, etc? Quote Link to comment Share on other sites More sharing options...
cooper Posted April 5, 2014 Share Posted April 5, 2014 First be more specific since "computer security" is a very, VERY wide topic. Describe in your own words what you'd like to see yourself doing. Think things like: - hardening installations - architecting a network that properly segregates the important machines from those exposed to the internet. - set up a firewall - securing database installations - auditing widely used and/or externally visible software Most people are adequate at most of these. Few are good at some of these. Very few are great at one or two of these. Companies know this. They want you to have a fair knowledge of all of them (helps in communicating what others expect from you and what you expect from them) but to be at least good at one or two of them. That's where the 5 years experience comes in. You don't become great by reading a book once or attending a week-long seminar. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 5, 2014 Share Posted April 5, 2014 I did a survey of the indutry a few years ago asking these type of questions, I presented the results at BSides London: http://www.digininja.org/projects/breaking_in_part_1.php Quote Link to comment Share on other sites More sharing options...
Rocco Posted April 6, 2014 Author Share Posted April 6, 2014 Thank you very much Cooper and Digi-Ninja. I will take your advice and look at your blogpost about your BSidesLondon Talk. I will also do some more research. Quote Link to comment Share on other sites More sharing options...
cooper Posted April 7, 2014 Share Posted April 7, 2014 (edited) @digininja: Yesterday I watched the video of that talk you gave and one thing is puzzling me. You recommend getting on Twitter. Now, I'm aware that for someone who tries to be up to his eyeballs and beyond into technology it would be odd to NOT be into the whole social media thing, but I find it to be shockingly, stunningly, mind-numbingly boring to be bombarded on a continuous basis with all the social diarrhea the vast majority of mankind is spewing into these channels. I'm assuming your experience with this stuff is rather different, so I'm curious: What do you do with Twitter that makes it a valuable service to you? Edited April 7, 2014 by Cooper Quote Link to comment Share on other sites More sharing options...
digininja Posted April 7, 2014 Share Posted April 7, 2014 Two ways I think Twitter helps. First, posting and RTing stuff to get followers. The more relevant followers you have the easier it is to get help if you've got problems. Last week I was on a test, I had a problem and asked and within minutes had the original author of the tool I was using offering support and someone else offering an alternative answer. Without Twitter it would have been mailing lists or IRC and the first is slow, the second I've not found any decent channels with the quantity of users to give good support. The key is having the followers who are relevant to what you do. The second is getting news, I do Twitter slightly different to most people, I only follow about 130 people.These are people I trust to post useful information and so anything important tends to get filtered through them, I have a second account that follows everyone and that is useless apart from occasionally looking at when bored. Quote Link to comment Share on other sites More sharing options...
skibo187 Posted May 13, 2014 Share Posted May 13, 2014 (edited) I got in thru Cisco in college. Learn the following: 1. Network functionality and connections (ex: Packets, Handshaking) 2. Learn Wireless and Security (WEP, WPA, WPA2) 3. Learn how Workstations works with Networks (OSI model) 4. Learn the impacts of security in a whole (More in depth, usually thru college classes) 5. Learn how Applications are designed to communicate (SQL, Databases, PHP, and Ruby) 6. Learn a few program languages (C, C++, C Script, python and VBS) 7. Learn how to use network software and how they function (eg: wireshark, snort) 8. And more importantly NEVER STOP LEARNING!!!!!!!!! That's how I got into the Game. Good Luck. Edited May 13, 2014 by skibo187 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.