Cybersecurity is Calling! by Cyber In Africa

CYBERSECURITY IS CALLING! Taking a look at the cybersecurity profession.

SPECIAL PUBLICATION

CONTENTS Getting Started in Cybersecurity by Tendai Marengereke Cybersecurity jobs playing cat and mouse? It is time to create your own role by Simbiat Ozioma Cyber Defense Simulation Training by Yelbridges

GETTING STARTED...

Venturing into the field of Information Security (a.k.a Cyber Security) can be a quite daunting task. Question you might be asking yourself is: I am not so technical, how can I start? I saw a series on T.V where a Mr. Robot was hacking an Evil Corporation, I really want to be like him how can I do it? There is a plethora of good information out there, many training, boot camps; certificates and degrees being offered by different entities. It can be quite overwhelming for a beginner to understand and choose the appropriate starting point and career path. I have had the pleasure of training and guiding numerous students into various jobs in the industry. I will try to distil the different fields of Information Security available to potential practitioners. As someone coming from a low income country, I will also point to the cheaper and faster option to success.

Jobs in Cybersecurity (IS) NIST: National Institute of Standards and Technology has the NICE Cybersecurity Workforce Framework which helps job seekers figure out what employers are looking for. It provides a blueprint to categorize, organize, and describe cybersecurity work into Categories, Specialty Areas, Work Roles, tasks, and knowledge, skills, and abilities (KSAs).Â A good first step towards finding the work you want to do is to identify the tasks that float your boat and map them to jobs that give you the opportunity to do just that. Table 1 below details the various categories and Jobs as specified by NICE.

SIMPLIFIED CYBERSECURITY DOMAINS Ethical Hacking/Penetration Testing It is the process of finding possible exploitable situation in a given target. Evaluating the target is actually against a live attack. Proposing controls, repairs to found loopholes Jobs Available Vulnerability Assessment Penetration Tester Operations Security Red Team Researchers Trainer

Digital Forensics Incidence Response (DFIR) & Open Source Intelligence The post-mortem specialist for Information Technology Responsible for after incident evaluation of a target. Cyber Investigator Jobs Available Digital Forensics Expert Log Analyst SEIM Analyst Security Operation Analysts Computer Crime Investigator Disaster Recovery Expert Malware Researcher

Compliance Reviews the systems and networks and related security policies with regards to Industrial standards. IT Auditor Compliance Monitor Risk Manager Risk Analysts

“A COMPUTER SECURITY INCIDENT IS ANY UNLAWFUL, UNAUTHORIZED, OR UNACCEPTABLE ACTION THAT INVOLVES A COMPUTER SYSTEM OR A COMPUTER NETWORK” -Kevin Mandia, CEO of FireEye & renowned Author

Other InfoSec Job Areas Security Administration Sys- admin IDS/Firewall Admin Secure Developer Researcher Malware Analysis Exploit Developer Academia Helpdesk Management CISO – Chief Information Security Officer The jobs listed are not exhaustive but give a general idea of where you can choose to aim towards. There is also a growing trend of dividing Cybersec roles into Blue Team (defensive) vs Red Team (Offensive), do not be surprised when one comes across such terminology.

CATEGORY

PROTECT & DEFEND

COLLECT & OPERATE

INVESTIGA TE

SPECIALTY AREAS/JOBS

Cyber Defence Cyber Defence Infrastructure Support ( SIEM)· Incident Response Vulnerability Assessment & Management

Risk Management Software Development Systems Architecture Systems Development Systems Requirements Planning Tech R & D · Testing & Evaluation Cyber Investigation Digital Forensics

SHORT DESCRIPTION

Identifies, analyses, and mitigates threats to internal information technology (IT) systemsand/or networks.

Conceptualizes, designs, procures, and/or builds secure information technology (IT) systems, with responsibility for aspects of system and/or network development.

Cybersecurity Jobs/Speciality Areas relative to NICE Framework

TECHNICAL SKILLS REQUIRED Main Skills Operating Systems – Windows & Linux & Android Networking (TCP/IP/switching/routing/protocols, etc.) System Administration (Windows/Linux/Active Directory/Database/hardening, virtualization etc.) Programming & Scripting (programming concepts/scripting/oop basics) – python, ruby, bash, PowerShell

Additional skills Assembly & Shell Coding Application – Learning how to configure EMAIL, DNS, and Web Servers etc.

Education – University or Knowledge or Certification? The question asked the most by people is “Do I really need to get a degree or should I get a certification instead?”, some even go further to say I would rather be self-taught and after all most rock star tech leaders are self-taught or university drop-outs.

TAKE THE CHALLENGE BE A WARRIOR, JOIN THE FIGHT. UNIVERSITY ROUTE This involves obtaining a associate/bachelors/masters degree in a cyberSecurity Related Course. I believe that nothing beats learning all the core concepts at a university before delving into the industry, but this is an expensive process that is out of the reach of majority as fees high e.g. in Southern Africa is USD$1000-$1500 per Semester. So for a 4 year degree program a student would need USD $12 000 without accommodation, food and transportation fees. So for a beginner without funds a degree program is out of the question.

CERTIFICATION ROUTE I recommend the certification route, but in coupled together with consistent selfteaching via various means I will cover in more details. Daniel Miessler has a good blog post on his website detailing the various certification on offer. While the least is comprehensive I think some of the suggestion do not work for a person from a low income country such as myself.

HOW TO GET BETTER? HOW TO PREPARE FOR CERTIFICATIONS? "To improve is to change; to be perfect is to change often."

To achieve this I suggest... Setting up a home Lab to practice Learn Virtualisation - Virtual Box, VMware Install Kali Linux and learn and master the tools in there Learn Metaspoilt Learn Maltego Learn Empire, BloodHound Learn about firewalls and IDS – download and install Bro, PFSense, AlienVault Download IOS from various source to learn, download from sources such as VulnHub

"TO GET BETTER AND PASS CERTIFICATIONS YOU HAVE TO PRACTICE AND CONTINUOUSLY LEARN NEW THINGS."

Pentesterlab Free Windows Hyper-V images PiHole - Network-wide Ad Blocking Microsoft Virtual Labs - to learn Active Directory Try getting the Github Education Pack if you are a Student Use free Education Resources such as: Cybrary IBM Academy Pentester Lab Open Security Training

- Tendai Marengereke

Plural Site Microsoft Virtual Lab HackerOne

THINGS TO REMEMBER?

Keep learning, build a lab be it a physical or virtual. Keep informed on the latest exploits and vulnerabilities. Take self-paced online training, follow other cybersecurity people on Twitter. There are a lot of websites, tools, books and people to follow and learn from, which will require another article to cover.

Information Security requires a continuous passion to persistently learn how technology works, Note I refer to technology and not computers. Computing as we know will continue to evolve exponentially, in the late 1900s we had the processer and progressed to the personal computer, then the portable computer, then the mobile and now IOT and AI. This ever changing landscape means the risk and attacks vectors of these technology will recover constant updating of knowledge by cyber defenders.

ETHICS As I mentioned in the beginning some want to start Cybersecurity sometimes wishing to be like Mr Robot, but remember to always choose the good side. Defenders of the Galaxy against the Mad Titans. Hope this helps people starting out in the field. Go forth and defend the universe. Tendai Marengereke is a Cyber Security Specialist based in Zimbabwe, he trains Information Security & Assurance at the Harare Institute of Technology.

Get in touch: @marengz linkedin.com/in/tmarengereke

He is also a Cybersecurity and OSINT freelancer for Maltego Technologies, the company that manages Maltego [popular Link Analysis & OSINT software]. He is studying for his PhD focusing on detection and prediction of Social Cyber Security threats using Open Source

CYBERSECURITY JOBS PLAYING CAT & MOUSE?

IT IS TIME TO CREATE YOUR SECURITY ROLE

With the increase in the interest for cyber security and the cyber security talent shortage, a lot of people have picked up interest and acquired some level of skills as regards cyber security. But there is still a big problem. Placement for them to have a hands-on experience and possibly increase their level of expertise. Especially in a country like Nigeria where there are limited position for cyber security personnel(with little or no years of experience) because a lot of organization/businesses do not have a cyber security team/unit YET and the one’s that do wants a certain level of experience/expertise.

I get couple of DM’s regularly as regards internship position in a cyber security firm/industry and truth be told, I had the same problem myself. Finally I got an internship position in an IT department .Guess what I was doing?

Do you have cybersecurity skills and looking for a way to make use of them, I think it is time to “ get into that organization and create a security role for yourself ” How you say?

- Ozioma Simbiat Writing Codes: I am not saying writing Code is bad but I wanted something different (maybe running a vulnerability scan and coming up with a report). After a while I got acquainted with It may be difficult but there is no harm some of my colleagues where I shared my passion(cyber security) with them but then most had no idea what I was in trying. Every organization/business be it large or small needs to put in talking about but they were getting the message. I was the reserved and shy type so I didn’t really get to interact with my cybersecurity strategies to combat the bosses(I really wished I did) unless it gets to debugging some increase in cyber-attacks. coding errors. What could I have done differently? What can people do differently? Do they still need to hustle for cybersecurity positions /internships? Maybe NotI cybersecfill.com

Volunteer to run a penetration test for their network:

HOW TO CREATE A CYBER SECURITY ROLE

In this case, you are able to simulate cyber-attack on the network, application or system to find security vulnerabilities that an attacker can exploit. This will help test their defense After which you come with recommendations to be implemented. Reach out to small business owners for a free security awareness training: This will give you exposure and aid your networking. You never can tell where your next referral is coming from. Join the bug bounty hunt: Bug bounty hunters are being paid for finding vulnerabilities in software,websites and web applications.Cool Right! Once you have the knowledge and the right tools,you should start looking for bugs to squash.There are a lot of bug bounty programs . Click here for the complete list Write something: I always emphasize on the need to put something out there. People are watching and reading. Write anything as related to cybersecurity. It may be a tool you used and you found an easy way around, you discovered a new idea you want to share, WRITE!

Start looking out for roles not just in cybersecurity but IT as a well: All businesses and organization that uses a computers and internet connected device need cybersecurity expertise to protect

By Ozioma Simbiat, Cybersecurity Analyst.

themselves. Getting into the IT unit will give you an opportunity to sell your skills to the manager or whoever is incharge.(It may take a lot of convincing but it can be done). Create cybersecurity Awareness for your team/colleague: You need to have a good communication skill if you want to stand out and be heard. Take time out of your busy schedule to interact with your colleagues about the need for cybersecurity. You might be talking to someone who has great access to the top team and a discussion about your talk may pop up. Volunteer to run a vulnerability Scan: Vulnerability scan gives you a holistic view as the regards weaknesses in the organization. Running a vulnerability scan and giving out a report about the weaknesses in the organization’s system and network and what damage can be done if exploited is a way to go.

FIND YOUR OWN PATH OR CREATE ONE FOR YOURSELF

IN VIEW...

Get Published!

Cybersecurity is a mission and esearch-driven profession. Consider a career in protection the internet and digital societies.

Get your or your organization's work published. Market your brand with us. Build your thought & knowledge leadership.

There are many opportunities for workers to start and advance their careers within cybersecurity.

Email us today: editor@cyberinafrica.com

REFERENCES https://niccs.us-cert.gov/workforce-development/cyber-securityworkforce-framewor https://expel.io/blog/a-beginners-guide-to-getting-started-incybersecurity/ https://danielmiessler.com/blog/infoseccerts/ https://medium.com/@Stephen_Chap/how-i-got-a-job-in-cybersecurity-78810a1b6cd6 https://shesecures.org/african-women-career-cyber-security https://www.brookings.edu/blog/africa-infocus/2018/06/04/cybersecurity-in-africa-securing-businesses-witha-local-approach-with-global-standards/