Yes that is right. You should learn cybersecurity. Everyone should learn cybersecurity to some degree and learning through practice is the way to go. Having knowledge and awareness about cybersecurity is necessary for everyone that uses a computer or a phone. If you want to land a job within cybersecurity or transition from one role to another – more knowledge and practice is the way to go.
Why should I learn cybersecurity?
Learning and leveling up your cybersecurity skills is not necessary something that has to do with you wanting to get a job within cybersecurity. In this day and age it is necessary to have a basic understanding and awareness of cybersecurity no matter what you work with.
Having basic knowledge about what techniques hackers are using to attack people and companies and how to recognize them will help you tremendously. You would not want to be the one that takes down the company you work for or jeopardize the family photos saved on the computer at home, do you?
What should I learn?
This depends on who you are and what your ambitions are. Lets think of this from the perspective of Alice and Bob.
- Alice wants to start a career in cybersecurity
- Bob just wants to know the bare minimum to not embarrass himself
Bob will have to learn about the most common ways people get in trouble and how to avoid doing the most common mistakes. Knowing this is a huge win for Bob. Alice will of course have to know the same information as Bob but also have a deeper understanding of the techniques deployed by hackers and how to detect and prevent them.
For Bob it might be enough to know that there is something called phishing and what to be on the look out for regarding phishing emails. Alice on the other hand should know the same things as Bob about phishing but also more details on common phishing techniques and how to analyze and interpret a full email message header for example.
How should I learn about cybersecurity?
Again this depends on your goal – are you Alice or Bob in this scenario? But the common denominator no matter what your goals are is to:
For Bob this could for example be by first reading the top 5 things look at with critical eyes with regards to phishing. Then Bob should be shown a few emails sent to a fictitious person and Bob’s task is to determine if the emails are phishing or not based on the top 5 things he was supposed to look at. This is a great exercise because it simulates what Bob will be exposed to in the real world later.
Alice should do the same type of exercise but with even harder to detect phishing emails that requires Alice to do some investigative work in order to answer if the emails are phishing or not. For example analyzing attachments and links in the email. Maybe Alice also should be tasked with the task of creating her own phishing email – this forces her to think like a hacker and identify techniques that she thinks will fool the recipient.
Where can I learn about cybersecurity?
You have come to the right place! Here at Guppy Security we will publish good to know information about all things cybersecurity related. The contents of this site will include both high level overviews and summaries that would be beneficial for Bob to read. But more energy and focus will be spent on creating content for the more advanced users, like Alice. Including labs available for paying subscribers on Substack.
Start with the first lab where you will create your own windows process anomaly detection tool in Python
Or learn how to analyze Nmap traffic with Wireshark. If you do not want to try out the labs on your own computer – creating a Active Directory VM lab setup might be the way to go for you.