Right, this is about the time in most blogs when you realise that you have only a few readers & you begin to wonder whether the whole thing is a pointless exercise…
(Incidentally, that piccie is me during my time in the bunker, see previous blogs but I thought the piccie summed it all up pretty well!)
Well, I’m using this point to checkpoint where I’m up to in my career plans, with particularly reference to technology & cyber security. Here are a couple of things I’ve learnt so far:
They don’t make it easy. You will read loads of articles reporting on massive gaps in the sector & from experts saying that it needs x thousand people by 2020. But, transitioning is very difficult. Routes are not clear. It typically comes down to that old adage; if you’re not already doing to the role then it’s hard to break into the area…
Cyber security does not just mean network security & firewalls. There’s a lot more to it but it sometimes feels like not everyone got the memo. I have a feeling the software development cycle & human factor will become increasing important. What route should I take? Should I just have swallowed the pill & done the CISCO networking qualifications?
You can find cyber security in your current role (probably). Unless you’re a goat-herder in Sinai, there are aspects of IT security in most roles. As I’ve done a lot of software testing I’ve had great fun with the following:
- Finding a web form which leaves the organisation open to an SQL injection attack (success)
- Discovering that a display screen for orders could be viewed by any user over the web with no credentials (great success)
- Checking whether IP addresses can be faked as discovered that communications from a server to our mail server did not have any credentials other than the IP address. Turns out it’s very hard (impossible for me) to fake an IP address to get through the firewall (kinda success)
I think I’ve got the mustard for penetration testing. I’m irritating & I think that helps. I just need to develop my technical skills on par with my ‘gitness’ skills.
So, where does that leave me?
Well, I’m half-way through my computing degree with the OU. I’m not happy with my current module as it reads like it was written in 2006. The book on nuclear war wasn’t on the reading list.
Next year I move onto Java & web technologies. Believe it or not, there is no cyber security track. I did ask & was told ‘it’s part of every module’. Kinda true but also not that helpful.
Hence my remarks about flaky. I’ve learnt stacks so far but there’s still so far to go…that should be a song…My mind is awash with courses, certifications, entry level jobs, challenges & virtual ports….
I’m going to be revisiting my career plans in the next few weeks but am facing a few changes at work. I’m not really sure where this is going to end up so stay tuned. Let’s just hope I don’t go totally crazy with all this adventure…
Crazy Adventures in Cyber Security 