DEV Community

Cover image for Getting Started In Cyber security - A 2023 Guide
Mohab Gabber
Mohab Gabber

Posted on • Edited on

Getting Started In Cyber security - A 2023 Guide

What Is Cyber Security?

In general, it is the act of protecting computer software/hardware from malicious attacks by adversaries. Cyber security is rapidly increasing in popularity due to the recent explosion of attacks and breaches worldwide, which has made it an ever-appreciated skill because businesses nowadays won't survive in the digital realm without at least applying the basic principles of digital security.

How Can I Get Into Cybersecurity?

Well, getting into Cyber Security is getting easier and easier. Today, there are tons of websites, courses, and tutorials, most of which are free. I’ll include a list of recommended courses and tutorials at the end of the article.

What about jobs?

Like any other tech field, there are lots and lots of roles one can specialize in, but generally speaking, we can divide cyber security jobs into two categories:

1: The Defensive side
In defensive security, the main job of a specialist is to make sure no one gets into the system, and if someone does, they make sure that the least possible damage is done. This can be achieved in a variety of ways, generally by keeping logs and applying "Intrusion Detection Systems" and "Intrusion Prevention Systems", adding firewall rules, updating systems, applying security patches, and having a set of procedures to perform if a breach happens.

2: The Offensive side
Specialists in this category focus more on identifying vulnerabilities in a system; this is done by simulating an attack on a target using real-world techniques, basically acting as an adversary. For a specific attacker to be called a white hat hacker, they need to acquire the permission of the target company or individual; otherwise, they are known as a grey hat hacker or a black hat hacker.

White hat vs. Grey hat vs. Black hat

To distinguish hackers who access information without authorization from those who do acquire authorization, we use this naming convention.

White hat hackers: In short, a white hat hacker is a hacker who acquires permission to hack into a specific system.
Grey hat hackers: A grey hat hacker doesn't necessarily follow the laws or typical ethical standards but doesn't have malicious intentions.
Black hat hackers: Black hat hackers are unauthorized intruders; they hack systems typically for monetary gains or any other malicious or illegal intent.

Skills needed to get into the field

Cybersecurity is very different compared to other tech jobs, unlike a web developer, who only needs to know how websites work, how servers operate, etc. A specialist in cybersecurity needs to know how websites work, how servers operate, how networks work, how operating systems work, how frameworks and programming languages work, etc. The nature of cybersecurity requires specialists in the field to have good enough knowledge about almost all aspects of computers. But to make it easier for you, I made a list of General skills to have:

  • Networking and Network Protocols
  • Scripting and Automation
  • Cryptography
  • Linux OS
  • Databases and The basics of Authentication

Here is a mind map to simplify things a little bit.

Image description

Certifications

Certifications are not necessary to acquire, but they can still give you more chances for jobs around the world. As a beginner, I do not recommend pursuing certifications now; the goal is to acquire as much practical knowledge as possible, but once you feel ready to work in actual corporate environments, you can start acquiring certifications to make your CV look better. The following is a list of cybersecurity certifications to start your career with.

  • eJPT (eLearnSecurity Junior Penetration Tester)
  • OSCP (Offensive Security Certified Professional)
  • CEH (Certified Ethical Hacker)
  • CCNA (Cisco Certified Network Associate)

Some Resources To Get You Started

Here are some links and resources to get you started in cybersecurity. They might be a bit overwhelming, but once you get started in one of them, try to draw a path for yourself, for example, towards a specific certification or job role, and just digest as much knowledge as possible.

  • tryhackme: is a great resource for beginners, it has paths and rooms to teach you about various skills needed to master cyber security, it’s mostly free but some rooms require subscription.
  • hackthebox: it’s kinda more advanced, and provides challenges for you to test your skills (Known as CTF or capture the flag), but I don’t recommend it if you are just getting started.
  • hackthebox academy: provides you with rooms and modules to teach you about certain topics in cyber security, it’s good but I still recommend tryhackme for beginners.
  • freecodecamp: the biggest tech youtube channel out there, provides you with hours and hours of content to learn almost everything technology related.
  • defendtheweb: is a website focused on web application pen-testing, has a lot of informative articles about various topics in the field, and has a great community to interact with.
  • cmd: a website that tests your Linux skills
  • David Bombal: is a youtube channel hosted by David Bombal, who makes lots of interviews with hackers and cybersecurity experts, to discuss various topics in the field.
  • John Hammond: a youtube channel where john hammond talks about exploits, malware analysis, and capture-the-flag challenges.
  • LiveOverflow: is a youtube channel where the host discusses various topics and ideas in the cybersec industry.
  • Seytonic: talks about the latest cybersec news, so you can stay up-to-date.
  • the cyber mentor: discusses various ideas and topics in cybersec and makes tutorials for beginners in the field.

I guess this is enough for you to get started. If you use all of these resources, you’ll gain a huge amount of knowledge in the industry in a short amount of time.

I hope this article helps someone out there. If you like it, share it :D

Thank you for reading <3

Top comments (0)