Welcome to CyberInfoVeritas (The Truth About Cybersecurity). I started in the IT field during the 1990’s and later transitioned into Cybersecurity. I spent most of my working years in management positions at Fortune 500 companies and owning my own businesses. Now, I share on this blog all the tips I’ve learned during my time in the IT and Cybersecurity fields.
Would you like to know how to protect yourself from the ever-present threat of cybercrime perpetrated by black hat hackers?
Yes, there are bad and good hackers.
Their main aim is to exploit your “mistakes and vulnerabilities” to blackmail you into sending them money or they’ll leak your private data.
If your data and online privacy are important to you, and it should be whether you use the internet for social media, shopping, making money online, or learning, read this article with keen interest and apply the various “hacker-resistant” strategies discussed herein.
As the title suggests, this post will teach you the various, beginner-to-advanced cybersecurity tips, hacks, and strategies that when applied, will minimize that no black hat hacker can turn you into a victim of cybercrimes such as data leaks, blackmail, bank account hacks, and the various forms of cybercrimes that have become so rampant today.
Before we outline the safety hacks, let us briefly discuss why you need to protect yourself from hackers:
How Safe Is Your Data: Why You Need To Protect Yourself From Hackers
As the internet, computers, and connected devices (smart homes, smart appliances, etc.) become a central part of our lives, so does cybercrime and cyber insecurity.
Did you know that one in every three American is the victim of cybercrime annually or that hacker attacks happen as frequently as every 39 seconds or that most of these attacks—92.4% of them to be precise—often happen via email attachments and online downloads?
Awareness is always our first defense against any threat. Now that you are aware of these worrying statistics, you can truly open yourself to the possibility that, unknowingly, you may have opened yourself to hacker attacks. After all, which of us in not guilty of downloading a bootleg book, song, movies, or TV show? Unknowingly, you may be one of the three people victimized by hackers annually.
As computers and smart devices creep into every crevice of our life, the need to protect yourself from hackers has never been greater. In fact, as technology becomes more evolutionary—think artificial intelligence and homes that can clean themselves on autopilot—your security—data or otherwise—is at risk if you do not take steps to protect yourself right now.
Now that you understand the importance of protecting yourself against hackers, let us get into the meat of this post: strategies, tips, and hacks you can use to protect yourself against hackers:
Strategies, Tips, Tricks, And Hacks You Can Use To Protect Yourself Against Hackers
To make this post as actionable as possible, we are going to discuss what you can do to protect the various areas of your life and business from cyberattacks. We shall start with the most basic: personal security against cybercrimes:
NOTE: You may have noticed the use of the term black hat hackers. Black hat hackers are the bad kind. Their intent is to find technological exploits that allow them to access private and confidential data and information so that they can then use this information for personal gains—blackmailing you for money is an apt example of personal gain.
White hat hackers are the opposite of black hat hackers. White hat hackers find gainful employment in organizations and businesses that pay them to find vulnerabilities in their system and then come up with fixes so that private data remains safe. Keep that distinction in mind.
Beginner-level Cybersecurity: Hacks For Personal Protection Against Hackers
When we talk of personal protection against cybercrimes, what we actually aim to discuss is how to keep your personal data, the data on your personal computer, safe from hackers.
The kind of private information on your personal desktop computer, laptop, or smartphone/device will depend on how you use these devices. With that said, most us use our personal computers for social interactions, online purchases and banking, learning, storing private photos and documents.
Since our personal devices are buzzing with private information we would rather not share with unscrupulous people who would not hesitate to use it against us. We should do all that is in our power to keep ourselves safe from becoming hacker victims.
To keep your personal devices safe from hackers, implement the following hacks:
Powerful Antivirus Software
The most obvious thing is to use potent antivirus software. Antiviruses, especially the modern ones, are so intuitive that some of them will even recognize, in real-time, Trojans present on websites you use.
These Trojans have the ability to steal your web browser history and inputs even as they use your computing power to mine cryptocurrencies—this type of Trojans are very recent and run covertly in the background; the only thing you will note is your computer lagging.
A powerful antivirus that you update regularly is your first defense against millions of recognized Trojans and malware. A powerful and capable antivirus can guard you against intrusions. Fortunately, antivirus options are in plenty with many of them updating their Trojan and malware databases frequently.
Avoid File Downloads
As tempting as it is to download bootlegged software, books, music, movies or whatever from the pirate sites and untrusted sources on the internet, doing so makes your computer vulnerable to hacks especially when the downloaded software asks you to install or run a patch of some sort—this is especially common with bootlegged software.
Avoid downloading files from sites whose authenticity you cannot verify. Since most intrusions and vulnerabilities—personal and business related—often come from files downloads, this also means you should avoid downloading and opening email attachments sent from unknown sources.
If someone sends you an unsolicited attachment—especially the ones claiming they want your help to access funds left by X or Y heir or won in a lottery—flag that message as spam or a phishing attempt. Wikipedia defines phishing as an “attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.”
Other things you can do to protect yourself–on a personal level—from hackers include:
Avoid using public hotspots
Quite often, public hotspots are training grounds for black hat hackers.
When you have to use a public hotspot, make sure you use a VPN service (Virtual Private Network) so that the data sent over the network is encrypted.
Set up a master password for your browser
Because you may unknowingly download and open malware and Trojans, it helps to set up a master password for your browser.
What does a master password do? Well, it ensures that the only way to access private information stored on your computer/phone browser, information such as autocomplete information and stored passwords, is through the entry of the master password. Mozilla Firefox, Google Chrome, and Opera all have the master password option. If you are using a different browser, use Google to find tutorials on how to set up your browser’s master password.
Don’t use the same password across all your applications
Another no-brainer cybersecurity is not to use the same passwords across the board.
While this strategy seems simple, the number of people who still do it will astound you. Rather than using the same password on multiple accounts—yes, one password is easier to remember but it compromises the security of your data—use a password generator to generate a strong password.
I personally use LastPass as my preferred tool for generating random passwords and storing them.
Use “Incognito Mode”
Whenever you are using your browser to access sites that require entry of personal data such as passwords, credit card information, personal information, and the likes, get into the habit of accessing these sites in incognito mode or private browsing.
Incognito or private browsing on some browsers ensures that the browser does not store your passwords, history, cookies—cookies in the hands of black hat hackers are especially potent ways to track your online activities—and temporary internet files.
Be on the lookout for “https” encryption on the sites you visit. Try to avoid sites that lack this, now-standard encryption.
Be organized with your own data
Instead of storing sensitive documents such as bank account statements, private photographs, and other important, private, and sensitive information, documents, and data locally on your computer, invest in a secure cloud-based storage solution. This option is especially ideal when you do not have tons of data or documents you want to store but the ones you do want to store are very important and private. Here, you simply pay for the service and have to use a password—of which you should generate a strong one—to access the information. Fortunately, we have no shortage of capable cloud storage solutions that adopt the most up to date cybersecurity technologies.
Implementing these simple yet effective hacks, tips and strategies will enhance your personal security as you use your devices and the Internet. Now that you have the basics out of the way, it is time to take your protection to the next level with advanced protection strategies.
Advanced Ways to Protect Yourself and Your Business against Cyberattacks
The strategies we shall discuss here are ones used by cybersecurity experts to ensure the safety of the systems and information they guard. Most of these strategies will revolve around very specific attacks, some of which (the attacks) are very advanced and therefore require very specific protection strategies:
How to Protect Yourself against Malware Attacks
At the most basic level, the best way to protect yourself against malware attacks is to install a potent antivirus software and keep it updated.
A malware itself is deceptive and malicious software—ransomware is a great example—meant to give a hacker access to your machine so that he or she can covertly log keystrokes and monitor your activities while at the same time using your internet connection to send this information to the hacker’s base station.
The great thing about malware attacks—great in terms of your protection—is that they are relatively easy to guard against as long as you keep one rule in mind: Do not download or install software from unknown, untrusted sources. Do not open unfamiliar attachments.
At an advanced level, you can protect yourself against malware attacks such as banking Trojans, Ransomware, and Point of Sale Trojans by installing a capable anti-spyware software, installing a firewall and using a data encryption program/software to protect your data.
Another thing you can do is ensure the safety of your hardware. Be especially mindful of data leaks from pen drives, work and personal laptops, and hard drives that may contain personal or sensitive company data or information.
How to Protect Yourself against Phishing Attacks
If you are tech savvy, you are unlikely to comply to unsolicited requests to open an email attachment or download a file from an unknown source. This is a win against hackers.
However, because hackers are also smart—black hat hackers are especially ingenious—they will come up with ingenious ways to trick you into taking some form of action that gives them access to your private data.
Phishing attacks are one of these ingenious strategies they use.
A phishing attack is an instance where a hacker will send you an email pretending to be someone else, perhaps an organization—you have probably seen email messages saying you bought an iPhone from an Apple store and that you need to click on the link attached to complete the transaction or offer shipping details.
The aim of phishing attacks is to trick you into divulging private and sensitive information such as your credit card pin.
At the most basic level, the best way to guard yourself (and your business) from phishing attacks is to become mindful of the actions you take when online. Especially avoid unsolicited actions or any actions that appear shady in any way.
At an advanced level, you can protect yourself by enhancing your online security using strategies such as two-factor authentication. Two-factor authentication is especially helpful because it allows you to connect your accounts to a phone number so that every time you need to access your account, you will need to input the one-time code sent to your phone. This allows you to add an extra level of security so that, if a hacker were to break through your first level of defense, the second would stop a hacker in his or her tracks.
Also be mindful of cold calls where a hacker will call impersonating a reputable firm—hackers are especially fond of saying they are from X bank (your bank) and asking you to help walk you through a security change protocol because your account has been the victim of a malicious attack.
How to Stay Safe against SQL Injection Attacks
This strategy generally touches on businesses (because it involves a server) but can also work for a personal computer that accesses a server. SQL or Structured Query Language is a computer programming language used for server communication. SQL injection attacks target servers and databases by use of malicious code that tricks the server into leaking information it would normally protect.
When the server in question is one that stores private data and information, such a compromise can be costly to individuals as well as the business/company involved especially when the information stored on the server includes usernames and passwords or credit card numbers. I’ve encountered this type of problems mostly with recently installed systems that weren’t hardened as they were supposed to or there was no quality check performed on them.
Since SQL injection attacks normally aim to exploit SQL vulnerabilities thus allowing the server to run the malicious code, the best way to guard against such attacks is to have a qualified in-house team of trained cybersecurity professionals.
At an advanced level, you can protect against this type of attack by ensuring proper configuration of your server and code error reporting and handling protocol so that whenever the database returns an error message, the message does not appear on the accessing/client web browser.
You should also grant the least of privileges when creating accounts used to connect to the SQL database.
You can also use a Web Application Firewall (WAF) that can be appliance or software-based to filter out malicious strings of code and data. Great WAFs will give you the ability to add new rules to its already comprehensive list of default rules. WAFs—the good WAFs—can be a great security measure against new vulnerabilities you are yet to patch.
At the start of this article, I promised that you would learn how to keep yourself safe from hackers. I hope the blog lived up to this and that you went away with something. Obviously, there are many others ways to enhance your cybersecurity—so many that we cannot list them all here.
Do you have a specific strategy or hack you use to keep yourself and your business safe from hackers? Share your thoughts in the comment section.
Did you know that 63% of all data breaches are directly or indirectly linked to third party companies? This is according to a recent survey conducted by Soha Systems, and according to one of the speeches delivered by the Superintendent of the New York State Department of Financial Services, Mr. Benjamin Lawsky, “A company’s cybersecurity is only as strong as the cybersecurity of its third-party vendors”. This article will focus on some strategies that organizations should consider implementing in order to mitigate their cybersecurity risk as far as third-party service providers are concerned. Let us get started with how third-party data breach occurs.
How Third Party Data Breach Takes Place
If a hacker is targeting a large organization, they look for the gateway that will not be easily noticed. This means that instead of going through the target’s heightened security, they look to use a valid entry point to gather confidential data while also masking themselves as genuine users. This entry point is usually through the third party vendor whose security protocols are less secure.
The attacker will then leverage this access to gain entry into the larger network. If the vendor’s security protocols are less stringent, no one will even detect that any breach has taken place. The hackers are usually patient and may take anywhere from days to months just to get their hands on your information such as bank account information, social security numbers, credit card numbers and so forth.
How To Identify And Assess The Impact Of A Potential 3rd Party Security Breach
It is crucial for businesses to employ a risk-based approach to manage their third-party vendors. Failure to assess your risks means that you will not be able to properly manage them and your company will be susceptible to cyber threats. When going through the risk assessment process, you must keep in mind that many risk classifications can affect your company:
Reputational risk – has to do with the problems that stem up from negative public opinion
Transactional risk – has to do with the problems that stem up from product or service delivery.
Operational risk – has to do with the losses brought about by failed or inadequate systems, people, internal processes or even from external events
Strategic risk – has to do with the failure to execute proper business decisions in a way that matches the company’s strategic objectives.
Compliance risks – this means failure to comply with the regulations, procedures, internal policies, rules, laws or business standards.
The following are the basic steps of a risk assessment:
Describe the system application, function, process to determine possible threats:
Who’s the vendor?
What data do they use?
Where does the information go?
Who uses the system etc.
Identify the threat e.g.: disruption of productivity or service, loss of data, unintentional exposure of information (data leakage), misuse of privilege /information by a user, accidental or malicious unauthorized access of information etc.
Determine the degree of impact were the threat to be exercised e.g. low, medium or high
Look at the different categories of information to adequately analyze the control environment. In this step, check out the threat, compensation controls, detection, mitigation and prevention and how they are related to the threats you identified. For example, you may analyze the environmental security controls, protection controls and management controls as inadequate, needing to be improved.
Determine a likelihood rating of the given exploit bearing in mind the control environment that your business already has. If your likelihood rating is ‘high’, then it means that the threat source you identified is adequately capable, extremely motivated and that the controls in place to prevent the susceptibility from being exercised are in vain. However, if the rating is ‘low’, then the reverse is also true.
Managing Third Party Company Risks
Your organization may be doing everything possible to ensure that their in-house cyber defenses are at full strength, but you must also ensure that your vendors’ cybersecurity standards meet or exceed those of your organization.
The first step, therefore, is to gauge all vendors beginning with the one with the highest risk rating because at this point you already know the vendors you consider the highest and lowest risk. Below are some of the few methods you can use to assess:
Compliance with relevant standards: This is probably the best point to begin from. If you as an organization are expected to comply with certain standards, then there is no excuse why your vendor cannot meet such standards too. You can ask them to present you with copies of their compliance certificates to ascertain that they indeed meet those standards. Additionally, ask them to provide proof that their security protocols are effective e.g. compliance reports, synopsis of vulnerability, SOC1 and SOC2 reports etc. You will also need evidence of security protocols through contract and documentation such as financial statements, proof of insurance, list of recent breaches, disaster recovery test results, business continuity program, and information security policies among others.
Have an inspector do an on-site visit: Send a representative from your company, preferably someone who is conversant with matters to do with cybersecurity to do some site-seeing or conduct interviews with the vendors to understand their level of cybersecurity better.
Use of questionnaires: Let them fill in-depth questionnaires that focus on their cybersecurity practices that are specific to their own organization.
Another option is the use of an independent third party assessment: This is usually a form of an annual penetration testing or compliance audit that helps give your company the necessary assurance. This is an annual form of assessment but some few evaluations may be conducted whenever there is any modification that is noteworthy to the third party company’s working and business environment.
Use of continuous monitoring software: The traditional vendor risk management strategies that have been discussed above do have some advantages of their own and you should never write them off. Yes, they’ll help you gauge your vendor’s risks to a certain level but they still fall short to some point. For instance, these traditional methods only assess the security of the vendor only at the time the tests are being run. This is where the use of ongoing monitoring software comes in handy because as the term ‘continuous’ suggests, the assessment goes on at all times. Such tools alert you the moment your third-party company’s network is altered even slightly. This offers you the highest level of protection.
Have a plan B if A fails: If a vendor fails to meet the required security standards or fails to provide your company with the contracted services, you will have no choice but to switch to another supplier especially if the service they are providing you is very critical for your business. This is why you need to know what other good alternatives there are, to provide you with the same level or better quality service.
Ensure that all contracts between both parties clearly define cybersecurity expectations by establishing an SLA (Service Level Agreement). As an organization, there are some cybersecurity standards you expect from your vendor including the mandatory cybersecurity controls that comply with the industry and regulatory standards. However, if they are not very clear then you are aware that you’ll be significantly increasing vendor risk. This is why the SLA is important because it makes all your cybersecurity expectations with your service provider clear. For starters, it includes a provision giving you the right to conduct a security assessment test or a compliance audit of the vendor’s security practices. It also includes a provision that enables you to consider what you want the service provider to be held accountable for and holds them to breach notification requirements and an industry-specific compliance standard. Finally, the contract can also include what the vendor would be held accountable for if the company does not comply with any of the agreed provisions and the appropriate consequences that would follow.
While almost all business nowadays requires the services from partners and third-party vendors in order for their business to do well and thrive, they could also be inviting a weak link to their cybersecurity defense systems. However to mitigate these cybersecurity risks that are channeled through third-party companies, businesses must, first of all, understand what these risks are before devising a security plan to prevent hackers from stealing and taking advantage of trusted relationships between businesses and clients. The key is for the organizations to work in partnership with their service providers to remedy and prevent against cyber attacks before they even take place. This way, you will be assured of the security of your company data as well as any data that a third party supplier may have to make it easier to conduct business.
On July 2017, one of the most devastating incidents in the history of cyber attacks took place when a group of elite hackers hacked into Equifax, one of the largest credit bureaus in the globe and stole private data including social security numbers, credit card numbers etc of around 145 million clients.
Such information on the wrong hands can be used for misrepresentation or identity theft. This example, therefore, serves to show you the importance of taking cybersecurity seriously since a cyber attack can terribly damage an organization’s reputation and even lower the quality of the service or product it offers. This spills over to the financial side as revenues dwindle and losses are incurred.
Cybersecurity: A Business Strategic Risk
For many organizations, cybersecurity is a long way from being a core competency. Most IT specialists, board directors, and C-suite executives aren’t too familiar with matters to do with information security. This means that if an attack were to take place, they would be helpless in their attempts to protect crucial data from being stolen. It’s this lack of adequate information that brings about evasion or irresolution when it comes to cybersecurity, and in a more serious scenario, a resigned acknowledgment that cyber attacks are inevitable.
In the past, the security of a company’s information was something that was delegated to the IT department and the subject was seldom brought up in board meetings. That was the period when the internet was still in its infancy. This does not happen anymore because, over the years, cybercrime has become more and more rampant.
In board meetings nowadays, one of the most important agendas that is given priority in the discussion is cybersecurity. Why? Board directors and CEOs are interested now more than ever to understand how threats posed by cybercrimes can affect their line of business.
Now, more and more businesses are elevating their cybersecurity from a mere IT issue to a strategic business risk. This increased interest in securing information has led to the growing demand for the newest member to the executive suite; CISO (Chief Information Security Officer). This is a senior-level executive within an organization whose job is to maintain and establish the enterprise program, strategy and vision to make sure that all information technologies and assets are sufficiently protected from hackers and crackers.
This new development will go a long way to improve the business profile of the information security operations. In addition, the mindset among stakeholders and employees that information security is an IT issue is slowly dying off.
Practices That Should Be Implemented In Organizations To Ensure Effective Cyber Risk Management
The following guidelines are meant to reinforce the security programs of an organization, in the form of a business continuity plan (BCP), a disaster recovery plan (DRP), and employee awareness program by pointing out the core cybersecurity competencies and assigning each to the proper management level. As a member of the C-suite executive, it is up to you to include all of the following:
Suppose that your company’s information system may be breached at some point in the future. With that in mind, you should assess your ability to identify and react to threats within the network. This means that the security initiatives that should be put in place must focus on how to decrease the time it takes to realize, contain and remediate suspicious activity on the information system. To do this, companies have to consider using new and additional threat detection methods. For instance, cybercriminals often establish control and command channels so that they may initiate attacks. If you were to find these channels early enough, it would be easy to identify and stop such attacks before they even begin.
A ransomware attack is a form of cyber attack that involves targeting a computer’s operating system by encrypting data into it and then demanding ransom payments in form of cryptocurrency. Such are increasingly becoming common and the WannaCry ransomware attack that happened in May 2017 is a classic example. To counter this ransomware problem, IT specialists must have a proper backup strategy to help take the edge off the impact of such attacks. If in the event of such an attack some valuable data is lost, then the backups would help restore what was lost without having to pay the criminals any ransom. The backup data should be stored in a secure location (usually, outside the physical premises) to make sure that it is also not encrypted in the event of a ransomware attack. The backup strategy, therefore, has to be part of the Incident Response Plan of a company and has to describe in detail what should be done to “arrest” the data and then recover from a ransomware attack.
Automation is also another strategy that can be used in operational processes so that security teams can maximize on what they can do with resources at their disposal. Security professionals need as much context as possible to determine whether a threat is genuine or not. The context can be either external or internal data with a good example being ‘threat intelligence’ that is used to provide a broader context on the procedures, tactics, and tools of the attack group.
Organizations must come up with a strategic approach to implement a cyber defense that enables them to deal with the possibility of cyber attacks. This strategy should strike the appropriate balance between processes, people, and tools. There is no simple solution when it comes to shielding important assets. While it is very much okay to have the latest and best technology, your information system will still be vulnerable if you don’t have people equipped with the skill set to operate such technology. Additionally, you have to clearly define and express the operating procedures to utilize that particular technology to its maximum. In the case of security professionals, they must be equipped with the necessary bandwidth to increase the alerting threshold and investigate alerts.
Educate the IT professionals, members of the C-suite and all employees on why they should understand the cyber exposure of their company and how cybercriminals exploit data that is collected from reconnaissance to mastermind targeted attacks. This exercise should be as practical as possible rather than using a completely theoretical approach. You can use real-life examples such as account information and credentials of a customer sign-in. It is this kind of information that can be leveraged by cybercriminals to falsify identity cards and/or system credentials, which are used in carrying out cyber crimes. Read “How to Create a Culture of Cybersecurity Awareness” for more information and a real example of how I implemented an awareness program for all level of employees.
All members of the C-suite should be included in tabletop exercises for incident response so they may all completely learn their respective roles and the probable costs that a cyber attack may cost. If the C-suite were to experience what an attack feels like even if it is through simulation, this would ensure that they are made aware of the grave consequences of an attack and they would, therefore, have no choice but to instill a top-down kind of security-driven culture. Instilling this kind of culture in any organization is crucial to putting cybersecurity into effect over time. It is the job of the boards to make sure that C-suite executives are encouraging and exemplifying this culture. If the top leaders in the organization set a good precedent, it will no doubt seep into the rest of the organization.
In addition, boards should not only make clear but they also need to promote the incentives of compliance as far as cybersecurity is concerned. This can be done by retaining and recruiting high performing staff, entering new markets, enhancing the service quality, reducing operation costs and increasing top-line revenue etc.
Colleges and universities offering major MBA (Master of Business Administration) programs ought to include cybersecurity in their curriculum. This would ensure that freshly graduated C-suite executives would spend less time trying to master the technical details of cybersecurity as they begin their careers in marketing or sales. Currently, very few MBA programs have that cybersecurity curriculum and that is partly why many attempts to implement proper IT practices in many organizations have failed miserably.
Governance is a critical component in any organization whose task is to come up with the parameters needed for the organization to stay compliant and secure. Such parameters should be well prioritized, measurable, consistent and clearly stated. Furthermore, they should be defined in a manner that aims to guard what the organization perceives as its most sensitive assets. It is up to the C-suite executives to define such parameters so that they may be evaluated and approved by the board.
It is important to keep bringing cybersecurity recommendations and conversations into the boardroom to ensure that each board member is role-based, risk-focused and relevant; this will make cybersecurity management relatively easy because the top executives are involved in the process. In my experience, it is also important to remember that C-suite executives respond well to case studies. Whenever you are advising them on any matter, remember to contextualize the information you are presenting using relevant case studies and news stories. The guidelines above have also touched on the responsibilities of the board and management to provide the company with the foundation for a security-centric and strong organization.
The term VPS stands for Virtual Private Server. I.T. Professionals pioneered the use of VPS mostly for running corporate applications. Basically, a VPS requires one server. You install a virtual manager application on this server and begin creating one or more VPS in it. You can create as many VPS servers as you wish, but it all depends on the resources from the physical server.
A good example in the corporate world is when running an application installed in a VPS. You can increase the resources based on the number of users that will be accessing this VPS. For example, if for any reason your number of users increased and the VPS requires more memory, then instead of purchasing physical memory, you just go to the VPS settings and increase the amount of Gb that the VPS requires, without spending a cent. You can also increase the amount of CPU this VPS requires the same way you do with the memory.
As the use of a VPS became more popular, businesses started to emerge and provide what today is known as cloud services. The fact that within one physical server you can manage multiple virtual servers means that businesses can now offer hosting services to companies and individuals who are looking to host applications and services in the cloud.
The most popular service being hosted in the world today are websites.
There are several different applications that can be used to create a VPS, but the one I used during my time as a Manager and still use in my cybersecurity labs is VMware (click to check the current price).The beauty of using VMware is that it is scalable! It means that you can increase the resources a particular VPS requires according to your demand for using this VPS as each VPS is assigned a number of CPUs and memory size.
There are companies that specialize in hosting servers by providing you a hosted VPS in exchange for a monthly fee. The amount of the fee depends on the number and capacity of the resources that you will require to run in the VPS.
For example, if you need to run a website, you can have it hosted as most people and companies do and pay a fee for the hosting services.
Most hosting companies use three main types of hosting services. One service is known as shared hosting, the second service is known as VPS hosting and the third is known as dedicated hosting.
Shared hosted service
Shared hosted service is the one that I recommend for those of you looking to start a website or to practice around with some content or development. It is good for starting a website because you have no web traffic yet and it can handle monthly pageviews for up to 5k to 10k, depending on how the hosting company configured this service. Also, because this is the cheapest option to start a website.
This is also good for those like me who like to have a website to practice some bug bounty skills or to create some on-demand page to practice social engineering or pentesting methods.
The difference between a shared hosting and a VPS hosting is that with a shared hosting you are literally sharing your resources with other website owners on the same server. On a VPS hosted website your resources are all yours. There are no sharing resources with other VPS owners, even if they are on the same physical server.
On a shared hosted service if suddenly your website has a spike of users accessing your website and because you are sharing your resources with other website owners, the system is designed to give priority of resources to those who need it the most, which in this example is you. By allocating the resources to you the other website owners could notice a slowdown in the speed when accessing their website, in part because of this.
Again, this could only happen when there is traffic already coming to a website, which is why this option of shared hosting is good only when starting a website or for development purposes, but not when you already are generating traffic of over 30k monthly pageviews.
VPS hosted website
After your website starts growing in traffic and your number of monthly pageviews starts to go above 10k, then is time to consider moving to a VPS hosted server. The fact that a VPS server is scalable, means that you can keep upgrading your VPS by allocating more memory or CPU power accordingly. This is something that you can handle via customer service. They can take care of doing the updates for you if you select the managed service.
You don’t need to worry about updating your VPS server if you think you can’t do this on your own. This is when you need to consider a managed versus an unmanaged VPS hosting service. A managed service is when the hosting company basically takes care of the server for you. You only take care of your website, and they take care of the server.
An unmanaged VPS server is where you do all the work from updating your server, Operating System updates, backups and your website or any service you are running on your VPS server. You own the root account.
Technically, you can start your brand new website with a hosted VPS server, but you need to consider the cost versus a shared hosted. You never know when your website can pick up the traffic to justify having a VPS hosted server from the very beginning, for which you could be paying more for nothing.
For a website, a VPS hosted server usually can manage up to 100k monthly pageviews.
This is the most expensive of all three of hosting services and there is a reason for that. It is recommended for those that require a system with a high capacity and a maximum of resources for your hosted services, such as a website with a high traffic. If your website receives a traffic of over 100k monthly pageviews, then it is time to consider moving to a dedicated hosting.
The reason it is dedicated is that there is no virtual environment involved. The dedicated server is a 100% physical server dedicated to you only. Again, you have the option of choosing a managed or an unmanaged service. Of course, if you are hosting a dedicated server, then it makes more sense to pay for a managed service unless you want to physically travel to the site to perform the maintenance the server requires.
The hosting company I prefer and currently use is a2hosting (click to check the current price). They offer what they call WordPress optimized system for your website on their packages. Different from other hosting companies, a2hosting offers a semi-customized WordPress application which is optimized with the speed and basic settings your server requires to avoid any speed issues with your website and is included in the shared hosted package. It also means that you don’t have to worry about the installation details of installing WordPress into your server, because with just a couple of clicks you can install your website and have it up and running within minutes!
We live in an interconnected world, a world where, in an instance, someone at the other end of the world can access your private information such as location (from your IP), browsing history, and even browsing data all at the click of a button.
Whether you are a personal computer user, a small business, or even a large corporation, you cannot (and should not) take your cybersecurity lightly because how safe you are while using the internet and interconnected devices determines the safety of the information you send over the internet or network.
Using a VPN is one of the most effective ways to protect your data.
What Is A VPN And How Does It Work?
VPNs, especially for mobile devices, are becoming increasingly common. Part of the reason for this is the ever-increasing rate of cybercrimes, hacking, and phishing attacks, especially now that we have technologies such as online and mobile banking.
A virtual private network, VPN for short, is an internet security system that allows you, the user, to send data over the internet in a safe, secure, and in the case of some VPN platforms, secretly over a private network.
While this sounds complex and very technical, the premise is actually very simple to understand. A VPN is a service that allows you to hide crucial information such as your IP and location from the websites you visit. For instance, if you are in X country where you cannot access Y site—such as Netflix in some countries—using a VPN changes your IP address so that you can access the data without any problem.
How VPNs work
The role of a VPN is privacy: it allows you absolute privacy as you send data over a network.
Now, while the VPN you use will greatly determine how it works—some will ask you to sign up and create an account while with others, all you have to do is download and install the VPN app or software—most VPN services and platforms have the same underlying technology.
First, most VPN services have various server farms across the world and to access these servers, the virtual private network, you will need to install a software or app. Once you have the app on your device and fire up the app/software, the app/software connects to the server you have chosen (the server location operated by the service), and by so doing, any data you send over the network first goes to the server.
The server then encrypts this data before sending it out to its target destination; all of this takes milliseconds depending on the location of the server.
Why You Need A VPN
While a VPN may seem like a lot of work, it plays an integral role in privacy protection (which is the main role of cybersecurity) and if you are using the internet in any capacity, you should seriously consider using a VPN for, at the very least, the following reasons:
As we have stated, privacy (not anonymity) is the main aim of a VPN.
The first thing a VPN does to protect your privacy is to ensure that your internet service provider does not access your information or, at the very least, your ISP does not keep a copy of your log.
By encrypting your data using very complex mathematical formulas and in the case of some VPN, cryptography, ensuring that the data sent between you and the VPN is secure and private, you can keep your ISP from accessing your private information such as the sites you visit, the data you send over the network and the likes. This has vast implications for your cybersecurity.
This is important now more than ever because ISPs are allowed to sell your data and browsing history to private companies for targeted ads and other behavioral uses.
Thanks to a VPN, when your ISP cannot see the information you send over the network—since all the ISP sees is that you have connected to a VPN and not the information sent between you and the VPN—it has no way of determining how you use the internet or the information you send. This, however, is not always the case with all VPNs.
When you consider that, most ISPs are prone to cyberattacks and mass surveillance by governments and hackers, using a VPN protects your privacy because when your ISP has no idea of the information you send over the network, you are safe from such exploits.
The third important thing worth noting here is that normally, most of the websites you visit log your IP and location (your real IP, which is a special number your ISP assigns to you and that has your real location). When you start using a VPN since your ISP will only see the connection between you and the VPN, all websites that track and log your IP will log the substituted IP.
For instance, if you are accessing the internet from Kosovo but using a VPN server located in the U.S., any website you access and that tracks IP’s and locations will log your U.S based IP address. This keeps your browsing private!
I use a VPN service for cloaking my real IP Address. Below you’ll see information about your current computer, which browser you are using, your IP Address which tells me where you are right now and your computer screen. I can use this information to trace you back to wherever you are now but don’t worry, I won’t. I can’t speak for anyone else though.
To prove that the IP Address indicated in the above screen is the same one you are currently using, just open a new tab and go to Google search and type “my ip address”. Google will immediately tell you what is your current IP Address, which should be the same as the one indicated above.
2- Bypass Bandwidth Throttling
ISPs are very notorious at throttling your bandwidth allocation and speed especially when you use streaming services such as Netflix and YouTube; they do this to enhance their network (by applying something they call a fair user policy) and to increase their profits by reducing the amount of traffic flowing through their networks.
Since a VPN hides your online activity, and all your ISP sees is the connection established between you and the VPN (not the information sent between the two points), it has no reason to throttle your bandwidth or speed even when you are using streaming video services such as Netflix.
3- Bypassing Geolocation
If you visit Vevo and other sites when in specific countries, you are likely to see the following message:
We call these geolocation borders, something VPNs proved very effective against; in fact, a VPN allows you to unlock all location-blocked content. For instance, although users in other countries pay the same Netflix fee paid by users in the United States, Netflix users in the United States have a larger library of shows.
By using a VPN that has U.S. based servers (most worthy VPNs will give you a wide selection of server locations from which to choose from), you can access geolocation content and in the case of Netflix, access the platform as if you are using it while in the U.S. We talked about the reason for this: a VPN replaces your actual IP with that of the connected server location.
4- Secure Remote Access
The most adept VPNs offer secure remote access, a feature that allows you to access information on your server or communicate with other businesses without compromising security and privacy. From a business standpoint, this is big because even when your employees are working on the go and using a VPN, you do not have to worry whether they are using a public hotspot to access the internet—and thereby compromising your security.
As you can see from the above discussion, A VPN is something you should consider having not only on your work computers but also on all other devices that you use to access the internet or sensitive data you would rather keep private.
Fortunately, the VPN market has many options from which you can choose. PIA VPN is one such option.
PIA VPN: A Review Of PIA VPN
Private Internet Access, PIA in short, is one of the leading, American-based VPNs. The VPN operates more than 3236 servers in more than 29 countries with more added each day.
Being one of the best VPNs presently available in the market, PIA VPN has some of the best VPN features you can imagine. For instance, the app is super-fast, offers great security features, and offers P2P support all at a relatively cheap price.
As stated, PIA VPN (click here to check the current price) is one of the cheapest VPNs in the world. Its most basic price is $2.91 a month for a two-year plan billed as a one-time fee of $69.95. However, the VPN offers three pricing options. If you choose to go the monthly payment route, you will pay $6.95 per month. If you choose the yearly route, you will pay $3.33 per month billed as a one-time fee of $39.95 per year. The two-year plan mentioned above is the most pocket-friendly!
With that stated however, in relation to price, when you consider that most good VPNs charge an average of $10.50 per month, you can see that with PIA, you get great value for money all without compromising your internet privacy in any way. However and perhaps this is a downside, PIA does not offer a trial period or even a free version of its app.
The purchasing options offered by the APP are extremely efficient and easy to navigate too. You can buy and renew whichever plan you choose using Amazon payments, PayPal, credit cards, and cryptocurrencies such as Bitcoin. Further, the platform also accepts gift cards as payment. It supports gift cards from over 90 different retailers key among them Bloomingdales and Starbucks.
Canceling your plan is also relatively straightforward and easy (you can access the feature from the large “Cancel” button within your PIA dashboard/account).
As mentioned, for the cheap price of $6.95 per month (if you choose to go the monthly payment route), you get a number of features that enhance your internet security. First, and like most other VPNs, PIA encrypts your information, which safeguards your information and privacy.
Using the default 128-bit encryption, PIA ensures that your information is safe from spammers and hackers. Moreover, the app allows you to use 256-bit encryption, a military-grade encryption, with the compromise being that even though 256-bit encryption is more secure compared to 128-bit encryption, it affects/slows down performance. While other VPNs also offer this kind of encryption, PIA is the only VPN that allows you to choose which encryption level to use for your data authentication and handshake, which you can do by overriding the default SHA1 and RSA-2048 and instead using SHA256 and RSA-4096.
PIA also offers a feature they call IP Cloak, a feature that allows you to mask your IP with an anonymous IP from their servers. By cloaking your IP, PIA ensures that websites (and your ISP) do not track your Geo-location and information you send over the internet. Once you connect securely to PIA VPN server, they substitute your real IP with a U.S. based IP address thereby changing your location so that even if a website were to log your location, it would log your new U.S. location.
Moreover, PIA has a very handy feature they call internet kill switch, a feature designed to shut off your internet automatically whenever your connection drops the connection to a secure VPN server. This feature prevents identity and IP leaks. The feature is so intuitive that once your connection reestablishes a connection with PIA’s secure servers, it automatically reconnects your internet.
You, undoubtedly, need a VPN since having one ensures optimum data privacy. It ensures that your ISP and website do not track your IP and location, which as you can imagine, makes you less trackable and provides secure browsing.
The fact that PIA is relatively cheap (compared to other premium level VPNs), lightning fast and chockful of invaluable privacy and encryption features makes it one of the best VPNs available in the market.
As our use of computers and the internet increases, cyber threats also increase. While most cyber-attacks are human instigated and often ride on factors such as system vulnerabilities and human errors, as artificial intelligence (AI), machine learning, and the Internet of Things (IoT) advance at a fast pace, some people are worried about a Skynet—a Terminator reference—type of future. Others, however, are more optimistic about the implications of artificial intelligence on the effectiveness of cybersecurity.
Understanding how artificial intelligence is changing cybersecurity will help you determine the changes to implement in your cybersecurity program as technology develops and improves:
How We Are Presently Applying AI And Machine Learning To Cybersecurity
When simplified to its simplest forms, artificial intelligence refers to a computer’s ability to complete complex tasks that demand some form of intelligence. On the other hand, machine learning is the process through which these machines/computers learn new information and how to apply it to solve problems.
Machine learning is at the heart of present cybersecurity in that, because it helps machines learn and implement what they learn, many companies and businesses are using AI to recognize data breach patterns, how users use systems (thus ensuring that the machines can recognize hack patterns fast) as well as learn from previous hack patterns.
Thanks to the development of computing power, enterprise businesses such as Google, Amazon, and Facebook are using machine learning and artificial intelligence to gather invaluable behavioral data that is helping shape cybersecurity in many ways. For instance, by collecting this behavioral data, Facebook, Amazon, and Google can offer their users tips and strategies on how to keep their data safe.
Moreover, as these organizations analyze the consumer data they get from teaching machines how to recognize patterns, they can easily build big data frameworks as well as open-source applications that are helping other businesses recognize the same patterns and therefore, the benefits of big data collection whittle down.
Moreover, since intelligent machines are quick to recognize patterns that they have learned, and some are so complex that they are teaching themselves from experience and the patterns they have inferred, AI is developing so fast that machines are not able to protect systems from enhanced cyber threats. As AI develops further, becomes sophisticated, and as machines learn more, they will only bolster cybersecurity.
An example of the relationship between AI and cybersecurity (in reference to enhancing cybersecurity) is how machines that have learned how to detect deception technology are automatically defending systems from cyber-attacks. A great example of this is Google. When you visit some “unsafe” websites, after gathering information from users, Google is likely to inform you of the deceptive nature of the site.
Presently, cybersecurity experts are creating and implementing machine models that are gathering past cybersecurity data, learning from it to protect the system, and that are consistently gathering information about new cyber threats that they need to protect the system from.
The other aspect of this is that by using machines (artificial intelligence) to gather and make sense of big data, the machines can generate patterns that enterprise businesses can then use to build strong cybersecurity infrastructure and security products. The risky-prone patterns recognized by these machines then act like a sort of early warning system that cybersecurity experts can use to secure the system.
Machine Learning And AI: How AI Is Helping Us Fight Spam
Machine learning, the most important subset of artificial intelligence, is proving to be a very invaluable and effective tool against spam and phishing attacks. A great example of this is Google. Google’s Gmail uses machine learning to determine which emails to filter based on the messages users have flagged as spam and phishing attacks. Google has been using this system for more than 18 years and over that time, the system has learned a lot and become intuitive even as spam and phishing attacks on email change and develop.
Today, Google uses artificial intelligence in almost all areas of its business. It especially uses something called deep learning, a system that allows machines to recognize patterns in big data and adjust themselves intermittently as they gather new reams of data.
With deep learning, cybersecurity analysts do not have to worry about the magnitude of their data. All they have to do is program the machine to recognize certain parameters and then from there, use these parameters to learn more. This has massive implications for cybersecurity. For instance, deep learning is allowing machines to detect malware, phishing attacks, and even duplicitous payments. Google especially is using their technology to protect their Play Store and cloud.
Machine Learning And Security Training
One of the most significant relationships between AI and cybersecurity is that today, it is very easy to teach an adaptively designed and programmed server to recognize normal requests from unusual requests, what we call baseline.
This relationship is proving very central to cybersecurity because by teaching machines to detect this baseline and then flag whatever else does not meet the baseline parameters, it is becoming easier for cybersecurity analysts to determine which threats to guard against.
That stated, most researchers and analysts are also quick to point out that inasmuch as it is easy to teach computers how to recognize threat patterns, if we stop teaching them, the machine, no matter how adaptive it is, will eventually become redundant as new, sophisticated threats emerge. It, therefore, stands to reason that even today, because artificial intelligence is yet to come of age, AI plays an additive role in the toolbox of any professional cybersecurity analyst.
An example of this is currently being applied on tools such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). These are tools that cybersecurity professionals working on the “Blue Team” side of the fence (these are the professionals that protect the systems in a company) uses every day to detect any anomalies that could turn into a potential threat for the company.
How Hackers Are Using AI And Machine Learning
Just as cybersecurity experts are using machine learning to guard against many cyber threats and generally create effective defense mechanisms against some of the most advanced cyber threats, because hackers are talented and innovative, they are also using machine learning in their attacks. For instance, some hacking pools use machine vision to defeat defense (coincidentally, machine learning defenses) such as Captchas.
Hackers are also going as far as poisoning big data. For instance, using traditional hacking methods (human negligence and error are the most exploited), hackers are looking for ways to learn the setup of a security algorithm and where the machine gathers information from.
Once they know that, they are then “poisoning” the data by introducing defective or misleading data with the intent being to decapitate the machine to a point where for instance in the case of DoD attacks, it cannot differentiate legitimate requests from illegitimate one.
AI As a Cybersecurity Tool
Now that we have established the various ways cybersecurity and artificial intelligence relate, we cannot fail to mention that as AI develops and becomes more intuitive, it is becoming a very effective tool in the toolbox of a cybersecurity expert.
As threats increase, cybersecurity experts can teach machines how to recognize threat patterns and adaptively guard against them. As a tool, cybersecurity analysts can teach machines which baseline parameters to look out for as they read big data and once alerted to data that does not meet the baseline, they can teach the machine how to handle such data/threat. The effect of this is that as machines learn how to analyze information and solve the non-baseline data, it learns and adapts.
By teaching machines the threats, weaknesses, and exploits to guard against, cybersecurity analysts and experts are now gaining the ability to deploy solutions fast, which is helping to mitigate future attacks.
Because of their ability to sift through large amounts of data, machines are easing the pressure of the backs of cybersecurity experts to some degree because when a machine knows the threats to look for, the work of a cybersecurity analyst becomes mostly passive. In fact, by employing machine learning and big data, all a cybersecurity expert has to do is teach the machine which other intrusions to note and to respond to the machine when it alerts of something outside its normal parameters.
Yes, there is a real and definitive relationship between cybersecurity and machine learning (AI). As you have seen, thousands of enterprise organizations and even medium-sized businesses are using AI and machine learning to teach machines how to read patterns within big data and then guard against any potential threats.
As we go forth into the future, the relationship between AI and cybersecurity is only going to grow as big data becomes an integral part of our lives and as countries around the world work towards standardization of data laws, formats, and communication modes. Once this happens and we achieve semantic uniformity of data flow and formats, AI will become the most effective guard against system intrusions and cyber hacks.
The cybersecurity community must work towards creating a balance between adaptive machine learning and supervised learning. This will ensure that even as machines dig through reams of big data in moments to read patterns and draw analysis, cybersecurity experts can also teach these machines which threat patterns to look out for and how to handle them once they notice them in their data nodes.
According to data by Norwich University, despite cyber-threats increasing rapidly year after year, the skill gap is monumental. In fact, Cisco reports a shortage of over 1,000,000 cyber professionals. The lack of qualified cybersecurity professionals is one of the main reasons why we are yet unable to get a handle on cybercrimes. By having more cybersecurity professionals, we can enhance security.
Unfortunately, and this very fact is very alarming, even though cyber security and IT management in general are some of the fastest-growing and well-paying fields, they are not attracting the talent they need primarily because most graduates do not want to go into employment; they want to create the next Facebook, Snapchat, Twitter, or Microsoft. Compounding this is the fact that most cybersecurity graduates are millennials who want to create something of their own.
A Global Information Security Workforce Study conducted by ISC showed that out of all the cybersecurity experts surveyed, only 7% are below the age of 29, and only 13% are below the age of 30-34. The survey concluded that 42 is the average age of a cybersecurity professional.
What does this mean?
It means that the skill gap is real because on top of not attracting the millennial talent it needs, cybersecurity is in jeopardy as more and more cybersecurity professionals near retirement age and as fewer millennials get into the field primarily because of lack of awareness, advanced educational requirements, and preconceived notions.
Thanks in part to the continued need for cybersecurity experts and the scarcity of cybersecurity experts, and because according to CNBC, salaries for degree level cybersecurity professionals stands at $116,000 per year with the salary doubling for positions that require a Master’s degree, Cybersecurity is one of the most lucrative fields you can enter.
Today, we are going to discuss everything you need to have in place to build a lucrative and successful career in cybersecurity:
Step 1: Education and Certifications
Thanks to the very intricate nature of cybercrimes and the fact that as technology develops rapidly, new hacking tools hit the market, cybersecurity is a field that requires very skilled and adept professionals.
To start your foray into this field, the first thing you should do is get the proper education. Cybersecurity is a normally a specialized field that often requires those that get into it have specialized knowledge in information security.
Since the general work of a cybersecurity specialist is to ensure that computer systems and networks are secure—essentially meaning cybersecurity experts are in charge of the electronic security of an organization—they must be knowledgeable.
Becoming a Cybersecurity Expert: What To Study
In general, to get started on this career path, you need a bachelor’s degree in any of the following fields: computer engineering, programming, computer science, or information science. In some instances, you will also need to be a qualified statistician and mathematician. The U.S. Bureau of Labor Statistics also says you need certification and relevant work experience. You can get this education from the various universities across the country/world.
As mentioned earlier, cybersecurity is a specialization/advanced field of study, which is why getting started on the career path often demands that you be good in another InfoSec area. In fact, those in InfoSec often come from fields such as development, system administration, and networking in that order. If you get a bachelor’s degree in any of these fields, you can poise yourself for a career in cybersecurity.
Some universities will allow you to specialize in cybersecurity by offering certificate programs in cybersecurity. These universities offer specialization certification in network defense, operating systems, advanced security, Comp Tia Security+ certification, and Biometrics concepts.
Associate degree programs in this field will cover subjects such as computer forensics, network security application, operating system security, fundamentals of InfoSec, and encryption. On the other hand, bachelor degree programs will cover advanced topics such as advanced operating system and computer security, mathematics, etc.
From a core skills perspective, you need three core skills:
Attention to detail,
Analytical thinking and a zeal for knowledge in the field,
And effective communication skills.
Now that we are talking about certification:
About Certification: Which Certifications Matter Most
To answer your question, certification matters just as much as education and experience. When you are getting started on this career path, they will matter especially because they will buff up your skill portfolio.
When you are just getting started, the most important certifications include the following:
The value of these certifications will depend on the requirements of the job you want to apply for; some employers will ask for specific certification while some will not. While your degree level education will prove invaluable, having these four certs will make you intimately familiar with InfoSec concepts and their application in the real world.
Once your skills level up, you can get the following advanced certifications as a matter of importance if you want to excel in InfoSec:
CISSP, which is the most basic
CISA/CISM, which is ideal for well-rounded InfoSec experts with managerial aspirations
SANS (GSEC/GPEN/GWAPT), which is ideal for those with an affinity for the technical bits of InfoSec
OSCP, which is ideal for penetration testing
You should aim to have your CISSP certification, the most standard baseline in InfoSec after you get at least 4 years of experience in any information security field. After that should come your CISA or CISM, which is what we call audit space; and after that, you should get the technical certifications—start with GSEC and then branch into either GCIA, GPEN, or GWAPT.
NOTE: If you intend to concentrate in Pen testing, get the OSCP and CREST certification
Step 2: Experience
Like most careers, your level of experience in InfoSec shall determine your pay and the position you hold. Those with an Undergraduate degree or diploma in any of the fields mentioned above should not expect to hold high-level positions no matter how smart they are.
To start gaining some experience (once you complete your undergraduate or diploma in any of the related fields), you can intern under a mentor or start working as a Tier-I security analyst—the latter is the most ideal for those straight out of school.
The hands-on experience you are likely to get from being in an entry-level position—especially if you are a less experienced graduate—is especially important because one of the things most InfoSec experts agree on is that applying InfoSec concepts in a work environment could very well be the key to success in this field.
Unfortunately, gaining this experience is often a difficult task because of the industry changing needs and the experience specificity of the advertised position. As implied, you may need to start with interning or taking Tier-I entry-level jobs. The tradeoff is that even though these jobs do not pay very well and you will be doing a lot of grunt for your supervisors, the experience (the most important element) will be invaluable.
If you lack qualifications that make you an ideal candidate for entry-level jobs in InfoSec, your most invaluable strategy is to volunteer as you seek certification. Volunteering has an element of networking to it—which is the third step—because ideally, you will have to look to your network for InfoSec work-related opportunities.
For instance, if someone in your network has a small or mid-sized company/business, you can offer to look at the security systems adopted by the business and fortify them if needed. By doing this—assuming you are a skilled cybersecurity analyst in your own right (in the modern world we live in, you can teach yourself just about anything)—you will make yourself invaluable (and learn a lot) since most small businesses lack the funds to build in-house cybersecurity teams.
Another great way to gain practical InfoSec experience is through is by having your own Cybersecurity Lab. This provides the grounds from which you’ll learn. It requires that you have a personal lab or network that you can use to practice what you learn.
When setting up your lab, you have several options:
You can setup VMware on a desktop or laptop
You can setup VMware on a laptop or desktop you have turned into a sever
You can have a real server with VMware or similar installed
You can have an online VPS system.
With the lab, you can do things such as run a personal DNS or DHCP server from an active directory or create multiple network zones in your home etc.
Step 3: Network Widely
Networking is how you go from low Tier-I jobs to mid and then to high Tier jobs. Essentially, networking is about ensuring that you market yourself and ensure that the right people know about you and your work.
The first thing you do is seek a mentor, someone who can teach and guide you. The person should have a personal style you like and feel you can emulate. With the ease of interaction provided by websites (as an InfoSec expert, you should create a website from where you can share your projects) and social media (you should also have an active social media profile—especially Twitter), finding a mentor is not too difficult a task. Once you find an ideal mentor, simply call or email the person and make your communication (what you want) clear from the very start.
Another great way to network is to intern at companies you would like to work in sometime in the future. This strategy is especially potent because it allows you to create inside contacts that will prove invaluable as your InfoSec career progresses and you gain more experience and certification.
Like most other careers, conferences are another great way to network. They (conferences) allow you to interact with like-minded individuals and a rare chance to learn what is new in the industry as well as to present your ideas and thoughts on various aspects of the business.
Conferences, especially ones that have keynote speeches, are an especially great way to learn and gain some experience. ENIGMA, DEFCON, DERBYCON, THOTCON, SHMOOCON, and CACTUSCON are some of the options available to you.
Contributing to worthwhile projects is another great way to network and enhance your career in InfoSec. Programming projects are the obvious choice here. Find some that speak to you personally and contribute if you can. GitHub is an especially useful platform where you can contribute to tools and platforms you like or use. For instance, if you notice bugs in tools you use and like, you can email the developer—if the tool is not open-source—or contribute a fix if it is.
Building a career in InfoSec is not very different from excelling in any other field. The main difference is that with InfoSec, thanks in part to the fact that the field is very specialized, you need very specific knowledge and certification. You also need to be a great programmer in your own right, which requires tons of experimentation. The great thing is that a career in this field can be very rewarding and lucrative.
Ever since the internet became a mainstay, something used by the layperson for things such as connection, online shopping, and even online businesses, hacking has been on the rise, which in itself precipitates the need for cybersecurity on a personal and professional level.
Phishing, Trojans, ransomware, penetration attacks, Over WIFI attacks, and worms; these are some of the most common strategies used by hackers to gain access to your information or to get you to give them access to your private information.
On a professional level, the need for cybersecurity is even more important because as businesses evolve and adopt technology in all areas of operation, as the need to maintain and protect user databases increases, cyber threats are ever increasing as black hat hackers try to gain access to this invaluable information.
Despite the fact that the internet has become a staple in our lives, many businesses are constantly overlooking the need to hire well-trained cybersecurity professionals and by so doing, are compromising their business and data.
You should consider hiring a cybersecurity expert—especially if your business has an online presence or a database of any sort—because:
1- The proof is in the numbers: cybercrime is very costly
If you have been following the news, you know that because of the Facebook-Cambridge Analytica data breach that compromised the personal information of over 87 million users, governments across the world are relooking registration on how companies store and use user data once they have it.
Although this breach became popular only because of its role in the United States presidential election, such breaches are not new.
Data shows that, the Healthcare industry, specifically healthcare data center, had over 112 million breaches. Further, Cisco, a worldwide leader in IT and networking, states that DDoS attacks, a type of attack that drives (more like floods) junk traffic to a database or website with the aim being to overwhelm it and make the system vulnerable, has been on the rapid rise (by about 172%). The company further projects that the attacks will grow by 430% (to about 3.1 million attacks per year).
This very fact, and the fact that cybercrime is very costly, is one of the main reasons why you (and all businesses that have an online presence) need to hire IT management professionals.
The FBI cybercrime division shows that in the first 3 months of 2016, ransomware payments instigated by unethical hackers cost small and medium sized businesses more than $209 million.
In comparison, and to show the true threat that is cybercrimes and why we need to hire cybersecurity professionals, in 2017, this number rose to about $4 billion with hacks such as WannaCry Outbreak, a ransomware attack, affecting computers in more than 150 countries around the world.
Cybersecurity experts, who are very talented hackers in themselves, test out all the vulnerabilities in your system in the same way a black hat hacker would with the only difference being this time, you are paying them to do so and fix the loopholes. By having a professional IT manager on your team, you can guard your systems against exploits unethical hackers would otherwise use to compromise your system and data.
2- The Human Error Factor
If you know anything about computer hacks, especially hacks that exploit vulnerabilities on your system (computer or server) to gain valuable information, you know that in part, hackers cannot gain access to this information without some form of participation on your end.
Take the example of malware, Trojan horse, or worms. For unethical hackers to gain access to your information, they will ask you to download something off the internet or your email inbox, perhaps a document or a piece of software.
Some of them will go as far as trying phishing attacks where they send you an email pretending to be a legitimate company such as PayPal with the intent being to get you to go to a fraudulent site where you can reset your password—these types of attacks are very common.
Now, the human error aspect of cybercrime, and the very reason why we need more cybersecurity experts, comes into play because unethical hackers rely on human errors and mistakes to access sensitive and private information. For instance, opening and downloading a document from an email that your email client has flagged as spam is a mistake; so is falling into the phishing email scam.
Bo Yuan, a Computing professor, did an analysis of threats faced by organization and businesses. His analysis revealed that most businesses are vulnerable to cyberattacks because of the human error and interaction.
For example, human error was the cause of the data breach at Equifax, a breach that gave hackers access to the private and sensitive information of more than 147 million customers and that the CEO of the company estimates will cost upwards of $600 million.
This in itself shows the need for more cybersecurity experts or at the very least, basic cybersecurity knowledge such as making sure the websites you are visiting are safe and genuine (sometimes, even looking for https encryption and other signals aren’t enough).
Cybersecurity professionals have the requisite knowledge to know which errors can cause data breaches and what to do to protect your system against such potential breaches. When you have a cybersecurity professional on your team or as a key player in your information technology department, you can rest easy in the knowledge that because of the knowledge possessed by this manager, human errors and their effects on your data will be minimal.
In addition, we need more IT management professionals because in most cases, hackers target users who do not work in the IT department but who still use work devices (i.e. BYOD)—hackers know that those who work in the IT department are less likely to make errors that compromise data.
By having a cybersecurity professional on the team, you can ensure that all departments in the business organization know what to do with files they download or at the very least, the minor mistakes that when made, can compromise the business or organization and lead to loses, sometimes even the loss of jobs.
Now that cyberattacks are changing and becoming sophisticated and harder to note, having an IT management professional will ensure that all the departments within your business have the required training they need to keep the company safe.
3- Evolution of Cybercrime and Security
When we think of cybersecurity and cybercrime, we think computers and the likes. While that is the case and indeed, computers are the main culprits of cybercrime, cybersecurity has greatly evolved and now has a far wider application.
Since the first cyberattack sent in 1903, a very simple type of attack where Nevil Maskelyne sent insulting Morse code to disrupt messages sent by Ambrose Fleming, hackers and hacking in general has evolved so much so that today, thanks to improved computing speed, hackers can break down security systems in a matter of minutes if not seconds.
The tools hackers use have also greatly improved as the internet grows. In fact, thanks to concepts such as Freeware and platforms such as GitHub and Linux, hacking tools called “Exploit Kits” are so freely available and plenty that today, 10 year olds can even use “Script Kiddies” to exploit server and PC vulnerabilities from the comfort of their bedroom.
Having a professionally trained cybersecurity expert on your team is the first step to ensuring that not only is your system protected from human errors, but that the network is also safe from the most common exploits. When you have a cybersecurity expert on your team, you can ensure adequate protection of your servers and website since the pro will create a very adept firewall that makes it difficult for hackers to penetrate your systems.
4- Need Specialized Skills
Although the line between security services offered by IT professional and cybersecurity is very thin, managing cybersecurity requires specialized skills that far outpace the security services delivered by traditional IT professionals especially in light of the ever-changing face of cybersecurity and the rapid development of complex hacking tools.
As we have described, the work of a cybersecurity expert is to ensure your systems are safe from cyber attacks. As you can imagine, defending and guarding against such threats requires skills that only a qualified professional who has the requisite foundational knowledge can have.
Without having a professional cybersecurity expert on your team, your system would be vulnerable to emerging technologies, advanced threat vectors, and other changing cybersecurity facets that would leave your business open to attacks and massive fines in cases where your handling of user data fails to meet regulations.
Having an in-house cybersecurity expert on your team, someone with the specialized skills necessary to ensure compliance with standards such as the EU Data Protection Laws ensures data safety and protects your company or business from possible fines in case of data breaches. Essentially, a cybersecurity is like the guard who keeps your data safe and ensures that in cases of data breach, you can protect yourself in any case.
We need more cybersecurity professionals because inasmuch as the internet has become an integral part of our lives, it has also brought with it many risks and vulnerabilities; cybersecurity experts help companies guard against these vulnerabilities and by so doing, keep sensitive information and systems safe from unethical hackers.
Successful people like to know and understand the intricacies of their subject of work. This way they gain control over the subject they are learning about, which would help them when making decisions.
Every successful professional or business person have some things in common. One trait that stands out is that we teach ourselves whatever we need to learn in order to gain an edge. In my case, when I was starting in a new job or when building a business, I taught myself the aspects of the subjects I needed to learn in order to make better decisions which in turn made me an SME (Subject Matter Expert) in that particular subject.
The reason I became an SME in particular areas was that I learned several ways on how not to build a system or not to build a business. In other words, I failed during several of these processes which is how you really learn. When you teach yourself how to do things you need to have an open mind.
What I mean by having an open mind is that you need to be prepared to fail as many times as you have to in order to learn how not to build or create something. This goes to both, the professional and the business person. I’m just providing the very definition of the term experience.
It is easy to have experience in something that you keep repeating over and over, without any repercussion of the consequences. It is difficult to have experience when you took a risk in learning something new that added some form of value and growth for your profession or business. The former is just a form of automation while the latter is a form of learning something new.
How to teach yourself
Professionals learn skills in order to add value to their resume and to be able to charge more for the services they provide. Business owners learn methods to add value to their assets in order to keep these assets protected and growing.
For example, let’s compare how to build a server today versus 1990’s. In the 1990’s, which is when the technological boom occurred, we had to build our servers and systems manually. From server acquisition and its required components to the software required to run it, everything was installed and configured manually.
No GUI wizard to guide us during the installation. No “plug ‘n play” for installing the drivers for the components. We had to manually install each driver for each required component. If there was any conflict between the components, then we needed to troubleshoot and figure out what was happening, without “googling” the problem.
Yeah, this was a “Once upon a time when there was no Google” type of scenario.
You might think that it was too much work. Yes, but it gave me an exposure and an edge that many in the industry today don’t have or can’t conceive or understand. That edge is about learning and understanding how each component worked. From hardware to software I had to learn how everything within the system worked which as a consequence made me an SME in that particular area during the time.
Today, building a server is as easy and cheap as buying a VPS host for $5 a month, install and configure it via a GUI wizard with any Operating System this particular host offers and you are done. Even kids offer youtube tutorials on how to do this.
Don’t get me wrong, I’m glad we’ve got this far in this aspect.
The problem comes when you or anyone want to get a job or are looking to learn about Information Technology or Cybersecurity and face the frustration when competing out there with the Pros. These Pros know what they are doing and they became as good as they are because they did what I’m telling you.
They learned how to build a system from the ground up, then break this system, then build it up again and again. Every single time they face a problem they search for a solution on how to fix it, without using any automated restore point system, but by rebuilding the whole system manually.
For example, let say that you build a system using VMware. You created a server and installed the system on this particular server. We all know that VMware provides a way to automatically restore points based on imaging and this is a great utility, but not all companies are allowed to use this option based on the complexity of their production business.
Even in the best-planned scenarios based on the DRP (Disaster Recovery Plan) exercises, there is always something that won’t let you use this option, for which you’ll have to troubleshoot the old fashion way.
In highly regulated companies, such as Pharmaceuticals, their manufacturing processes are bound to procedures which are audited periodically. This means that you can’t just shut down a system just because you think you have to. This has happened to me and many others where the company is in the middle of a production and a particular system that is being used in the process become unresponsive or it isn’t registering any data and can’t be interrupted because if you do then it could cost millions in losses.
So the question is, What would you do?
The advantages of knowing and understanding the intricacies of how a system operates and works are that you can troubleshoot it without having to incur in losses for the company. I mean, that is why you are there, correct? Or at least that is how everyone else sees you.
This is one of the worst scenarios that you could have and you have to be prepared to face it. This is only one of many reasons why you should teach yourself about cybersecurity or any information technology related subject. You need to be prepared for anything and everything.
I’m not saying that you need to know every single IT related subject out there. What I’m saying is that you need to master the job that you were hired to do. Pros know this because they understand how the basics work and how every single component interacts with each other.
You have to understand that you can only achieve this by practicing. In the field of Information Technology and cybersecurity, the only way you can learn is by experiencing everything yourself. Make sure you have your own cybersecurity lab in place. No amount of knowledge and experience will come to you just by reading but by hands-on experience.
Knowing where everything is, how it works and how each part fits together will save you time and also your reputation. Your job, as well as your profession, will always be on the line because that’s part of our duty. The only thing keeping us alive as professionals are our own initiative to keep learning and also practicing everything we learn.
I hope you understand how critical it is to keep yourself not just updated with the required skills to perform your job in the information technology or cybersecurity field but to also keep yourself motivated and always have the initiative to teach yourself about information technology or cybersecurity by starting with the basics.
Working in IT and in Cybersecurity allows me to get an exposure to any business I’m working with that no other field or profession is allowed to. In fact, I have access to the most important part of any business, Its information.
Businesses and governments need us to protect their information. Something you need to understand is that our job is not only to protect this information but to have processes and procedures on how to protect it.
In order to protect this information, we are required to have access to it one way or another. How you determine to access this information could decide your path as a professional because how you determine to access this information is more important than what tools you use to access it.
What I mean by access to information
When you think with a technical mindset you are thinking in terms of the software and hardware tools, or what system to use for access controls or what server to buy and configure to provide such access.
That’s not what I mean.
What I mean is that by approaching the people in the business and learning how the business works will provide you a different method for accessing the information.
For example, in my experience working in highly regulated industries, I know that having processes and procedures in place would save a company in case there is a business interruption. As a manager, my approach was more than just knowing what backup software to use in order to restore the system, or which servers to restore first according to the business requirements to keep operating. My job was to understand how the business operated and how to put all the pieces together so that the business recovery goes as seamless as possible.
I suggest that even though if you are not a manager, that you approach your job the same way I did and here is why.
Your approach to business will equal your approach to people
When you approach your job from a technical perspective you will be limited by the experience and knowledge you’ll get from this particular mindset. Yes, you’ll learn more about your area of expertise, but you won’t necessarily be able to grow in your career. The reason for this is that you as a human being are limiting yourself to interact with systems and processes by excluding other humans and that is not going to work for you in the long term.
Hiding behind a computer screen won’t work forever if you intend to keep a job and grow in your career.
Face-to-face Interaction with other humans while working is important for many reasons. It gives you the opportunity to learn what other people do in their jobs and their responsibilities. Understanding what other people do, and piecing together their jobs and responsibilities department by department, will help you understand the business you work for.
Why you should understand the business you work for
The process of understanding the business you work for will allow you to use a skill many underestimate. While you are interacting with other people and listening to them, more than talking to them will allow you to modify your mindset into one of growth and see things you never thought were there.
An example could be a specific problem that other employees told you that you could turn into an opportunity to fix and contribute to a business solution. It could be a specific business process or a challenge that someone is facing that you could contribute with. This type of opportunities gives you exposure to certain business processes that you’d like doing and help you grow in your career.
How to use this to your advantage for a salary increase
By doing what I just mentioned before, you will start to see things that others are missing which could contribute to improving a business process and if you know how to play the card, you can use this to increase your own salary and here is how.
Use your performance appraisals to your advantage
Every year, managers evaluate their employees by using a system known as performance appraisal (a.k.a. Employee Evaluation). Every company has their scoring system, but basically, they all work the same way. They all establish goals which are classified by the company by how they impact certain areas of the business. Every goal is measured according to a pre-established scoring system that every employee is aware of. For this example, let’s use a scoring system from 1 to 5 where 5 is the best score and 1 is the worst.
In most companies, just by completing a goal would‘ve given you a 3. A score of 1 or 2, would mean that you didn’t complete the goal, because of your own inaction. A score of 4 or 5 means that you exceeded expectations.
The way salaries are included in a corporate budget by department, is basically by knowing how much the company is currently paying plus a percentage that is distributed by department based on the sum of how all the employees from that department performed the previous year.
Every score from 3 to 5 means an increase in salary, but the percentage of increment on 5 is greater than the percentage of increment on 4 and the percentage of increment on 3. The key here is to perform your job by striving for a 5.
Learn how to negotiate your goals with your boss
Every time your manager meets with you to discuss the goals for next year is when you should negotiate your goals to determine which ones would be included in your performance appraisal. Also, make sure they are realistic and attainable. If you have doubts on how to attain one of those goals, make sure you ask the question of how it would be achievable.
Don’t leave anything to chance and never sign an agreement without having this clear. It is your career that’s on the line, not the manager.
Usually, this is not the place to use goals that have to do with career development. Companies usually provide a separate development plan for this purposes. Verify if this is your case.
A performance appraisal will evaluate your performance against the performance of the business you are working with and will measure how much you contributed to the performance of the business. The closer your goal is to the business’s goal, more will be the direct impact that your score will have.
The good thing is if the business couldn’t achieve its goal, but you did, then you have a sure above average score, but if it was the other way around, then it could hurt you. You have to understand these things in order to be prepared for negotiating your goals. You need to speak up and learn how to negotiate your way into career growth.
As a manager, I always spoke with my employees candidly and even asked them for feedback on the established goals. Only then they signed their agreement.
How to use this to your advantage for Social Engineering
Prior to being a manager for the pharmaceutical company, I was a consultant IT Project Manager for several companies and industries and an IT auditor. As an IT auditor, I was hired sometimes to “social engineer” my way into a company with the goal of getting access to the company’s system.
I really love this part of the job. After my clients signed the contract agreement allowing me to do this, I always found a way to gain access to a system and most of them without any computers. People are the best way to gain access to a system. I did this even before the term cybersecurity existed. I did this periodically mostly for the financial industry.
Because of my background in Social Sciences, I knew how to press the right buttons on people to get what I wanted in terms of securing my access into a company (…and still do). Sometimes I got paid a bonus if I did breach into the company’s servers. I even got arrested once after I gained access to a computer room, until my client who was the CEO at the time, cleared me of everything. That’s how “deep undercover” I was when doing my job. I took it seriously.
My point here is that having people skills really works when you want to specialize in Social Engineering and OSINT which happens to be my favorite cybersecurity specialties.
In summary, by knowing and understanding the business and the people you work with, you are helping others by contributing to a business process. Also, by the same token, you are learning new skills that will help you grow your mindset in a world where everything is getting more and more abstract.