This course is designed to help you understand the Information security landscape and will prepare you to become a security professional.
In today’s world, cyber criminals are a very real and dangerous threat. One way to think about Information security is that of a never-ending arms race, with the sophistication of the weapons being used advancing exponentially. Every day cyber criminals are finding new and innovative ways to exploit and infiltrate even the most secure systems and the security world is barely able to keep up.
Gone are the simple days of protecting a system from the random individual hacker. Instead, we are now combating a very organized, advanced, and powerful force that comes in many different forms, from script kiddies to nation states, organized crime to hacktivists, and everything in between.
Our job as a security professional is to defend against these organizations and the various techniques they use. Often times this means we need to think like they do look at our system and network from the eyes of an attacker. It also means we need to try to be one step ahead of them at all times. However, this is becoming more and more difficult as the number of internet-connected devices increases and the speed at which people expect new technologies to emerge.
The faster new technology is developed and created, the less time it has to be thoroughly tested for vulnerabilities, holes, exploits, et cetera. In addition, each new device that connects to a network presents a new point of entry for an attacker that didn’t exist before. Even more unsettling are the exploits that haven’t even been discovered yet that attackers could using in the wild.
Because of all these variables, the goal for security professionals can never be that of eliminating attacks or breaches, that’s impossible. Now, I’m not saying this means we should just give up. We still need to secure our systems and take all the necessary precautions in order to reduce the threat surface. However,
know that if your system is connected to the internet, then it’s essentially impossible to protect your network from any and all attacks. Understanding this, a security professional’s goal should instead be to minimize the occurrence of attacks and reduce the damage caused by a breach. In other words, you need to properly secure and protect systems while at the same time understanding that a breach is going to occur. And when it does, you need to be able to identify the moment the breach occurred and stop it as fast as possible.
Doing this requires you take a proactive approach to security which include:
Keeping systems up to date
Implementing proper policies and procedures
Hardening systems and networks and much more
Because the security landscape is ever-changing, you need to be extra diligent in keeping up to date on the most recent vulnerabilities and exploits used by hackers as well as the latest security techniques and technologies used by security professionals. The internet is an endless supply of information, so be sure to use it. Blogs, news outlets, forums, podcasts, the list goes on, these are all great resources that will help you keep up to date on the latest security trends.
Remember, as a security professional, it’s your job to try to stay one step ahead of an attacker. You can do this by taking a proactive approach to security. Stay informed, read the landscape, know your systems and network, and understand that you can only protect a network to a point. Beyond that, it’s your job to know what an attack looks like and stop it before any substantial damage can occur.
Introduction to Security Fundamental
Policies, Procedures, and Awareness
TestOut Security Pro - Practice Exams
CompTIA Security+ SY0-501 - Practice Exams