Kickstarting Your Cyber Security Career Path

Reading Time: 3 minutes

Jumpstarting a new cyber security career path can feel like a daunting initiative, however, it may be more attainable than you think. By utilizing online cyber resources and persistent learning exercises, you can start learning everything you need to know to understand career options and land your dream job.

Virtual machines and digital libraries are great places to start on your cyber learning journey. A virtual machine is a software program or operating system that exhibits the behavior of a separate computer and is capable of performing tasks such as running applications and programs like a separate computer. This enables you to create multiple independent VMs environments on one physical machine and it aids in detecting things like malware and ransomware attacks. A digital library is an online platform that offers a diverse collection of cyber security learning objectives, along with an online database of digital materials like videos and reports.

Here are some resources that can help you pursue a career in cyber security:

  • Oracle VM VirtualBox – this powerful virtualization product is for enterprise as well as home personal use. This is the best VM for home users and can be run on a multitude of operating systems.
  • Kali Linux – this is an open source tool used in information security training and penetration testing services. Kali Linux is one tool available for use in our Project Ares platform for offensive skill building and practice.
  • Security Onion Virtual Machine – this free and open sourced Linux distribution aids in intrusion detections, enterprise security monitoring, and log management. Security Onion is also available in Project Ares.
  • Flare Virtual Machine – a freely available and open sourced Windows-based program that offers a fully configured platform with a comprehensive collection of Windows security tools.
  • Cybrary – this community based digital library gives you the ability to collaborate in an open source way and create an ever-growing catalog of online courses and experiential tools to learn all things cyber security from offensive, defensive and governance.
  • Clark Cybersecurity Library – a digital library that hosts a diverse collection of cyber security learning objectives from Intro to Cyber to Adversarial Thinking. It is a high-quality and high-availability repository for curricular resources in the cyber education community.

From entry level positions to cyber security professionals, digital libraries help in understanding cyber concepts and virtual machines allow learners to apply and hone cyber skills that security professionals use on the job such as risk management, information systems security, and network security.

To complete your well-rounded cyber education, pairing these tools with hands-on practice in cyber range like Project Ares is key.

Circadence’s own Project Ares uses gamified cyber range learning environments to emulate immersive and mission-specific network threats for a variety of cyber security work roles and job titles. The Project Ares platform is constantly evolving with new battle rooms and missions to address the latest threats and includes targeted training scenarios to learn specific skillsets. This platform also offers digital badges in its Academy license, which represent credentials that can be used to indicate a variety of accomplishments and skills. These are a great way to show a prospective employer just how much you’ve taught yourself about cyber security (and you can add them to your social profiles so prospective employers can see your skills)!

From concept learning to skills application, gamification paired with persistent, hands-on training in virtual environments is an ideal approach to understanding the ins and outs of complex cyber networks and how to recognize potential vulnerabilities in today’s evolving threat landscape. Pairing Project Ares with any of the aforementioned resources is a sure-fire way to kick off your cyber security career and prepare for security certifications!

Photo by Andras Vas on Unsplash

Nichols College Students Spearhead Cyber Security Education for the Entire Campus 

Reading Time: 3 minutes

Policy makers are now prioritizing data security over talent, efficiency and controlling costs. As students growing up and being educated in the digital age, we are just starting to understand the importance of cyber security to individuals and their companies. Taking part in a Research Associate Internship on campus at Nichols College, our eyes have been opened to the vast number of threats we face on a daily basis.

Oracle conducted a study titled “Security in the Age of Artificial Intelligence,” where 341 C-Suite executives and 110 policy makers were asked of their plans to improve their company’s security in the next two years. The top answer from this sample was to train existing staff. Human error poses the greatest risk to these companies (Oracle). In order to mitigate this risk, it is imperative to understand the opportunity cost of training employees on the importance of cybersecurity. Prioritizing training would prevent small mistakes, potentially costing a company much more in the long run.

A Nichols College Associate Professor of Accounting and Finance, Bryant Richards, noticed a gap in cyber security education, wanting to bring cyber to campus in a big way, stating “As cyber risks have become ubiquitous throughout the industry, it is our responsibility to provide some degree of cyber literacy to our business students. We must train our accounting students to be data and technology professionals who understand accounting. The realistic and experiential nature of Project Ares matches how our students learn and provides a transformative learning experience.” Richards along with the two of us, helped Nichols partner with Circadence to complete a three-month pilot program of their gamified cybersecurity learning platform Project Ares.

What We Found: Circadence did a great job with Project Ares, with an appealing, gamified user interface that sucks you in and is easy to use. As a student with no technical experience in the cybersecurity field, Project Ares proved to be both engaging and challenging. It provided an abundance of resources through its Media Center and Mini Games. Users can obtain a base layer of knowledge, progressing into education on concepts like the Cyber Kill Chain and how hackers utilize it. The interactive Battle Rooms provide real-life, technical lab environments where users can spin up virtual machines, explore real-world tools, build their confidence, and hone their skills.

What We Learned: You do not have to be a professional hacker to steal someone else’s information or gain access to their computer. Understanding the code is no longer enough; this is much more than an individual problem. If your own device is compromised, the hacker can steal your personal information, and steal information from your employer and worse. This harsh reality surprised us when we first commenced our research. From clicking a wrong link in an email, to accidentally tapping an advertisement banner on your phone; these small errors can seem harmless but are really detrimental to your overall security.

The gamification of cybersecurity training has allowed those of us with no prior knowledge, a chance to get a leg up. With increased demand to train existing staff, new training approaches must be made for the next generation of cybersecurity specialists. Gamifying the process made it easily digestible, directly benefitting any potential company or individual.

The first step in becoming educated on cybersecurity is understanding that there are threats present in our everyday lives. In the words of the man who gave us our initial walkthrough of Project Ares, Brad Wolfenden compared cybersecurity to buying a gallon of milk, saying:

“I believe that part of the disconnect around cybersecurity best practices comes from the assumptions we make as consumers in general – that what we’re buying is designed and sold with our best interests, and security, in mind … The food you buy and eat is certified by the Food & Drug Administration to indicate it has been safely grown/ raised and suitable for human consumption. When making technology purchases, we cannot take these same conveniences for granted.”

It is everyone’s ‘job’ to maintain high ethical standards and awareness when operating on the Internet nowadays. It is no longer up to one person or pre-installed software to protect your personal information. The more we are educated on the basic underlying principles of cybersecurity, the safer we will all be.

References

Oracle. “SECURITY IN THE AGE OF AI .” Oracle, 2018, www.oracle.com/a/ocom/docs/data-security-report.pdf.

Wolfenden, Brad. “A Rising Tide Lifts All Boats: Celebrating National Cybersecurity Awareness Month.” Circadence, 30 Oct. 2018, www.circadence.com/national-cybersecurity-awareness-month/.

*Students R.J. LeBrun & Lorenzo Secola guest authored this blog post as part of their Research Associate Internship at Nichols College