Forem: Patrick Dunn

3 lessons I learned as a Cybersecurity Analyst

Patrick Dunn — Thu, 08 Oct 2020 12:58:18 +0000

3 lessons I learned as a Cybersecurity Analyst
As a cybersecurity analyst, my job is challenging. Day-to-day, my role is to protect the company's cloud by analyzing our security standards, generate recommendations, and actively defend against threats.

Attackers are innovative and daring, plus, the industry is continually changing. The increase in remote workers and usage of cloud networks, cloud computing, and cloud services drastically altered the scope and strategy of security plans and protocols.

My finger needs to be on the pulse of all the latest threats, not just from hackers, but also from possible weaknesses in apps and endpoints that can be exploited if we're not careful.

While I could probably fill a whole book with useful information and tips I've learned on the job, I want to talk about three of the most important lessons that any organization and cybersecurity analyst needs to be aware of.

1. No system is hack-proof

The question isn't if your network will be hacked. It's when your system will be hacked, and how quickly and effectively your cybersecurity team can react and remediate the attack.

There's just no such thing as a system that's so secure; hackers won't find a way to breach it. According to a Clark School study at Maryland University, there's a hacking attack every 39 seconds, and since COVID-19, the F.B.I. reported a 300% increase in the number of reported cybercrimes.

A cybercrime report by Herjavec Group estimates that by 2021, every 11 seconds, a business will fall victim to a ransomware attack.

So, it's important as a cybersecurity analyst never to fall into the trap of contentment and think you've covered all the possible access points as hackers never stop creating new plans and tools. Always be on the lookout for new I.T. trends and keeping up to date with the latest industry news.

Some of the most essential safety tips for prevention and mitigation still aren't used by organizations, such as multi-factor authentication, encrypting all data, creating backups, and educating employees on security best practices.

2. Human error is an overlooked factor

Even if you have the most technically secure system with all the latest defense point solutions, it can all be undone by a single user making a mistake.

I would even go so far as to argue that human error is the biggest cybersecurity threat you'll face. When looking at major breaches reported in the news over the last ten years, many of them were due to some kind of human error. Whether it's a bug in the software, falling for social hacking, downloading a malicious file, or simply forgetting their laptop on the train.

Considering how much technology has advanced in the last few years, it's easy to understand why humans are often the Achilles heel of your cybersecurity infrastructure.

With the huge increase in connectivity and smart devices, A.K.A., the Internet of Things (IoT) means users can connect to the cloud from nearly any device.

But hackers haven't been sitting idly by. They've been busy improving their own attack methods and creating new tools to try to breach systems.

There's no shortage of news stories featuring regular-looking apps that have turned out to be spying on the user or hiding malware code, which can infect an entire network. Public WIFI has also been used to steal data or implant malicious code.

Implement the SASE Framework Model

SASE is a new breed: Implementing this unified, cloud-based networking and security model helps IT implement a user-centric access policy much like Zero Trust, but users are also consuming other security and networking ideas at the same time, all within a single product. SASE helps improve security, but it also incorporates networking ideas like SD-WAN (for visibility over resources), and security layers such as MFA, SSO, and VPN tunneling.

SASE is still emerging as a solution for enterprise level companies, and if reducing tool sprawl and centralizing their networking and security is your cup of tea, it’s vital to explore it now:

-Remove the outdated perimeter-based network idea of site-centric, to a more user-centric mindset
-Implement the Zero Trust Security approach for consistent and secure network access and policy enforcement
-Incorporate auditing, monitoring, and visibility while reducing help-desk support and hardware spending
-Layer a variety of security products atop all cloud and local on-premises resources from one place

3. Penetration Testing is invaluable

Simulating the process a hacker would use to attack your network, devices, apps, data, etc. is one of the most valuable activities you can direct your effort towards. By actively searching for exploitable vulnerabilities, you can identify weak security, such as user policies that need to be strengthened or data leaks, which can be patched.

It's important to also note your own ability to identify and respond to security incidents, including your ability to prioritize multiple alerts at once and identify false positives.

You can even test your staff awareness on best security practices and compliance.

Without sounding too much like a broken clock, employees and staff often lack the required knowledge to identify cyber threats. Social hacking like phishing emails and tailgating is still wildly successful because hackers can farm information from social media sites like Facebook and LinkedIn to appear legitimate.

Penetration testing is always going to be a worthwhile investment of your time as it will help to make your network more secure and help you educate staff on best security practices.

What is a Web Developer and Why become one?

Patrick Dunn — Wed, 23 Sep 2020 14:54:40 +0000

Since the birth of computers and the internet, the growth of these technologies and industries has changed the lives of nearly everyone worldwide. Over 3 billion people are now smartphone users, and in countries like the United States, China, and India, there are easily over 100 million users each.

With so many people connected to the internet and using smart devices, Web Developers have become a crucial role required by anyone or any company that wants to give their users a great online experience.

Whenever you're browsing the internet for gifts to buy, reading news, playing an interactive game, or posting questions and answers in an online forum, Web Developers made it possible.

In this article, we want to show you what a Web Developer does, the major benefits of being a Web Developer, and tips and resources you can use to turn yourself into a Web Developer starting RIGHT NOW.

What exactly does Web Development mean?

Defining what a Web Developer does is a bit tricky as the job requirements can differ between companies. But in general, as a Web Developer, you'll be responsible for designing and coding websites and website apps. But the job doesn't stop once the website is up and running. You'll also need to maintain the site's stability, continue to improve it, and implement additional features.

What are the most popular Web Development coding languages?

There are lots of different coding languages available; the most popular languages used by Web Developers are HTML, CSS, and JavaScript, which you can use to create unique designs and functionality for your website.

Languages like JavaScript have their own libraries or frameworks, which you may need to know as a requirement. It may be worth your time learning some of the more practiced ones, such as React.js, Angular.js, and Vue.js.

The truth is that a great Web Developer never stops learning, as there are always new updates, trends, and frameworks that you can learn to increase your skill level.

Advantages of being a Web Developer

There are many advantages to being a great Web Developer. It's a varied role that can be creative, fun, and fulfilling. Here are some of the significant benefits of being a Web Developer:

Highly sought after: Web Development jobs are one of the highest growing jobs across all industries. It's not just tech companies that need Web Developers, but hospitals, banks, hotels, clinics, freelancers, etc. Pretty much every industry and business needs its own website.

High-paying: Salary shouldn't be your only goal when learning to become a Web Developer, but it's important to make sure you earn enough money to get by, such as paying bills and supporting your family. For Web Developers, the average salary stands at $74,742 per year, and easily reaches higher than $100,000.

Work remotely or freelance: As long as you have a laptop and a network connection, you can work as a Web Developer anywhere in the world, whether it's at home or even on the beach. There's also plenty of freelance opportunities if you like the idea of being your own boss.

Lots of room to specialize & pivot: Web Development is such a varied job that there's plenty of room for you to specialize in a particular area, or even pivot into something else. There are many similarities between mobile app development, for example.

Tips for learning to code

When you first set out on your journey to becoming the world's most exceptional Web Developer, you may be overwhelmed by the vast number of things you need to learn. But don't worry! Everyone has to start somewhere, and while it may not be easy at times, it will all be worth it when you're working in a job you love.

Tip 1 - Set yourself goals
There are lots of different languages, concepts, and frameworks you need to learn to be an expert Web Developer. Instead of becoming overwhelmed by the sheer number of things to learn, break them up into separate goals.

Tip 2 - Enjoy making mistakes
Making mistakes is hands-down, the best way to learn. Don't fall into the trap of reading without getting your hands dirty and trying to break stuff. Often things will click into place when you're experimenting with a new concept or piece of code.

Tip 3 - It's not a race to the finish line
While it's fine to set deadlines for your goals, such as to finish learning HTML by X date, keep it realistic, and don't force yourself into stressful situations trying to cram as much in as you can. You probably have other responsibilities, such as family and chores around your home, maybe even a full-time job to juggle as well. Set yourself targets, but keep them realistic.

Tip 4 - But do push yourself
Yes, we just said not to push yourself too hard, but don't go too easy on yourself either!

Tip 5 - Ask for help
Learning to code doesn't have to be a solo activity. There are great forums and communities where you can ask questions and support. Don't be afraid to reach out for help. You can even consider matching yourself up with a mentor.
website resources to learn from
Online learning has really begun to shine since the beginning of the pandemic, as many learning institutions realized they couldn't rely on classrooms anymore. You're spoilt for choice by the vast number of options available.

Bootcamps: Bootcamps are online training programs that provide you with a structured learning path, high-quality teachers, mentors, and even career coaches to help you become an expert Web Developer. You'll also often be part of a cohort so you can learn together as a group.

Online courses: Similar to bootcamps, except all the training videos are pre-recorded, so you can't interact with the teacher during the lesson. Udemy has a great selection of online courses that are focused purely on turning you into a Web Developer.

Final words

Coding is not hard. It just requires a lot of practice to get better at it, like any other skill. Keep learning, practicing, and testing yourself, and you'll get there!