Transitioning from military to civilian life, overcoming the challengeFebruary 1, 2019
Explore the Experience: Becoming a Business AdministratorFebruary 6, 2019
For an Information Technology Security Professional, it’s just as much about the information as it is about the technology. When talking about security you’ll hear most IT professionals refer to “data and network security.” For the Security IT professional, there are skills to be attained and activities to be performed that pertain to each.
Key Strengths: Problem-Solving and People Skills
IT Security is also about people. One of the key responsibilities of an IT Security professional is to participate in the crafting of security policies to govern the data and network of their company, and then to enforce those policies. Any current security specialist will tell you that the hardest segment of their network to manage is the segment between the keyboard and the back of the chair, namely the user.
Users are not predictable or consistent. Given the same set of circumstances, they may take different actions at different times. They may remember the company security policies. They may not. As such, one of the most important skill sets for an IT Security professional is the ability to work encouragingly and productively with people, most of whom are making the security specialist’s life harder.
As an example, ransomware is one of the most rampant cybercrimes being perpetrated today. The bad-actor sends out emails to unsuspecting recipients. The emails, called “phishing” emails, are disguised to look like they come from a trustworthy sender, but a closer examination of the sender’s URL reveals that it isn’t from who it says it’s from. The email encourages the recipient to click a link or open an attachment. When they do, the bad-actor has the access needed to either corrupt, encrypt, or outright steal all of the data on the recipient’s hard drives.
The recipient is then contacted with a ransom demand. Pay the ransom or never see your data again. The point is that the exploit was enabled by the user who received the email. They didn’t intentionally do anything wrong. They fell for a fraud. The only defense is significantly better training to help users identify potential “phishing” messages.
Working with people to help them practice safer computing is a big part of your day as a Security IT professional.
A Day in the Life: The Technology Skills Needed are Extensive
Fundamental networking, storage, and computers are the foundational expertise of a Security IT professional. When your job is to keep any unauthorized parties from exploiting any part of the network you need to start with a working knowledge of every part of the network.
Your deeper magic lies in your knowledge of all the communication protocols that computers use to establish and conduct communication with each other. Starting with basic transport control protocols and internetworking protocols (TCP/IP) you’ll learn about a wide array of protocols that enable, facilitate, control, and also protect data communications. You’ll come to view data as a tangible thing that moves from place to place and then rests in storage awaiting the next transport request. You’ll learn how to protect that data whether its in transit or at rest.
Most importantly, you’ll learn how to manage every step in the chain of networking as data moves from a user who needs to be authenticated before they’re allowed in. They accomplish this through their access device such as a computer, tablet, or smartphone which also must be examined by network access control. Intrusion Prevention Systems are in place to scan the path to the network core which are meant to identify any message coming from an unknown source. Once your data identifies itself and gets past that, it will be checked for viruses and other malware. Finally, it reaches the firewall with its comprehensive set of rules designed to enforce all company security policies. Successfully being passed by the firewall, the data reaches its intended server, where all the data is encrypted, so your data better be preceded by the decryption key.
Yes, There’s a Lot Here
Security requires incredibly careful attention to every detail. The risks can be tremendous to your organization, if you don’t constantly exercise the utmost caution. Those who are considered security experts are among the most highly respected professionals in the industry because of the depth and breadth of their required training and skills. It’s a lot of work, but the compensation can be substantial.
With new threats emerging every day a Security IT professional must constantly be on-guard monitoring carefully for any anomaly that may show up on the network. A day in the life of a Security IT professional is a busy, busy day, never boring. You’ll enjoy the satisfaction of keeping the bad guys out and protecting your company’s most valuable assets, its data.
For more information about information security, contact your New Horizons Career Counselor today. They take you through all the training and certification you’ll want to achieve on your way to a very, very lucrative and satisfying career.