Cybersecurity is a generic term given to the practice and knowledge of protecting computer systems.
There are a large number of more specific practices within cybersecurity industry such as computer forensics, anti-malware, penetration testing, systems auditing, data protection, disaster recovery, etc. Malware is the umbrella term for malicious computer applications such as viruses, trojans, network worms, etc.
What is involved in the life of working with cybersecurity on a daily basis?
The biggest part of working in cybersecurity is dealing with my customers and listening to their concerns and requirements and trying to analyse what the biggest risks for them are and how to mitigate them.
The most challenging is also the most rewarding which is the fast pace of change within this field and trying to keep up with it.
The cybersecurity industry is ever evolving to counter the ever evolving threats that are posed to modern computing. From time to time this requires international travel, conferences and training.
What to study at school?
Here are the questions you asked our panel of people who work in cybersecurity and computer forensics in Ireland.
What subjects do you think would stand you well in second level and third level to go on into cybersecurity?
James O’Gorman (Microsoft): I can’t stress highly enough how important Mathematics is for potential students, students with strong Mathematics skills will likely find some of the more challenging course material easier to comprehend.
For those that are fortunate enough to be offered courses such as “Computing” or “Computer Science” at second level will also find that there is a smoother transition to a related third-level degree.
For those who are not fortunate enough to be studying at establishments offering computing or computer science, look for third level courses that have introductory modules or offer a “foundation year”.
In terms of third-level qualifications, look for courses that offer a placement in industry and have strong ties with industry; these will help mitigate the chicken-and-egg scenario where you can’t get a job because you don’t have experience and you can’t get experience because you don’t have a job.
Could you tell me a bit more about how your career in cybersecurity started at school when your teacher challenged you to set your own grade on the school network?
James O’Gorman: I studied Computer Science at the equivalent of Leaving Certificate level. As part of the course our teacher set a practical challenge to set our own grades on the school network.
The real challenge here was to circumvent security measures to gain access to our academic records and change them. The practical was designed to get us thinking about the various types of security measures and the consequences of insufficiently protecting data.
In addition this type of practical made us realise that there are often many ways in which a “hacker” can attack a system and how a security professional must sufficiently plan to mitigate all threats.
A variety of different techniques were used by the students and after the challenge was complete we had fun discussing the various techniques and the challenges each person faced.
For those students who are interested in more generic cybersecurity roles or have not settled on a specific path I would recommend an undergraduate course in a strong science based undergraduate degree such as Computer Science, Mathematics, Electronic Engineering, etc.
Science and engineering based degrees such as these are highly sought after by employers and are also a good discipline for postgraduate degrees in reverse engineering, forensics etc when you are clearer about your chosen career path.
As a general rule of thumb, courses that have titles containing “software”, “application” and “development” will tend to focus on software whereas courses that have titles containing “electronic” or “engineering” tend to be focussed more on hardware. Computer Science or Mathematics will be more generic and will act as a good foundation for postgraduate courses.