Getting Into Cyber Security: 5 Skills You NEED to Learn - YouTube

In this video I’m gonna take you through the top 5 skills you need to be learning to

get into cybersecurity.

If you’re new to the field or looking for a career transition, there’s just so much

info out there that it’s hard to even get started.

You might hear people talk about an alphabet soup of certifications to take, but I’m

here to tell you: THEY’RE NOT THAT IMPORTANT.

While there’s some value going through the process of studying for certs, what IS IMPORTANT

are your SKILLS and EXPERIENCE.

Because in this field, what you can DO will make you so much more successful than what

you KNOW.

Solving technical problems is THE way to earning the trust and confidence from people

you work with.

Buckle up and let’s dive right in.

Number 1: Building and using virtual machines.

Virtual machines, also called VMs, are operating systems that run on top of your existing or

“host” OS.

The virtualized OS is commonly referred to as a “guest”, and is managed by software

called a “hypervisor”.

The hypervisor lets you manage and allocate resources like CPU, Memory, and Disk space

on your guest.

Popular hypervisors you may have heard of include Hyper-V by Microsoft, Virtualbox by

Oracle, VMware, and KVM.

Often times when you hear the term “cloud” it usually means thousands of VMs running

on specialized hypervisors on someone else’s server farm in a datacenter somewhere.

Virtual machines let you become platform-agnostic, meaning you’re no longer limited to any

particular operating system and tools available for it.

Many people spend all their time just on one OS and debate which ones are better.

Let me tell you: IT DOESN’T MATTER.

As a pro you should be versed in ALL of them and comfortable working with any platform.

This maximizes the scope of your skills and makes you effective in any situation.

Virtual machines also give you the flexibility to train and research in an isolated environment

without affecting your main driver.

You can quickly take snapshots of a guest OS and restore it to an earlier state.

Opening a suspect file you received?

Use a VM.

Want to practice configuring a server?

Use a VM.

Slinging exploits at a target?

Use a VM.

Moving on to…

Number 2: LEARN the command line.

Don’t run away but EMBRACE it.

The command line interface, commonly referred to as a SHELL, is the simplest and arguably

the most efficient way to interact with an operating system.

For example, if I’m looking for an entry in this CSV file, Excel might freeze or crash.

Running a lightweight shell command gets me what I need in no time.

Why’s it called a shell?

The important parts of an OS that actually makes it run is called the KERNEL, because

it functions at the center of the system.

The part that’s exposed to a user is called the shell, since it wraps around the kernel.

It’s just like a car, where the steering wheel, pedals, and dashboards giving you control

over the engine or transmission all exist in the “shell” of the car.

The command line gives you the lowest level access to software functionality that comes

with an operating system.

Many of the most useful tools don’t have a graphical interface to point and click.

Mastering the command line expands your arsenal and lets you get more done with less.

It lets you be able to use scripting and automation to tackle repetitive tasks that would otherwise

waste lots of time.

Automating your workflow by learning the command line makes you a tremendously valuable asset

to the team.

I recommend starting out with Bash, or the “Bourne-again Shell” since it comes default

with almost every Linux distribution.

macOS used it in its Terminal app, but has since changed to Zsh, or “Z-Shell”, and

has some nicer features.

If Bash is like a Toyota, then Zsh is more like a Lexus.

Bash is so popular and effective that Microsoft actually released the Windows Subsystem for

Linux, or “WSL” and lets you install several different Linux flavors to use Bash as a native

app.

This is super convenient, since I can access most of my Linux tools without having to switch

to a virtual machine.

Now understand that Powershell is actually the go-to native shell for Windows.

It’s very different from how you would use the Linux command line, but gives you a ton

of powerful Windows administration abilities.

If you work in an environment where Windows is the primary OS, definitely learn Powershell

as well.

I’m gonna start a series on the Linux command line very soon.

Comment below to let me know what tools and concepts you’d like to learn!

Number 3: System Administration.

All of us with a computer or smartphone, from your grandma to IT wizard is a really sysadmin

at some level.

It all depends on what level you’re at.

System administration involves the configuring and maintaining of computers, whether a personal

device or hi-powered server.

When I was first using computers as a kid, I loved to dive down into EVERY SINGLE SETTING

available on the computer, just to see what it did.

Reading manuals, online guides, and playing around just drove this curiosity further.

By doing that, I became the family IT help desk.

System administration is about knowing your platform and various tools inside and out

to be able to help others who don’t.

Whatever your skill, I challenge you to fiddle around and learn by doing.

Delete some files, and try to recover them.

Download, open, and monitor old viruses in a virtual machine with tools like Windows

Sysinternals to see what they do.

Try to extract files and passwords off a computer without knowing the login info.

Whatever it is, push the limits of what you already know by reading guides out there and

following along.

Practice a little more each day and you’ll level up in no time.

Next up…

Number 4: Computer Networking.

THIS is the heart and soul of it all, what I like to call the cyberspatial “laws of

physics”.

It’s understanding how devices interact with each other and how data gets from point

A to point B. A strong foundation in networking will make you a rockstar troubleshooter, whether

you’re red teaming, defending, or running day-to-day IT ops.

There’s two conceptual models that govern computer networking: TCP/IP and OSI.

They group all your different networking and telecommunication protocols into “layers”.

TCP/IP is older and uses four layers: network access, internet, transport, and application

layers.

OSI stands for the Open System Interconnection, which is developed by the International Organization

for Standardization, or ISO.

These guys define everything from country codes to time and date formats.

OSI is newer and uses seven layers: physical, datalink, network, transport, session, presentation,

application layers.

All these layers are just a way to describe “what’s happening where”.

So if you’re receiving a package from someone in a different country, it’s gonna get passed

between envelopes, boxes, vehicles and planes, each with their own addressing method and

operating procedures.

When the post office tells you there’s an airline issue, you know where it is in the

transportation system that’s delaying your delivery.

Likewise, the networking layers all have different functions, but as a whole work together to

let you stream videos from a server in a rack to a device in your hands.

Knowing what’s happening at each layer lets you “see the matrix” and be much more

skilled at your craft.

Number 5: Personal digital security.

This is an area I’ve been particularly passionate about because it affects our families, friends,

and organizations.

The cybercrime industry is booming.

You don’t have to scroll far to see what the online black market place looks like.

As technology becomes more intertwined with our lives, from Internet-connected cars to

refrigerators, the vulnerabilities and attack vectors are gonna increase more and more.

If you want to go deep into cybersecurity, there’s no better place to start than with

yourself.

From passwords, encryption, to secure comms, stay up-to-date with the latest security news

and best practices.

You might just be the subject-matter expert in your office that others go to for advice.

And that advice might just protect your company from becoming front page news.

But most importantly is living it out yourself as well!

You wouldn’t believe the number of times I’ve seen cyber intrusions originate from

the security operations or IT department simply because people didn’t understand or practice

basic digital hygiene.So that’s it for this video Thanks so much for tuning in, don’t

forget to subscribe for more content just like this, AND if you have any further questions

please let me know.

See you soon!