People focus a lot on pentest and security engineering. I'm on functional side (GRC: implement SMSI based on ISO 27001 and Nist CF, risk assessment, audits, laws and compliance...) and there is a lot of demand in Europe, worldwide too i guess.
When I first became interested in cybersecurity and IT in general which just less than 5 years ago, I originally wanted to focus on the red team side but eventually found a better appreciation for the blue team in security operations but I also really like CTI (cyber threat intelligence) especially OSINT so I’m still kinda conflicted about which of the two I wanna focus on mainly
Also, that Haiku looks really sus, looking at the ToS they are... or COULD collect a ton of data. The developer says "they are not collecting" the data, but the verbiage leaves it open for them to do so if they change their mind.
The domains are not correct. - Enterprise Risk Management and Risk Assessment are two different domains? - "Frameworks and Standards" are in their own domain? OWASP in AppSec; ISO is for governance. - IoT security is physical security? How so? - Where is Network security?
The architecture portion is what I would normally refer to in the physical security area as hardening the target. You make it such a pain and costly endeavor that an attacker moves into n to an easier target. But that’s my background speaking. Not sure how you would do it in the digital realm?
Great video Grant. Do you have any actionable advice for what an early career security professional should focus on? Inch deep and mile wide? Very deep in one or a few topics? I'm curious to hear what you've found valuable as you've started your career.
Thank you Jeremiah. Great question. Mile wide, inch deep vs deep in one or a few topics: This was something I always fretted over, still do to this day. I'd argue you could go either way depending on what your interests are. For me, being a generalist is more intriguing and exciting because I get to learn about a lot of different technologies and industries. But this can make you less marketable, depending on the position. From my experience, the bigger the company, the more specialized they look, since they have a bigger budget over a startup or mid-sized business. I also think specializing in one topic is beneficial too, since you can make yourself more marketable. So you can go either way. Do what suits you best. You will hear and encounter many people who tell you to "be a generalist" or "you must specialize". From my (limited) experience, I have seen both work depending on the company. If one topic really piques your interest, do that. If you don't know that one topic, be a generalist. The big component for me was to focus on the fundamentals of IT, networking, and security. I always stress the fundamentals and am still learning them to this day. If you have a solid base, a company / team can build upon that. In addition, people networking is huge. This is what has led me to all my opportunities this far. Try to network with local clubs, conferences, meetups, etc. Feel free to reach out to me (grant@cybercademy.org) if you have any more questions! Always happy to share my (limited) experience :)
@@collinsinfosec I think this topic deserves a separate video imo. I’ve heard that specializing gets you higher salaries because there are less people competing with you, but there are many generalists.
TNice tutorials was honestly so helpful. I’ve been working around soft, whether it be church, singing in a band, or theatre for most of my life so tNice tutorials
I work in medical electronics (Biomedical Equipment Technician). I am finishing my masters in cyber security and I think the best approach is to go into medical CS or healthcare CS. Do you have any insight into the world of medical device CS because there is not a lot of info out there. And quick follow up, is putting yourself into such a niche category terrible for job placement. Thanks Grant. Love the videos ✅
Never too late to learn new skills and never too late to change careers. As far as “too late” to break into the field in case you seem a little overwhelmed, it is certainly not too late. No one knows everything when they start learning. That would be like somehow climbing a mountain by starting at the middle or even summit, it’s impossible. You have to start somewhere and there is no better place or time than here and now.
How years will take to be a expert Security engineering Without getting any degree is it possible to get a job offline How many hours should I give time to this?
To be an expert a lot of people abide by the 10,000 hour rule or roughly 90 minutes a day over 10 years. But a lot of security engineers are not experts yet they are still extremely knowledgeable. You do not need a degree to do well in cybersecurity, but it does help, especially with landing that first (usually entry-level) job. If you don't have a degree and don't want one then you can self-certify instead, which is a route many, many cybersecurity professionals take. How many hours? That's on you. We are all different.
Hi grant, write from Colombia, latinamerica. Nice videos you have. Im 39 and im thinking about cyber security carrer, how are my probabilities to get a job when i get 44? Tks bro.
Whichever one you can carry and afford lol. It all depends on what you need/want. Lots of people can get away with Rasberi pi, but someone like myself got an Asus Zephyrus G14; 14' laptop with a Ryzen 9 5900 and RTX 3060 gpu (around $2,100 CAD). I only got it this beefy so that I can also play any game on high, while still being able to run 3-4 VM at a time. Another benefit of the GPU is that it can be used to brute force password attempts, making it take a lot less time.
It literally doesn't matter. I have a ThinkPad with a Ryzen 5 and 32GB ram. Lots of ram because virtual machines, but this is dependent on what you do. Processing power is not so important. Whatever your preference is tbh.
Hi I'm Ariful Islam leeton im software engineer and members of the international organization who and members of the international telecommunications and investors public and private sector and co Funder Open A. I And students cyber security
Thanks man, I got the good habit of wanting to learn everytNice tutorialng before I start sotNice tutorialng (wNice tutorialch is impossible) tNice tutorials quick guide is what I
People focus a lot on pentest and security engineering. I'm on functional side (GRC: implement SMSI based on ISO 27001 and Nist CF, risk assessment, audits, laws and compliance...) and there is a lot of demand in Europe, worldwide too i guess.
When I first became interested in cybersecurity and IT in general which just less than 5 years ago, I originally wanted to focus on the red team side but eventually found a better appreciation for the blue team in security operations but I also really like CTI (cyber threat intelligence) especially OSINT so I’m still kinda conflicted about which of the two I wanna focus on mainly
Do u make 6 figures
Another amazing compacted video, cheers
Ayyyy Thanks for helping get to know the Software! I just downloaded it in hopes of making resetupes and originals. Props to you for
Thank you Grant. I always enjoy your content. Have a good day buddy!!
Always appreciate the support and comments John :)
The real question for students is how many of these domains have entry level positions.
As someone who would love to get into Cloud Computing and Development, it's always cool to see what our friendly Sec people work on
Product security also lives with in that sdlc matrix
👍
Also, that Haiku looks really sus, looking at the ToS they are... or COULD collect a ton of data. The developer says "they are not collecting" the data, but the verbiage leaves it open for them to do so if they change their mind.
Man the software scares it's terrifying
Can you maybe add timestamps to your videos?
Really interesting overview btw
I am also working as Cyber security specialist . and you said it correct
I like that graphic, now show me the graphic with which of those areas require on call and after hour support :D Daddy has 4 kids and 4 dogs lol
Cool one!
Thanks Grant!
Happy to help!
The domains are not correct.
- Enterprise Risk Management and Risk Assessment are two different domains?
- "Frameworks and Standards" are in their own domain? OWASP in AppSec; ISO is for governance.
- IoT security is physical security? How so?
- Where is Network security?
Thank you bro 👍
The architecture portion is what I would normally refer to in the physical security area as hardening the target. You make it such a pain and costly endeavor that an attacker moves into n to an easier target. But that’s my background speaking. Not sure how you would do it in the digital realm?
Sir tell me quick resource to check arch. Role in Cybersec.
Great video Grant. Do you have any actionable advice for what an early career security professional should focus on? Inch deep and mile wide? Very deep in one or a few topics? I'm curious to hear what you've found valuable as you've started your career.
Thank you Jeremiah. Great question.
Mile wide, inch deep vs deep in one or a few topics: This was something I always fretted over, still do to this day. I'd argue you could go either way depending on what your interests are. For me, being a generalist is more intriguing and exciting because I get to learn about a lot of different technologies and industries. But this can make you less marketable, depending on the position. From my experience, the bigger the company, the more specialized they look, since they have a bigger budget over a startup or mid-sized business. I also think specializing in one topic is beneficial too, since you can make yourself more marketable. So you can go either way. Do what suits you best. You will hear and encounter many people who tell you to "be a generalist" or "you must specialize". From my (limited) experience, I have seen both work depending on the company. If one topic really piques your interest, do that. If you don't know that one topic, be a generalist.
The big component for me was to focus on the fundamentals of IT, networking, and security. I always stress the fundamentals and am still learning them to this day. If you have a solid base, a company / team can build upon that. In addition, people networking is huge. This is what has led me to all my opportunities this far. Try to network with local clubs, conferences, meetups, etc.
Feel free to reach out to me (grant@cybercademy.org) if you have any more questions! Always happy to share my (limited) experience :)
@@collinsinfosec I think this topic deserves a separate video imo.
I’ve heard that specializing gets you higher salaries because there are less people competing with you, but there are many generalists.
Thanks👍
which area is red team/pentesting covered in ?
Usually application security
How can you keep so much information in your head?
Practice
What about importing midi files because most midis freezes my program. What can I do about it? I'm using soft soft Bundle Pack by
Don't sleep on non-technical roles! Cybersecurity sales reps making $250k+ a year getting drunk with prospects and signing contracts
Sales and Sales Engineers (SE) do super well if they are with the right company.
For what companies?
thanks
Bro thank you again for an insightful video! big fan from South Africa here.
All I wanted to know is how to play the soft through my headphones with a cord not Bluetooth. I take it tNice tutorials is not an option since I have
TNice tutorials was honestly so helpful. I’ve been working around soft, whether it be church, singing in a band, or theatre for most of my life so tNice tutorials
bangers lodies.
Can someone please send me a Link to a Overview which companies does what Type of each Domain? Thank you!
Credential stuffing attacks 👀
I'm 20, starting IT & Cyber security bachelor next week...
I work in medical electronics (Biomedical Equipment Technician). I am finishing my masters in cyber security and I think the best approach is to go into medical CS or healthcare CS. Do you have any insight into the world of medical device CS because there is not a lot of info out there. And quick follow up, is putting yourself into such a niche category terrible for job placement.
Thanks Grant. Love the videos ✅
Educating video,m currently 25yrs please who is my chances of getting a job at 29 or 30yrs old after learning and getting certification thank you.
cool!
GOAT
Do you think 38 is a little old to start a BAS in cyber operations and resilience. I will be 42 or 43 when I’m done.
People usually retire at 65ish. You still have 20 years or so that’s quite some time use it wisely and pursue your goal
No its not too late
I am almost 50 and I am just now starting my computer heavy classes for a bachelors degree. So no not to late
Never too late to learn new skills and never too late to change careers. As far as “too late” to break into the field in case you seem a little overwhelmed, it is certainly not too late. No one knows everything when they start learning. That would be like somehow climbing a mountain by starting at the middle or even summit, it’s impossible. You have to start somewhere and there is no better place or time than here and now.
try going for other certs like Sec+
How years will take to be a expert
Security engineering
Without getting any degree is it possible to get a job offline
How many hours should I give time to this?
To be an expert a lot of people abide by the 10,000 hour rule or roughly 90 minutes a day over 10 years.
But a lot of security engineers are not experts yet they are still extremely knowledgeable.
You do not need a degree to do well in cybersecurity, but it does help, especially with landing that first (usually entry-level) job. If you don't have a degree and don't want one then you can self-certify instead, which is a route many, many cybersecurity professionals take.
How many hours? That's on you. We are all different.
What about u ?
How much time did u take ?
Daily?
I can't even find a job
How was many hours and years did u take to be a expert?
You can talk about Indonesia hacking by bjorka attack on indonesia's Goverment. And for sure you got millions of Indonesia viewers.
Hi grant, write from Colombia, latinamerica. Nice videos you have. Im 39 and im thinking about cyber security carrer, how are my probabilities to get a job when i get 44? Tks bro.
Hi Daniel, I saw your email, I will reply there.
Keep up
im here from nonsense i wanna make my fnf mod too
Bro
What the best laptop for cyber security
Whichever one you can carry and afford lol. It all depends on what you need/want. Lots of people can get away with Rasberi pi, but someone like myself got an Asus Zephyrus G14; 14' laptop with a Ryzen 9 5900 and RTX 3060 gpu (around $2,100 CAD). I only got it this beefy so that I can also play any game on high, while still being able to run 3-4 VM at a time. Another benefit of the GPU is that it can be used to brute force password attempts, making it take a lot less time.
It literally doesn't matter. I have a ThinkPad with a Ryzen 5 and 32GB ram. Lots of ram because virtual machines, but this is dependent on what you do. Processing power is not so important.
Whatever your preference is tbh.
What are the complete steps to create a PayPal adder money program 👈
not very helpful
Hi I'm Ariful Islam leeton im software engineer and members of the international organization who and members of the international telecommunications and investors public and private sector and co Funder Open A. I And students cyber security
Looks like a college video, play ctfs to improve skills
Reajjy helpful
a girl or gay.
^^
Thanks man, I got the good habit of wanting to learn everytNice tutorialng before I start sotNice tutorialng (wNice tutorialch is impossible) tNice tutorials quick guide is what I