Contents
By 2022, the total amount of digital data in the world has grown 50 times. These dozens of zettabytes contain commercial and state secrets, personal data and other information. Protecting this data is the concern of a cybersecurity specialist
About the expert: Andrey Belkin, Chief Analyst of the Cyber Attack Investigation and Prevention Group at Raffeisenbank JSC, SkillFactory mentor.
Who is a cybersecurity specialist
A cybersecurity specialist is someone who ensures that an IT system is protected from hacks that lead to malfunctions and data leaks. Depending on the tasks, the profession is divided into different specializations:
- Antifraud-analytics. Demanded in fintech companies. They focus on the cybersecurity of financial transactions in online banks, track suspicious activity on cards, write automation systems for these tasks.
- Code Analyst. Analyzes the code in detail and looks for vulnerabilities for cyber attacks. Based on the results of the analysis, he makes recommendations to improve the security of the program.
- Specialist SOC (Security Operation Center). It monitors the state of the system in real time, promptly responds to cyber attacks and failures.
- Information security system developer. A profession at the intersection of development and cybersecurity. The specialist develops software that monitors cyber attacks and protects the company’s internal IT system.
- Cybercrime Investigator. Restores the scenario of a cyber attack, looks for vulnerabilities that made it possible to hack, finds and exposes hackers-criminals.
- Pentester or ethical hacker. This is a specialist who attempts to hack into an IT system on behalf of a company and looks for vulnerabilities in it. Based on the results of a hack, it issues reports and recommendations to strengthen security.
A cybersecurity specialist is one of the professions of the future.
Andrey Belkin, Chief Analyst of the Raffeisenbank Cyber Attack Prevention and Investigation Group, SkillFactory mentor:
“Unfortunately, a combat robot that can do everything equally well does not exist in cybersecurity. Trying to fully secure an IT system can be simply torn apart by too many tasks. Most often, a specialist can cover one or two adjacent areas in addition to the main one. For example, I work in investigations, so I have a good knowledge of how SOCs and pentesters work. At the same time, of course, I do not know these areas as deeply as the specialists who work in them. To achieve depth in all niches of cybersecurity is unrealistic.
What Skills Does a Cyber Security Specialist Need?
Each specialist in the large cybersecurity ecosystem has specific niche skills and tools. But in order to start in the profession, you need a strong base.
Basic hard skills of a cybersecurity specialist:
- Understanding how Windows and Linux operating systems work, understanding their system and network administration.
- Ability to work with network vulnerability scanners, for example, MaxPatrol, XSpider, RedCheck.
- Possession of hacker software, be able to hack networks and systems. Understand the principles behind cyberattacks and what are the ways to protect against them.
- Programming in Python and Bash to write automation software.
- Be able to work with big data (MySQL, PostgreSQL).
Basic soft skills:
- Attentiveness. To look for vulnerabilities, it is important to be able to focus, to see non-obvious and hidden opportunities for a cyber attack.
- Analytic skills. It is important to see the consequences of certain decisions, to find causal relationships in cyberattacks that have already taken place.
- Stress tolerance. In the face of a cyberattack, it is important to keep a cool head and act quickly.
- Ability to work in a team, negotiate, seek compromises.
Andrey Belkin:
“I believe that in IT, not everyone understands the importance of soft skills and not everyone thinks that they need to be upgraded. In the meantime, the most important thing about cybersecurity is being a good, pleasant person. In any field, people who are ready to set up a comrade or go over their heads are not very well treated. If you are toxic, it is unlikely that someone will go forward and help solve your problem. To work in a team, to negotiate, you need a good attitude towards people.”
Where do they come into the profession
You can master the profession of an information security specialist both from scratch and with a base in IT. The easiest way to adapt in this area will be system administrators. In large companies, system administrators in one way or another encounter information security specialists: it is their common task to protect the internal infrastructure of the company.
Profession trends
Over the past 12 years, the amount of data worldwide has grown almost 50 times. According to analysts, by 2025 this figure will double.
As data, applications, and services grow, so does cybercrime. In 2021 alone, cybercriminals caused $16 billion in damage per day.
Hacks and cyberattacks threaten not only ordinary users, but entire systems. A cyberattack can stop a factory, a bank, traffic lights on your street from working. Wherever there are IT systems, vulnerabilities and failures are possible.
In this regard, the value and demand for cybersecurity specialists is increasing. At the end of 2021, companies around the world were looking for.) 3,5 million employees in cybersecurity teams. At the time of writing, only in Moscow there are about 1500 vacancies for specialists in the field of cybersecurity, the salary in this direction is from ₽80 thousand to
How to Become a Cyber Security Specialist
A cybersecurity specialist is a profession that can be obtained both at a university and in online courses. If you are not starting from scratch, you have a developer or system administrator base, the best way is to gain skills on your own and go to work as soon as possible to learn by doing. You can search for vacancies and internships, for example, here.
Andrey Belkin:
“Every person has their own path. I cannot say that the university will give you everything, I cannot say that the courses will give you everything. Just paying money and going to training is not enough, so you will not become a sought-after specialist. You need to be active and make efforts, try to do something on your own. It all depends on motivation, on how ready you are. I taught at SkillFactory and I remember that different people came to the course. There were also very young guys who listened, did something when they wanted to, and when they didn’t want to, they didn’t. There were also students over 40 who understood that they were changing their profession, that they needed to give up their income now to take the risk. They come to study after work, tired, but still they inquire, ask questions, make an effort to learn. For those who go to the infobase, having a base, the most important thing is not to delay training and get a job. Then it will be possible to move horizontally, try different niches.”