An introduction to cyber security – learn the basics

Never before has our data security and our privacy been more important. With so much of our information now being stored permanently online, the possibility of having this datataken is an ever-present threat. The news cycles are dominated by stories of threats to individual security and to internationally recognised companies too.

Organised cyber crime is fast becoming a problem that security firms are struggling to fight back against. Some of these crime groups are almost like start-ups, employing experienced web developers to hack into data frames and steal information. This is where the world of cyber security comes into play.

But what exactly is cyber security? How is it used? And what kind of cyber security jobs are there in this rapidly expanding world? We’ll answer all these questions, putting you in a great position to start your career in cyber security.

What is cyber security?

To start off with, let’s look at just what cyber security is. In essence, cyber security is a set of different techniques that you can use to protect the integrity of different networks, programs, and data from any attacks or unauthorised access. As you can see from our range of cyber security courses, there are many facets to this field. 

Defending computers, servers, mobile devices, and networks from malicious threats to protect the data and information that is contained on them has become a really important part of any business that uses things such as cloud computing to store their data. And as the likelihood of threats from malware, phishing, and ransomware increase, so does the landscape of cyber security.

Cyber security is an incredibly fast-growing industry, as it is fervently trying to keep up with the developments in technology and the continued and growing use of cyber and data by large corporations. As such, a career in cyber security will always be in high demand, and if you can demonstrate cyber security skills, you’ll be sure to stand out from the crowd.

Cyber attacks frequently target sensitive information, which criminals then use to try and extort money from users or disrupt business processes. Cyber security is used to try and stop them from accessing this information.

Why do we need cyber security?

As global connectivity and the use of cloud systems like Amazon Web Services increases, and with many companies and individuals having a poor configuration of cloud services, it’s no wonder that data breaches are on the rise.

Cyber security protects all forms of data from threats of theft or damage – it can include sensitive information, personally identifiable information (PII), protected health information (PHI), intellectual property, and other large information systems. Without cyber security, you are at risk of data breaches. Learn more about the basics on our cyber security foundations course.

The biggest concern with cyber threats is that they’re not just limited to large organisations. Criminals can strike at any time, anywhere, and can cause irreparable reputational damage to businesses of any size. So being educated about the different types of cyber security attacks that could happen has never been more important.

Types of cyber threats

Cyber threats take many different forms, but some are more common and more prescient than others. You may well have come across some of these different types of cyber threats before, but some of these may be new to you. Let’s take a look at some of the main types of cyber threats. 

It’s worth noting that cyber threats are continually changing, with more being created every day. A worrisome trend is an improvement of what’s known as Advanced Persistent Threats.  This is effectively when hackers will burrow into a system or a server and stay there, like what happened to Sony Pictures in 2014.

Phishing

Phishing is a cyber attack that uses email to encourage the recipient of the email to disclose confidential or personal information or encourage them to download malware by clicking on a hyperlink contained in the email. 

Malware

Often included as part of a phishing email, malware is a type of software designed to perform a malicious task on the server or the device it ends up downloaded onto. This could be a corruption of data or taking over the entire system. Malware can also affect mobile phones.

Man in The Middle (MITM)

This is when an attacker establishes a position between the sender of a message or information and the recipient and intercepts this correspondence. They could even alter this information, without either the sender or the recipient knowing that they have been intercepted. 

Trojan

Named after the wooden horse from Greek mythology, a Trojan is a type of malware that comes across as a legitimate piece of software to encourage you to download it. In reality, it is a malicious piece of software that releases code into the system, and either corrupts the whole system or hacks and takes information and data.

Ransomware

This type of attack involves encrypting, or hiding, information and then demanding a sum of money for you to access it again. These can vary from low-level attacks to high-profile cases like when Atlanta’s municipal government data was ransomed in 2018.

Denial of Service/Distributed Denial of Service Attack (DDoS)

A DDoS attack is when a hacker takes control of multiple devices (often numbering in the thousands) and uses them to overload target systems. Websites are common targets, as they can only usually cope with a set number of users at any one time.

Data breach

Data breaches are when data is stolen outright. There are many different motives for a data breach, whether it is straight-up identity theft or whether it is to try and embarrass or show up a large company or corporation – for instance, as Edward Snowden attempted to do. 

Cyber security terminology

Cyber security operations have a lot of different terminology, which can be confusing at first glance. Knowing this terminology and where the language of cyber security has come from is really important. Many of the threats will directly target the usages of the following terms, so understanding what each one does will take you one step closer to having better security.

Authentication

This is effectively who you are. Using a username and a password for logging in to something is the most obvious example of authentication, but things like captcha and facial recognition are also examples of authentication. 

Authorisation

In essence, this is what you can do and where you can go. For instance, accessing a VIP or members-only section of a website is an example of authorisation.

Cryptography

One of the more important terms in the cyber security world, cryptography is basically the process of either encrypting or decrypting data to keep it secure while you are storing it or transferring it somewhere else.

Encryption

Encryption is the process of ‘hiding’ data by converting it to an encoded format that is tricky to intercept. It’s essential for keeping potentially sensitive information safe, and many people wanting to encrypt a message or their information will use cyphers or bespoke programs. 

Decryption

The other side of the coin to encryption, decryption is the process of revealing the encrypted message by decoding it into an understandable format. Cryptographers often use the Caesar or Vignere ciphers to encrypt their information, which can be used to decrypt too.

CIA Triad

This has nothing to do with the Central Intelligence Agency! CIA stands for Confidentiality, Integrity, and Availability, which are seen as a design model for many organisations to form their own security policies. 

Why learn about cyber security?

Cyber security as an industry is growing extremely quickly, so more and more jobs are cropping up. And with the advent of cloud storage systems, big data, and the Internet of Things, cyber security has never been more important. 

With tremendous growth potential and plenty of opportunities, plus a wide range of different industries that you can apply your digital skills to, you’ll be spoilt for choice. In addition, some people say that we’re in the midst of a digital revolution, with these new fields of technology becoming the norm, and security is becoming of paramount importance. 

Learning about cyber security could also end up being extremely lucrative. With almost daily news reports on cyber attacks and threats, many large companies are looking to improve their security systems – and they’re willing to pay too. Salaries in cyber security are reported to have a greater growth potential than 90% of other industries, so your studying will pay off.

Types of cyber security jobs

All industries worldwide are looking for increased security and better protection due to cyber threats evolving into sophisticated and complex attacks. And as the industry continues to grow, more roles are being created to meet the specific demands of each issue. 

As with any industry, there are junior and senior roles. And just as with other industries, what you can offer in experience and skills will dictate where you end up. Wherever you end up, it is worth noting that there is excellent career progression in cyber security, with the opportunity to work your way up to better roles. 

Let’s have a look at just a few of the different jobs you can find in cyber security.

Security software developer

If you have some coding experience, you can apply your knowledge and skillset to developing software designed to keep servers and software safe from threats and attacks. Security software developers often use existing cyber security models and try to create their own, such as cyber security tools to monitor viruses and malware.

Cryptographer

Encryption is an essential part of cyber security – it’s the best way to make sure that cyber criminals intercept no information. This is where a dedicated cryptographer comes into play. Cryptographers are tasked with writing algorithms and code to protect sensitive data.

Ethical hacker

Sometimes, you can play the criminals at their own game and practise ethical hacking. Ethical hackers will find ways to purposefully penetrate different systems and expose the different ways that actual hackers could access sensitive information. This helps with developing more secure systems.

Digital forensics expert

Digital criminals also leave evidence behind them when they commit crimes, so in the aftermath of a digital crime or data breach, a digital forensics expert will be called in to see if they can detect any traces left behind by the perpetrators. These findings will also help improve the security systems – as well as catch the criminals. 

Chief Information Security Officer

As CISO, you are responsible for implementing policies in your company that protect the assets and the information contained and shared within the company. This sort of role is perfect if you’re looking for a blend of both business and technology – at its heart, it is a technology role, but it directly impacts the business.

How to get started with cyber security

So if all this sounds like a good fit for you, how do you get started with cyber security? While you may think that you need official accreditation and even computer science experience, you’ll find that if you have the passion and the drive to learn something new, you’ll succeed in cyber security. 

In addition, there are so many different strands of cyber security that you can specialise in and demonstrate both hard and soft skills in that you’ll easily find a great starting point for your career. 

We’ll go through a few pointers that will put you in a great position to get started with cyber security.

Familiarise yourself with the technology and relevant skills required

Cyber security can involve a whole host of different technology and digital tools, so if you have some knowledge or experience with languages like Python, HTML, and Javascript, you’ll be in a great position. In addition, coding is ever-present in cyber security – from encryption to building security systems. So, you’ll stand out to prospective employers if you can demonstrate your programming skills.

Some essential skills that are really important in cyber security include risk management, data privacy, and understanding cloud systems. The skills you need might also depend on the specific area you’re working in, for example, Supply Chain Cybersecurity. Those with any previous, demonstrable experience of these in the workplace will be in a great position to get started with cyber security.

Get some hands-on experience

It’s pretty easy to build a little set-up at home – all you need to do is sign up to Amazon Web Services (AWS) or Microsoft Azure and start playing around with it. These two pieces of software will likely be used in any cyber security role, so having some familiarity with how they work and what you can do with them will put you in good stead in any cyber security role.

Enrol in a course

There are many courses that you can sign up to that cover all aspects of cyber security – from the cyber security landscape, giving you a broad overview of the world of cyber security, to advanced cyber security training that will take your knowledge and understanding to another level.

There are even courses that focus on teaching cyber security – so if you’re looking for something entirely different and want to focus your energies on teaching the next generation, then you can learn all the fundamentals there.

Final thoughts

If you have ever pondered dipping your toe into the waters of cyber security, but weren’t too sure where to start, then we hope that this article has given you a better idea of what cyber security entails and what you can expect from it too. There will always be a need for people to work in cyber security.

It is a really broad, exciting, and constantly changing domain to work in, and as long as there are cyber attacks, there will be a need for cyber security. So why not enrol in one of our cyber security courses and start your journey into cyber security today?