If you studied Introduction to Cyber Security, you are now aware of the range of threats to the security of our online computer systems as well as some of the techniques and technologies that can be used to keep these systems safe from attack.
As online systems become an ever important part of our daily lives, they are going to be increasingly attractive targets for a range of cyber attackers. This makes cyber security an important and exciting discipline to work in, with a variety of career paths depending on your interests and aptitude.
Network Security Specialist
The network is a key part of any online computer system and keeping it secure is an important cyber security role. Becoming a network security specialist is one of the technical pathways to working in cyber security. Some of the network security technologies that the network security specialist works with were covered in Introduction to Cyber Security, including firewalls, virtual private networks, intrusion detection and intrusion prevention systems. Networking is often one of the entry points to working in cyber security and requires knowledge about the algorithms and technologies of networks together with practical skills of working with networking hardware and software systems.
Information Risk Manager
In order to protect computer systems, it is critical to understand the potential cyber security attacks that might be applicable to a particular system and the likelihood that these attacks will be successful. This is the responsibility of the information risk manager, who needs to use a methodical approach for identifying the information assets, attack likelihood and impact to assess the overall risk to the computer system. One approach for managing information security risks is the ISO27000 standard, which is widely used in government and industry. This approach allows the organisation to make effective decisions about the methods to use to protect its computer systems. We covered some of these risk management techniques in the final week of Introduction to Cyber Security. The role of an information risk manager requires a combination of being an effective communicator who is methodical and detailed oriented, together with in-depth knowledge of cyber security threats and risk analysis methods.
The Open University module Information Security covers the detail of information risk management in the context of the ISO27000 standard. This module is part of the MSc in Computing - Information Security and Forensics.
Digital Forensic Analyst
While every organisation should do its utmost to prevent cyber security attacks from being successful, it is important to recognise that sometimes these efforts will fail. In these situations it is critical that the evidence relating to the attack is preserved so that the perpetrators can be identified and prosecuted. This depends on the skill of the digital forensic analyst, who must collect, preserve and analyse the evidence in a systematic way that can be proven to justify the conclusions regarding the attackers' methods and identity. In addition to having the technical expertise to handle digital evidence, digital forensic analysts must have a good eye for detail and be creative problem solvers who can apply the different tools at their disposal to ensure digital evidence is handled appropriately. Digital forensic analysts must also be able to communicate their findings to a variety of audiences, whether this be a corporate boardroom or a court of law.
The Open University module Digital Forensics covers how to conduct investigations to correctly gather, analyse and present digital evidence to both business and legal audiences. This module is part of the MSc in Computing - Information Security and Forensics.
Cyber security is an exciting area to work in, with a variety of different career options depending on your interest, experience and aptitude. Additional information on careers in the field can been found on the e-Skills web site - www.inspiredcareers.org