Career in Information Security

In all cases, it is very useful to periodically put a question mark to what you have long considered not requiring proof. Bertrand Russell.

Despite the high popularity of the profession related to information security, even in times of crisis, the market is experiencing a shortage of qualified personnel. As a rule, the level of training of applicants does not meet their financial expectations. Thus, companies are forced to hire low-skilled professionals, which negatively affects both the quality of work and motivation and loyalty to the employer.

Courses or self-education

There is an opinion that courses are attended only for the sake of “paperwork”. Let's try to figure this out.
The undoubted advantage of self-education is high involvement in the material being studied - i.e. the decision on advanced training is made by the students themselves. High interest and a systematic approach to learning allows you to get good practical training. But there are several nuances:

• Is the student ready to control the learning process? (Is it possible that without thoroughly studying the current topic, attention will be switched to another?);
• How does the student determine the order of study material? (is there a class plan?);
• What provides a horizontal outlook in the learning process?
• what provides a guarantee of receiving true, but not distorted or incomplete knowledge?

These questions can be answered in the affirmative, for example, referring to the availability of such manuals and videos on the Internet. However, this approach is usually erroneous. To begin with, I propose to divide the training into 2 types:

• training within the solution of a specific task (as a rule, occurs when a new solution is introduced: SIEM, DLP, WAF, etc.);
• training in the framework of the general task of advanced training (obtaining new knowledge and skills in the framework of their professional activities).

The first type of training allows you to study in detail the principle of operation of a particular solution (system), as well as to understand the essence of the work of adjacent systems. For example, by understanding the work of WAF, the specialist will gain additional knowledge about the work of web services and web applications. The second type of training is more focused on the development of a horizontal horizon, and the information obtained from this type of training is less detailed, but more voluminous. For example, in ethical hacking courses , methods and tools for penetration testing are studied, allowing you to search for and exploit vulnerabilities, as well as anticipate the actions of an attacker. However, such courses will not teach how to develop such tools or to understand the work of network protocols - the course assumes that the specialists who are going to undergo training are already familiar with this.

It should be noted that each type of training is important and is determined on the basis of a specific task. Self-education is a key factor in the professional growth of a specialist in the field of information security, but it is recommended to periodically systematize knowledge in specialized training programs. The benefits of comprehensive training (course attendance and self-study) are obvious:

• the systematization of knowledge occurs on the basis of the lesson plan (courses);
• the learning process is controlled, which allows you to get rid of waste of time and erroneous knowledge (courses);
• training takes place using pre-prepared specialized sites (courses);
• the learning process is accompanied by periodic testing (courses);
• In addition to the basic material, the learner gets a broad outlook, which allows them to quickly master a new material, as well as go deeper into a specific area already with basic knowledge for self-study.

With the wide availability of material on the Internet, the second problem related to ignorance of what needs to be sought remains relevant and is solved simply by combining courses and self-study.
')
Knowledge that is passed on to the courses can be obtained independently. Of course, such knowledge will be deeper, but only to study the material on the work and security of IEEE 802.11 networks can take a lot of time. In addition, during the self-study material may partially lose its relevance. It is more convenient to get the actual "here and now", having basic training, and after the course, having received a general picture for each direction, concentrate on in-depth study.

Wi-Fi security: a practical example

For clarity, I propose to consider an example of self-study on the topic of Wi-Fi security.
So, a large amount of material (mostly superficial) is available on the network about the security of Wi-Fi networks. Without knowing the specifics of the work and attack scenarios, more complex topics can be studied independently, but the process of searching and organizing information can take a long time.

If you ask the analysis of the security of Wi-Fi networks and google, what information can be found?
Protocols: WEP breaks, WPA under suitable conditions too. WPS - much less is known about these attacks. And how much is known about offline ( Offline-WPS-Attack ) attacks?

Security analysis tools: Many people know about popular Alfa adapters, but how many experts know about their amplification and the Bolivia mode? And about the fact that it has ceased to be relevant, and the “Belize” regime “ came” to replace it? And for sure, about the fact that the power of the adapter can be increased to 2W , probably, only a few know.
Well, how about “passive attacks” : Evil Twin , Rogue AP , wifiphisher , karma ?

Information on the detection of such attacks and methods of counteraction is even less. Despite the low popularity of the waidps utility, it is a powerful complex for detecting and preventing attacks on wireless networks.

Conclusion

Summing up, it is worth noting that the problem associated with the lack of qualified specialists in the field of information security is now quite acute, and the profession itself is becoming more and more in demand. And knowledge of the basics of information security as well as modern methods and tools of work of intruders, as well as countermeasures, will undoubtedly be a key advantage in the personnel market. The unique initial ( Zero Security: A ) and professional ( Corporate laboratories ) training programs developed by us will provide the most up-to-date knowledge in the field of practical information security “here and now”, increasing the demand on the labor market.