Cybersecurity is Overhyped (it's not reality as a career)
Ghostery Browser Extension: mygho.st/grant
⏰ Timestamps:
0:00 - Introduction
1:00 - security careers are not all about hacking
2:48 - here's reality
3:43 - security is also a culture issue
4:00 - My Thoughts on Ghostery (it's free)
5:22 - buzz, trends, and surface-level info
6:05 - security is hard work
6:30 - How to Navigate the Hype
🔗 Links
@HackerSploit Video: • Stop Trivializing Cybe...
Dee Boo Dah Store (join the movement): www.deeboodah.com/
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?: Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAMMonitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRFKeyboard (Velocifire VM01): amzn.to/2TEswfdHeadphones
(Audio Technica ATH-M40x): amzn.to/2F4Tvq6Standing Desk (FlexiSpot Height Adjustable 47 inch): amzn.to/3p3uSAa
Пікірлер: 443
90% of cyber security is convincing other people why they shouldn't be dumb. The other 10% is convincing yourself you're not dumb.
@jejejejajaja3966
Жыл бұрын
don t get it
@whiteboy4798
Жыл бұрын
You’re hired
@fox2102
Жыл бұрын
@@jejejejajaja3966 Lots of imposter syndrome. Lots of research all the fucking time. Plus keeping up with constant changes to security best practices and renewing certifications like a CISSP.
@itscrashyy
Жыл бұрын
Lol
@miccidominguez5398
Жыл бұрын
This is a great career option for Aquarius people
I totally agree. I was "influenced" that you need to know kali linux, wireshark, Splunk in order to get into the cyberspace. I literally had blinders on for a year thinking I need to be technical. People say you need to know your OSI model - yes you should know your OSI model, if you're in a department that needs it. I just obtained an Internship, and it is the complete opposite of what influencers envision cybersecurity. Cybersecurity as a whole is the protection of a service or organization which means a lot of meetings, collaborating with different teams, thinking bigger picture, and projecting where your company will go. There are departments like an internal / external SOC, Triager, IR, CTI. These departments do exist - but do not think that these are the only ones. In fact, these are a few of many inner pieces of a company. I just wanted to shed some light. To people getting in, dont limit yourself with the technical stuff. YES they are good passion projects to show companies that you are interested in the field, but don't go thinking that is exactly what you'll be doing for your 1st job. If you've applied for a specific job (i.e SOC) and want to look at network packets all day as your first "entry" job - the chances are slim. Same for certifications - whatever influencer you follow that told you to get sec+, CCNA, A+ are right. However, know that certification does not equal job ready. Maybe (CCNA is), but for the most part HR just put that in as a requirement. I have my Sec+ and so far, I haven't actually implemented the terminology into my workday. Be open, be communicative, and be willing to learn. Thats all I have to say. Keep grinding, keep applying, but know that cybersecurity is more than just technical red teaming. rant over yall
@Ifalvarado
Жыл бұрын
People into reverse engineering do not need kali linux....
@Rmi27
Жыл бұрын
I had the exact same experience you did ! Since I also interned in the IS dept., specifically cybersecurity group, I was mind-blown to find out it wasn’t all technical, most of the stuff we worked on was reviewing and analyzing cybersecurity terms & conditions which requires some technical knowledge but no technical application really, which was surprisingly pretty fine for me.
@mybuttsmellslikebutterbut207
Жыл бұрын
Agreed. Although it very much depends which cyber security team you work in. Some are very technical while others are more burocratic/ process oriented. Everyone on my team is RHEL certified except for me, but my manager has asked me to get certified for audit and compliance purposes.
@halfbakedproductions7887
Жыл бұрын
People are schizophrenic on Kali. One half will tell you it's the greatest thing since teenage sex, while the other half will tell you it can't be trusted because you didn't compile the tools and don't know who built any of it. But people who don't work in the industry dabble with Kali and think they're some nation state Anonymous shit.
@joeyp978
Жыл бұрын
Knowing splunk is so huge m8
CISO checking in. "Cybersecurity" these days is a very broad term and is more than just hacking which seems to be what most of this video is targeting. There is security risk and compliance, third party risk, security operations, security architecture, security engineering, devops security engineering, just to name a few outside of hacking. It is challenging field but who wants a brainless and easy job? The pay is high and one can often work remotely. There aren't enough people in the industry. It's an excellent field. The threats are always evolving.
@collinsinfosec
Жыл бұрын
This is exactly my point. Hacking isn't the only career in cybersecurity, as many new students like to believe it is.
@matsuwd-emethdaath4002
Жыл бұрын
There are various and a myriad of domains in security with such vast areas it's not even funny.
@oscarespling-ek8261
Жыл бұрын
Hey man, can I lend your brain and knowledge a bit and talk about Cyber Security plus everything that goes with it? I'm wanting to get into that field!
@traviswilson1202
Жыл бұрын
Id like to get into cyber sales, something extremely people oriented!
@blvckl0tcs750
Жыл бұрын
@@collinsinfosec the hacking side is the most entertaining and plausible unless youre just into corporate/ law stuff
If I could give advice to myself when I joined Tech, I would say 2 things. The first is, every company is different. The way your first company configured a domain controller, or collected logs, ran table top exercises etc: doesn't necessarily mean it was done the best/right way. It was done in a way that solved a problem for them at the time. Rarely in technology departments are systems designed long term, they are usually designed because of an urgent need. Learn to live and die by best practice, but understand there is times when that isn't going to fly. There is never a time to tell someone I told you so. The second lesson I would tell myself, is when in meetings with people who instill confidence, and clearly know what they are talking about, double your focusing on listening. Just don't wait for your turn to talk. Try to understand the concepts, ask questions, and be dialed in. There is a lot of nuances in cyber security that you can only understand if you are really dialed in every single day.
Programming is exactly the same. Everyone thinks it's ping-pong tables and free lunch, but there is a huge emphasis on project management and people skills. Those skillsets are more important to your job security than being a great programmer.
Wow, what a disappointment! I thought I'd be dressed in all black, wearing high speed hi-tech comm gear, breaking into a highly secured building in the dead of night to hack the file system of a high value target and then being extracted off the roof via a helicopter. Back to the drawing board for me.... But in all seriousness, I'm glad you addressed this Grant because a lot of what I see presented in the field is the red team "rah rah" attack/pentester side of things. Personally, I'm more intrigued by working in a SOC as a malware analyst. Those video views are far less juxtaposed to the red team content for sure!
@SoSmarlon
Жыл бұрын
I mean u can do the first part if u want😂
@collinsinfosec
Жыл бұрын
😂
@MarcillaSmith
Жыл бұрын
If you aren't head to toe tacticool, how am I supposed to trust you to reset my password?
@DigitEgal
Жыл бұрын
You forgot the guy fawkes masks
@brif662
Жыл бұрын
I'm a Red Teamer and the new BT guys doesn't know malware analysis yet so I do it haha
As an engineering student in a much different domain but interested in computers and security in his free time I have to say I really appreciate your realistic approach. I’m just sick of flashy overhyped content going after clicks with buzzwords. So thank you for the videos Grant
@collinsinfosec
Жыл бұрын
Happy to help :)
@KulwantSingh-xr4si
Жыл бұрын
Which domain? Civil?
@imt3206
Жыл бұрын
What engineering branch are you studying? Industrial? Mechanical?
@armincal9834
Жыл бұрын
You think cyber security is overhyped? Just look at AI and machine learning :D
@honza4471
Жыл бұрын
@@KulwantSingh-xr4si mainly mechanical
A lot of “cyber security” is just company IT policy and enforcement. It pays well if you work for the DoD and have certificates.
I'm working an internship this summer in InfoSec and I've been shocked at how little college has prepared me for the real world in InfoSec, you learn the basics of all the tools and Linux and all that in school which is all essential and very good to know, but once you get there you end up just using vendors and enterprise level tools that you've never heard of that do a lot of the dirty work for you unless you are a pen tester or red team...even then there are red team tools out there that automate testing your security controls. But one of the big aspects I've never heard of in InfoSec until I got a job in IS, is threat intelligence and threat hunting, before this job I had minimal if any knowledge on what that's all about. Though if I'm being honest it's really intriguing.
@kalebworku2127
Жыл бұрын
I am also in an internship this summer in cybersecurity and agree with you. A lot of what I have learned so far has not been taught at my university.
@didyoumissedmegobareatersk2204
Жыл бұрын
@@kalebworku2127 bro Please drop your telegram or Discors id here so that we can connnecr please
@rgbeet
Жыл бұрын
How'd you get your internship? Was it remote or in-person?
Yes buddy i even so i was searching for proper content from past 5 years when i was in 10th grade but 80 percent of videos are just focused on hype .
Take the CISSP to really understand what a mile wide, inch deep means. Red teaming is 1% of the overall cyber ecosystem.
@jbroge
Жыл бұрын
CISSP seems like it was also written just to be hard to understand what they are even asking.
@z00k
Жыл бұрын
"Take the CISSP"? Do you want to let everyone know what the requirements are for even taking the CISSP? The CISSP is a piece of paper. Want something that will show skill? Get the OSCP.
@jbroge
Жыл бұрын
@@z00k almost like they serve completely different roles.
@robbirobson7330
Жыл бұрын
@@z00k get comptia a+ the only professional certificate in the market. you will learn how to hack into computers just with a screwdriver
@z00k
Жыл бұрын
@@robbirobson7330 Maybe I'll go into industrial tech and just get certified to use professional saws
Well said Grant, a good dose of reality to the people who are wanting to get into Cyber.
"You work with people". I really dont see how this could be used as a disadvantage of cyber security when I can count on my hand the number of jobs where you never interact with people. Classic "water is wet".
@Ikram_ridez
Жыл бұрын
😂tru
My girl has been in cyber security for years. She's a higher up now makes tons of cash and can't write a single line if code. Coding is not needed for this role in reality.
@blvckl0tcs750
Жыл бұрын
Cybersecurity isn't a role though. Also general programming knowledge is definitely needed in roles concerning anything that's gonna require you to automate, build upon, or create something.
@jackhill1244
Жыл бұрын
what role does she have?
I work in cybersecurity and I have little to no technical skills or knowledge. But I can write, speak well and make problems understood by executives.
@lukanxo5353
Жыл бұрын
How’d you get a job? What did you go to school for
Trust me when you're in a security consulting company doing all types of assessments, Pentesting, Red Teaming, Purple Teaming, you really won't get much time to research. You mostly get a 50 hours assessment. The only time you get to do some research is during the downtime. If you are good at what you do and you put in effort to learn new stuffs and if you actually manage to break into the industry, you can do most of these things. And yes reporting is one of the most important things when it comes to consulting.
You're transparency and humility just earned my subscription. Gracias amigo!
This is so true, my masters classes were pretty much Kali Linux all day long and when I got to corporate they told me that's only available up north in DC area and a small part😤. Needless to say I was disappointed. But it's all good. Live and learn
Agreed. Red team is a very small sector of the cyber landscape. Accurate representation is necessary.
@blvckl0tcs750
Жыл бұрын
Yes BUT again its the most fun
I knew your channel was worth subscribing to, thank you for your honesty, time, and effort.
Just a few months ago I got a security engineer job and it did also open my eyes to how the day to day really is on a higher level. I agree with every bit and you hit some very good points. SOC work is fun to me with analyzing incidents and even finding ways to automate on a SOC level. But with my engineer role I find it way more fun and pleasing building infrastructure and tools rather than the glorified pen tester side. I believe people need to find there NAC in what they like within the umbrella that cybersecurity is.
@HowToCyber
Жыл бұрын
I share similar opinion with you! I’ve been an analyst, did a pentest, now an engineer as well and I enjoy it much more. Sticking to path of engineering and architecting solutions
@reshaudmiller9908
Жыл бұрын
Can I become a security engineer right out of college with internship experience
@joshbuxton8249
Жыл бұрын
I'm an appsec engineer. I do a little bit of pentesting. But I've started to notice that I really like building tools and getting the networking aspects to all work in-tandem. Solving a problem or providing a security tool and documenting the architecture of everything. For the past 5 years, I was on the "pentester pill". I never thought I would enjoy the engineering aspect of IT, more specifically for security related stuff.
@jarednealeigh1553
Жыл бұрын
@@reshaudmiller9908 I became an associate security engineer right out of college but I had a very unique internship experience where I had the opportunity to deploy an enterprise-wide security tool that positively benefited the entire organization so I became an easy sell to senior management. With that being said, definitely ask your hiring manager if you can continue the internship remotely/part-time when you continue your studies the following school year.
@reshaudmiller9908
Жыл бұрын
@@jarednealeigh1553 thanks
found your channel 1 video ago, this is my 2nd and I'm so happy that I found you :D I love the quality of your video content and your philosophy or approach to things, especially the perspectives.
Step 1: Get job in cyber security. Step 2: Watch out for the hype. Step 3: Ride the hype.
Great content all around! My favorite part of this video is you taking accountability for "almost" falling into the false marketing approach as well. I agree with everything you said. Some "known" content creators are not doing a good enough job of properly guiding individuals that wish to enter the space. And those that are - lack the viewership they deserve.
@Ardi-wl3vu
Жыл бұрын
The ex hacker from prison will most likely never be allowed to touch another computer during his entire life
2 main areas: Defensive and offensive. Like an R6S game. Attacking an area (offensive) while being like a server. Defensive, penetration testing to test your defensive. The also in defensive, building your DNS or strengthening your proxy to prevent people penetrating into your servers or what ever you are protecting.
I kind of figured that there was a lot of bull with the way some people presented cybersecurity. At my age I am just wanting to do something where I can make a living with what is between my ears a bit more than having a strong back. A back that isn’t so strong anymore. The investigation part is what seems neat to me. Tracking the bad actors to their den that and taking them down is more like what I have done in the past just with a swat team and not a keyboard. That and after being a Paramedic for 30 years I want a desk job.
@EdinPuthy
Жыл бұрын
An analyst position would be perfect if you’re looking towards an investigation side. Yeah Incident Response might be end goal but CyberSec Analyst gets you a lot of from the ground up experience. I’m in a Threat Detection sector and part of my job is skimming through phishing emails employees get from day to day figuring out different ways threat actors conceal phish. The amount of tools I’ve learned in only a month is just insane and it’s what really counts in the industry.
@thatfishbreeder
Жыл бұрын
@@EdinPuthy May I ask what advice/certifications/experience you recommend in order to acquire a Cyber Analyst job? It sounds like something I would like to do. I am switching careers from Registered Nursing. I have a Bachelor's of Science in Nursing.
@EdinPuthy
Жыл бұрын
@@thatfishbreeder First I would go for an A+ certification. Shows you have general knowledge in IT. Then start with help desk positions. It’s really hard to get into cybersecurity right out of the gate so you need to build up experience. I’m in my senior year in cybersecurity and have been working help desk jobs for over a year. Fields services positions are good too. Cybersecurity teams look and see that a candidate can understand basic IT skills but use them in a security perspective.
@thatfishbreeder
Жыл бұрын
@@EdinPuthy Thank you so much. This is excellent advice! I am currently studying for my planned A+ 1101 exam in September. I also am planning to get a Help desk position as soon as possible. Can I ask about the field position? What is that position called on an online job search? Do you feel like having that experience plus certifications is adequate for a cyber analyst position?
@EdinPuthy
Жыл бұрын
@@thatfishbreeder on a job search they’re usually called IT Field Service Technician. A lot of what they want is customer service experience with basic understanding in IT they normally teach you what you need to know you just have to be willing to learn. It might take a couple of years to get enough experience to be qualified for something in IT Security but I think it would be doable. A really good option would be to look for a company that has a cybersecurity team that you have an in with.
Well.. I've been a truck driver for 12yrs and currently getting a cert through ISC2. I'm not sure how far that will get me, but it's a start. Really hoping I grow in this field. I want this, bad
@NuclearTog420
Жыл бұрын
Hey congrats man!
I got my first security job about a year ago and it is a lot different than what I thought it was going to be but I do enjoy it but I'm mainly doing patch management fun lol
@manhoosnick
Жыл бұрын
get paid bro, save money and reinvest, that's it, videos like these just discourage.
Such an important message. Thank you!
Thank you soo much this video helped me making a big choice in my future job
A few years ago I worked in IT for a small company. A few months in we hired a Cyber security guy and he ended up sitting next to me in our cubicle department so I would witness his daily life. Really great guy but boy, was he stressed out every day. He was up every night getting paged for cyber alerts on our systems. Then he would come into the office and the head of our IT would constantly pull him into meetings with execs, engineers, Dev ops guys. Then he would be slammed throughout the day with tickets for systems needing patches, compliance updates. So much bullshit. He ended up leaving after about 5 months to a better shop but it def made me realize cyber security is not a fun job.
I agree. Behind the glamor is a lot of hard work and frustration. Many days that have nothing exciting at all.
I got the idea to make a career out of computers because of cybersecurity, but the more I got into it, the more I realized I didn't like using things in their non-intended way, I enjoyed creating things and fixing things back to their original intention. Have a nice career in IT now and learning little bits of Javascript as well.
@Emsyaz
Жыл бұрын
You should become software or web developer if you like creating things virtually. But if you hate staring at the computer most of the time while creating stuff, you should become a hardware developer.
Cybersecurity…where you will be told by an auditor with no experience in Cybersecurity or IT everything you’ve done wrong , and management believes them.
so do you NOT recommend getting into cybersecurity?
Thank you soo much , highly appreciated
12 hour a day entry level Cyber employee here. Spot on
It's hilarious that Collin's youtube page wallpaper is him doing "ls" on his duo monitor.
The hype part is the “Hacking”. people have to realize it’s a ton of research & digital forensics behind cybersecurity including risk mitigation/incident response & SIEM monitoring . I love the blue team aspect but the engineering side is where I live & breathe.
@jamesdickerson6726
Жыл бұрын
Well, they should know that if they are in the field of cybersecurity, then they aren't "Hackers" in the first place. Hackers are people like Richard Stallman, Tim-berners Lee, Dennis Ritchie, Aaron Swartz. People who believe that information and software should be free. They wouldn't be working for the benefit of corporations and government on proprietary software in the first place.
@Sarah-rd5zg
Жыл бұрын
@@jamesdickerson6726 they are hackers tho, "hacker" does not equal a criminal or an activist, there are different types of hackers, and one of them, do, in fact, work in the cybersecurity field
@jamesdickerson6726
Жыл бұрын
@@Sarah-rd5zg wrong. A hacker has a particular mindset. Freedom of information and an open internet. Individual liberty. These are the foundation of the web, open source, gnu/linux. Hackers don't work to actively oppose these principles. They work to promote them. The government and corporations have appropriated the hacker mindset for their own agenda. Spying, espionage, proprietary software, reducing options, and corruption are the exact opposite of what it means to be a hacker.
@jimbaloshi9356
Жыл бұрын
🤓☝️ ummm aCkchelley wRoNNg
@jimbaloshi9356
Жыл бұрын
It's not that deep lil bro
Video stopped moving @1:22 Hacked.
You're probably the only youtuber that uses the most realistic video thumbnails.
This is a good message for people. Thanks
I literally love the thought of sitting all day doing tedious work. I'm weird but it's what I'm looking forward to and hoping for. I am stating to feel better that my chances of getting that type of work in the beginning are good
Cybersecurity is what you make of it, I love it.
I been using Ghostery for years now. I have not dug to far into it, in fact it is pretty easy just to set it up and forget about it, but it seems to work good actually.
How to get a job in cyber security in the US: 1) Have a basic understanding of network administration. 2) Have a family that passes the NSA profile check three generations deep.
@Thiccalus
Жыл бұрын
So basically don’t, because my day is an immigrant with a record. Got it. 😂
@MrJballn
Жыл бұрын
I mean, you could always black hat your way into a plea deal gig lol
@Thiccalus
Жыл бұрын
@@MrJballn hahahahaha
@mstoj1386
Жыл бұрын
@@MrJballn woahhh lol
@zx6r1320
Жыл бұрын
So what you are saying is im going to school for no fucking reason 💀 im about to finnish up my general ed went ahead and got that outa the way first to think about what to do thought about doing IT but id prob only do my associates tbh
Hahahaahha the thumbnail had me dying. I often get called out on my perplexed faces when troubleshooting some stuff, this is so accurate it hurts 😂
Just found your channel through YT suggestion...glad it did. So, I've been doing IT stuff for the better part of 20 years and I can see the 'overhypeness' of CyberSecurity for sure. I cannot count how many times I've heard people complain about not understanding why they even need to understand fundamentals and when can they start hacking all the things. Everyone wants to hack everything, no one wants to spend the many hours writing SOPs. 😆 Love the work.
@qwrt102
Жыл бұрын
What is sop?
@h0ck3yphreak
Жыл бұрын
@@qwrt102 Standard Operating Procedures
I've been a software engineer for 12 years now, cutting code from the front-end all the way through to server and DB and understanding everything in between. I considered moving into security but after doing some research into this switch, I realised that being a developer allows me to be my own 'artist' - im as limited as my imagination and can start up my own gig. Being a security analyst or a related role, require you to be employed mostly and you're limited by the set of tools you use. It just doesn't feel as unlimited as being a dev does. Also - im from the UK and earning potential is around £50-100k for most senior dev jobs.
@marwenhammami9575
Жыл бұрын
Hello i hope you have a good day , i wanted to ask you some questions. 50k a month ? as a freelance or employee ? as a dev or team leader ?
@jarvisjg700
Жыл бұрын
@@marwenhammami9575 50k a year.
@tydal6516
Жыл бұрын
@@marwenhammami9575 50k/hr, obviously.
@conradmbugua9098
Жыл бұрын
@@tydal6516 😂
Very good video it has been a long time since i saw your video
@collinsinfosec
Жыл бұрын
Welcome back!
Thanks very insightful
thank you so much for being real
Totally agree with you, today there's plenty of areas within cybersecurity where people can work in without knowing it all. Also agreeing on the BS, I'm super tired of companies trying to sell me another snake oil solution, while you have amazing FOSS projects that do the same for free. I love two statements in your video: security is also a culture issue and is hard work, that's sums it well. As someone who works on protecting, you need to make sure everything is safe, while attackers must find one meaningful vulnerability, is tiresome.
if cybersecurity is about experience and hands on then it's cheaper to recruit ex hackers from prison than from university.
@abdirizakauthor9324
Жыл бұрын
You didn't get the point. Cyber security is never about hacking. in fact, it is the opposite. it is about Defense. that is what the guy is explaining. I studied years about cyber security is hacking is just 1% of the security. 90% of the jobs available are about defense. If you go the actual company, it may have about 100 guys working on defense and may have 2 to 5 working on the other side.
Hey Grant Just came across your channel and I'm a big fan of your realistic approach. Im a beginner with absolutely no knowledge of IT or Tech and I'm considering a career in Chinese. Do you have a course that I can follow?
this is why i am not interested in the "hacking side"/pentest roles like over burnout/stress , no flexibility , can be boring , always being paranoid staying 24/7 on the latest cyber news even on off days not if this just for hacking or its just cyber sec as a whole and all the other things/subfields ???? .This is why i am switching to or want to do cloud sec engineering or software engineering seems less stressful
I am intererested in getting into Cybersecurity. But feel I need more info regarding this potential career. One thing I learned is that, there are no easy jobs in this world. Even sales related work is highly stressful dealing with people everyday. Probably will need to really enjoy the work to thrive.
Great video 👍
@collinsinfosec
Жыл бұрын
Thank you!
I agree with everything in this video! People these days look like something but they lack substance, smh.
Cybersecurity Engineer work or the DoD type Information Systems Security Officer is mostly administration. It is NOT what I had pictured. I wanna just go back to networking now.
What do you think of Fullstack academy? Im going through a 12 week bootcamp for cybersecurity. I was told it was like basic networking, coding, some pentetration( if i spelled that right), and cyber analyst. I just hope its worth getting certifications, im still new and learning the cybersecurity broad world, i think what i really want to do in the cyber world is investigation type cybersecurity. Anyone have any advice? Edit: nevermind. I feel discouraged because now I don’t know what to look for and do in terms of certifications and schooling. If the job doesn’t entail what I’ve learned then whats the point?
I mean you say this but my first job was web vulnerability assessment where I was effectively literally hacking all day. Currently I'm a red teamer and do the whole shebang - penetration tests, physical security, social engineering. It is effectively hacking all day except for of course report writing etc which can't be helped. So yes not all of cyber security is about offensive side and hacking, but the way you present it makes it sound like that's not a thing that happens - indeed you put in your title "it's not reality as a career". For me it absolutely is reality, I do spend most of the day sending malware, searching for and exploiting vulnerabilities and misconfiguration s, poking round file systems etc. It absolutely can be reality as a career provided you go down the right path. If you pick SOC or security engineer etc then yeah that won't be happening but do an offensive type job and it will
@nelauren
Жыл бұрын
Nowadays there’s automated tool that do penetration testing, vulnerability management, and instant forensic analysis with beautiful GUIs.
@InfoSecWarden
Жыл бұрын
I would caveat your comment. Its unusual(not impossible) to start in a pen testing position at entry level. There are some positions out there but most from what I've seen want you to have some breadth of experience. If you have a clearance the chances are more likely.
@blvckl0tcs750
Жыл бұрын
@@nelauren Uh yeah imma be real this means nothing. The role still needs to be filled by a person and is still a wanted position.
@nelauren
Жыл бұрын
@@blvckl0tcs750 I didn’t say otherwise.
Thank you brother.
sir, when you read this comment, I totally agree with your view of how cybersecurity is so totally overhyped. Report writing, working with people, knowing the fundamentals sir. You nailed it. See through the hype sir. Good job
Thanks for sharing
There is a lot of BS in CyberSec field because every non-technical recruiter/HR person is recruiting for Cybersecurity. People working in cybersec industry hv varied backgrounds. Some were network engineers 2-3 yrs ago so they donot have a complete overview of different areas of security, some non-technical ppl directly entered in Cybersecurity by doing CISSP which gave them an overall idea of security topics but technically they dont hv the required expertise and are technically weak, some hv software engineering background and trying to enter security but hv no idea about hardware side of Cybersecurity. The Certifications introduced within last 2-3 years are so many that everyone is confused as which one to choose and which path to follow. This is the challenge. There is so much confusion in Job descriptions. HR is looking for a superman who knows everything and is expert in all kind of newly emerged technologies/platforms. This confusion will stay here in future aswell because more and more technologies and devices are coming in the market at such a fast speed.
So is it worth going through with these degree program grant? like WGU and Purdue global?
@collinsinfosec
Жыл бұрын
It really just depends. I think you could go either way and be successful. I do typically advise students get their degree if they are 18 years old, it helps with the "credibility" (getting you past the HR filter).
...this is good content...I work for a DoD agency as a project engineer....each major section of the organization has adopted a cyber group...you're right...it's a lot of hype...talk, talk, talk...sometimes I feel like I'm listening to Alan Greenspan..."I know you think you understand what you thought I said..." Policy-driven...inserting requirements into every project...the main thing I hear is "who is the owner"...basically, it's driven around obtaining mutual consent that when something breaks, who's to blame, and who's going to pay for it...Thanks Much...;-)
I have been waiting on someone to call those turds out for A WHILE 🪬🤔💯 NICE Grant 🚫🧢
Hey i really need to know maybe its off topic. I àm getting into networking and cloud computing. Is there growth in networking jobs? I really just spent a ton of money on a course
It’s very boring sifting through tons of logs
depends on what your specific job is
I know this isnt everything in a job... buuuut pay is not to bad especially out of college
I’m been a controller/finance and want to switch over to cyber security. I’m 56 years old. I know anything is possible but interested in your thoughts.
I think a lot of what people think Cybersecurity is, boils down to marketing.
I have two questions on the subject: 1- In 10 years, can AIs replace or take over many vacancies in cybersecurity? 2- Do you think doing comptia+, NDE, DFE, cloud+ would already be enough certifications to enter the market as a junior? what salary to expect?
blue teaming gets plenty of traction but also is more about the business and best practice side of things which generally inst as interesting. Some of the sources you put out who talk about red teaming also talk blue teaming. The thing is what you say is the number one issue we have: The focus on trying to make the money without even having the general interest.
Any advice to break into this career?
The sad thing is, a lot of ppl that fall for the hype don't want to know or care about the fundamentals. They just want to be a hacker because it's "cool" or hype and hack their friends social networks (or at least that's what my commenters want...)
@Emsyaz
Жыл бұрын
These wannabe hackers still have a very childish mindset.
@memeeater420
Жыл бұрын
Bruh. That's just childish. After watching this video, I still want to study cybersecurity but that's just because I want to waste the tech scammer's time and ruin their business like the anti scammer youtubers do.
I absolutely love this video and the honesty. Great work and keep it up : 💖
@collinsinfosec
Жыл бұрын
Thank you :)
This doesn't apply to just cyber security but programming in all industry. You won't be writing or creating complicated and elaborate apps or programs that will change the world. As a java developer that was working in an ETL team for citi Bank, my first job was to write a couple of loggers or add a couple of fields in
Can you give an honest assessment on WGU to see if its worth time? All my searching and I cannot see if it full teaches a person what they need.
Hey guys should i get my ccna or just forget about it?
Is cybersecurity good to learn to protect a personal business website?
Can you mention which online sources to follow
I think especially if you don't have a security clearance.
The other issue I have with this field is that the job market is HORRENDOUS. So many big wig company's posting "entry-level" positions that require 10 years of experience in IT and between 2 and 5 expensive af certifications. I have a love/hat relationship with cyber security.
HI, I am currently a graduate of Msc Cyber security and digital forensics and I had a career transition from science to IT ( my previous course was Forensic Science). I don't have any experiences in my field. Could you please tell me some certifications that would help me to land a job?
@maxpower7086
Жыл бұрын
You need to understand Networks and Operating Systems well, basically systems administration. The most common OS are Windows Servers so you'll need good knowledge of that and add Linux to the mix after. Most companies have a Microsoft spine, with active directory and the like so get that first. Industry certs like MCSE and CCNA really help but the should be backed up by years of hands on experience. Your best start is probably with certs like Network+ and Security+ from CompTIA.
@ammuhpillai4983
Жыл бұрын
@@maxpower7086 Thankyou so much for your valuable reply.❤️❤️❤️
@InfoSecWarden
Жыл бұрын
Get your network plus, Sec+ (shows you have basic knowledge and qualifies you for federal positions). After that depends on what you want to do (GRC work/Blue Team/Read Team/Engineering/IR/). Regardless for a private company not contracting you need to somehow get across that you have the knowledge needed with specific tools/software required for the job. Read the postings closely make sure you know what they are asking for and tailor your resume.
@ammuhpillai4983
Жыл бұрын
@@InfoSecWarden Thankyou so much for guiding me. Means a lot❤️❤️❤️❤️🙌
Sorry a bit off topic, but would anyone mind to share some YT channel or persona or maybe some sort of Writeups that focusing on Blue Teaming? Thanks in advance
i just got my major in Cyber Security omg
If I hack into fortune 500 companies, why would I want a high salary? The logistics here, just don't add up.
im taking the cisco networking academy cybersecurity career pathway im hoping i get something out of this i have no idea where to start learning so i can tap into the industry
@justuspfit
Жыл бұрын
how did that go? or is going?
Finally, someone being truthful
Adam Jensen... 'Deus Ex Guy' is the job we are looking for
at one moment, i thought my screen my freeze XDXD
3m8s perfectly sums up my average day in Sec-Ops. That is until some idiot does something stupid like download malware. I've often noted its 95% boredom, 5% adrenalin rush \ panic.
You should make a podcast .
thank you for finally being honest, not like one of those generic Insta posers that just want an audience!
Red teaming is a hobby, blue teaming is a job. That's my limited experience in cybersecurity.
@StreetRide845
Жыл бұрын
Unless you hold a security clearance. But normally yea
@-bubby9633
Жыл бұрын
Lol what? What a pile of bullshit. I've been doing red teaming as a job for years. Spend most days testing the security of various major companies. It pays well too. I have no idea what the fucking comments on this video from everyone trying to imply there are no jobs out there where you spend most of your time hacking. These jobs absolutely do exist despite the wrong information in the video and comments. Just because you aren't in one of these jobs doesn't mean they don't exist "Red teaming is a hobby blue teaming is a job". Lmao what a load of shit. Guess I'd better tell my employer to fire the whole department then.
@-bubby9633
Жыл бұрын
@@StreetRide845 You don't need security clearance for red teaming lol. At least where I live, no idea about the US but not over here. My days these comments are packed with bullshit it's insane
Man you’ve been staring at the screen to long. Those crazy eyes are coming out