Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Find New Talent, Don't Fight Over CISSPs: Insights from (ISC)2 COO
Newest First  |  Oldest First  |  Threaded View
mds329
50%
50%
mds329,
User Rank: Apprentice
2/4/2020 | 11:08:51 AM
Re: Advice for aspiring cyber security professional
Dan  I,

I am in the same boat.  If you can find a flaw in your work environment, that could be a project for you.  Many people get into cyber because they created a role for themselves or got in through the back door.  I would also start writing articles and start posting them on LinkedIn with projects you are working on.  I hope this helps you in the cyber world.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
11/8/2019 | 1:38:33 PM
Re: Gen Z
A growing number of 10 year old engineers are invading the marketplace and god help us from those up and coming 5 year olds who play games better than us old farts.  
NeverEnoughToys
50%
50%
NeverEnoughToys,
User Rank: Apprentice
11/8/2019 | 11:06:11 AM
Gen Z
So, only 5% of cybersecurity professionals are between the ages of 9 and 23?  Only?  I'd think that's quite high for that age group.
Dan_I
50%
50%
Dan_I,
User Rank: Apprentice
11/7/2019 | 3:55:59 PM
Advice for aspiring cyber security professional
While I would agree that the field is difficult to get into and I think that having a more structured way to enter the field would help.

There is nothing I can do personally to change this (at least not right now). What advice would you give a young professional, with a degree in computer science, that wants to break into the field now? I have a certification in cyber security and I want to pursue more in the future. Should I be looking at more general IT jobs? Development jobs?

The most common advice I see is "keep learning." While this is great advice and I try to stay up to date by reading blogs and bug bounty write-ups. This doesn't really give me anything to show for it or put on a resume.

Thanks in advance to everyone.


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11458
PUBLISHED: 2020-04-02
app/Model/feed.php in MISP before 2.4.124 allows administrators to choose arbitrary files that should be ingested by MISP. This does not cause a leak of the full contents of a file, but does cause a leaks of strings that match certain patterns. Among the data that can leak are passwords from databas...
CVE-2020-8015
PUBLISHED: 2020-04-02
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
CVE-2020-1927
PUBLISHED: 2020-04-02
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVE-2020-8144
PUBLISHED: 2020-04-01
The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware u...
CVE-2020-8145
PUBLISHED: 2020-04-01
The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup� and “wizard� endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP ...