This can be harsh, but I do not care, we are talking cybersecurity here, which means that responsibility needs to be taken to protect and care for the environments and people that have been assigned to you.
The chance is there that after reading this post, you will think, alright, [email protected]#k you, but I hope that at the end of this post, you will have the feeling, O shit, I am not insane, I am doing things right..
You do not learn this at school
Security is a feeling, it is a feeling which when provided right, can allow great joy to happen, that joy can be financially (companies), but that joy can also be the calm feeling to know that no one is snooping around in your house via your connected devices (private).
Like each feeling, it needs to be fed, in this case, security comes with knowledge, when you know what you are up to, you will understand that you need to take steps in order to keep that secure feeling alive.
Now when we take a look at the industry, we notice that there are a lot of points that need to be caught up with, and no, there are no shortcuts. The more you learn, the more you will get the feeling that you actually do not know shit, and that is not bad, that is the daily challenge that comes with cybersecurity.
Do not get me wrong, education is important, papers are important, getting in touch with fellow (future) people in the industry is vital, just do not get narrow minded, try to ask yourself WHY things are like that and discuss it.
Now in the last couple of years there has been a BOOM of cybersecurity companies, all of these companies claim to have the solution of the century, the solution that YOU need in order to protect YOUR environment.
Before I start bashing products, I want to talk about those cybersecurity companies. A lot of these cybersecurity companies really do not know what they are doing. They are using products in such a matter that they see the result of that product as a final judge. Let’s take a look at a common security operation center, these SOCs all need people behind products that tell them what is wrong with the network or environment.