Sat Gainda from Version 1 believes that no individual is immune to attackers and that security should be part of everyone’s role.
Sat Gainda is the AWS Practice Lead for the UK and Ireland at Irish IT company Version 1. He has many years of cybersecurity experience working with open source technologies, off-the-shelf and commercial off-the-shelf solutions that reside in either traditional data centers or multi-cloud environments.
Gainda’s experience spans a range of industries including finance, government and manufacturing and it currently holds a number of globally recognized security certifications.
He also spends some of his time sharing his knowledge with the wider tech community through white papers, articles, blogs, and conferences.
“The forwards are innovative and trying to stay one step ahead of them is a challenge”
– SAT GAINDA
What does a career in cybersecurity look like right now?
The demand for cybersecurity professionals is at an all time high. Any industry that has a technology presence needs people with cybersecurity skills. The recent Covid-19 pandemic has led to more people working in remote locations and thus increasing the organizational network perimeter and area of attack.
Cybersecurity careers are varied and can include security administrators, DevSecOps engineers, consultants, analysts, developers, penetration testers, architects, and information security managers.
Making sure you have experience, are trained, and hold certifications will help you in your career. Making vertical or lateral movements towards these roles can be quick, depending on the willingness of the individual to take this step.
What role does cybersecurity play today in technology roles?
At Version 1, we consider cybersecurity to be everyone’s role. The whole organization plays a role. No one is immune to attackers, so we need to ensure that we undergo mandatory training and have an increased level of awareness when it comes to cybersecurity threats. It is essential that our customers’ people, data and workloads are protected against attacks, whether external or internal.
All technical roles, whether or not they contain the phrase “cybersecurity” or “security”, must have an element of cybersecurity in their day-to-day activities. If the role involves making configuration, changes, designing or coordinating projects, the first question to ask is: “What are the security implications of change or inertia?”
By ensuring that all technical roles have a cybersecurity element, everyone participates. Regular and mandatory training will ensure that people have a culture of safety within their organisations, which extends to their customers and third parties.
All organizations should have a clearly communicated cybersecurity strategy that people need to be aware of. This facilitates decision-making for technicians and allows them to follow the direction of cybersecurity and provides instructions for cybersecurity escalation and reporting pathways.
What technical skills do cybersecurity professionals need today?
The fundamental skill to have is cybersecurity awareness, which will allow people to enter the minds of attackers and understand the techniques they use to carry out malicious activities. Thereafter, an understanding of operating systems (Linux and Windows distributions), networks and cloud services is essential.
The role of specific cybersecurity services such as antivirus, firewalls, patching, WAFs, intrusion detection and anomaly reporting all play a role and should be integrated into a centralized operation or reporting capability. security operations within an organization.
It means knowing how the pieces of the puzzle all fit together to form a technical organizational domain from a high-level architectural view that will help professionals understand areas of strength and areas that need fortification.
Knowledge of Linux and Windows scripting languages such as Bash and PowerShell will help professionals navigate the most common operating systems. Linking this to other scripting and programming languages such as Python, Java, or Perl will give cybersecurity professionals an edge and an essential technology and cybersecurity foundation.
Obtaining platform-independent certifications will make cybersecurity professionals more well-rounded and enable them to learn about cybersecurity holistically.
Some notable certifications are:
- CompTIA Security+: An entry-level certification that can put a technical professional on the right track in cybersecurity
- EC-Council Certified Ethical Hacker (CEH): By working for this certification, the individual will learn the “tools of the trade” of penetration that modern attackers use to gain unauthorized access
- CISSP: one of the most recognized certifications in cybersecurity, which covers all of many areas such as security and risk management, asset security and security engineering
Domain-specific certifications are also very useful. The AWS Certified Security – Specialty Certification covers general cybersecurity concepts as well as specifics to ensure the professional understands how cybersecurity applies to AWS services.
What are the biggest cybersecurity challenges currently facing those working in technology?
Keep abreast of the cybersecurity landscape. The information is vast and can be overwhelming. Technology is a vast field and cybersecurity is infinitely as vast.
The forwards are innovative and trying to stay one step ahead of them is difficult. That’s why it’s important for a professional to keep their knowledge up to date, whether it’s formal training, certifications, learning on the job, reading or listening to podcasts. By continually learning and applying best practices, professionals will keep up with the times.
With the countless opportunities in cybersecurity, it’s really up to the professional to shape their career. Taking a structured approach to learning, experience and taking charge of their careers will allow them to thrive.
10 things you need to know straight to your inbox every weekday. Sign up for the brief dailythe summary of essential science and technology news from Silicon Republic.