All About Cybersecurity Jobs in Virginia
What is Cybersecurity?
Cybersecurity jobs are, in spirit, not so different from any other security job: Through vigilance and professionalism, you are expected to act as a deterrent to prevent crime, and, to the extent of your jurisdiction, you will be there to address it when it happens.
The duties involved in cybersecurity jobs may include inspecting networks for any potential cyber threat and monitoring data centers and software systems to seek out vulnerabilities that need to be corrected. You may be building firewalls for network infrastructures, looking for unusual behavior within a system, writing security policy and standard operating procedures for teams of professionals, designing automated security systems, and any other tasks. The specific duties of any given cybersecurity job come down to the needs and nature of the company you’re working for. Still, the tasks can generally be categorized under application security, information security, operational security, network security, or, in most cases, some combinations.
Application security refers to the protection applied at the application level, typically to prevent data within an app from being stolen.
Information security is the protection of sensitive information and can cover both electronic and print media. Password protection and clearance levels are an example of information security.
Operational security, sometimes shortened to OPSEC, essentially means looking at your current security systems and policies and considering how you might try to break in if you were a cybercriminal and patching those vulnerabilities. OPSEC is a broad concept, pre-dating, but with plenty of relevance to modern computer technology.
Network security refers to the protection of the network itself, which protects the communication pathways. Hiding your WiFi network from the neighbors would be an example of network security.
Generally, cybersecurity policy is guided by a set of principles called ICA or integrity, confidentiality, and availability. Integrity, ensuring that information is true to its intended purpose; confidentiality, ensuring that sensitive information is kept safe; and accessibility, ensuring that the information is available to those that have the clearance for it.
What Kind of Training and Certification Does Cybersecurity Require?
Talk to a dozen professionals in cybersecurity, and you may find that they have a dozen different sets of qualifications when it comes to cybersecurity certifications. There are hundreds of different roles you can fill in a cybersecurity team, hundreds of specialties available, and hundreds of certifications and degrees to help you get there.
Wherever your academic career takes you, you’re probably going to be starting with a four-year bachelor’s degree. An associate’s degree may land you an entry-level position, but if you intend to make a career of cybersecurity, you’ll want to continue your studies beyond that level.
Different universities may have different names for their cybersecurity bachelor programs. At University A, it’s merely a BS in Cybersecurity. At University B, it’s a Business Admin-BS in Management Information Systems. These titles aren’t entirely superficial. The information covered from one program to another may feature some key differences, so it’s important to do your research and find out what you’re going to be learning in any given program.
An associate’s degree will get you a job, a bachelor’s degree will start your career, but to truly make any progress in cybersecurity, continued education is critical. There is always more to learn and technology is continually changing with new advanced persistent threats rearing their head every day. Employers are looking for professionals who still regard themselves as students and seek further certification to keep up with changes in the field. Many employers will even offer tuition assistance to help you earn a two-year master’s degree.
The certifications that you collect along the path of your career have a lot to do with your specific goals in cybersecurity. There are hundreds of different certifications to consider in advancing your career, with qualification requirements ranging from multi-year courses to simple online tests. Your best option may be to find someone in a position that you want to be in, or an adjacent or similar position, and ask them their qualifications. You can always look at the employer’s job requirements, but your potential employer is looking for a resume that goes above and beyond what’s listed on the job description.
Common Cyber Attacks
No matter your specialty, no matter your position or job title or who you work for, a large part of your job as a cybersecurity professional will prevent and address cyber attacks. Cybercrime is a broader term referring to pretty much any crime that relies on a digital network. In contrast, a cyber attack is a specific type of cybercrime that typically involves an attempt to bring down a network or system.
The most common types of cyber attacks are denial of service (DoS) and distributed denial of service (DDoS). In both instances, the attacker overwhelms the system to force a shutdown. DoS can be done from a single device or computer, while DDoS is done from many host machines under the attacker’s control. These attacks are typically made out of revenge or other personal reasons. The attacker is not going to be able to gain any sensitive data or private information from the attack.
TCP SYN attacks are another common type. Here, you see the attacker exploits the buffer space in a Transmission Control Protocol session initialization handshake. Like a DoS attack, it involves overwhelming the system, in this instance, by flooding the target’s process with connection requests and then not responding to them. Once the connection queue fills up, the system crashes.
Many different types of cyberattacks fall into this category: Open a connection with the target’s system, flood it with requests, and wait for it to crash, shut down, or otherwise become unusable.
Other types of attacks include session hijacking. The attacker takes over a session between a network server and a trusted client, substituting their IP address for the trusted client. There is also IP spoofing, where the attacker essentially disguises their IP as that of a trusted host. Phishing and spear-phishing see the attacker using a degree of social engineering, deceiving not the system, but the person using it, by sending emails that appear to be from a trusted source.
The specific definition of cyber attack vs. other forms of cyber crime can be a bit blurry, but it typically comes down to the attacker taking an active part in it. Writing a virus and releasing it into the wild is a cyber crime. Writing a virus and trying to trick someone into downloading it is a cyber attack.
It’s Everyone’s Responsibility
Doctors don’t have a magic pill for you. When you go in for your checkup, they may recommend a specific treatment, but they’re also going to suggest changes in habit, proper diet, and exercises that you can do at home. This is part of the job description when it comes to cybersecurity, as well.
As a cybersecurity professional, you will provide the backbone of your company’s defense network against cyber crime. But you are also going to be educating the entire staff on how to keep the workplace safe.
No matter how hard you work to build firewalls and develop unhackable applications, all it takes for the cybercriminals to have their way is for a single employee to click on a malicious link, or leave their phone unattended in a public place, or type in “abc123” when asked to write a new password.
But, there is more to cybersecurity than knowing how to code. Ultimately cybercrime and cybersecurity are just other forms of human behavior. It may be channeled through electronic devices. There may be quite a few more steps to the process, but cybersecurity is fundamentally no different from a security guard, making sure that the doors are locked at night.
Cybersecurity education is vital to the cybersecurity professional, but it is also important to everyone whose work involves a computer or connected device, and in the modern-day, that means pretty much everyone.
Of course, you want to invest in the best security programs and malware detection software. Still, most cybercrime can be prevented by ensuring that cybersecurity is not strictly the IT department’s concern. Developing a standard operating procedure, a set of protocols and guidelines, and ensuring compliance with those guidelines will produce a safer, more secure workplace.
What Are the Common Threats?
The list of threats to be managed in information technology security grows every day. The technology keeps changing, and the criminals keep getting more creative. When you earn your cybersecurity degree, it is with the understanding that there’s always more to learn and that you may be called on to identify new types of attacks and develop countermeasures. But, with that being said, most threats still fall into the following categories:
- Phishing. We touched on this above, but an example might be an email from “Amazon,” warning you that your password is about to expire, and you’ll need to click this link to verify it. Of course, the link goes to an illegitimate website where criminals can log your password for their use.
- Ransomware. As the name suggests, ransomware is a type of malware that locks access to a computer or device, displaying a message demanding a ransom to unlock it.
- Social engineering. Where many cybercrimes attack vulnerabilities in a network or system, social engineering attacks human behavior vulnerabilities. This could involve an attacker messaging you and saying that they’re with the IT department, and they need access to your computer for some reason. Your instinct might be to trust them, and once they’re in, they can do whatever they like.
- Hacking. The definition of hacking is simply gaining unauthorized access to a system or computer. That can mean a lot of things. Hacking can include anything from guessing at someone’s password to rootkits, where a segment of malicious code is put on your computer to hide unauthorized access.
- DNS spoofing. DNS spoofing introduces corrupt Domain Name System data into the cache so that traffic is redirected to the attacker’s computer.
- SSL attacks. SSL attacks are similar to DoS and DDoS attacks in that they overwhelm the SSL handshake protocol with garbage data until the system collapses. Also called an “SSL Exhaustion” attack. Essentially these types of attacks are like the “rope-a-dope” technique in boxing, working to tire the target out by getting them to waste their resources on a pointless endeavor.
Best Practices in Cybersecurity Management
There are millions of things that we can do to create safer networks and systems. We can’t list them all, but there are a handful of basic practices that we can put into place to build a robust cybersecurity framework.
- Double-check your links. You should avoid clicking any pop-ups as a rule and keep an eye out for anything that looks fishy on social media. Someone sending you a link in messenger out of nowhere should usually be greeted with skepticism. Even if it’s a trusted friend, their account may have been hacked. Know what you’re clicking before you click it.
- Be aware of low-tech attacks, as well. Identity theft doesn’t always involve someone sitting at a keyboard and hacking away. Sometimes it’s as simple as leaving your credit card in plain sight in a photograph. Be aware of any sensitive information displayed in pictures you share online, people peeking over your shoulder while you work at the coffee shop, and so on.
- Use strong passwords. Ensure they’re ten characters, case sensitive, with numbers and symbols.
- Only connect to secure WiFi. Sometimes you may be forced to work remotely, in which case a virtual private network can provide some security when you have no choice but to use someone else’s shared network.
- Keep your security software up to date. Don’t let updates get backed up.
- Make regular backups. These days there’s no excuse for any company that works in technology not to make daily backups of their system. The resources are there: take advantage.
- Train everyone. Ultimately the best way to keep the workplace safe from cybercrime is to make sure that everyone understands the procedure, not just the IT department, and to run continuous monitoring to ensure compliance.
What’s the Worst That Can Happen?
An inadequate cybersecurity framework can result in any number of problems. Some of them are relatively minor, like needing to wipe a device and put your backup to use. Others are significant, like data breaches and lawsuits.
You don’t need to look very hard to find examples of companies that were held liable in major lawsuits owing to data breaches. In 2017, Equifax saw a breach that affected around 147 million people, eventually settling a class-action lawsuit. Capital One, T-Mobile, Zynga, and Yahoo! Inc. have all experienced similar breaches and lawsuits.
But a breach is more than just the money lost. Ultimately, the only thing that any business trades in is trust. Your customers trust that your products and services will deliver on their promises, and they trust that their personal information is safe with you. You may be able to recover from the financial losses associated with a data breach, and in many cases, your insurance may even offer some protection in that regard. But recovering lost trust may, in many cases, be impossible.
This is especially true of small and medium-sized businesses. If you work for a B2B company that only serves a few clients, losing those clients over a data breach can sink your employer overnight.
A company survives on trust, and as a cybersecurity professional, you are the foundation on which that trust is built.
Where Will My Cybersecurity Career Take Me?
“Cybersecurity” is more of an expertise than a specific set of duties. There are many jobs for cybersecurity professionals, and there aren’t many limits to where that expertise can take you.
Jobs with cybersecurity expertise cover everything from tracking down cyberterror attacks for the FBI to helping out on a part-time basis with your friend’s eCommerce site. NASA employs cybersecurity experts, as well as McDonald’s, the White House, TIME magazine, Google, locally-owned restaurants, and pharmacies, and the National Institute of Standards of Technology (NIST).
Cybersecurity can be your career or a part-time job, a way to make ends meet or your life’s work. The only thing that is a given in cybersecurity is your area of expertise. Beyond that, your career in this field can take you anywhere you’d like to go.