This summer I completed Coursera’s Intro to Cybersecurity Specialization consisting of four courses by NYU. While having some experience in this domain through CTF challenges, I didn’t know much about cybersecurity when I started. Below I'm going to give brief descriptions of each course within this specialization and hopefully convince you to take a look into cybersecurity!
In the first course, I was introduced to risk management and the CIA (Confidentiality, Integrity, Accessibility) triad. This framework is crucial in cybersecurity as it is the base to securing a system. In fact, this framework will be especially useful in protecting the upcoming 2020 US Presidential elections. Keeping foreign interference at bay is especially critical to maintaining a secure voting infrastructure, hence why cybersecurity is critical for elections (especially those which may take place online with COVID-19). Now, here's the application of the CIA framework in connection to voting. C - confidentiality, can refer to ensuring that citizens’ votes don’t get leaked or political party data is kept secret. I - integrity, can refer to ensuring that no vote or political party data is manipulated, regardless of whether its confidentiality has been violated. A - accessibility, can refer to ensuring that voting platforms don’t fall prey to large volumes of requests and stays up and running. By identifying these three situations, the cyber team in charge of the elections can then go on to rank these potential threats by risk level and identify what technical pieces to place in the election network. CISA (Cybersecurity and Infrastructure Security Agency) actually has a hashtag, #Protect2020, which acts as a call to action to manage security of the election infrastructure. There's more information on their plan in this link.
The second course delved into more technical aspects of cryptography. It described different encryption and decryption methods using public/private keys. It also went over how the CIA model fits in with cryptography. When sending messages through the internet, you want to preserve the confidentiality as well as the integrity of the message. This course explains how one can validate the integrity and confidentiality of a message through encryption/decryption with public/private keys.
The third course discussed different attack mitigation and attack detection techniques such as an Intrusion Detection System, Intrusion Prevention System, or a Firewall. I also learned about when and where each system should be applied depending on the architecture of the network system (I still need to work on this but I’m getting there!).
In the last course, I learned about how cybersecurity is used in enterprises and businesses. This gave practical applications of everything I learned from the other courses and introduced potential careers in cybersecurity (SPOILER ALERT: almost all fields need cybersecurity, including careers in agriculture, finance, chemical production, emergency services, commercial organizations, IT, wastewater systems, and many more).
All in all, I highly recommend completing this specialization, or at least taking the first course as I found it very rewarding and insightful. Especially with everything moving online due to the pandemic, cybersecurity will be more important than ever.
I’ve really come to enjoy cybersecurity and hope to pursue a career in the field in the future. I truly believe that I can make a difference through creating a more secure online world and look forward to learning more about this domain! This was a summer well spent to say the least!
Opmerkingen