I found mine, what’s yours?
“And lo, God created man in his own image, and that image was fantastic (MD5 = 9e107d9d372bb6826bd81d3542a419d6).” Genesis 1:27
If you are reading this blog, it means you are either in the field of cybersecurity or you are interested and wondering for what it is. I have been interested in the term “cybersecurity” since my school days, but I didn’t have anyone to guide me nor did I have an idea of what it is and how it works. For most of us, cybersecurity is “Hacking”. A few of us want to learn about cybersecurity to hack other’s profiles for fun and say, “I am a hacker”, but in reality, cybersecurity has a vast number of paths and we may specialize in the various paths we are good at, like pen testing or governance, regulation and compliance (GRC). These two are the most commonly mentioned paths. I am not here to talk about these two paths; instead, I am here to share which path I got interested in and give a brief outline of it to those who do not know about it.
DFIR, Digital Forensics and Incident Response is a security profession which focuses on distinguishing, investigating and treating computer system exploitation. This specific field involves a variety of skills, different kinds of attackers and targets. Being curious about the path is not enough; paying attention to all the details, working with people and a taste for winning is necessary for this field.
If you are wondering how you can step into this path, here is your answer,
With the prevailing situation around the world and, with plenty of negative news making its way around the media platform, our lives have changed dramatically. Education and work have evolved into something we did not expect to see this soon. The education sector has moved into E-learning whereas work has evolved to become remote working. I have a few friends whining about working from home, whereas I found this to be an opportunity to explore myself and figure out what I am good at because I found more time for myself by eliminating the time spent on traveling and the problems associated with it.
Improve your proficiency and gain new skills & knowledge.
This is the utmost step out of all. You should be interested in gaining knowledge and learn something new. Considering the pandemic situation around the world I feel this is a great opportunity to learn. This applies to all. If you are sent home for working remotely, then take a training relevant to your job.
The Three Mantras.
1. Read more!
Yes, you read that right. Try to get books related to DFIR; for starters I would suggest “The Cuckoo’s Egg” by Clifford Stoll. It’s an interesting and curious book to give you a head start in DFIR. You can always surf the internet to read the White Papers, which are a great source of knowledge.
2.Do it yourself!
You can find exercises related to DFIR at dfir.training.com. There’s nothing right or wrong about how you choose to go about it; just download the necessary tools relevant for the exercise and learn. It’s okay if you make mistakes, sometimes more than by doing it correctly the first time around. Keep practicing! Like gamers practice for Valorant, COD and CSGO matches.
3.Be a student!
Surf the web for online trainings or classes and dive into the universe of DFIR. You can always learn online despite the time or distance. Make sure you take notes and share your discoveries with the world.
If you follow these 03 mantras, you’ll be who you want to be!
P.S: These mantras are not only for the DFIR path but for literally everything. If you want to excel in any path, consider following the above mantras. It works every time for me.
Jumping to courses for DFIR,
You can always rely on Udemy, SANS and DFIR vendors (for me it’s Magnet Forensics, but there are other vendors like OpenText, EC-Council etc). These are some of the most documented educational source. If the internet is our best friend, I would say YouTube is my boyfriend! I watch YouTube a lot, for entertainment and for finding hot news from around the globe but most importantly I find it’s a platform for learning too. Although YouTube is considered to be an entertainment platform, we can see that YouTube is creating a platform for education too. Apart from DFIR videos, I follow “Cybermentor” for enhancing my knowledge on cybersecurity and I would suggest that you do the same.
Last but not least, everyone has a different competency level. I found mine in DFIR during the lock down period. Even though I have some knowledge on governance and pen-testing I am not the best at it; as I mentioned before there are various paths in cybersecurity. Find yours and excel in it.
I found mine, what’s yours?
Written By/Renu Harshatha -3rd Year 2nd Semester -Cyber Security Student SLIIT - Trainee Security Consultant at Meta Defence Labs -