Be informed, be secure
Written By: Michael Wisthoff, Information Security Analyst
Surviving as a professional in the cybersecurity realm is no easy task, but the need for more of us is ever increasing.
Below are some tips and tools that you might find useful if cybersecurity has been entrusted to you.
10 Tips & Tools You Should Be Using
Password Manager – KeePass
With the need for more and more complex passwords growing, it can be very difficult to remember long passwords. In the cybersecurity field, even more so than other industries, reusing the same password more than once is equal to the most egregious cyber sin!
Considering the vast number of devices you need to access, a password safe solution that stores all of these passwords in an encrypted format just makes sense. KeePass stores your passwords locally, on secure workstations, rather than in an Internet location, increasing potential exposure. Safe storage for your passwords is step #1 for any cybersecurity professional.
As an Information Security Analyst, remote access is key when performing standard cybersecurity work. Secure remote access is crucial.
SecureCRT is a terminal emulation software that can be used to configure secure remote access using Telnet (just kidding don’t use Telnet). SSH, TLS, and other protocols can be used to connect to various devices and applications used in business as well as cybersecurity processes.
Streaming Music Service – Spotify, Pandora
If you sit in one place for hours and hours, reviewing endless gads of security logs, with no trouble whatsoever, then Pandora may not be necessary. However, for those who can afford the bandwidth, listening to music may be the tool needed to calm your nerves while protecting the world from digital threats, leaping over buildings in a single bound as well as conquering all of the remaining tasks required of a cyber hero such as yourself.
In large and small security teams, ensuring effective real-time communication for every person, at every desk is critical. Slack is a highly effective team collaboration tool that enables team communication via the cloud software. It certainly decreases the likelihood of all members of the team doing incredible work on the same task in a massively duplicated and inefficient manner.
For the more in-depth threat investigations that are required at times, network troubleshooting, it is very helpful to use a protocol analyzer tool like Wireshark. Such tools capture packets and allow security experts to analyze protocols, services, flags, and virtually determine everything happening in the captured traffic.
In order to be an effective cybersecurity professional, you will need a good understanding of information system networking. For many who have grown accustomed to working with IPv4 addressing and subnets, well get ready.
The complete change over to IPv6 will occur, and having a subnet calculator helps better ensure proper configurations are applied to network and security devices that are in place in your environment.
Port Reference Guide
Out of the 65,535 ports in the port kingdom, there are often services commonly associated with particular port numbers. While analyzing security logs, knowledge of these services as well as the vulnerability and exploitability of particular ports and services is essential. Therefore, in order to become a security professional…all must be memorized…or you can use a port reference guide like I do.
Essentially, the rapid development of digital threats, security technology, and processes creates need for cybersecurity professionals to remain knowledgeable. That means training, training, and more training.
In order to remain at the top of the game, we offer Fortinet Training as well as other customized training. These courses include basic and advanced firewall networking and security. Taking advantage of SANS Security Seminars to strengthen cybersecurity knowledge and awareness is also recommended.
While this may seem like a no brainer, as pretty much everyone has Internet these days, it is imperative for cybersecurity professionals to be able to have quick, high speed access. We must research current malicious threats, security strategies/processes, information technology news, and scores of other vital information in the field.
Today, many of us know the saying “Google is your friend.” Search engines are great tools to find valuable, as well as not so valuable information sources. Various security community bulletins and security resources are available online.
Compiler For Programming
Being able to use programming languages to tweak software and creating programs that will support various security functions and processes can be very important. Using compilers, cybersecurity professionals are able to write and analyze various scripting languages to respectively implement functions, or even identify security gaps in coding. For example, using python scripting language can assist in creating processes that automate particular cybersecurity tasks to lighten the workload.
Compilers are also used by penetration testers to test security of network environments and information systems. We have several experts who excel at performing penetration testing and offer solutions to increase security for various private, public, international, and national organizations throughout the world.
Are you a cybersecurity professional with a passion to save the world one firewall at a time? Contact us. We’re always looking to add another hero to our team.
Are you in need of a cybersecurity hero? Contact us today and take the first step to secure.