How To Begin — Adventures in Forensics and Cybersecurity

How to try to get into forensics and cybersecurity

I have been trying to blog about my adventures for a long time. I did not know how to begin. A colleague suggested I start with the steps or the missteps, I should say, that has guided my career in digital forensics. I can tell you that about 10 years ago I did not know anything about computers or anything having to do with investigating devices or determining if a system is compromised by malware. Everything I have learned and experienced has been on-the-job and through mentors, that probably did not know they were mentoring me.

Step 1: Make someone extremely angry that they move you from one organization to the next ( I truthfully did not know what I did)

This step will probably not be the same in your adventure but it led the to the beginning of mine. When I was moved, I ended up in an organization actively doing digital forensics using the Unix/Linux operating system. Talk about being over my head, I came in with no computing background other then using the internet and browsing Youtube at the time. So imagine getting thrown into an operating system that is not commonly used in homes or outside of computing types of career fields. It was a huge challenge but, I decided to jump right in.

Step 2: Jump right in

This was a big challenge, learning an entire new system and how to make it work and do things I need to accomplish. and if you have never seen how technical people use a Linux operating system, think about that blinking green light on a black screen that started typing telling Neo (Matrix) to follow the white rabbit or for those in the newer generation, the very small scenes of Mr. Robot where you see code or text being written across a black screen, seemingly not knowing what it means or does.

In the next 6 months, I was a Linux beast. As you can imagine the common trend to learning everything was repetition. The fact that the operating system was in my face day in and day out, was eventually the success to my learning. Now it did not mean I did not need further training over time but, by overcoming this first challenge I was introduced to terminology, functionality and a common language to discuss my needs to technical mentors. It helped with also identifying the terms needed to google in order to find free training resources across the web.

Step 3: Do not half-ass it

The career field of digital forensics and cybersecurity is always changing and everyone is in a constant mode of learning and training in order to stay with the times or get ahead of it. A good friend of mine and I always debated this and the three areas of this field that covers and interlace everything are

  • Operating System
  • Computer Science
  • Networking

If a person can be extremely knowledgeable in any two of these then they would probably be ahead of a lot of individuals in these career fields as it seems the average knowledge amongst these domains, if you will, in my experience, has been that most people have knowledge in 1 of these and then have half-ass knowledge of 1 other.

The knowledge needed in order to be successful requires understanding of operating systems and how they work; networks and communications between machines and the humans using those networks; everything runs off software or written code, the ability to read a variety of coding languages and understand the functionality of the code. The computer science or reading of code domain seems to be the least found amongst a lot of these career fields as people who can do it can find themselves in better financial positions as developers.

My strongest domains are in the operating systems and computer science domain and am currently learning the networking domain. I am constantly learning and always run into a new challenge, but I have always been able to overcome or advance in my career based on these 3 knowledge bases.

How To Begin — Adventures in Forensics and Cybersecurity