Professionals who know how to assess and minimise IT vulnerabilities are in constant demand as the exposure to cyber risks is rising. This is partly due to organisations constantly increasing their dependence on mobiles, IoT devices, social platforms and migrating data to the cloud.
The Introduction to Cyber Security will give you insights into the concept of cyber security, the types of threats, and the defensive mechanisms that can mitigate risk. In this cyber security course, you will gain an understanding of the impact of online digital footprints, how to perform a vulnerability assessment, and how IDS and IPS systems and firewalls protect networks and computers.
You will also learn about wireless data communication networks, cryptography, security standards and the importance of implementing access control models.
Outcomes achieved by undertaking a cyber security course include:
- Learning about the importance of cyber security and the threats
- Exploring the common type of attacks including active and injection attacks
- Gaining an understanding of DoS, malware, malicious software, spoofing and man-in-the-middle
- Studying network and operating system attacks
- Examining network security, physical security and software and operating system security
- Understanding vulnerability assessments and how to assess vulnerabilities
- Attaining knowledge of security posture, identifying and classifying assets and threats and risk assessment
- Gaining insights into baseline reporting and penetration testing
- Learning about securing data centres and networks
- Exploring hardware like modems and routers and how to change router settings
- Gaining an understanding of software pc and device levels and advance settings to secure devices
- Studying preventative steps
- Examining how to secure your online digital footprint
- Understanding social media, web browsing history and online shopping
- Attaining knowledge of the devices used, the importance of managing a digital footprint and protecting the user’s reputation
- Gaining insights into deciding where and how personal information is shared, preserving freedoms and preventing financial losses
- Learning how to manage a digital footprint, the privacy risks of online identities and how to develop better online habits
- Exploring how to investigate default settings for online tools and services
- Gaining an understanding of using privacy-enhancing tools
- Studying internet security and digital certificates
- Examining digital certificates, digital signatures and digital rights management (DRM)
- Understanding information rights management (IRM) and electronic books and magazines
- Attaining knowledge of EDRM and generating, exchanging and verifying a digital certificate
- Gaining insights into web browsing (SSL certificates) and SSL/TLS handshakes
- Learning about security issues and secure web browsing using https
- Exploring wireless network vulnerabilities, attacks and security
- Gaining an understanding of wireless network vulnerabilities, attacks and security
- Studying NFC and bluetooth networks attacks
- Examining WLAN (Wireless LAN) attacks, wireless data replay attacks and wireless Denial of Service (DOS) attacks
- Understanding network “blurred edges”, rogue access points and attacks on home WLANs (war driving and war chalking)
- Attaining knowledge of wireless security vulnerability and solutions
- Gaining insights into IEEE wireless security vulnerabilities
Job Opportunities in the Cyber Security Sector
Cyber security is one of the fastest growing sectors in Australia, and its direct economic impact between 2019-20 is estimated at $15.7 billion in revenue, with the sector employing almost 19,500 people. Cyber security enables the digital economy to grow and innovate, which is critical to Australia’s prosperity and recovery from COVID-19 as more businesses and people move online to create and deliver goods and services.
The evolving threat environment and rapid technological advancement will continue to generate demand in the cyber security sector, and AustCyber forecasts that almost 17,000 new jobs will be needed up until 2026. And as you’ll discover in our cyber security course, the cyber security sector offers wide range of diverse opportunities.
Cyberspace is not bound by geography, so working in the cyber security space means that you don’t have to work in the one location. Opportunities also exist for Australian cyber security businesses to attract global investors and sell their solutions to offshore buyers.
AustCyber’s Cyber Security Sector 2020 Competitiveness Plan states that wages are high across the cyber security profession with a $12,000 average wage premium paid for a cyber security worker when compared to an IT worker. Roles in leadership and management and those involving the designing and building of cyber systems are currently commanding the highest salaries, with average wage premiums of more than $20,000 above general IT workers.
One of the biggest misconceptions about a career in cyber security is that you need a background in IT. However, cyber security is a broad sector that encompasses policy, technical roles, marketing, risk management, engagement and more.
Assessing and Minimising Vulnerabilities
As you’ll discover in our cyber security course, cybersecurity starts with understanding potential vulnerabilities, assessing those in a particular situation, then taking actions to eliminate or prevent those vulnerabilities.
When organisations are trying to secure their assets, knowledge equates to power. As businesses constantly increase their dependence on information technology, including the IoT (internet of things), social platforms, mobile devices and placing or migrating data to the cloud, their exposure to cyber risks can rise significantly.
However, just like an annual health check, a vulnerability management program can help organisations identify weaknesses in their cyber systems before they turn into problems.
This is the technical term for an overall security plan and includes everything from initial planning to implementation. An organisation’s security posture usually includes:
- Technical policies
- Non-technical policies
Performing a Vulnerability Assessment
The majority of all cyberattacks are designed by attackers to exploit known vulnerabilities and weaknesses in systems and networks and automatically start their attack process as soon as these are found. With thousands of new vulnerabilities discovered every year, it is important for organisations to exercise constant vigilance to evaluate IT security and discover weaknesses, as well as to respond appropriately.
A robust vulnerability assessment program is the key to responding to this more dangerous threat environment. A vulnerability assessment is a formal process that identifies and quantifies the security weaknesses of an IT system including the hardware, networks and application software. It can produce a clear report containing a list of the components that require attention in the organisation’s environment, and where on the list of priorities these components lie.
Systems administrators in organisations’ IT departments are constantly updating and applying software patches to their critical systems, however managing patches and software updates is quite a challenging task for IT departments because patches are known to occasionally cause disruption to other software. In some instances, systems requiring patches can also not be taken offline.
For this reason, a good vulnerability assessment will provide an organisation with a list of prioritised vulnerabilities sorted by software or system or others factors. This can then be used by the organisation’s IT department and used as a to-do list to improve the organisation’s security posture.
It is also important to know that scanning for vulnerability assessments is one thing, but that analysing and prioritising vulnerabilities in terms of including them in an overall “risk management program” is another. A typical vulnerability assessment often involves five steps:
- Identifying which assets need to be protected.
- Evaluating threats against those assets.
- Undertaking vulnerability appraisal to understand how susceptible the current protection method is.
- Assessing risks (using the likelihood and impact of any potential weakness exploitation).
- Mitigating risks.
2021 Cyber Attack Statistics
According to the Australian Signals Directorate, over the 2020–21 financial year, Australian organisations, individuals and government entities’ engagement online was largely influenced by the impacts of the COVID-19 pandemic. This is mainly because the pandemic has significantly increased Australian dependence on the internet — to access information and services, work remotely and to communicate and continue our daily lives. This dependence has increased the attack “surface” and generated more opportunities for malicious cyber attackers to exploit vulnerable targets in Australia.
Over the 2020–21 financial year, the Australian Cyber Security Centre (ACSC) received over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year. This equates to one report of a cyber attack every eight minutes compared to one every 10 minutes last financial year. A higher proportion of cyber security incidents this financial year was also categorised by the ACSC as “substantial”in impact.
The increasing frequency of cybercriminal activity is compounded by the increased sophistication and complexity of cyber attackers’ operations. The accessibility of cybercrime services — such as ransomware-as-a-service (RaaS) — via the dark web increasingly opens the market to a growing number of malicious attackers without significant financial investment and without significant technical expertise.
No sector of the Australian economy was immune from the impacts of cybercrime and other malicious cyber activity. Large organisations, government agencies, critical infrastructure providers, small to medium enterprises and individuals were all targeted over the reporting period.
Develop a comprehensive understanding of the importance of digital literacy to improve privacy and protect businesses from potential cyber threats with a cyber security course such as our Introduction to Cyber Security.