There is a unique trend that is being witnessed world over in the job market. While the overall number of jobs in different industries is rising, the technology industry is seeing one of the highest rates of job growth. In some countries, it is expected that by 2020, the number of IT jobs will outweigh the supply of people with skills to take them up. It is evident that the world is leaning more toward technology and that this is opening up opportunities for those skilled in different technologies. This is why the future is more promising for those that invest time to learn IT skills today.

There are different paths that someone can take in their IT career. While most careers in IT are good, there are some that are limited or might face sudden death in the near future as well. Therefore, caution must be taken when choosing the right path in...

Mobile security is a cybersecurity field that deals with the protection of portable computing devices from threats and vulnerabilities. In this section, we will discover what mobile computing devices are normally more exposed to.

Devices such as phones and laptops can be easily lost or stolen in public places, cabs, and offices, among other places. From a cybersecurity perspective, what is more worrying is the amount of sensitive data that can be recovered from the lost or stolen devices. Users tend to keep lots of personal information in mobile devices. Passwords, bank information, social security numbers, and even confidential information belonging to corporations can be stolen from these devices...

Data has become a prime target in cyber attacks, and, consequently, individuals and corporations are opting to spend more resources to secure their confidential data. There have been many reports of data breaches where user data is stolen by hackers, trade secrets are stolen by competitors, enemy states steal each other's military records, and prototypes for sensitive products are continually stolen.

The threat landscape surrounding data is continually changing. To prevent attacks and comply with all data security regulations, organizations are going to be looking for experts to offer advanced data security. This will prevent data breaches, ensure that sensitive data is not accessed by unauthorized people, and prevent an event that will lead to non-compliance with data regulations. A cybersecurity career in advanced data security is, therefore, a guarantee...

The cloud technology has come with benefits that are valuable to many organizations. Today, organizations do not need to own computing resources to deploy software and systems. The cost benefits that have been realized from cloud computing have seen quite a number of organizations adopting it. However, there have been several fears about the technology that have possibly held back organizations from fully adopting it. Organizations are not quite ready to trust third-party cloud vendors with sensitive data. The organizations that have put out their data on the cloud want to ensure that it is safe and cannot be accessed by unauthorized parties, and this includes the cloud platform vendors.

Many of the organizations that have adopted, or are contemplating adopting, the cloud technology undoubtedly need a cybersecurity expert to guide them. As a cloud security expert...

Tough regulations have already been put in place to punish companies that fail to safeguard user data. The most recent regulation touching on this was the General Data Protection Regulation (GDPR), which is quite demanding for organizations that want to be fully compliant with its requirements. The consequence of non-compliance with GDPR is that organizations found culpable will be heavily fined. GDPR is just one of the many regulations in cyberspace that have been designed to protect privacy and ensure security. There are many other regulations that apply to different jurisdictions. In the US, there is the HIPAA Act, the Gramm-Leach-Bliley Act, and the Federal Information Security Act, which regulate the collection, use, and protection of data in healthcare, financial, and federal agencies. There are more laws that are coming up in countries such as the...

Statistics released each year from credible sources show a startling fact that cybersecurity incidences are going up at a fast rate. In July 2018, Positive Technologies released a report showing that cyber attacks had increased by 32% in 2018's first quarter compared to the previous year's statistics. Malware attacks alone had increased by 75% since 2017 and had been targeted at individuals, government agencies, and businesses.

You can read more about this at https://www.ptsecurity.com/ww-en/about/news/293941/.

What is common in many cybersecurity incidences is that the targets try to respond to minimize the impacts and then do thorough investigations to find out the cause of the incident. However, there are not many professionals skilled enough to do this. With the frequency of attacks only going up, organizations are finding the need...

Security has become a broad and challenging issue for enterprises. It is wide-scoped and includes ensuring the security of systems and networks, understanding the motive of attackers, understanding different types of attacks, understanding the users and targets, and also planning on how to respond to attacks. The scope keeps getting wider as organizations adopt new technologies, deploy new systems, or get new personnel. Internal staff working in IT departments are not always able to comb through the wide scope and ensure that the organization is safe. This is why there has been an increase in the demand for enterprise security specialists.

To venture into this career, you need to have vast experience in IT. This is because clients will expect you to be knowledgeable in all of the seven domains of an IT infrastructure. You will also need to have up...

Most organizations are opting to have white hats search for vulnerabilities in different systems, networks, and even users to identify the weak points that can be used to attack. Penetration testing entails the legal attempts to hack an organization with the purpose of finding all possible avenues that can be exploited by real hackers during attacks. Learning to be a penetration tester takes you through the same concepts of hacking that black hats use. Black hats only use these hacking skills for their own malicious purposes, while white hats use the hacking skills they have to help organizations protect themselves. In a penetration testing course, the tools and techniques that are used during real attacks are the ones that get taught. This ensures that white hats are at par with black hats as far as skills and techniques are concerned.

Leading universities...

Learning institutions are continually releasing developers into the world. However, most of these institutions only focus on teaching developers how to actualize functionalities in application systems. Very few developers join the market with the aspect of security in development. As the IT environment is continually becoming less secure and more unpredictable, a new approach is required when developing apps and systems.

DevSecOps is a premise that states that anyone involved in software development is responsible for bringing together development and security. Initially, security used to be an after-thought. The development team would build the software first and then integrate security into it.

DevSecOps discourages this, and instead enforces a new development approach where security is tightly coupled with all other software development phases. Security is thus embedded...

In the first two quarters of 2018, IoT devices grew at an unprecedented rate to hit a total of 7 billion devices. It has been projected that there may be 20.8 billion IoT devices in active use by 2020.

You can find more about this at https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-number-of-iot-devices-now-7b/.

Going by the numbers from the first two quarters of 2018, the numbers are going to grow quickly. However, there has been a major challenge with IoT devices regarding their security. These devices have been flooded into the market by different manufacturers while lacking the bare minimum security requirements. As a result, many botnets are being formed using these devices.

Botnets are malicious networks of internet-connected devices that are used for performing denial-of-service attacks, or spamming. One of the most powerful botnets today is called...

Users have contributed to some of the worst cyber attacks that have happened in the world. For instance, the worst attack on Yahoo, an email service provider, was caused by just one click from a user. The FBI investigated the cause of the breach that led to the compromise of millions of user accounts and discovered that there were spear-phishing emails that were targeted at specific Yahoo employees. It is said that one of those targeted clicked on a malicious link that led to hackers compromising the employee's computer and using it to gain access to the network.

Once in the network, the hackers installed a backdoor that allowed them to connect to and steal Yahoo's user database. Investigations revealed that the hacker responsible for these operations handed over the stolen database to other commercial hackers. Soon, the hackers started...

EDR has been predicted to be the future of incidence response. Normal incidence response teams are not always well-informed about an attack to be able to quickly identify the cause, mitigate it to prevent adverse impacts, and to remediate the situation. Even after an attack has ended, the normal incidence response personnel cannot assure that they can prevent a future similar attack from happening. EDR is a term that's used to refer to the combination of tools that are used to detect and investigate incidences on endpoints.

This emerging technology is redefining what incidence response is by providing more reliable and timely incidence responses during attacks. EDR is not just one tool—it is composed of different tools that continually monitor endpoints, networks, and users regarding where they centrally store all important information...

There are inevitable changes happening today in the cyberspace. Cyber attacks are on the rise and they are becoming more sophisticated. These changes are also shaping careers in cybersecurity. The old approaches to cybersecurity are slowly being phased out and new technologies are being adopted. The future job market in the cybersecurity industry will be significantly impacted by these technologies.

This chapter has gone through some of the most promising technologies to learn today. The analysis of the technologies to learn has been guided by their applicability and job outlook in the near future. The technologies that we discussed are the ones that are going to be predominant in the cybersecurity space in the near future. With knowledge of these technologies, it will be easy to pursue different careers in IT, and, specifically, in the cybersecurity industry. They will...

The following are resources can be used to gain more knowledge about what was covered in this chapter:

• Penetration Testing: https://www.sans.org/curricula/penetration-testing
• What is DevSecOps? Developing more secure applications: https://www.csoonline.com/article/3245748/devops/what-is-devsecops-developing-more-secure-applications.html
• What is DevSecOps?: https://www.redhat.com/en/topics/devops/what-is-devsecops
• State of the IoT 2018: Number of IoT devices now at 7B – Market accelerating: https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-number-of-iot-devices-now-7b/
• IoT security (internet of things security): https://internetofthingsagenda.techtarget.com/definition/IoT-security-Internet-of-Things-security
• 5 emerging security technologies set to level the battlefield: https://techbeacon.com/5-emerging-security-technologies-set-level-battlefield...