The latest articles on DEV Community by Kgosi Tshepo (@kgosi_tshepo). https://dev.to/kgosi_tshepo https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F73191%2F54c7038c-34d2-4acb-891a-4dfe199c4a4c.png https://dev.to/kgosi_tshepo en Kgosi Tshepo Fri, 15 May 2020 00:57:35 +0000 https://dev.to/kgosi_tshepo/what-exactly-do-cybersecurity-professionals-do-2ao5 https://dev.to/kgosi_tshepo/what-exactly-do-cybersecurity-professionals-do-2ao5 <p>We've heard about them but we know little of what they do.They are often assumed to be the James Bond' of the internet, fighting the bad guys.</p> <p><a href="https://i.giphy.com/media/zFVvRICqVAJri/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/zFVvRICqVAJri/giphy.gif" alt="James Bond"></a></p> <p>In this blog post we'll go through some of the different roles typical to a cybersecurity organisation.</p> <ul> <li> <strong>Chief Information Security Officer(CISO)</strong> : A CISO is the head of Information Security Division and they drive the security strategy of the organisation. </li> <li> <strong>Information Security Architect</strong> : They have a deeper understanding of different layers of the system, security policies to put in place.Their role is very crucial during the early stages of security life cycle.</li> <li> <strong>Information Security Analyst</strong> : Performs information security assessments, analyses events, alerts and any information that could be useful to identify threats.At the end of the assessment a threat mitigation documentation is created.</li> <li> <strong>Information Security Auditor</strong> : Their role is to enforce security compliance, reduce risk, and manage potential security threats.</li> <li> <strong>Security Software Engineer</strong> : They create security software applications and they have extensive knowledge of programming languages and computer networks.</li> <li> <strong>Penetration Tester/Ethical Hacker</strong> : They simulate cyber attacks on already established security systems and identify vulnerabilities before hackers can exploit them.</li> </ul> <p>We'll leave it at that for now 😊!!</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--ML--ATgx--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/ooq5ht8pln65ovuv384i.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--ML--ATgx--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/ooq5ht8pln65ovuv384i.gif" alt=""></a></p> security Kgosi Tshepo Tue, 12 May 2020 19:26:35 +0000 https://dev.to/kgosi_tshepo/cia-triad-in-information-security-54p5 https://dev.to/kgosi_tshepo/cia-triad-in-information-security-54p5 <p>How would you define information security when asked?</p> <p>I struggled at times to explain this.I would just say it is protection of information and hope that there isn't a follow up question 🥺!</p> <p>The reality is that the protection of information is governed by Confidentiality,Integrity and Availability popularly know as the CIA triad.</p> <p>Now let's drill down on each of these concepts👨🏽‍🔧</p> <ul> <li><p>Confidentiality : Ensures that information is only accessible to authorised entities.This can be enforced by using encryption mechanisms.</p></li> <li><p>Integrity : Ensures that information remain consistent over it's entire life cycle - should not be changed in transit.</p></li> <li><p>Availability : Speaks about ensuring that information remain always available on-demand.</p></li> </ul> <p>Congratulations you can now flex to your buddies by explaining information security to them 🏌🏽‍♂️</p> <p>I hope you enjoyed this.Leave a comment and smash that follow button to get notified when I post new content.</p> security