Hey Cyber Security Experts, I have some questions!

I am thinking of expanding my knowledge on the field. Based on that thought, I am considering doing a Master.

What should one know, to be able to work on the field? Do you think a Master is a waste of resources(money, time, etc)?

Currently I am a developer, will that help me on that journey?

Thank you!

Comments

[Chapin Bryce]

Moving from development into Cyber Security makes things life easier on the technical side of things. There are many paths - both in and outside of academia - to get into infosec. Since there is a lot of variety in information security, is there a certain area you are interested in?

Some common areas are (don't let this list limit you):

• penetration testing/red teaming
• proactive security/blue teaming
• investigations (digital forensics/incident response) (also blue teaming)

And some specializations are:

• malware reverse engineering
• embedded device testing/security
• mobile device testing/security
• cloud investigations/testing/security
• too many to fully list

If you are looking to beef up your resume/get your feet wet, I'd recommend spending some time working on some projects related to the field (similar to recommendations for those looking to transition into a development role). It doesn't have to be a development-related project, but there sure are a lot of needs in info sec and a very active open-source community.

If you are not sure where to start, consider working on a capture the flag (CTF) in the area you are interested in. For the areas you are stuck on, you can usually find a write up that guides you through it or a video walking through it.

[Petros Stergioulas]

Unfortunately I am not really interested in any specific area, while I don't have a generic knowledge about it.

Thank you for your response!

[Chapin Bryce]

Of course! I would recommend spending some time on Twitter looking into #InfoSec and #DFIR to see what interests you, there are also a bunch of great books in the field, conference videos on youtube, etc.

I would recommend exploring and a get a sense of what specifically interests you (its okay for it to be multiple areas) before pursuing a degree program. Just my $0.02 :)

[Phil Ashby]

I would also suggest some networking with existing professionals, usually to be found in your local OWASP chapter meeting, or similar :)

[reutooo_]

you need to be much more concrete on a subject then just cybersecurity. let me know what do you love on this subject