Umay SAMLIComputer Scientist
← All blogs
Jan 15, 2025·7 min read

Introduction’s Introduction to Cyber Security

CybersecurityCareerCertificationsCloud SecurityAI Security

A brief roadmap for those who do not know where to start in cybersecurity.

Introduction

If you want to dive into cybersecurity but are not sure where to start, I think I can help.

What is cybersecurity?

Cybersecurity is the practice of protecting electronic systems, networks, devices, and data from malicious cyberattacks. It is a critical field for both individuals and organizations.

General Domain Map and Explanations

The map below outlines different cybersecurity specialties and the career opportunities within them. Although the variety might seem overwhelming at first glance, understanding the primary roles of each domain can help you choose a path that suits you best.

Henry Jilang — Cybersecurity Domains Map

Risk Assessment

Risk assessment focuses on identifying vulnerabilities and risks within systems. Its most well-known subfield is penetration testing. Often mistaken for the entirety of cybersecurity, penetration testing is only one part of risk assessment. The broader discipline involves discovering vulnerabilities and providing recommendations for remediation. If you are interested in identifying and analyzing risks, this field may be for you.

Governance

Governance involves developing and managing an organization’s cybersecurity strategies in compliance with standards. It ensures system efficiency and policy adherence. This domain is ideal for those interested in combining organizational management with cybersecurity.

Threat Intelligence

This field analyzes data collected after cyberattacks to identify potential attackers and their methods. Those with a knack for detective work might find this domain particularly engaging.

Security Operations

Security Operations focuses on monitoring systems around the clock and responding to incidents. It serves as a frontline defence in cybersecurity and suits those who prefer a hands-on, operational role.

Security Architecture

This domain designs secure systems from the ground up, combining architectural planning with technical expertise.

Application Security

This field focuses on secure software development, encryption techniques, and the implementation of incident response mechanisms at the application level.

Physical Security

This domain ensures that systems are housed in secure physical environments. It plays a critical role in high-security facilities.

User Education

User education aims to prevent human errors by creating educational materials and conducting awareness programs. It is an ideal field for those interested in human-focused cybersecurity.

Career Development

Career Development supports the industry by creating training programs and certifications for professionals.

What Should You Do?

It is impossible to master every domain. Therefore, you need to decide whether to pursue a technical or management-focused career. Transitioning from technical to managerial roles is more feasible than the reverse. A foundational certification like Security+ is a good starting point for exploring the field.

To simplify the options, you can group cybersecurity domains into three main categories:

  • Red Team: Offensive security and risk management
  • Blue Team: Defensive security and incident response
  • Management: Resource management and auditing

Red Team

Red Team roles involve risk management and offensive security. Begin with foundational penetration testing skills and gradually work towards advanced certifications. A typical roadmap might include:

  • eJPT
  • eCCPT
  • OSCP

Research the value and content of each certification to choose the ones that align with your goals.

Blue Team

Blue Team roles encompass a variety of specialties but can follow a general roadmap. Building upon Security+, you can pursue certifications such as:

  • BTL1 or CyberOps Associate (choose one)
  • BTL2

Further education and certifications should be tailored to your specialization. ISMEK (for Turkish citizens) offers annual courses for CyberOps Associate, providing discounted exam vouchers for participants.

Management

Security+ provides a strong foundation for management roles. Although challenging, CISSP is considered the gold standard in this domain. Exploring intermediate certifications can also be beneficial. Management roles require broad knowledge across domains in order to understand and oversee cybersecurity operations effectively.

Certification Map and General Recommendations

The certifications mentioned are based on the experience of senior professionals. It is important to note that mastering these certifications (except for management-focused ones) often requires foundational knowledge of operating systems and computer networks. Certifications like CCNA and LPIC-1 can help build that foundation. However, this depends on the level of understanding the student already has about operating systems and computer networks. If you feel unprepared, you can pursue LPIC-1 and CCNA, but these should not become your primary goal.

Below is a cybersecurity certification map that offers a detailed view of where certifications fit within the industry. While not entirely accurate, it is one of the most comprehensive maps available. Review the certifications and related commentary to draw your own conclusions.

Paul Jerimy — Cyber Security Certification Road Map

Additional Notes for 2025

With the rise of AI and the enterprise shift towards cloud computing, cloud security and AI security are likely to see significant growth. If ASI does not render the point moot, these areas will dominate the future of cybersecurity.

To keep this article readable and digestible, I will only provide a brief introduction to these two areas. We will cover them in detail in future papers.

Cloud Security

Check the Big Three’s (Azure, AWS, Google) data center locations. Every “region” has at least three data centers, each consuming electricity equivalent to a small city. Governments are migrating to cloud environments, and without the cloud, AI development would not be possible.

The most advanced provider is currently AWS. They offer NITRO CPUs that provide genuine data-in-use protection. This is a deep topic, but I recommend starting with AWS courses because AWS has a high likelihood of being compliant with government cybersecurity regulations in general. That said, the other two are always in play. They are formidable competitors, so there is always a chance of technological leaps that could close the gap in data-in-use security. I will leave their respective roadmaps below.

Links:

  • AWS
  • Azure
  • Google

AI Security

Before jumping into AI Security, I highly recommend building at least a moderate understanding of AI itself — so that you are not merely a tool user. You should know what is what before diving into AI Security.

AI systems have introduced a different class of exploitable vulnerabilities, alongside a significant challenge known as the black-box problem. I will write a detailed paper on these issues, but AI Security will differ substantially from classic system security.

This area will most likely merge in part with Explainable AI, Adversarial ML, and Reinforcement Learning. I expect to see serious growth in AI/ML red teaming, especially once governments begin enforcing local AI regulations.

To keep this article concise, I will simply leave some resources about AI Security that could be helpful. We will cover this topic in depth in a future paper.

  • Securiti: Secure governance of AI (Has its own resources)
  • Pentesting Exams: AI/ML Pentesting (Has references to resources for studying AI system pen-testing. More specialized for LLMs)
  • Lakera: Real world LLM exploits (Little bit old but still good to go.)
  • OffsecML: Offensive ML Playbook

Final Notes

We have explored cybersecurity domains and discussed relevant certifications. However, I want to emphasize that not all resources revolve around certifications. Due to their industry significance, I presented a certification-focused approach. Here are additional resources and critical notes you may find helpful:

  • Hack the Box: A platform for practicing penetration testing on challenging machines.
  • TryHackMe: Offers resources and labs for both Red and Blue Team training. It is a great entry-level to mid-level platform.
  • Organizations like ISO and NIST provide free access to regulatory documents, which can be valuable for studying governance. NIST, in particular, offers a wide range of free resources.

Certification is a tool for learning and pass HR scanning. Do not forget that certification is not the main objective. Main Objective is to be skilled cyber security engineer.