Tech Talk: ITS Newsletter

Spring & Summer 2022 Edition

Ask the Expert!

Written by: Nouran Alotaibi 

 

Question 1: How did you get involved in cybersecurity?

During my Bachelor’s degree, I was always looking for opportunities to get some hands-on experience in the Cybersecurity field. In the first semester of my freshman year, we were asked, as an assignment for my UNI class, to interview someone who is currently working in the area we are interested in. That was how I first got in touch with the Office of Information Security here at UNCW. The interview gave me an opportunity to learn more about the field in an academic setting. Also, it made me consider looking for a part-time job or an internship that the Office of Information Security might offer. Then, I was able to start working with them as a part-time student worker. I’m grateful for having that opportunity as it was a great experience for me to learn from such great and knowledgeable people.   

In addition to that, minoring in that field has helped me a lot in my career. It gave me knowledge about security controls as well as exposure to managing and securing servers. I also got involved in the Cyber Defense Club, which allowed me to meet great people who share the same interest as me. It is always nice to get to know and meet people who are working or eventually going to work in the same area, so you can share helpful information with them. Being involved in the Cyber Defense Club also allowed me to participate in multiple cybersecurity competitions such as Hivestorm, CyberForce, Wicked6, Palmetto Cyber Defense Competition (PCDC), and Southeast Colligate Cyber Defense Competition (SECCDC). Participating in those competitions gave me an understanding of how to secure a server using CIS Benchmarks as well as practicing Linux Command Line Interface in a simulated environment. Therefore, I encourage UNCW students to join the Cyber Defense Club.  

That was how I got involved in cybersecurity. I hope it was helpful and insightful, at least for some of you. There are definitely other ways as well to get involved in cybersecurity such as taking cybersecurity certificates. It depends on your situation and what you find yourself enjoying, as working in cybersecurity differs based on the area you choose to work in.   

Question 2: What is important to know about cybersecurity? 

Cybersecurity is a changing field like any field in technology. Whenever you get new technology, you get new cyber security challenges associated with it. So, continued learning is key. That can be challenging sometimes, but that is what makes it an interesting field.

In addition to that, making cyber hygiene part of your routine is a good thing to do such as slowing down before clicking on links. People are one of the common attack vectors, so always be careful on online platforms as attackers usually utilize people’s weaknesses to gain access to their accounts and other sensitive information.

For example, you might receive a call from someone pretending that they work with a company, and they ask you to provide them with the temporary passcode you recently received. You would think that was legitimate as you have received it from a regular contact number for that company, but they simply requested a recovery passcode from the site itself. They need that information from you to compromise your account.

Bad actors always come up with creative ways to scam people, but the only consistent is that you should never share any passcodes or passwords with anyone even if they are legitimate employees.