July 28, 2017

Hacking: A Career Or A Lifestyle?

Cyber Security Cave

Your success within information security is ultimately tied to your own dedication to the topic. In other words, if you’re not hacking in your free time, you’re not living up to your potential. In an odd twist, what you do in your free time really DOES impact your success in your work time.

Let’s look at it this way. A student attends University in a effort to create a career they will hopefully enjoy, and benefit from. And it’s true, a University degree does offer tremendous value, even in the field of information security. But, in truth, Universities are often quite limited in what they are capable of providing to students. There are a great number of requirements from accrediting bodies, such as the Higher Learning Commission (HLC), that mandate students graduate from college with a solid understanding of core topics, such as English, Math, and Social Sciences. They also require that students are provided with a foundation of knowledge within their chosen major, in order to be successful once they enter the work force.

Any University program that teaches Network Security will provide those foundational topics of knowledge, first and foremost. Sometimes, the more exciting and advanced topics are left to upper level courses, mentoring with instructors, or self study. As an example, within the offensive path of our own Network Security program, we’ve introduced a series of courses that help students on a pathway toward programming like a hacker.

We start with NTS370, Scripting for Hackers. This course introduces scripting in a BASH shell, within Perl, and in Ruby. Following that, we have the NTS225 course, Programming for Hackers. This course provides a basis of understanding on memory registers, data movement within a computer, the basics of the C and C++ families of programming language, and how to create basic applications using the languages.

Passion

The third and fourth courses are in development; Exploit Development and Reverse Engineering. These courses will walk the student further into the rabbit hole, including determining where data is stored within memory, and determining how an application operates and if it’s vulnerable to compromise.

But remember, our courses are 15 weeks each (5 weeks for online), and have a limited number of contact hours. And all students are presented with the same topics throughout the course. The students that stand out, and really make a name for themselves in this industry, are the students that study and research outside of the classroom.

This is the same technique hackers have followed for decades, spending hours, relentlessly pouring over information and researching expanded capabilities. Some of the biggest names, speaking at security conferences around the world, have no college education, but they still manage to release amazing research, and teach us all.  That’s because they’ve spent their time huddled over a computer somewhere, testing theories, and learning on their own. Imagine the knowledge of someone that has walked both paths, college and self study.

Going to college for a degree is just common sense, and gives you a leg up when trying to get a job in the industry. It gives you a career. Success, on the other hand, is based on your ability to research, learn, and innovate, on your own.

As a professor, I can’t teach the student to be a hacker (in the traditional sense), but I can provide examples of what an ethical hacker might do.

You can have a career, or you can have a passion. You get to choose. Don’t pay lip service to passion, by talking about it but doing nothing. Take this time you have now, to learn everything you can. Own the responsibility for learning more, yourself. If you step outside the realm of a formal college education, and add new knowledge that is outside the scope of a degree, you’ll find a much greater level of success in the real world; and you can legitimately call yourself a hacker.

 

Leave A Comment