Uncategorized

Cybersecurity Explained: Data Forms, Roles, SIEM Tools & Career Paths

June 25, 2025
By munaza jameel

Cybersecurity Basics: A Complete Beginner’s Guide to IT, Data Security, and Career Paths

In how many forms data is available?

When we learn about cybersecurity basics, Data first thing to understand, it is typically available in 3 forms on internet,

Data at Rest mode:

This means data is stored on devices or storage medium. For example, data stored on USB, hard drive or database.

Data in Process mode:

Data actively being used or processed by an application. For example, when you copy a file or when a website processes your login info.

Data in Transfer mode :

Data being transmitted from one place to another over a network. For example, sending a file through WhatsApp or Email.

What is difference between data security & cyber security?

Data Security means protecting data from unauthorized access, corruption, or theft. For example, Password protecting a pdf file or using encryption While Cyber Security means protecting computers, networks and systems from digital attack. For example, using firewall or antivirus software to block hackers.

What is Information/ Data security?

Information security means protection of all forms of data either digitally or physically.

It ensures (CIA Triad) Confidentiality, Integrity, and Availability. For example locking physical files + encrypting digital files = inforsec

What is internet?

Internet is global network of computers interconnected to share data. It is network of networks. Like access YouTube using internet.

What is Information Technology?

IT refers to using computers, software, networks, and systems to store, retrieve, transmit, and manipulate data. For example, Managing servers in an office, working with databases, or handling emails all fall under IT.

Difference between NETWORK SECURTY AND INTRNET SECURITY?

Network Security	Internet Security

Protects internal network (LAN, etc.) from threats.

Protects data and devices from threats via the internet.

Deals with firewalls, VPNs, network segmentation.

Deals with antivirus, anti-malware, browser security.

Example: Securing a Wi-Fi network in an office.

Example: Protecting your PC from phishing emails.

What is Cryptography?

Cryptography is the science of securing information using codes and encryption. Cryptography is code word language to communicate. It helps in private communication, even if someone intercepts it, like WhatsApp end-to-end encryption is based on cryptography.

Branches of Cyber security

Network security: Protecting computer networks from intrusions/ attacks, like Firewalls, intrusion detection systems.
System security: Securing operating systems and devices, like keeping your computer operating system updated.
Application security: Protecting software apps from threat, like securing a mobile banking app.
Information security: Protecting all form of data, like encrypting confidential files.
Web security: Protecting/ securing websites and web apps, like Protecting against SQL injection attacks.
Mobile security: Securing smartphones and tablets, like Using biometric locks and antivirus apps.

IT = part of IT is Information security while part of Information security is cyber security.

Information Technology (IT)

└──> Information Security (IS)

└──> Cyber security (a sub-part of IS)

· IT is the broad field.

· Information Security is a part of IT focused on protecting data.

· Cyber security is focused on digital threats (hacking, malware, etc.).

3 Common learning paths in cyber security.

Networking, it helps in learning about networks (IP, Routers, protocols). Tools: Cisco Packet Tracer, Wireshark.

Ethical hacking, it helps in learning for legally testing systems vulnerabilities, like tools: Kali Linux, Burp Suite, Nmap.

Security Analyst path, it monitor, detect, and respond to threats in real-time, like use SIEM (security information and event management) tools, learn incident response, etc.

Top 5 Best and most trending Job roles in Cyber Security:

· Cybersecurity Analyst

The responsibility of Cybersecurity analyst is to Monitor and respond to security threats.
The tools commonly used: SIEM (Splunk, IBM QRadar), Firewalls.

· Penetration Tester (Ethical Hacker)

The responsibility of ethical hacker is to test systems to find vulnerabilities before attackers do.
The tools used: Metasploit, Burp Suite, Kali linux.

· Security Engineer

The responsibility of Cybersecurity engineer is to Build and maintain security systems (firewalls, VPNs).
The tools used: IDS/IPS, endpoint protection.

· SOC Analyst (Security Operations Center)

The responsibility of SOC analyst is to Work in a team to monitor security 24/7.
The tools used: Log analysis, threat detection software.

· Cloud Security Specialist

The responsibility of cloud security analyst is to Secure cloud platforms like AWS, Azure.
Skills is: Cloud architecture, encryption, identity management.

Most Commonly and demanding skills in every role of Cyber security.

1. Good Understanding of Cybersecurity Basics

Firewalls, malware, vulnerabilities, threats, risk management.
Network protocols (TCP/IP), system security, web & app security.

2. Familiarity with Security Frameworks & Standards

MITRE ATT&CK
OWASP Top 10
NIST, ISO27001
PCI-DSS (especially for compliance roles)

3. Incident Detection & Response Skills

Recognizing, analyzing, and reacting to security alerts or breaches.
Required in SOC roles, firewall management, cloud, and GRC.

4. SIEM Tools Experience

Tools like Splunk, Microsoft Sentinel, Elastic, etc.
Useful for SOC, cloud, and network monitoring roles.

5. Strong Reporting & Documentation Skills

Writing clear reports, documenting findings, and explaining technical issues (important in all roles).

6. Communication Skills

Explaining technical problems to non-technical people.
Needed for customer support, GRC, and ethical hacking roles.

7. Basic Scripting or Programming Knowledge

Python, PowerShell, Bash are useful across penetration testing, automation in SOC, and cloud.

8. Certifications (Often Preferred or Required)

CompTIA Security+ – Basic foundational cert (very commonly preferred)
CySA+, CEH, CREST, CCNA, SC-200 – Depending on role
Shows you have verified knowledge.

9. Experience with Firewalls

Setting up, managing, and troubleshooting (important in both network and cloud roles).

10. Cloud Security Knowledge

Especially for Cloud Engineer, but increasingly relevant across roles due to cloud-based systems (AWS, Azure, GCP).

Bonus Traits Also Valued:

Problem-solving mindset
Attention to detail
Ability to multitask
Team collaboration

What SIEM Does:

Task	Example
Log Collection	Collects login records from servers, firewall alerts, etc.
Monitoring	Watches for patterns like multiple failed logins (could be brute-force attack).
Correlation	Links events together (e.g., same user logging in from two countries within minutes).
Alerts	Sends warning if suspicious activity is detected.
Reporting	Generates reports for audits (e.g., PCI-DSS, ISO27001).