As more and more organizations are exposed to the higher risk of digital threats and attacks, cybersecurity is becoming the #1 item on organizations’ agenda.
But what is the first step companies need to take to ensure the integrity, confidentiality, and security of their systems, information, and data?
We discussed this topic with an expert from the AMATAS cybersecurity department to learn if there’s an appropriate solution for all organizations.
Our conversation also led us to find out more about:
- Key practices for effective cybersecurity
- The standard workday of an AMATAS cybersecurity specialist
- Some of the most valuable resources for anyone looking to grow in the field
- The soft skills you need to make it in cybersecurity
For an exclusive insight into a cybersecurity career and the AMATAS team spirit, this is the place to start!
How did your AMATAS journey begin? Why did you choose to work at AMATAS?
I’ve always been interested in cybersecurity, and AMATAS emerged as a great opportunity for my development.
The expertise and excellent qualifications of the employees, as well as the various exciting and innovative projects, proved to me that AMATAS is the right place.
What does your standard workday look like? (We know that within your role, there is no “one-day-fits-all” sort of approach, but think about describing your work to an interested relative or friend.)
I start my workday at 07:30. Normally, we have a penetration testing project underway so I begin by verifying the previous findings.
Next, I tend to continue with any minor tasks that there wasn’t enough time to finish the day before.
After that begins the bulk of my workday, which consists of identifying technologies (research may be needed for some) and discovering and reporting newly found vulnerabilities and weaknesses.
Three things you love most about your role at AMATAS: what’s it like working in the AMATAS cybersecurity team?
The main thing that I love about my role is its ever-changing nature. There is always something new to learn, a new attack to try, a new exploit to take advantage of.
Besides the technical aspect, the AMATAS team spirit is always high, and people are positive and keep you motivated.
Think about the biggest challenges in cybersecurity that organizations face and recommend a starting point /solution.
The main thing that will greatly improve the majority of the companies’ security posture is if they start implementing Shift Left security.
By starting the security testing process as early as possible, a large amount of the weaknesses will be mitigated before a potential attacker has any chance of taking advantage of them.
Could you please describe what you believe effective cybersecurity should look like?
To be as secure as possible, continuous penetration testing must be performed on all company assets. The reason is that configurations often change as well as newly implemented features and functionalities are introduced.
Thinking about the future of cybersecurity, what is the one solution/ AMATAS product or service that you are most excited about?
We at AMATAS are continuously working on improving the Cybersecurity Testing services; this includes automating a large part of the testing process. We also aim to give clients a complete overview of their security posture.
That along with the continuous new expert additions to the team keeps me excited about the future of AMATAS.
For anyone starting out within cybersecurity, what are the most useful resources which you’d recommend for them to follow/ read/ listen to/ watch (could be websites/ podcasts/vlogs, etc.)? Also, what are the must-have certificates which you’d advise experts interested in your role to obtain?
There are a huge number of free resources on the internet – both video and written articles – from which information can be obtained.
Platforms like HackTheBox and TryHackMe, as well as the numerous CTF platforms, are also excellent ways to learn and practice new skills. The PortSwigger WebSecurity Academy is a great source to learn new web application attacking skills.
For more advanced positions, specialists who can demonstrate excellent technical skills, not just their possession of certain certificates, are sought.
Certifications that can help you get started are OSCP, OSWE, CEPT, GPEN, GWAPT, CPT, CEH, Pentest+, LPT.
What’s your #1 advice (or perhaps mantra/ slogan/ words of wisdom) for the cybersecurity world?
My advice to all wanting to start a cybersecurity career is always keep digging for information, learn something new every day, and keep your motivation levels high.
What’s your secret to keeping your work-life balance?
The secret is to plan your schedule effectively and try to follow that plan. Delegating responsibilities is also great because it shows you that you can count on your co-workers.
Want to find out more about the AMATAS team? Make sure you read our previous interviews with our Penetration Tester and our Legal Advisor and Privacy Consultant.
Or, alternatively, you can follow us on LinkedIn for more expert insights, events, and know-how.