Hi, everyone and welcome from wherever you are connecting. My name is Joy and I work with a Ireland and I'm a senior security consultant briefly. We'll be looking at how to break into attack the security pathway just to get your bits, you know, chock up.Um, a little fun fact about me. I love to exercise and, um, in 2020 I lost over 20 kg and about 90 days to exercise and held the lead to once upon a time I was very active and fit. So this picture is just to interpret something that you typically find in the minds of people. Right? Um, when we say it, people believe that people in it have superpowers or, um, when it talks to it security, you have to be fully gud in some kind of, that's the only way you can prevent intrusion, but, you know, don't get it twisted. This is what tech security is actually all about. So if that's not what tech security is about, the question is what is tech security? Um, you can call it cyber security. You can call, call it information security previously in the early years of my career. We used to do call it information security. But the concept remains the same. You're trying to protect computer systems, you're trying to protect the network software, you're trying to protect data and unauthorized assets.

One key concept that is key in all of this is that you're introducing security policies or controls to ensure that your digital assets, you maintain confidentiality, integrity and availability. So once you're in new tech, you keep hearing the CIA tri confidentiality, integrity and availability, you will keep hearing it, you know, and because technology is playing an integral part in our lives and the tech industry, it's become important for us to secure. Another reason would be why would you even want to choose security? Um brief key points, you know, security professionals are the ones who organize security. Um And there's an increasing demand for them um especially with the increase in cyber threats, right? Um And the continuous cyber bridges that are core is highlighting the need for security professionals. However, this is a challenging and rewarding career path, which is why it's good to have a bit of guidance. Um We'll be looking at a couple of high level guidelines that can help you get into tech security. And for me over the years, this is one of the things that has helped me and I've been able to use it to mentor a couple of people and it has helped them to streamline this whole big black box of um getting into tech, especially the security part which we're focusing on.

Number one, identify your transferrable skills, everybody has some form of skills, right? And there are skills that you don't necessarily have to learn that you already have that you can use in breaking into tech leverage on the soft skills. There are two types of people that want to break into tech, they're the people that want to transition, so they probably have existing work experience, but it's not in the tech industry. And then there are people who have zero work experience. You know, if you want a typical example, look at a stay at home mom who wants to go back into the workforce has zero work experience, but has chosen to go into the tech security pathway or a lawyer who is more into contracts and legal agreements in the law firm. But now it's enthusiastic about technology security and wants to break into um irrespective of what category you fall into. It's important to focus on the relevant skills and experience that you have acquired in your previous role. If you have work experience or leverage on those soft skills that you, you look at that transferable example, analytical problem problem solving. A typical mom knows how to solve problems, how to be analytical leverage on those skills. Identify your area of interest. You now want to start streamlining this journey. There are so many, you know, this is just to mention a few. There are various opportunities and career paths within the security fair. Just try as much as possible to identify your area of interest.

And one way you can do this is if you leverage on those, your skills that you have identified, it can help you. So I like any time you talk about email, I'm curious about phishing emails. How phishing email is able to get into people's mailbox and when they click it, they get compromised. You want to do email security. I like to policies. I like things to be done. I want to even be a user education and awareness person. You know, I like social media content creation and I want to use it to educate people on how to stay safe. They identify your area of interest. And then that way you started streamlining. Now, the next thing is you want to streamline your learning. There are couple of approaches here that you need to take first learn the basic concepts of tech security. They are basic concepts like we said, confidentiality, integrity and accountability. Those are concepts in techno, in security that you, that the foundation and bedrock look for courses that will give you those foundational knowledge. And then next thing try to align with the security provider. We have tons and tons of content on the internet that tends to make it look like as if you the the reading is endless. So streamline, your learning align yourself with a um security provider.

It could be Microsoft Google, you know, Aws for net halal or whatever, once you're able to align these guys have learning parts for you, so it helps you streamline. I'll give you an instance if you learn the basic concept of security, it will talk about the importance of a firewall. It will talk about the importance of network segmentation. Right now. If you wanted to implement it, you will need a solution provider. Now, you know that you need to implement a firewall. But the question is if you were using a fortunate firewall, how would you do it if you were using a low, how would you do it? So you've understood the concept now, you can streamline by aligning with the security provider. Also familiarize yourself with things like frameworks. It's important because you might not necessarily want to go hands on. You might be someone who wants to do compliance, who wants to do regulations.

And so it's good to understand these frameworks, you know, the iso 27,000. And what does it mean? Beside this is these are security frameworks, you know, what does it mean? And remember you have understood the basic concepts of security. So when you're familiarizing yourself with these standards and security framework, it helps you understand better how to use it. Now, develop your learning plan, just wake up, read anything, jump into anything, no, develop the learning plan, say to yourself, this is not what I want to do.

I've gotten the basic concept. This is the next stage I want to do. I want to, you know, align myself with the security provider. And then while you are developing that learning plan, you're now able to create a certification road map. So most of what we stand to see people do is they see this free certification, they jump on it, why they're trying to do that. They're jumping on the next one. When you engage them, you see the struggle for them to even be able to speak into security because they're reading but they're just everywhere. So streamline, develop your learning plan so that you can understand your certification road map and then you get certified, it's important to get certified because especially if you don't have work experience, it helps to demonstrate that you have acquired these technical skills.

This is a very important part in when you're breaking into tech security, learn align family, right? Develop and get certified. Now build a strong professional network. We can never overemphasize this, right? It's very important to leverage on a network, the right connections can help you grow, can help you stay ahead in the tech industry, try and build strong professional collaborations, right? Um Because if you want to do um volunteering internship, you know, you want to develop use cases, you would find it most of the times in these communities like the women tech network, right? So leverage it, you know, because the women technical is already partnering with so many other foundations and communities. So leverage on um community groups, leverage on user groups, you know, it helps you to build a strong professional network. It's very important, community groups are very helpful.

Most times you get free certifications, then most times you get free trainings and your ability to connect with the industry leader helps you to get more hands on experience. Now, after you've been able to, you know, identify your existing skills that you want to transfer and then you've been able to use these skills right, to identify your areas of interest and build your learning path because you streamline your learning. Now, you know where you're going to, you have a plan. Once you're done, you want to begin to now put a portfolio together. Who are you right? Seek for projects that can help you to do, do free bono projects, you know, volunteer for free projects. This will help you demonstrate your skills and your knowledge, right? And when you use your portfolio, when you create this portfolio, it will now help to show that. Oh you have acquired this knowledge, you have been involved in XYZ and these are also ways that position you strategically, you know, but don't forget to continually update and refine this portfolio as you gain new skills, you know, your portfolio can be published on github or you can publish it on your linkedin profile.

These are ways that people can see the things you've been doing. So while you were learning, you'll be doing simulations, you'll be doing projects, use that to build your portfolio. Finally have a mindset. The right mindset matters, the right mindset matters. If you follow through what we've been doing, you have. So you have said to yourself, I want to go into tech, I want to go into security. You've identified, I have transferable skills. I'm very good at analyzing and ana and analyzing stuff. I like to like to solve problems, right? I like to put things in order. I like to make sure that people are following processes and procedures, right? You followed all of this. Now you have gone, I had to say that OK, I'm interested in doing penetration testing. I'm interested in fixing vulnerabilities. I'm curious how people get hacked and when they get hacked, I want to know what, what were they exploited about. So I want to get people to know how to fix, you know, their vulnerabilities. I'm a communications and media person. I want to be able to create content that can be able to create user awareness for people. I want to take this whole tech information and translate it into very interesting content that people can relate to it in these times. So, you know, I want to build a user awareness and education system all of this. And then finally, you know, you're reading, you're developing yourself. You're getting technical skills. By the time you're done with this, the next thing you want to do is start from somewhere.

Most times you find people say that if they don't get the big jobs, you know, oh, tech is paying huge, paying huge some, you don't get to hear some job. You give up on yourself. No stuff from somewhere. Look for an entry point. You know, when I started my tech job, I got into the company, it was a tech company and they didn't publish any tech rule, but they published the role for a reception as a front deck. And I took the role because I felt like once I'm in that now here or when people are designing and when they are. So I took the role as a Frontex and took those skills that I had in organizing, in um organizing, in putting things together in planning. And I transferred those skills. And when it was time, I was among the first people to hear that there were opportunities in the infrastructure team and I moved and that's how I translated. So have a embrace a good mindset, right? That is open to continuous learning, you know, adaptability and resilience don't give up, you know, start from somewhere, don't give up, keep trying, keep rebranding your portfolio so that you become marketable and employable, cultivated problem solving mentality. This will help you overcome obstacles.

You you can't do security without wanting to solve problems. Security is actually solving problems, to cultivate that problem solving mentality whereby you always want to fix things, you want to know how things need, needs to be fixed. The example I gave you of a stay at home mom who wants to go into security. She's always fixing stuff at home. Her kids come to her, they're complaining of stuff have that mentality. Don't give up, you don't give up on your kids. When issues come, you look for ways to improve on them have that same mindset and do not be afraid to take risk and challenge, do not be afraid to challenge yourself to learn new things. The security space continuously evolves. So it's very important that you have this good mindset that allows you to be able to challenge yourself to new things. Oh This is how I learned. It used to be done, things have changed. This is now how we're hearing things like, oh you can now do XYZ now that you couldn't do before. How do we protect it? If you keep being restrictive, then you frustrate, you know, user experience and operation. So keep an open mindset because that's what helps you to improve on security. Going in tech set up can really be intimidating and challenging, trust me.

Oh But once you have that defined learning part, you're not everywhere you have your structured learning, you have streamlined what you want to learn. You've identified your areas of interest, you know, with hard work and dedication, you can do this, unlocking the opportunities in this pathway would come with this risk. But once you have identified with the right network, the right mentors and you're developing your skills, you should be able to break into the tech industry. Um At this point, I hope that I've been able to help you with this key highlights and points. If there are any questions, please feel free um to drop your questions. Thank you.