In our always more connected world, cyberattacks are increasing fast. The need for security professionals who know how to anticipate attacks, secure systems and applications, and response properly after incidents has become strong. There are many trainings available for those who wish to specialise in security, whether they are students or professionals working in the IT sector.
Why should I learn hacking?
Obviously, because it is really fascinating! But if you are still not convinced yet, you should know that skills in ethical hacking are essential for protecting organisations such as companies or governments. Security specialists need to think like attackers in order to anticipate threats. This is why many companies want to hire hackers and sometimes offer high paid jobs to very young geniuses. Hacking can actually provide good career opportunities. Moreover, in future years, it will become essential for any IT technical manager to have a good knowledge of security aspects.
What trainings are available?
We are here only talking about trainings available in France. There are 2 different kinds : courses for students (undergraduate / graduate) and trainings for working professionals (often paid by their companies).
The courses available for students are degrees or masters, which take place at universities or engineering schools. For example, the cybersecurity master of Telecom Bretagne and Supélec (2 major engineering schools), the SSI (information systems security) masters of EPITA (French IT school) and of UTC (University of Technology of Compiègne), the e-commerce and cybersecurity master of UPEC, the CDAISI degree of the University of Valenciennes… For entering these courses, a good IT background is required. Students then acquire specific skills related to the different sides of security : systems and networks, as well as the application layer. They become IT security specialists with a broad vision of the whole systems and software architectures.
The trainings for working professional are much shorter and more specific. They are provided by private companies specialising in professional training and/or consulting in IT. The trainers are experts who generally spend their time between hands-on security consulting and workshop leading. The workshops usually last for 1 to 5 days and their content is either generalist (e.g. introduction to security issues for non-specialists) or specific (e.g. web application security for developers). There is a wide range of available contents.
Is it necessary to attend courses of workshops ?
Of course, training is recommended for someone who wants to quickly develop a solid and recognized knowledge. Practising is absolutely essential, so it is strongly recommended to choose courses or workshops with much hands-on practise, unless you are only looking for a first outreach level. If you are working for a French company and wish to apply for a workshop paid by your employer, it will also be important to check the financing possibilities with the OPCA (organisations in charge of collecting the taxes allocated to the continuing vocational training).
However there are – and there will always be – talentuous self-taught security professionals. Enthusiast hackers who learn and practise during their spare time can become excellent specialists and work among the best. If you are a part of them and if you want security to become your job, you can be sure that there will be many employers interested in your CV!