Cyber Security Essentials course drives diversity in the security field

Future Female, a network of women interested in technology, and HelSec, a security community meetup in Helsinki area, have teamed up to organize a free training program for women who are interested in working in cybersecurity or gaining more in-depth technical knowledge. Nixu is sponsoring and hosting the meetups to support diversity in cybersecurity and attract future talent.

Cybersecurity is popular!

 In only two weeks, the training received 179 applications, so the arrangers had the tough job of selecting participants for the 40 available slots. People were selected based on their motivation and ability to participate in every meetup during the next 6 months. Each month, experts from Finnish cybersecurity companies are introducing a new theme ranging from forensics and security operations to penetration testing and open source intelligence.

Getting to know the community

One of the goals in the first meetup was to meet everybody, so networking and asking questions from others will be easier between the meetups. During the introduction round, we heard that many of the participants already work in cybersecurity and want to brush up their technical skills or learn more about a particular subject. There were also many cybersecurity students and people working in various roles around software development or data science. However, I was delighted to see that there were people also from non-technical backgrounds looking for a career change, and this course encourages them to strive for it.

Juho Jauhiainen welcomed the participants to the broad cybersecurity community in Finland by inviting them all to HelSec January meetup on the following day. This is a great opportunity as it is extremely difficult to get in the meetups since the spots are usually filled up in few minutes. We heard about the various other local meetups such as TurkuSec, OuluSec, and HäjySec, the T2 and Disobey conferences, open Capture the Flag groups, and various training opportunities.

Preparing for techy stuff

One of the main topics for the first meetup was to ensure that every participant gets their security testing and analysis environment up running. Nearly 50 Kali Linux boxes were firing up in the room after Juho explained the basics of virtual machines and the background of the penetrating testing distribution Kali. All the instructors were patiently ensuring that everybody got past any installation problems.

As loads of security tools are made for Linux platforms, Juho also walked the course through basic Linux commands and terminology. Mastering the command line essential, for example, in security testing and in general speeds up the workflow.

The human element of cybersecurity

Have you ever walked back to the office from lunch while simultaneously talking on the phone? Wait a minute, did someone tailgate you without you even noticing? This is one of the examples that Rickhard Alén had about how certain human traits, such as multitasking and the tendency to trust and establish groups, that can be exploited for social engineering.

However, Rickhard reminded us not to blame the victim since cyber criminals can be quite  smart. This sparked up a discussion on how some people might be scared to ask for help or report security issues in fear of looking stupid. The participants also highlighted the topic of the importance of sharing threat information and increasing awareness.

Last updates to Kali, snapshots of the virtual machine – and the happily buzzing group went off to their ways. In February, we’ll meet again to learn about security operations foundations.

Want to keep track of what's happening in cybersecurity? Sign up for Nixu Newsletter.