Up next in 10
From IT to Cybersecurity: How to Switch Careers Successfully - Code Red: Ep. 6
0 views
Jun 20, 2025
Join us for the next episode of 'Code Red' as the host, Dr.Naveen Sharma, will discuss "From IT to Cybersecurity: How to Switch Careers Successfully". AGENDA • Common career transition paths (IT support → SOC, developer → AppSec, etc.). • How much time does it take to switch to cybersecurity? • Practical steps to get started today. • Audience Q&A: "How can I get real-world cybersecurity experience? 📺 CSharp TV - Dev Streaming Destination http://csharp.tv 🌎 C# Corner - Community of Software and Data Developers https://www.csharp.com #CSharpTV #CSharpCorner #CSharp #CodeRed #CyberSecurity Transcript
View Video Transcript
0:02
[Music]
0:18
[Music]
0:21
hey hey hey
0:26
[Music]
0:35
Hello guys good morning from Fin
0:39
again Welcome everyone Uh I know you
0:43
guys watch it in offline mode not
0:46
joining live but still I uh will give
0:50
you same information as I give you each
0:52
time So today again we are going to talk
0:57
about the cyber security as a
1:00
career
1:02
Um if most of you are fresh graduates or
1:07
are in universities right now this
1:09
session going to be helpful for you If
1:13
you are
1:15
uh even in the university you are from
1:17
tech field definitely for you If you are
1:21
into AI or IoT space for you If you are
1:26
in non- tech field and still want to
1:28
adopt the cyber security career cyber
1:31
security is for you And now for the
1:34
working professional who wants to switch
1:37
to cyber security from their mundane job
1:42
uh this session is for you So let's
1:45
quickly jump on to what exactly I have
1:48
for you
1:49
So we know that uh cyber security crimes
1:54
or cyber threats or frauds or whatever
1:57
we call it different names are on rise
2:02
by each passing
2:05
day And when we say they are on rise
2:09
means they like 10 years back if someone
2:13
would have told you that uh I received
2:16
such and such call and they uh made me
2:20
giving them money out of my bank and uh
2:25
they just duped me So it was like once
2:29
in a while we would hear such case and
2:32
then you would have thought oh this guy
2:34
might have done something you know he
2:37
didn't have a basic u awareness how to
2:41
secure himself So I think
2:45
that those days are gone Now uh cyber
2:50
crime or fraud uh even the normal spams
2:54
we see happening to us not just to our
2:58
friends or distant friends or distant
3:01
relatives So I think it's happening in
3:03
our family um all
3:07
the uh kids where we give hand over
3:11
mobile phone as a gift or as a mandatory
3:15
requirement for uh maintaining the
3:17
status quo I think uh they are
3:22
definitely vulnerable Uh our parents our
3:27
elderly at home our uh senior citizens
3:33
they themselves are uh you know
3:37
vulnerable They can they are prone to
3:39
attacks cyber attacks and even the uh
3:43
attacks they are just not limited to uh
3:47
the spam emails that we used to get like
3:51
10 15 years back and all the newbie
3:53
hackers they still send these emails
3:57
which you can easily guess oh my late
4:01
husband I had so and so gold and yes
4:04
give me your bank account and I will
4:06
pass on this gold to
4:08
And even to this scam there are lots of
4:11
people within India which fell uh you
4:14
know victim to reason
4:18
greed reason everyone wants to make
4:20
money
4:22
quickly and when they see this
4:25
opportunity they just see wow and then
4:28
scammers literally tell them do not tell
4:31
this to anyone
4:34
So this session this knowledge you have
4:36
to tell to everyone you know so that you
4:38
are
4:40
aware Uh so these cyber
4:44
attacks as a report I was going through
4:48
last year the hacker economy was for $1
4:53
trillion and this year it was expected
4:56
to become 10fold that's $10 trillion
5:00
It's a
5:03
combined GDP of several
5:07
countries which these guys uh steal
5:12
every year and and it is like they don't
5:18
have to study hard They don't have to
5:21
you know
5:23
um do lots of stuff which we do as a
5:26
normal person So they just have to
5:29
practice one two three scripts day in
5:32
day out Just firing the script on
5:36
millions of online servers and one
5:39
server one user they will find their
5:42
victim like within few
5:45
hours So it is for few it is as simple
5:50
as
5:51
that Now why this crime is on rise
5:58
you know so there there could be lots
6:01
and lots of
6:03
um reasons so first prominent reason you
6:07
would say that people are not aware and
6:10
they fell victim to cyber scammers or
6:14
hackers or yeah obviously awareness is
6:18
missing awareness which was supposed to
6:21
be part of our government initiatives
6:25
uh which ultim Ultimately there are but
6:29
it's very very I say minuscule level
6:33
awareness which was uh because financial
6:37
crime to a citizen financial crime or ID
6:40
theft there these are the two major uh
6:43
thefts which are uh which hit us badly
6:47
as a
6:48
citizen So I know government make rules
6:52
regulations that for private individuals
6:55
institutions if you are doing business
6:57
you are storing personal information if
7:00
you will not safeguard will you have to
7:03
pay penalty but penalty to whom to the
7:06
people whose data was stolen not to the
7:11
government
7:13
Now government put up a penalty to these
7:16
organizations but what do us we get in
7:21
return so that's the policy making
7:25
uh now most of the Aadhaar cards and pen
7:28
cards in India are stolen okay and they
7:32
are stolen from government databases
7:35
they are stolen from uh private
7:39
institutes so they should who should be
7:41
held responsible possible They should be
7:44
paying us penalty They should be issuing
7:46
us new identities because the one was
7:49
stolen and there is no
7:52
mechanism So the thing is how do
7:56
we uh you know break into this thing
8:01
that is the first cyber security career
8:03
for you Become a policy maker become a
8:10
advisor become a consultant Find the
8:14
lacunas Find the legal thread into this
8:17
And this is for uh techie versus non-
8:19
techy people So if you are from legal
8:21
background you can venture into this
8:24
space Okay Then financial crime we are
8:28
talking about Then if you are from
8:30
finance background
8:32
um cyber fraud u you know uh there are
8:36
lots of type of uh insider fraud scams
8:40
which are happen then you can go to that
8:42
auditory field you can become a
8:45
certified auditor like
8:48
CISA so these are like highle uh
8:55
nontechnical streams where people can
8:58
find a very promising career in cyber
9:00
security or information security So
9:03
let's again uh talk about what is the
9:07
difference between information security
9:09
and cyber
9:11
security So information security at
9:14
large is the umbrella statement uh
9:17
wherever information gets processed
9:20
stored accessed
9:23
kept that facility that system that
9:27
server people attached to it processes
9:30
attached to it everything comes becomes
9:32
part of information
9:35
security
9:37
So as I said CISA so CISA is a certified
9:40
information security auditor
9:43
Cyber security is a child of information
9:46
security where we keep information
9:49
digitally right but if the information
9:52
is stored on backup devices and stored
9:55
in some locked up
9:56
facility then information security makes
9:59
sure that this information stays safe
10:02
There are policies regulations against
10:04
that And then you do the physical pen
10:07
testing What is pen testing i'll talk to
10:09
you few minutes
10:11
So uh we now know that there are crimes
10:16
happening They are already on
10:20
rise
10:21
and the one prominent reason was you
10:25
would have thought that it is awareness
10:27
that people are not aware Obviously we
10:29
are not aware that what news attack they
10:32
are bringing in today we are not aware
10:35
Awareness is missing
10:37
Um second thing uh which is
10:42
like the enterprises or the system
10:45
owners who keep who are supposed to keep
10:47
our data secure they don't keep it
10:50
secure they don't have technologies they
10:53
don't buy technologies they don't hire
10:56
skilled professionals and they face
10:59
breaches okay
11:02
so
11:04
every most of like 85 to 87% of data
11:09
breaches within corporate or
11:11
ransomware Uh the reason was found as a
11:15
malware or
11:17
fishing because employee was not aware
11:20
and he clicked on some link In the past
11:22
session I told you how you can be social
11:25
engineer to click on a legitimate
11:28
looking link
11:30
Uh
11:31
so what happened to these companies they
11:35
should be made responsible They should
11:37
pay heavy penalties because they did not
11:39
keep the data secure Now
11:43
uh coming back to the one of the one
11:47
reason like one of the main reason which
11:50
do not want no one wants to talk about
11:53
they don't think it it is that we let it
11:58
happen
11:59
There are so less good guys or skilled
12:05
professionals that they cannot stop
12:07
these
12:09
attacks Skill deficit is there Skill
12:13
deficit is there That is why awareness
12:16
uh deficit is
12:17
there So if I don't talk if I don't know
12:22
about certain thing obviously I I cannot
12:26
even think about reading it about
12:29
So five years back AI is not a new
12:32
concept Five years back no one was
12:34
talking about AI They were talking about
12:36
data science or ML which was subset of
12:39
data uh you know
12:41
AI Now everyone is talking about AI geni
12:45
generate images generate text but it was
12:47
there since ages
12:50
Now uh so this prominent reason that
12:54
there are very less professionals very
12:57
few number of people who can avert an
13:00
attack who can make the systems
13:03
robust because uh old mentality old
13:08
school thoughts do not work in cyber
13:12
security
13:13
technologies evolving very at very fast
13:16
pace Old systems old uh
13:20
processes they they tend to be
13:23
failing So you need a new school of
13:26
thought You have to think like hackers
13:29
to protect your devices protect your
13:32
systems So let's now talk about why
13:38
you what it takes to become a cyber
13:40
cyber security professional
13:43
So as I said cyber security is just not
13:47
one job it is a domain now domain
13:52
So if you love the process part of it or
13:57
auditing part of it then all the people
14:01
who are from project management
14:03
technical project management program
14:06
management leaderships mentors coaches
14:10
uh uh uh legal guys finance guys they
14:13
can go into audit space There are lots
14:16
and lots of uh different streams within
14:19
audits You perform uh financial audits
14:23
you perform information sec audit you
14:26
perform audit trail
14:28
audit that systems keep the log of
14:31
everything You perform GRC
14:34
audit So there is there's a whole bunch
14:39
of uh skills or streams within the audit
14:45
space that you can venture into Okay If
14:48
still you have doubt you can reach out
14:50
to us I in every episode I tell you we
14:54
are available and we are reachable I
14:57
think we are the most reachable techies
15:01
on the planet
15:03
uh to help and to you know uh promote
15:08
this community
15:10
idea and uh again kudos to the team
15:14
which we are part of uh to the great
15:19
vision from Mahes I think it's it's
15:22
absolutely
15:24
fantastic and uh Now let's talk about
15:27
technology So if you are in techn
15:31
technology field how do you uh like what
15:36
is there in for you so if you are into
15:38
system administrator already you love
15:41
systems you love managing users uh
15:45
installing implementing configuring
15:47
systems network devices routers
15:49
firewalls load balances and whatn not
15:52
Then there are two streams One is the
15:54
systems security and other is the
15:56
network security Again network security
15:59
is a huge feed itself There are certain
16:03
segregation within network Then there is
16:06
a data center physical security How do
16:08
you maintain
16:09
it then there is a cloud security cloud
16:13
you we know that he has evolved in last
16:16
past few years and now
16:18
there's number of services being
16:21
launched almost every month by service
16:25
providers So even I uh failed to you
16:29
know keep track of what is new coming in
16:32
because there's this too much
16:34
information So we have to stay focused
16:37
We have to absorb what is in for me and
16:40
to tell that what is in for me You all
16:42
need a mentor We do have
16:45
mentor So it's not that we uh say that
16:50
now we mentor you So we don't have we
16:54
have mentors
16:55
So coming back to the technology So if
17:00
you are you are into so you know writing
17:03
code and all then in the past few
17:06
session I talked about how do you write
17:08
secure code how you test it So uh even
17:13
if you say that CI/CD pipeline devops
17:17
you use this terminology and you use
17:19
these practices you can
17:23
uh become a dev sec ops guy So how
17:28
security gets implemented into devops
17:32
uh field So you can help building secure
17:36
application right from the when the code
17:38
is being written and unit testing is
17:41
happening So that's for you if you love
17:46
uh say
17:47
AI uh
17:50
then AI has become a silent mandate It
17:56
was just like thrown upon us My mobile
18:00
is my device people I know people buy
18:04
you know
18:05
latest apples or whatn not uh paying you
18:10
know a cost equal to one kidney
18:14
but jokes apart so they are they are
18:17
costly mobile
18:19
devices but when you buy that the
18:23
companies or Android or any other so
18:26
companies they should ask our permission
18:30
to launch launch new
18:33
feature They threw AI on our devices
18:38
silently without telling us So
18:42
ultimately
18:43
uh like in an Android phone one security
18:46
researcher found that there were
18:49
230
18:51
trackers within one single Android phone
18:54
that track your every movement
18:58
230
19:00
trackers inside the different
19:02
applications and codes which come as
19:05
Android Okay there's a list if you can
19:09
if you search you will find
19:11
it
19:13
Now why do they need to track
19:17
us where is my privacy so privacy is
19:20
just a distance concept nowadays It
19:22
remains in books remains in some
19:25
thoughts But yes there are some privacy
19:27
organizations who are uh advocate
19:31
advocate of uh uh privacy and
19:35
uh security and uh they launch different
19:40
products they build different products
19:43
and I don't know how secure are they but
19:47
uh at least they keep away from these
19:50
trackers
19:51
So rethink DNS is one of it like if you
19:54
use that program you
19:57
can cut down lots of advertisement
20:01
trackers something like
20:03
that
20:05
So on this devices have you found that
20:08
uh you now you see Germany AI or whatn
20:11
not so some AI is already there in your
20:14
phone in your laptop
20:17
So AI engineering AI security and
20:21
similarly people started using JAT JBT
20:24
what not uh within the organizations to
20:27
deliver their uh work
20:30
effectively and uh now a lot of blogs
20:35
you can see unleash navigate these are
20:38
the words which were missing from our
20:40
common
20:41
vocabulary five years
20:43
back So this is all robotic language
20:47
people are posting on social media
20:51
within their documents and all
20:54
So these this uh AI adoption silent AI
20:59
adoption comp companies corporates are
21:02
worried now they don't know what company
21:04
data is being thrown onto AI server So
21:07
again needs a security control a
21:10
guardrail around AI adoption and that is
21:13
where if you love AI you come in handy
21:16
you can tell if this command or you know
21:20
series of commands can throwing our IPR
21:24
our confidential data on the AI server
21:26
or not and how to contain AI within your
21:28
you build your language model you pick
21:30
any open source language model and you
21:32
fine-tune for the corporate requirement
21:35
how do you do that So again uh then
21:39
comes the connected things So IoT
21:44
devices So if you love IOT uh then cyber
21:48
security is a good career because uh IoT
21:53
is basically the operating system stay
21:54
in embedded It's very minuscule
21:57
operating system uh most of the things
21:59
you cannot do with this embedded system
22:01
But if it is prone to any cyber
22:05
attack then because these devices get
22:09
made in millions and millions then it is
22:12
so mobile phone is one big IoT device
22:15
laptop is bigger IoT device because they
22:18
have operating system but you can manage
22:20
lots of things in these devices So I is
22:24
like your Apple eyew watch um your uh
22:27
connected car your smart fridge your
22:29
smart washing machine your smart
22:31
lighting in the home what not and
22:34
similarly if you go to industries
22:36
factories most of the devices are now
22:38
talking to or the machines are talking
22:40
over the TCP IP uh network which earlier
22:43
were using scattera protocol So how do
22:45
you secure these devices so OT security
22:49
is a biggest uh concept in the
22:51
manufacturing field and if your interest
22:55
is in that domain it is for you Now
22:58
coming back to the normal web
23:01
applications So web application security
23:04
testing uh if uh first thing is you know
23:09
that secure code uh you write secure
23:14
code but then you compile it and you put
23:16
it then there could be lots of controls
23:18
which are
23:19
missing and when you test it thoroughly
23:22
so first thing you do the vulnerability
23:25
testing whether you are a top uh you
23:27
know uh top 10 or was top 10 sand 25 Are
23:33
you prone to these attacks or not then
23:36
you hire a penetration tester or a bug
23:41
bounty hunter to find further bugs in
23:44
your application So they will break it
23:47
down using some tools or knowledge or
23:50
whatsoever
23:52
So I have seen uh a latest trend where
23:56
now the young freshers they want to
23:58
become buck bounty hunter they find it
23:59
very lucrative like earning you know
24:03
lacks of rupees just finding one bug and
24:05
then doing nothing whole year I I don't
24:09
feel it's a good way if you are a cyber
24:12
security researcher you can become a bug
24:14
bounty hunter part-time bug bounty
24:16
hunter but you should have
24:18
a mainstream some job back bounty is not
24:22
for you It's not for anyone It's a just
24:25
a side hustle and for a very specific
24:27
number of people who are cyberc
24:30
researcher and when you do the cyber
24:32
security research you pick one field
24:36
like authentication protocol
24:39
uh messaging protocol
24:42
APIs Sorry about that
24:45
So you cannot become cyber security
24:49
researcher for everything You pick one
24:52
domain area where you deep study how
24:55
this protocol is working how messages
24:58
are getting exchanged how information
25:00
flow is happening which is the nonsecure
25:03
thing or communication layer between the
25:06
whole com you know piece of message and
25:08
then you break that You make people
25:10
aware that this is the bridge and you
25:14
may get one certificate for your
25:17
legendary work or one acknowledgement Oh
25:21
wow thank you for telling us So do not
25:25
expect that people come to you with you
25:29
know gold medals or some other accolades
25:33
No So it's a not that rewarding field
25:37
until unless you work for a cyber
25:40
security product company Right so so
25:44
this is it I think
25:47
um
25:49
from auditing to AI to OT to normal
25:54
source code web application testing
25:57
penetration testing network security
25:59
cloud
26:00
security There
26:02
are number of uh you know further
26:06
streams down the line For example
26:09
uh you can become a threat hunter
26:11
Threatener means you always keep looking
26:14
in the corporate network You plant bugs
26:18
and see that who is uh you know getting
26:23
attracted to that Bug means you don't
26:27
capture a bug or you don't crack a code
26:31
Uh it's u Intel language So buck means
26:35
you plant an excel sheet say employee
26:39
salary
26:41
2025 and keep it at nonsecured location
26:45
and then you see who is trying to access
26:48
that excel sheet So um it could be
26:52
curious employee or it could be other
26:55
malicious actor within the disguise of
26:58
that employee ID So so that's the threat
27:02
hunting job Then you uh
27:08
uh do the CTI it's a cyber threat
27:12
intelligence So you bring the market
27:15
intelligence you keep searching dark web
27:18
not yourself but there are platforms So
27:21
you uh get to know what is the latest
27:24
news which is uh is there any news which
27:27
is targeting your company
27:29
uh for a you know new cyber attack they
27:34
are planning to attack your system If
27:36
you work for national security then
27:38
obviously you do more uh on that So
27:44
anything uh which you like you can
27:50
switch it to for guidance we are here
27:52
and on top of it um always remember that
27:57
these are just the skill part of
28:00
it You need to be a go-getter You need
28:04
to be a very good presenter You need to
28:06
be a very good uh uh you know writer
28:09
Report writing skills should be awesome
28:11
because when you find something you have
28:14
to tell it to others When you tell it
28:17
and how you tell it is the most uh it it
28:20
is what makes you a cyber security
28:23
professional Bugs can be found by tools
28:27
and your company can buy a number of
28:29
tools So that's the capacity of tools
28:32
You can learn that using the tools But
28:35
interpersonal skills um how you handle
28:38
the pressure how you handle uh you know
28:41
uh cyber attack
28:43
situation how do you keep your calm and
28:46
composure during that situation when
28:48
everyone is rushing with you know uh no
28:51
clue in mind how to prevent this
28:54
attack So so I think that is where your
28:58
these skills come in handy for rest I
29:02
think we uh discuss u in rest of the
29:06
episodes and I thank you for joining and
29:10
listening to me Uh reach out to us if
29:13
you need any guidance your university we
29:16
can uh do certain sessions for your
29:18
universities Uh today evening there's a
29:21
well
29:22
um uh vitor uh we will be speaking there
29:28
Uh so stay tuned I and I think um I wish
29:32
you a very safe and
29:35
secure week ahead Sit stay informed
29:39
Thank you
29:43
[Music]
#Career Resources & Planning
#Computer Security
#Hacking & Cracking