videocam_off
This livestream is currently offline
Check back later when the stream goes live
Up next in 10
Join us for the next episode of 'Code Red' as the host, Dr.Naveen Sharma, will discuss "From IT to Cybersecurity: How to Switch Careers Successfully".
AGENDA
• Common career transition paths (IT support → SOC, developer → AppSec, etc.).
• How much time does it take to switch to cybersecurity?
• Practical steps to get started today.
• Audience Q&A: "How can I get real-world cybersecurity experience?
📺 CSharp TV - Dev Streaming Destination http://csharp.tv
🌎 C# Corner - Community of Software and Data Developers
https://www.csharp.com
#CSharpTV #CSharpCorner #CSharp #CodeRed #CyberSecurity
Transcript
Show More Show Less View Video Transcript
0:02
[Music]
0:18
[Music]
0:21
hey hey hey
0:26
[Music]
0:35
Hello guys good morning from Fin
0:39
again Welcome everyone Uh I know you
0:43
guys watch it in offline mode not
0:46
joining live but still I uh will give
0:50
you same information as I give you each
0:52
time So today again we are going to talk
0:57
about the cyber security as a
1:00
career
1:02
Um if most of you are fresh graduates or
1:07
are in universities right now this
1:09
session going to be helpful for you If
1:13
you are
1:15
uh even in the university you are from
1:17
tech field definitely for you If you are
1:21
into AI or IoT space for you If you are
1:26
in non- tech field and still want to
1:28
adopt the cyber security career cyber
1:31
security is for you And now for the
1:34
working professional who wants to switch
1:37
to cyber security from their mundane job
1:42
uh this session is for you So let's
1:45
quickly jump on to what exactly I have
1:48
for you
1:49
So we know that uh cyber security crimes
1:54
or cyber threats or frauds or whatever
1:57
we call it different names are on rise
2:02
by each passing
2:05
day And when we say they are on rise
2:09
means they like 10 years back if someone
2:13
would have told you that uh I received
2:16
such and such call and they uh made me
2:20
giving them money out of my bank and uh
2:25
they just duped me So it was like once
2:29
in a while we would hear such case and
2:32
then you would have thought oh this guy
2:34
might have done something you know he
2:37
didn't have a basic u awareness how to
2:41
secure himself So I think
2:45
that those days are gone Now uh cyber
2:50
crime or fraud uh even the normal spams
2:54
we see happening to us not just to our
2:58
friends or distant friends or distant
3:01
relatives So I think it's happening in
3:03
our family um all
3:07
the uh kids where we give hand over
3:11
mobile phone as a gift or as a mandatory
3:15
requirement for uh maintaining the
3:17
status quo I think uh they are
3:22
definitely vulnerable Uh our parents our
3:27
elderly at home our uh senior citizens
3:33
they themselves are uh you know
3:37
vulnerable They can they are prone to
3:39
attacks cyber attacks and even the uh
3:43
attacks they are just not limited to uh
3:47
the spam emails that we used to get like
3:51
10 15 years back and all the newbie
3:53
hackers they still send these emails
3:57
which you can easily guess oh my late
4:01
husband I had so and so gold and yes
4:04
give me your bank account and I will
4:06
pass on this gold to
4:08
And even to this scam there are lots of
4:11
people within India which fell uh you
4:14
know victim to reason
4:18
greed reason everyone wants to make
4:20
money
4:22
quickly and when they see this
4:25
opportunity they just see wow and then
4:28
scammers literally tell them do not tell
4:31
this to anyone
4:34
So this session this knowledge you have
4:36
to tell to everyone you know so that you
4:38
are
4:40
aware Uh so these cyber
4:44
attacks as a report I was going through
4:48
last year the hacker economy was for $1
4:53
trillion and this year it was expected
4:56
to become 10fold that's $10 trillion
5:00
It's a
5:03
combined GDP of several
5:07
countries which these guys uh steal
5:12
every year and and it is like they don't
5:18
have to study hard They don't have to
5:21
you know
5:23
um do lots of stuff which we do as a
5:26
normal person So they just have to
5:29
practice one two three scripts day in
5:32
day out Just firing the script on
5:36
millions of online servers and one
5:39
server one user they will find their
5:42
victim like within few
5:45
hours So it is for few it is as simple
5:50
as
5:51
that Now why this crime is on rise
5:58
you know so there there could be lots
6:01
and lots of
6:03
um reasons so first prominent reason you
6:07
would say that people are not aware and
6:10
they fell victim to cyber scammers or
6:14
hackers or yeah obviously awareness is
6:18
missing awareness which was supposed to
6:21
be part of our government initiatives
6:25
uh which ultim Ultimately there are but
6:29
it's very very I say minuscule level
6:33
awareness which was uh because financial
6:37
crime to a citizen financial crime or ID
6:40
theft there these are the two major uh
6:43
thefts which are uh which hit us badly
6:47
as a
6:48
citizen So I know government make rules
6:52
regulations that for private individuals
6:55
institutions if you are doing business
6:57
you are storing personal information if
7:00
you will not safeguard will you have to
7:03
pay penalty but penalty to whom to the
7:06
people whose data was stolen not to the
7:11
government
7:13
Now government put up a penalty to these
7:16
organizations but what do us we get in
7:21
return so that's the policy making
7:25
uh now most of the Aadhaar cards and pen
7:28
cards in India are stolen okay and they
7:32
are stolen from government databases
7:35
they are stolen from uh private
7:39
institutes so they should who should be
7:41
held responsible possible They should be
7:44
paying us penalty They should be issuing
7:46
us new identities because the one was
7:49
stolen and there is no
7:52
mechanism So the thing is how do
7:56
we uh you know break into this thing
8:01
that is the first cyber security career
8:03
for you Become a policy maker become a
8:10
advisor become a consultant Find the
8:14
lacunas Find the legal thread into this
8:17
And this is for uh techie versus non-
8:19
techy people So if you are from legal
8:21
background you can venture into this
8:24
space Okay Then financial crime we are
8:28
talking about Then if you are from
8:30
finance background
8:32
um cyber fraud u you know uh there are
8:36
lots of type of uh insider fraud scams
8:40
which are happen then you can go to that
8:42
auditory field you can become a
8:45
certified auditor like
8:48
CISA so these are like highle uh
8:55
nontechnical streams where people can
8:58
find a very promising career in cyber
9:00
security or information security So
9:03
let's again uh talk about what is the
9:07
difference between information security
9:09
and cyber
9:11
security So information security at
9:14
large is the umbrella statement uh
9:17
wherever information gets processed
9:20
stored accessed
9:23
kept that facility that system that
9:27
server people attached to it processes
9:30
attached to it everything comes becomes
9:32
part of information
9:35
security
9:37
So as I said CISA so CISA is a certified
9:40
information security auditor
9:43
Cyber security is a child of information
9:46
security where we keep information
9:49
digitally right but if the information
9:52
is stored on backup devices and stored
9:55
in some locked up
9:56
facility then information security makes
9:59
sure that this information stays safe
10:02
There are policies regulations against
10:04
that And then you do the physical pen
10:07
testing What is pen testing i'll talk to
10:09
you few minutes
10:11
So uh we now know that there are crimes
10:16
happening They are already on
10:20
rise
10:21
and the one prominent reason was you
10:25
would have thought that it is awareness
10:27
that people are not aware Obviously we
10:29
are not aware that what news attack they
10:32
are bringing in today we are not aware
10:35
Awareness is missing
10:37
Um second thing uh which is
10:42
like the enterprises or the system
10:45
owners who keep who are supposed to keep
10:47
our data secure they don't keep it
10:50
secure they don't have technologies they
10:53
don't buy technologies they don't hire
10:56
skilled professionals and they face
10:59
breaches okay
11:02
so
11:04
every most of like 85 to 87% of data
11:09
breaches within corporate or
11:11
ransomware Uh the reason was found as a
11:15
malware or
11:17
fishing because employee was not aware
11:20
and he clicked on some link In the past
11:22
session I told you how you can be social
11:25
engineer to click on a legitimate
11:28
looking link
11:30
Uh
11:31
so what happened to these companies they
11:35
should be made responsible They should
11:37
pay heavy penalties because they did not
11:39
keep the data secure Now
11:43
uh coming back to the one of the one
11:47
reason like one of the main reason which
11:50
do not want no one wants to talk about
11:53
they don't think it it is that we let it
11:58
happen
11:59
There are so less good guys or skilled
12:05
professionals that they cannot stop
12:07
these
12:09
attacks Skill deficit is there Skill
12:13
deficit is there That is why awareness
12:16
uh deficit is
12:17
there So if I don't talk if I don't know
12:22
about certain thing obviously I I cannot
12:26
even think about reading it about
12:29
So five years back AI is not a new
12:32
concept Five years back no one was
12:34
talking about AI They were talking about
12:36
data science or ML which was subset of
12:39
data uh you know
12:41
AI Now everyone is talking about AI geni
12:45
generate images generate text but it was
12:47
there since ages
12:50
Now uh so this prominent reason that
12:54
there are very less professionals very
12:57
few number of people who can avert an
13:00
attack who can make the systems
13:03
robust because uh old mentality old
13:08
school thoughts do not work in cyber
13:12
security
13:13
technologies evolving very at very fast
13:16
pace Old systems old uh
13:20
processes they they tend to be
13:23
failing So you need a new school of
13:26
thought You have to think like hackers
13:29
to protect your devices protect your
13:32
systems So let's now talk about why
13:38
you what it takes to become a cyber
13:40
cyber security professional
13:43
So as I said cyber security is just not
13:47
one job it is a domain now domain
13:52
So if you love the process part of it or
13:57
auditing part of it then all the people
14:01
who are from project management
14:03
technical project management program
14:06
management leaderships mentors coaches
14:10
uh uh uh legal guys finance guys they
14:13
can go into audit space There are lots
14:16
and lots of uh different streams within
14:19
audits You perform uh financial audits
14:23
you perform information sec audit you
14:26
perform audit trail
14:28
audit that systems keep the log of
14:31
everything You perform GRC
14:34
audit So there is there's a whole bunch
14:39
of uh skills or streams within the audit
14:45
space that you can venture into Okay If
14:48
still you have doubt you can reach out
14:50
to us I in every episode I tell you we
14:54
are available and we are reachable I
14:57
think we are the most reachable techies
15:01
on the planet
15:03
uh to help and to you know uh promote
15:08
this community
15:10
idea and uh again kudos to the team
15:14
which we are part of uh to the great
15:19
vision from Mahes I think it's it's
15:22
absolutely
15:24
fantastic and uh Now let's talk about
15:27
technology So if you are in techn
15:31
technology field how do you uh like what
15:36
is there in for you so if you are into
15:38
system administrator already you love
15:41
systems you love managing users uh
15:45
installing implementing configuring
15:47
systems network devices routers
15:49
firewalls load balances and whatn not
15:52
Then there are two streams One is the
15:54
systems security and other is the
15:56
network security Again network security
15:59
is a huge feed itself There are certain
16:03
segregation within network Then there is
16:06
a data center physical security How do
16:08
you maintain
16:09
it then there is a cloud security cloud
16:13
you we know that he has evolved in last
16:16
past few years and now
16:18
there's number of services being
16:21
launched almost every month by service
16:25
providers So even I uh failed to you
16:29
know keep track of what is new coming in
16:32
because there's this too much
16:34
information So we have to stay focused
16:37
We have to absorb what is in for me and
16:40
to tell that what is in for me You all
16:42
need a mentor We do have
16:45
mentor So it's not that we uh say that
16:50
now we mentor you So we don't have we
16:54
have mentors
16:55
So coming back to the technology So if
17:00
you are you are into so you know writing
17:03
code and all then in the past few
17:06
session I talked about how do you write
17:08
secure code how you test it So uh even
17:13
if you say that CI/CD pipeline devops
17:17
you use this terminology and you use
17:19
these practices you can
17:23
uh become a dev sec ops guy So how
17:28
security gets implemented into devops
17:32
uh field So you can help building secure
17:36
application right from the when the code
17:38
is being written and unit testing is
17:41
happening So that's for you if you love
17:46
uh say
17:47
AI uh
17:50
then AI has become a silent mandate It
17:56
was just like thrown upon us My mobile
18:00
is my device people I know people buy
18:04
you know
18:05
latest apples or whatn not uh paying you
18:10
know a cost equal to one kidney
18:14
but jokes apart so they are they are
18:17
costly mobile
18:19
devices but when you buy that the
18:23
companies or Android or any other so
18:26
companies they should ask our permission
18:30
to launch launch new
18:33
feature They threw AI on our devices
18:38
silently without telling us So
18:42
ultimately
18:43
uh like in an Android phone one security
18:46
researcher found that there were
18:49
230
18:51
trackers within one single Android phone
18:54
that track your every movement
18:58
230
19:00
trackers inside the different
19:02
applications and codes which come as
19:05
Android Okay there's a list if you can
19:09
if you search you will find
19:11
it
19:13
Now why do they need to track
19:17
us where is my privacy so privacy is
19:20
just a distance concept nowadays It
19:22
remains in books remains in some
19:25
thoughts But yes there are some privacy
19:27
organizations who are uh advocate
19:31
advocate of uh uh privacy and
19:35
uh security and uh they launch different
19:40
products they build different products
19:43
and I don't know how secure are they but
19:47
uh at least they keep away from these
19:50
trackers
19:51
So rethink DNS is one of it like if you
19:54
use that program you
19:57
can cut down lots of advertisement
20:01
trackers something like
20:03
that
20:05
So on this devices have you found that
20:08
uh you now you see Germany AI or whatn
20:11
not so some AI is already there in your
20:14
phone in your laptop
20:17
So AI engineering AI security and
20:21
similarly people started using JAT JBT
20:24
what not uh within the organizations to
20:27
deliver their uh work
20:30
effectively and uh now a lot of blogs
20:35
you can see unleash navigate these are
20:38
the words which were missing from our
20:40
common
20:41
vocabulary five years
20:43
back So this is all robotic language
20:47
people are posting on social media
20:51
within their documents and all
20:54
So these this uh AI adoption silent AI
20:59
adoption comp companies corporates are
21:02
worried now they don't know what company
21:04
data is being thrown onto AI server So
21:07
again needs a security control a
21:10
guardrail around AI adoption and that is
21:13
where if you love AI you come in handy
21:16
you can tell if this command or you know
21:20
series of commands can throwing our IPR
21:24
our confidential data on the AI server
21:26
or not and how to contain AI within your
21:28
you build your language model you pick
21:30
any open source language model and you
21:32
fine-tune for the corporate requirement
21:35
how do you do that So again uh then
21:39
comes the connected things So IoT
21:44
devices So if you love IOT uh then cyber
21:48
security is a good career because uh IoT
21:53
is basically the operating system stay
21:54
in embedded It's very minuscule
21:57
operating system uh most of the things
21:59
you cannot do with this embedded system
22:01
But if it is prone to any cyber
22:05
attack then because these devices get
22:09
made in millions and millions then it is
22:12
so mobile phone is one big IoT device
22:15
laptop is bigger IoT device because they
22:18
have operating system but you can manage
22:20
lots of things in these devices So I is
22:24
like your Apple eyew watch um your uh
22:27
connected car your smart fridge your
22:29
smart washing machine your smart
22:31
lighting in the home what not and
22:34
similarly if you go to industries
22:36
factories most of the devices are now
22:38
talking to or the machines are talking
22:40
over the TCP IP uh network which earlier
22:43
were using scattera protocol So how do
22:45
you secure these devices so OT security
22:49
is a biggest uh concept in the
22:51
manufacturing field and if your interest
22:55
is in that domain it is for you Now
22:58
coming back to the normal web
23:01
applications So web application security
23:04
testing uh if uh first thing is you know
23:09
that secure code uh you write secure
23:14
code but then you compile it and you put
23:16
it then there could be lots of controls
23:18
which are
23:19
missing and when you test it thoroughly
23:22
so first thing you do the vulnerability
23:25
testing whether you are a top uh you
23:27
know uh top 10 or was top 10 sand 25 Are
23:33
you prone to these attacks or not then
23:36
you hire a penetration tester or a bug
23:41
bounty hunter to find further bugs in
23:44
your application So they will break it
23:47
down using some tools or knowledge or
23:50
whatsoever
23:52
So I have seen uh a latest trend where
23:56
now the young freshers they want to
23:58
become buck bounty hunter they find it
23:59
very lucrative like earning you know
24:03
lacks of rupees just finding one bug and
24:05
then doing nothing whole year I I don't
24:09
feel it's a good way if you are a cyber
24:12
security researcher you can become a bug
24:14
bounty hunter part-time bug bounty
24:16
hunter but you should have
24:18
a mainstream some job back bounty is not
24:22
for you It's not for anyone It's a just
24:25
a side hustle and for a very specific
24:27
number of people who are cyberc
24:30
researcher and when you do the cyber
24:32
security research you pick one field
24:36
like authentication protocol
24:39
uh messaging protocol
24:42
APIs Sorry about that
24:45
So you cannot become cyber security
24:49
researcher for everything You pick one
24:52
domain area where you deep study how
24:55
this protocol is working how messages
24:58
are getting exchanged how information
25:00
flow is happening which is the nonsecure
25:03
thing or communication layer between the
25:06
whole com you know piece of message and
25:08
then you break that You make people
25:10
aware that this is the bridge and you
25:14
may get one certificate for your
25:17
legendary work or one acknowledgement Oh
25:21
wow thank you for telling us So do not
25:25
expect that people come to you with you
25:29
know gold medals or some other accolades
25:33
No So it's a not that rewarding field
25:37
until unless you work for a cyber
25:40
security product company Right so so
25:44
this is it I think
25:47
um
25:49
from auditing to AI to OT to normal
25:54
source code web application testing
25:57
penetration testing network security
25:59
cloud
26:00
security There
26:02
are number of uh you know further
26:06
streams down the line For example
26:09
uh you can become a threat hunter
26:11
Threatener means you always keep looking
26:14
in the corporate network You plant bugs
26:18
and see that who is uh you know getting
26:23
attracted to that Bug means you don't
26:27
capture a bug or you don't crack a code
26:31
Uh it's u Intel language So buck means
26:35
you plant an excel sheet say employee
26:39
salary
26:41
2025 and keep it at nonsecured location
26:45
and then you see who is trying to access
26:48
that excel sheet So um it could be
26:52
curious employee or it could be other
26:55
malicious actor within the disguise of
26:58
that employee ID So so that's the threat
27:02
hunting job Then you uh
27:08
uh do the CTI it's a cyber threat
27:12
intelligence So you bring the market
27:15
intelligence you keep searching dark web
27:18
not yourself but there are platforms So
27:21
you uh get to know what is the latest
27:24
news which is uh is there any news which
27:27
is targeting your company
27:29
uh for a you know new cyber attack they
27:34
are planning to attack your system If
27:36
you work for national security then
27:38
obviously you do more uh on that So
27:44
anything uh which you like you can
27:50
switch it to for guidance we are here
27:52
and on top of it um always remember that
27:57
these are just the skill part of
28:00
it You need to be a go-getter You need
28:04
to be a very good presenter You need to
28:06
be a very good uh uh you know writer
28:09
Report writing skills should be awesome
28:11
because when you find something you have
28:14
to tell it to others When you tell it
28:17
and how you tell it is the most uh it it
28:20
is what makes you a cyber security
28:23
professional Bugs can be found by tools
28:27
and your company can buy a number of
28:29
tools So that's the capacity of tools
28:32
You can learn that using the tools But
28:35
interpersonal skills um how you handle
28:38
the pressure how you handle uh you know
28:41
uh cyber attack
28:43
situation how do you keep your calm and
28:46
composure during that situation when
28:48
everyone is rushing with you know uh no
28:51
clue in mind how to prevent this
28:54
attack So so I think that is where your
28:58
these skills come in handy for rest I
29:02
think we uh discuss u in rest of the
29:06
episodes and I thank you for joining and
29:10
listening to me Uh reach out to us if
29:13
you need any guidance your university we
29:16
can uh do certain sessions for your
29:18
universities Uh today evening there's a
29:21
well
29:22
um uh vitor uh we will be speaking there
29:28
Uh so stay tuned I and I think um I wish
29:32
you a very safe and
29:35
secure week ahead Sit stay informed
29:39
Thank you
29:43
[Music]
#Computer Security
#Hacking & Cracking
#Career Resources & Planning