Looking for information about the program or resources to help you in the program?
You’ve reached to the right place.
Community Help: Get live answers in the Information Security Sessions in the discord server linked in the sidebar.
What is Information Security?
Information Security, or InfoSec for short, is the practice of protecting data from unauthorized access, use, disclosure, modification, or destruction. This practice encapsulates Cyber-security which is the protection of servers and hardware components as well as humans who access it. It also includes ethical-hacking, the practice of testing security in agreement of the victim to better improve their security.
The need for Information Security professionals come from simple disgruntled employee who attempts to delete all clients records upon being fired. To one of the worst case scenarios of a Government entity who has hacked into your company’s network to exfiltrate data.
Is this the program for me?
With an interest into security and a knack for working with IT related tasks, the program will provide a path into IT and InfoSec jobs. You will gain fundamental understanding of security architecture and practices on top of IT related skills.
All skills taught start at the zero knowledge level, but it doesn’t hurt to familiarize yourself with programming and math for a headstart.
What makes this program worth it?
Sheridan’s best program and one of the few degrees obtainable in all of Canada in Information Security. This leads to a field in high demand of positions with little supply of graduates to fill.
Sheridan and the program also has many well respected connections through the mandatory co-op program which has a 100% success rate. Many, if not all, who graduated will have a job ready for them through the previous co-op or at a destination they wanted to go.
What do I need in this program?
You will need access to the internet and a laptop to complete tasks in the courses.
Laptop specs (minimum):
- i5 or above and AMD equivalents
- 12GB+ (8GB is doable but will restrict you to one virtual machine at a time)
- 256GB+ Storage (Recommended 512GB or a hard drive for backup)
What are the job opportunities?
Government (CSE and CSIS), all banks, international financial companies, Information Security consulting firms, and all types of organizations with IT teams require Information Security personnel to help maintain government regulations, industry compliance, and network/system/application security.
How can I be successful?
The InfoSec community is very small with very awesome people and approachable people.
Make connections & learn by being on twitter and meeting people at conferences. Meetups are a great way to get to know those looking to hire or those accepting to mentor while being regularly scheduled.
Follow security related news:
- SecurityNow podcast https://www.youtube.com/user/TWiTSecurityNow
- ISSessions list https://feedly.com/issessions
- WIRED Security: http://www.wired.com/category/security
- Krebs On Security: http://krebsonsecurity.com
- Schneier On Security: https://www.schneier.com/
- Naked Security: https://nakedsecurity.sophos.com/
- The Hacker News: http://thehackernews.com/
- Packet Storm Security: https://packetstormsecurity.com/
- The Register Security: http://www.theregister.co.uk/security/
- Graham Cluley’s Blog: https://grahamcluley.com/
Twitter starter kit:
- @mikko – Chief Research @ F-Secure
- @kevinmitnick – The famed ex-black hat
- @gattaca – Security @ Akamai, writer, blogger, speaker
- @briankrebs – Best infosec investigative reporter
- @owasp – Open Web Application Security Project
- @chriseng – VP Research @ Veracode
- @myrcurial – popular Canadian InfoSec guy & writer/podcaster
- @e_kaspersky – CEO of Kaspersky
- @jeremiahg – Founder WhiteHat Security
- @jack_daniel – BSides Co-founder
- @JimmyVo – Rapid7 Global Services
- @hacks4pancakes – Great DFIR person
- @rootkovska – Creator of QubesOS & a ton of other stuff
- @threatbutt – Poking fun at the “threat intelligence” community
- @iiamit – VP @ ZeroFOX
- @da_667 – great malware analyst/network security monitoring guy
- @hypatiadotca – Security @ Slack
- @__apf__ – Google Chrome security team
- @KimZetter – Writer for WIRED – focuses on InfoSec a lot
- @daveaitel – CEO Immunity Inc.
- @runasand – Privacy and Security researcher
- @matthew_d_green – Crypto prof at Johns Hopkins
- @thegrugq – king of OPSEC
- @MalwareJake – SANS Instructor and course creator
- @peterkruse – eCrime specialist
- @k8em0 – Chief Policy Officer HackerOne
- @travisgoodspeed – Creator of PoC||GTFO
- @attrc – Volatility core developer
- @botherder – Privacy advocate & fellow @ CitizenLab
- @MalwareMustDie – badass malware hunter & exterminator
- @sambowne – Ethical hacking professor @ City College San Fran
- @nickm_tor – TOR developer
- @taviso – Hacks antivirus
- @alexcpsec – InfoSec data scientist
- @granick – Cyber Law @ Stanford
- @jessysaurusrex – Works for Agilebits (1Password)
- @Sidragon1 – dude who allegedly made a plane fly sideways
- SecTor – Oct 20 & 21 – Expensive, but Sheridan often sends a limited # of students
- BSidesTO – Nov 7th – Inexpensive, small, great place to meet people
- HackFest (Quebec City) – Nov 6 & 7 – Like DEFCON for Canada, a bunch of students and alumni go every year!
- RECon – Every June in Montreal – Reverse engineering focused conference
- CounterMeasure (Ottawa) – Nov 19-20 – Corporate type event, expensive!
- NorthSec (Montreal) – May ish – Small conference but huge CTF!
- ISSessions (bi-weekly) https://issessions.ca/events
- TASK (monthly) https://task.to/
- OWASP (bi-weekly) https://www.meetup.com/OWASP-Toronto/
- DEFCON Toronto (Occasional Monthly) https://www.meetup.com/DEFCON416/
Capture the Flag (Test your skills):
Start with Bandit on overthewire