Do You Need Programming Skills for a Cybersecurity Career?
March 5, 2019
[This post was originally published on 10/19/2015 and updated on 3/5/2019.]
Students ask our Training Consultants this question often. The simple answer is yes, you need programming skills for a cybersecurity career. However, the answer depends on your intended specialty in cybersecurity. For managers, offensive and defensive cybersecurity professionals, the answer varies.
Offensive and Defensive Cybersecurity Need Programming skills
Programming knowledge proves essential for analyzing software for vulnerabilities, identifying malicious software, and other tasks required for cyber security analysts.
Quora answered this question about programming knowledge for cybersecurity specialties. The best answer provided elucidates how programming and coding skills necessary depend on whether you specialize in web app security, software security, malware analysis, network security, or computer forensics. What to draw from this advice is that programming knowledge gives you an edge over other security professionals without those skills.
Overall Technical Skills Wanted in Cybersecurity
The ideal cybersecurity professional possesses knowledge in system architectures, system administration, operating systems, networking, virtualization software, and other major components of IT systems. A comprehensive understanding of systems architecture allows you to have a big picture view to see where possible vulnerabilities lie, and how to potentially protect all access points from attacks. The CompTIA Security+ certification tests for this broad range of knowledge, but having the certification doesn’t verify your ability to apply the knowledge.
You should have an understanding of configuration and management of firewalls, network load balancers, network routers and switches, and network architectures. Networking and virtualization technologies are critical for how businesses operate. With the advent of cloud computing, Software-as-a-Service (SaaS), accessed through web browsers, demands an intricate understanding of security on this level. Whether your organization hosts its own private cloud or hybrid infrastructure, or you have access to an external cloud infrastructure, moderate to advanced level knowledge is vital for thriving in the present cybersecurity landscape.
Programming Languages for Cybersecurity
This is section is by no means intended to provide a comprehensive breakdown of the benefits of each programming language for a cybersecurity professional. You can read an assortment of excellent blog posts and articles online accessible via a simple Google Search for further guidance. It is important to know that the more languages you know, the better it is for your cybersecurity career. Here are a few languages that you can get started with.
Students ask about the importance of knowing programming for our Malware Analysis course. The recommended experience section on the course page suggests students have “Basic understanding of C/C++ and assembly language”. Most malware is written in C++ programming language. This language is also important for reading and understanding open source code, which often supports low-level system programs that are critical components of operating systems.
Python is a high-level scripting language that is easier to learn than other low-level language. Python provides many advantages in a security role, such as enabling you to automate tasks and execute malware analysis. You can read more about using Python as a tool in the outline for our Python Security for Practitioners course.
When mapping out your career, you should seek advice about skills, knowledge, potential job titles, and additional info. Then estimate and draw a timeline of where you intend to be, what you aim to learn, and how to get there.
What should you take from this blog post? Go starting learning by picking up a free eBook at Github on C++.