The moment we mention
"Cyber Security", many people think it's about
"Hacking".
Actually "Hacking" is just part of the "Network Security".
"Network Security" includes:
- Reconnaissance (exploring)
- Hacking (gain access)
- Securing the device (host)
- Securing the network (user network / server farm network / ... )
- Malware protection
- End-point protection
- DNS protection
- Firewall-ing
- Intrusion Prevention Systems
- Virtual Private Network - Remote (VPN)
- Virtual Private Network - Site to Site (VPN)
- CIA (Confidentiality, Integrity and Availability)
- AAA (Authentication, Authorization and Accounting)
- Industrial best practice for security (ISO 27001, ...)
- Cyber law
- And many more...
Hacking is illegal, unless there is an penetration test agreement. As a network security professional, I study network security to prevent my customer networks.
Lockheed Martin's
Intrusion Kill Chain describes 7 stages of hacking.
(it's easier to understand what the hacking process is)
Risk assessment, Vulnerability assessment, Impact analyst is performs base on change management and on demands.
ERM, Enterprise risk managament would be different story. (will have new post, soon)
Benefits of study Hacking.
Gain knowledge on:
- what's Hacking
- how to Hack (understand attacker tools and actions)
- how to Prevent before attacks
- how to react during attacks
- things to change/develop after attacks
- additionally
- analyzing network infrastructure looking for vulnerable security-hole
- analyzing the event logs (SIEM application helps faster interpret the logs)
- know how critical to collect the event logs (syslog server, TACACS+, ...)