Pros and Cons of Different Areas in Cybersecurity

egrizzlyegrizzly Posts: 260Member ■■□□□□□□□□
What do you all think the pros and cons of the following cybersecurity areas:

- Incident Response
- Forensics
- Governance
- Audits
- Penetration Testing
- Analytics

Do you think any of the areas has an advantage over the other and why?

Comments

  • paul78paul78 Posts: 2,856Member ■■■■■■■■■■
    It's going to largely depend on why you are asking. Any of the various areas in cybersecurity can likely have the same pros/cons depending on the role in that particular area.

    What problem are you trying to solve by asking this question?
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 878Member ■■■■□□□□□□
    The biggest problem I can see is that since the field is so wide, you can't possibly tackle everything. I guess you could be the proverbial jack of all trades, but you might not be able to become an expert in any one thing. Or if you work in security long enough, you can gradually transition in other aspects of the field.

    If you're looking for advice regarding which direction to take, that all depends on what interests you. I've done incident response, governance, penetration testing, security awareness training, etc., but usually in the same job. Right now, I'm spending most of my time revamping our security policies. I'd love to get into forensics, but I just don't have the time, especially not when there's so much more to learn about penetration testing.
  • spiderjerichospiderjericho Senior Member Mojave DesertPosts: 834Member ■■■■□□□□□□
    A team or group manager manager can get away with that mentality of the renaissance man.  

    It takes a lot of experience and skill to be good at any of those skills. Some of them could be mutually supportive like penetration testing/audits or incident response/forensics since certain aspects overlap. 

    Not to to derail the thread but does the SANS expert exam require you to know all the above?
  • UnixGuyUnixGuy Are we having fun yet? Posts: 3,863Mod Mod
    I'm not sure I understand the question, but if you're asking about career paths, one catch I found with Incident Response is that it can involve weekend/after hours/overtime work occasionally. Some (a lot) of penetration tests happen on weekends as well. Some forensic investigations are urgent and you can be time pressured.

    While Audit/GRC/Governance/Analytics you probably don't need to work after hours/weekends.
    Goal: MBA, March 2020
  • egrizzlyegrizzly Posts: 260Member ■■□□□□□□□□
    UnixGuy said:
    I'm not sure I understand the question, but if you're asking about career paths, one catch I found with Incident Response is that it can involve weekend/after hours/overtime work occasionally. Some (a lot) of penetration tests happen on weekends as well. Some forensic investigations are urgent and you can be time pressured.

    While Audit/GRC/Governance/Analytics you probably don't need to work after hours/weekends.
    Thanks for sharing UnixGuy.  Exactly the feedback I was looking for. Its like I suspected that the role which typically works weekends is the Audit/Governance/Analytics folks.
  • JoJoCal19JoJoCal19 California Kid Posts: 2,735Mod Mod
    egrizzly said:
    UnixGuy said:
    I'm not sure I understand the question, but if you're asking about career paths, one catch I found with Incident Response is that it can involve weekend/after hours/overtime work occasionally. Some (a lot) of penetration tests happen on weekends as well. Some forensic investigations are urgent and you can be time pressured.

    While Audit/GRC/Governance/Analytics you probably don't need to work after hours/weekends.
    Thanks for sharing UnixGuy.  Exactly the feedback I was looking for. Its like I suspected that the role which typically works weekends is the Audit/Governance/Analytics folks.
    I've worked a few GRC/Audit roles and have never worked a weekend. Now longer work days during the week during audit or risk assessment time, sure. But never on the weekends. If anything, you're more likely to have to spend weekend time with the more technical roles (on call, long engagements, skills, etc).
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSP, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
Sign In or Register to comment.