Hands-on training is key to understanding cybersecurity, says Infosec Skills author Howard Poston
Category: IT careers, Professional development
December 11, 2019
Infosec Skills instructor Howard Poston learned the value of hands-on training early in his career.
“When I first started teaching, everyone seemed to learn the most during the 15-minute labs that accompanied each lecture,” Howard said. “That’s the point when it all came together and students realized, ‘Oh, that’s how this works.’”
Howard said he carried that same hands-on approach through to his three new Infosec Skills learning paths:
- Network Traffic Analysis
- Introduction to Applied Cryptography and Cryptanalysis
- Secure Coding Fundamentals
“Those are three very different learning paths,” Howard said. “But the network traffic analysis and cryptography paths are similar in that they’re geared towards the day-to-day aspects of cybersecurity — what you can expect to see on the network, what you can expect to see in cryptography and how to take advantage of that knowledge.”
“Secure coding is the other side of the coin. It’s about something being done wrong and how developers can identify and fix those issues — as well as how attackers can exploit them.”
Developing practical cybersecurity skills
The hands-on projects Howard created are designed to reinforce key concepts from his courses, provide practical experience and help students develop their skills.
For example, the Network Traffic Analysis for Incident Response Project contains seven challenges ranging from analyzing basic packet capture data to discovering data exfiltration and DDoS issues to developing YARA rules for identifying malware.
“In the path we do a demonstration of Ghost Rat, which is a remote access toolkit designed to create a foothold on a computer,” Howard said. “One of the challenges is essentially unpacking the command-and-control traffic of a variant and deobfuscating the traffic to determine what it’s doing on your network.”
Howard said he kept the network traffic analysis courses as applicable as possible for incident response.
For his Secure Coding Fundamentals learning path, Howard structured the courses around real-world examples — and those weren’t hard to track down.
“Unfortunately, it was extremely easy to find something from the last year where someone had made a secure coding mistake and it caused big problems.”
Poston “fell into” teaching cybersecurity
The rise in cybersecurity issues has led to increased demand for skilled cybersecurity professionals — and for people like Howard to train them. But Howard never aimed to be an instructor.
“Teaching came about organically,” Howard said. “I kind of fell into it because people asked me to.”
After getting his master’s degree in Cyber Operations from the Air Force Institute of Technology in 2015, Howard spent two years at Sandia National Labs doing cybersecurity research and development on topics such as cryptographic algorithm security and efficiency analysis, malware reverse engineering, honeypot development and network traffic analysis.
“My wife and I wanted to travel for a while, so I quit and started doing freelance work,” Howard said.
Two-year half-life of cybersecurity skills
Being able to keep up on the latest cybersecurity threats and trends is one of the perks of developing so much cybersecurity content, Howard said.
“I saw a stat recently that the half-life of a piece of cybersecurity education is around two years, so theoretically my master’s degree is pretty much worthless by now,” Howard joked.
That’s why no matter what your situation, Howard stresses the importance of continuing education and hands-on skill development.
“Cybersecurity is constantly changing, and everyone needs a way to keep up.”
Learn more about Howard Poston’s Infosec Skills courses:
About Howard Poston
Howard Poston is a cybersecurity researcher with a background in blockchain, cryptography and malware analysis. He has a master’s degree in Cyber Operations from the Air Force Institute of Technology and two years of experience in cybersecurity research and development at Sandia National Labs. He currently works as a freelance consultant providing training and content creation for cyber and blockchain security. He can be reached by email at [email protected] or via his website at https://www.howardposton.com.