top of page

Areas of Cybersecurity

Learn more about the different areas of cybersecurity

There are many different areas within cybersecurity. When looking into entering into the field of information security, IT security or cybersecurity, the first question a more seasoned expert would ask is: "Great to have you, but which area exactly are you considering"?

​

In the below section we look into the few examples of work areas and the numerous job titles or job roles that can exist. This is not an exhaustive review but an introductory review to get you started in the thinking process. Knowing which area you are seeking more information about will help you direct your studies and learning process. You might also get a surprised smile from your seasoned expert you are talking to when you can already explain which area you are interested about.

​

It is also good to be aware that while the domains and areas of cybersecurity do involve almost any organization nowadays, there are even big differences in available resources, maturity (stage of implementing the areas into the organization) and emphasis to the aspects - this is also referred to risk-based approach. Due to such differences cybersecurity roles come in all kinds of shapes and sizes in the different organizations - sometimes there is not a single person with security in their title, sometimes there are entire teams of experts for each domain. 

​

Note: See Working in Cybersecurity section for more comprehensive work roles listing and descriptions .

Network Security

Focuses on securing and monitoring on the networking and communications layer of digital environments. Securing related equipment, networks configured, connections, and data being transmitted.

​

Examples of typical job roles:​

​​​​​

  • Network Specialist

  • Network Architect

  • System Adminstrator

​

Other terms associated:​

​Computer Networks Security, Communications Security

​​

Connecting Dots

Endpoint Protection

Expertise area on secure management of endpoint devices (i.e. workstations, laptops and mobile devices). Secure configuration, management of software and versions of, backups, access controls, remote monitoring, malware detection and response and secure disposal.

​

Examples of typical job roles:​​​

​

  • IT Support Specialist

  • Endpoint Detection and Response Engineer

  • System Administrator

​

Cybersecure, worldwide internet network security technology, privacy digital data protecti

Vulnerability Management

Vulnerabilities can exist in almost any digital system or device exposing them for various threats. Vulnerability management is an area to research vulnerability types, detect them in the monitored systems or devices, and the processes and tools to remediate them.

​​​​

Examples of typical job roles:​

​

  • Security Researcher

  • Vulnerability Coordinator

  • Penetration Tester

  • System Administrator

  • Security Engineer

​

lock key on the mainboard concept show Log4j vulnerability.jpg

Cloud Security

Cloud security is a big area of expertise within cybersecurity. It encompasses almost all other areas of cybersecurity but focusing on the cloud environments. Often scoped to securing specific cloud technologies in use by an organization or from supplier side the security towards the provided services and environments.​​

​

Examples of typical job roles:​

​​​

  • Cloud Architect

  • Security Analyst

  • CloudOps Engineer, Cloud Operations Engineer

hand holding cloud icon, Cloud computing concept, Backup Storage Data Internet, networking

Application Security

Application security refers to the tasks of designing, setting requirements, implementing security, testing for security and managing the operational lifecycle of an application from its’ initial deployment to the retirement of the application.

​

Examples of typical job roles:​​​​​​​

​

  • Software Developer

  • Product Owner / Manager

  • Security Engineer

  • Security Architect

​

Other terms associated:​

​SDLC, Secure development, SecDevOps​

Image by TRG

Data Security

Data security refers to tasks of managing data and information assets. This usually entails the discovery, inventorying and categorization of the data and information assets. Key element of the data security is the labeling and handling instructions, technical mechanisms and monitoring. Links closely to Cryptography as data encryption is most common data security technical control. Domains linked to specific data types such as Data Protection/Privacy or Data Loss Prevention would commonly be related with this area.

​​​​​

Examples of typical job roles:​

 

  • Data / Information Owner

  • Data Security Engineer

  • Data Privacy Officer

​

Other terms associated:​

Information Security, Data Loss Prevention, Labelling

Image by FlyD

Identity and Access Management (IAM)

Identity and Access Management is actually almost two areas in one, Identity management is managing the identities of users and systems and their roles and related authorization models. Access management is the technologies and processes to enforce the access and provide certainty that users are authenticated and have only the needed access to resources.

​

Examples of typical job roles:​​​​​​

​

  • Authorizations Specialist

  • IAM Architect

  • Access Provisioning Engineer  

​

Other used terms:
Identity Management (IdM), Identity and Access Governance (IAG)

human hand holding digital identification card, technology and business concept..jpg

Incident Response

Incident Response is the domain and process of handling cybersecurity incidents. It often relates heavily to detection engineering (Security Operations) and Business Continuity.

 

Responding to incidents involve identifying them, analyzing them, containing and recovering from incidents. After incidents the root cause analysis and lessons learning processes ensure similar incidents are further limited in future.

​

Examples of typical job roles:​​​

​

  • Incident First Responder 

  • Cyber Forensic Examiner

  • Security Operations Analyst 

​

Other used terms:Identity Management Incident Management, Major Incident Management

Team of Professional Computer Data Science Engineers Work on Desktops with Screens Showing

Security Operations

Security Operations area covers quite many if not all of the other areas but focuses on the operational aspects of the areas. It is mostly represented within the technical processes and tools heavy areas such as monitoring of security events and systems, operating technical security tools and systems such as firewalls, vulnerability scanning and access management.​​

​

Examples of typical job roles:​​​​

​

  • Firewall Administrator

  • Network Engineer

  • Security Operations Analyst ​

Young female cyber security analyst.jpg

Cybersecurity Research

​Cybersecurity research covers both the scientific work carried out by universities and other research organizations related to Cybersecurity, and the work carried out by individual enthusiasts and industry experts to investigate the limits of technology and finding out when it breaks. 

​

Examples of typical job roles:​​​​​

​

  • Researcher

  • Cybersecurity Researcher

  • Bugbounty researcher

​

Other used terms:
Bugbounty Program, Responsible Disclosure, Crowdsourced vulnerability management

Cybersecure, worldwide internet network security technology, privacy digital data protecti

Compliance and Regulatory Requirements

In its naissance cybersecurity was not regulated heavily but over time there has been significant increase of both standards and regulatory requirements that organizations and technology must consider and comply with. Healthcare and Privacy related regulations such as HIPAA in US and GDPR in EU are some of the most well-known ones.

​

Examples of typical job roles:​​​​​​

​

  • Legal Counsel

  • Data Protection Officer

  • Lead Auditor​​​

GRC Governance Risk and Compliance concept.jpg

Risk Management

Risk Management is in many ways one of the fundamental areas of cybersecurity. It is well accepted reality in the industry that there are hardly perfect security and when optimizing for the best security often the usability or cost factors become an issue.

 

Balancing the potential adverse effects of cybersecurity incidents and the cost of resources or usability is essence of risk management. It covers the identification, analysis, evaluation and treatment of the risks and covers the continuous monitoring and assessment of the status of the risk also over time.​

​

Examples of typical job roles:​​​

​

  • Risk Manager

  • Risk & Compliance Specialist

High Risk of Business decision making and risk analysis. Measuring level bar virtual, Risk

Cryptography

Where as Risk Management is the fundamental area regarding the goals and actions within cybersecurity. Cryptography is the fundamental technical control mechanism to apply those actions.

 

Cryptography is the field of applying mathematical calculations to cipher information and decipher it while the information is stored somewhere or being transferred elsewhere for storage or processing.

 

The field also covers the aspect of managing the technical implementations to manage the process, such as key management, certificates management and negotiating the needed protocols and ciphers between systems.

​

Examples of typical job roles:​​​​​

​

  • Crypto Analyst

  • Network engineer

  • System Administrator

  • Crypto Researcher

Home-Research-1.jpg

Penetration Testing

Penetration testing is a broad area that covers the technical testing of devices, systems, and software for vulnerabilities and flaws. It is both a mature area where the processes of researching the target systems, agreeing testing approaches and reporting structures are often well defined, and also an almost artistic area where ingenuity of the researcher or penetration tester can make big difference whether the vulnerabilities and flaws get discovered or not.​​​​

​

Examples of typical job roles:​​

​

  • Penetration Tester

  • Vulnerability Assessor

  • Cybersecurity Researcher​​​​

Home-Research-3.jpg

Security Awareness Training

Security awareness training is an area which crosses over many organizational leadership domains from people development, business risk management and cybersecurity.

 

Often mixed with compliance requirements for ensuring organization members are adequately aware of the standards and regulations it is in essence the process of sharing knowledge in the most suitable formats, volumes and cadence to fit the organizational awareness, knowledge and skill requirements. It usually does not cross over to the comprehensive educational goals side for organization members.

​

Examples of typical job roles:​​

​

  • Security Training and Awareness Specialist

  • Phishing Simulation Engineer

  • HR Manager

  • People Development Expert​​

post-ai-image-5067.png

Disaster Recovery and Business Continuity

Disaster Recovery and Business Continuity area identifies situations that can lead to service disruptions causing issues for the organization upto the point where the organization might not be able to continue its operations.

 

After identification work is carried out to plan alternative processes, working locations, secondary systems and mechanisms to resume systems, processes and personnel back into operations mode. It also includes rehearsals and continual assessments to the preparations.

​

Examples of typical job roles:​​

​

  • Site Reliability Engineer

  • System Administrator

  • Continuity Manager

  • Risk Manager​​

Home-Research-4.jpg

OT Security

Operational Technology Security as an area focuses on security of system, processes and people involved with operating large machinery, large vehicles, vessels, factories, powerplants, usually mainly focusing to the IT equipment, networks, and software supporting these operations. It is a very sensitive area as it deals not just with information but largely has potential also for physical world bodily injuries or physical property damages. There is often major linkage to the Compliance and Regulatory Requirements area.

​

Examples of typical job roles:​

​

  • OT Security Specialist

  • ICS Specialist

​

Other used terms:
Industrial Control Systems (ICS) Security​​

Home-Research-2.jpg

IoT Security

Internet of Things refers to the connected and/or smart devices such as security cameras, smart lights and home automation. IoT Security as an area covers security of the things (settings, vulnerabilities), their lifecycle, connectivity and management platforms. It also covers the cyber-physical topics that can occur when security of IoT devices should fail. Like fridge temperature monitoring is tampered with causing the goods to perish.

​

Examples of typical job roles:​​​​​

​

  • Security Researcher

  • Security Consultant

  • System Administrator

  • Facility Manager​​​​

hand holding cloud icon, Cloud computing concept, Backup Storage Data Internet, networking

Red Teaming

Red Teaming is very similar area to Penetration Testing. Whereas Penetration Testing usually is scoped to the system or process being assessed, in Red Teaming focuses on the end goal of the attacker and aims to discover flaws and vulnerabilities more holistically. For example – instead of breaking into the organization network from remote location through all the network security, would it be easier to gain access to the network simply by entering the building of the organization right after the employees.

 

Or would it be possible to just ask helpdesk to reset a password of an employee who is on vacation and use their credentials to steal the data. Aim is to discover these somewhat alternative ways and present them to the organization for remedial actions. Red Team is also sometimes used as the overarching term for people working on the offensive side of security – those who find out how systems and processes can break and fail, so they can be improved upon​.

​

Examples of typical job roles:​​​

​

  • Red Teamer

  • Penetration Tester

  • Vulnerability Assessor

  • Cybersecurity Resarcher

Concept of simulating cyber attack on software applications known as penetration testing,

Blue Teaming

Blue Teaming is the opposite of Red Teaming but with the same end goal. It aims to discover and implement the gaps for potential weak spots in organization security by analysis, monitoring and threat hunting. Blue Teaming is also often used as the broad term for security personnel working in the "defence"  roles.

​

Examples of typical job roles:​​​​​

​

  • System Administrator

  • Network Engineer

  • Security Analyst

Team of Professional Computer Data Science Engineers Work on Desktops with Screens Showing

Purple Teaming

Purple Teaming is not necessarily an area of its own but a process where Blue Teams and Red Teams collaborate on tools, techniques and processes to create iteratively better protection and detection mechanisms as well as training each other on what and how the other side thinks, sees and operates. Main goal is to share instead of withholding abilities (just for the teams own benefit).

​

Examples of typical job roles:​​​​​

​

  • Red Teamer

  • Penetration Tester

  • System Administrator

  • Security Analyst

Blue abstract technology data wavy lines in holographic style.jpg

AI Security

AI Security is the area focusing on the Artificial Intelligence, Large Language Models and Machine Learning.

 

It is relatively new area but is fastly evolving together with the area itself. Few of the key concerns currently are reliability of these systems, data sprawl and containment, malicious misuse of AI models or systems benefitting from them.

​

Examples of typical job roles:​​​​​

​

  • AI Security Specialist

  • Context / Prompt Engineer

  • Data Scientist​​​​​

Cyber realistic AI Security Operations c
bottom of page