Understanding Cybersecurity Domains

What’s that? You didn’t realize how broad of a term cybersecurity is? Well, hopefully this image has changed that, credit to Henry Jiang for putting this map together, see more here.

Although the map may not cover every niche or specialty, and there is some unrepresented overlapping of subdomains, this map shows you how we categorize the different areas of cybersecurity, known as domains. The reason we do this is to better understand what we as individuals are most passionate about and interested in. Becoming an expert on all of these topics would be nearly impossible, so a key part of your path into cybersecurity is picking what you will specialize in. It is easier to learn to swim in a pool rather than an ocean.

In order to figure out what you want to focus on, you first have to understand what each domain entails. Understanding the basics of cybersecurity in general is essential for getting into the industry. Below I have rephrased definitions of each overarching domain (except physical security, I could not find a great reference), these come from sources I trust. If any of my descriptions interest you, I encourage you to check out the source and explore additional resources on your own.

You can also explore your suitability by using this tool from the Cybersecurity & Infrastructure Security Agency (CISA), or this test from leveleffect.com. While these do not offer a perfect solution, you can get an idea of what may be the best path for you. That being said, do not let this test define you. If you are still new to cybersecurity, the best way to find your calling is going to be exploring all the options that interest you.

Security Architecture

Security Architecture is all about designing and building a successful cybersecurity program. This process involves planning and integrating everything from access management to encryption. By keeping these efforts organized and ensuring they are well thought out, organizations can fully understand and plan for the threats they may face. Read more here.

Security Operations

Often abbreviated as SecOps, Security Operations involve the integration of internal information security and IT operations. A primary goal is to enhance collaboration between these historically separate entities in order to create a more efficient way of minimizing risks. This includes a variety of offensive and defensive roles that make up the front lines of cybersecurity. Read more here.

Governance

Governance put very simply is the making and enforcing of rules that support an organization's security posture. While these types of roles do not directly add to security, they are essential for everyone else in the entire organization to be able to understand their role in an organization's cybersecurity. Read more here.

Risk Assessment

Risk Assessment is focussed on finding all of the flaws in cybersecurity posture, whether that is a new vendor who has poor supply chain security, or vulnerabilities in your code and infrastructure. Regardless of the risk, another essential function of this domain is providing reproduction and mitigation instructions, this enables the according personnel to efficiently act on the findings of a risk assessment. Read more here.

User Education

User Education, also known as security awareness training is an effort usually led by the cybersecurity team with the goal of limiting the risk employees and users present within an organization. This is done by teaching employees about the role they play in organizational security. This domain is considered to have the best return on investment due to the fact that untrained users are one of the largest risks to an employer. Read more here.

Threat Intelligence

Threat Intelligence is the practice of collecting and analyzing data tied to security events. This data allows us to better understand and respond to the tactics, techniques, and procedures (TTPs) of our attackers. The end goal of this domain is to move towards successfully preventing attacks and away from a program that focuses on responding to attacks. Read more here.

Career Development

Well, here is a definition of Career Development from an article posted on Indeed: “Career development is the process of wanting a position and developing the skills, knowledge and motivation to eventually pursue it.” Read more here.

Frameworks and Standards

Frameworks and Standards refers to specific sets of “existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk.” They are designed to ensure that organizations understand what they need to do in order to be on par with industry standards. These frameworks can be specific to certain industries like healthcare (HIPAA) and monetary transactions (PCI). Read more here.

Physical Security

Physical security entails securing all physical aspects of an environment or organization. For example, this would include any work associated with access to buildings, server rooms, or labs.

Enterprise Risk Management

Enterprise Risk Management (ERM) refers to the organized documentation and analysis of all potential risks within an organization. This domain requires significant collaboration between all other domains as well as other business domains in order to ensure all security objectives are met. Read more here.

Application Security

Application Security refers to the security posture of the code and applications used throughout an organization. Not only is the testing of these essential, but application security also requires the implementation of a secure software development life cycle (SSDLC). Read more here.

While this does cover most functions within cybersecurity, we have only scratched the surface. I encourage you to do more research on each of these domains, the roles associated with them, and what the day to day looks like for these roles. This will help you better identify what domains best suit you.

As mentioned in my post, What is Cybersecurity?, this marks the beginning of a long journey, but you are on the right path!

Stay curious.

Path2Sec is committed to helping beginners get into cybersecurity, whether that means teaching them some of the basics, pointing them in the right direction, or giving them a platform to show their passion for cybersecurity.

• contact@path2sec.org