October is Cybersecurity Awareness Month, which is an initiative led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA). This year’s campaign theme, ‘See Yourself in Cyber’, focuses on the “people” aspect of cybersecurity and aims to promote smart decisions about cyber security, from basic cyber hygiene among individuals and households, to stronger security practices within organizations. The theme also aims to spotlight the diverse professionals in the industry and celebrate its growth.
As part of this year’s campaign, we’ll be sharing several interviews with members of our team to find out more about how they got into the industry, their role at CSA, and any advice they have to help keep us safe online.
To kick things off, we sat down with Ciaren Jones to discuss his previous life as a professional footballer in the UK and how he made the transition to cybersecurity consultant.
Could you give a brief overview of your role at CSA?
My current role is Cybersecurity Consultant. I conduct penetration testing for organizations that want to test the strength of either their application or infrastructure. I mainly work on web applications but have recently started to work more on internal and external assessments for clients.
What was your path to working in the cybersecurity sector?
My path was quite an unusual one. I had no prior experience in the IT industry, my background was in football. During the pandemic, I was exploring different industries I could potentially move into, and my mum suggested cybersecurity. She works in IT and was aware that the cyber sector was growing fast.
I looked into it and soon realized it was an avenue that I wanted to pursue, the job security especially appealed to me. I started an online course but quit after three months due to the tedious learning process.
However, through an old football contact I found a course that was specifically designed to help former sports players move into the cyber sector. As I had previously done some studying, I knew this was an opportunity I couldn’t turn down.
After a successful start to the course, I was offered a job interview at CSA and I immediately said yes. The interview was two days later, and they offered me the job 30 minutes after the call. I then started at CSA as an Associate Cybersecurity Consultant and have progressed from there, learning from fellow consultants and studying with more engaging learning materials.
What’s the best thing about working in cybersecurity?
The size of it! I am in awe of how much there is to learn, the list is endless. Everything from how to ‘hack’ websites and phone applications to how to social engineer your way into a building and the hardware hacking of devices. I like the fact I’m constantly learning and developing my knowledge base.
There’s always new vulnerabilities and exploits that are being discovered as well as new security measures to counter them. It’s like a game of cat and mouse.
What’s your best piece of advice or insight to share for Cybersecurity Awareness Month?
I would say the biggest thing that I myself was guilty of, is using weak passwords. It amazes me every time how easy it is to guess users’ passwords when we conduct testing. So, my piece of advice would be to make sure you’re using strong, hard-to-guess passwords! Another tip is that the simple use of multi-factor authentication, or MFA, can solve a lot of problems.
Yes, it means you have to wait another ten seconds before logging in, but by simply having that enabled, you can potentially prevent a devastating ransomware attack.
Tell us an interesting fact about yourself that people may not know?
I’m not sure how known it is but I used to be a professional footballer for Norwich City Football Club. I was part of their U23s setup and was there for a year and a half before COVID hit. I currently still play semi-professionally for Brackley Town in the Conference North.