Hello

Your Cybersecurity Career

starts here!
 Welcome to the World of
Cybersecurity Careers!
“In our digital era, cybersecurity is crucial, offering diverse opportunities to
protect against online threats. This field combines technology skills, problem-
solving, and creativity to safeguard individuals, organizations, and nations. This
booklet introduces you to various terminologies, cybersecurity specializations,
and a potential concept that will help you explore your role and the impact
you can make in securing our digital world.”
Discover Cybersecurity Start Your
Cybersecurity Career!
Are you interested in exploring the world of cybersecurity and making it your Hey Students!
career? Did you know that the world needs about 1.8 million qualified Cybersecurity
professionals to keep computers and networks safe from unauthorized access
If yes, then you might want to ask yourself these questions: and attacks? If you’re interested in cybersecurity, here are five things you can
do right now:
Do you love working with new technology? Yes or No

Do you enjoy finding creative solutions to

problems?
Yes or No
01
Explore and research about
Did you know that almost everything we use Yes or No Cybersecurity career profiles
today is connected to the internet in some to learn about different jobs in
way? this field.

Do we have enough cybersecurity experts to

protect us from cyber threats?
Yes or No
02
Join or start an IT/Cybersecurity
Are you interested in being a defender of Yes or No club at your school.
Cyberspace?
03
Ask your teachers about
Cybersecurity concepts in your
classes.

04
Cybersecurity is the practice of protecting digital infrastructure
and defending networks, communications, devices, and data Sign up for courses in advanced
in cyberspace from dangers, threats, and criminal hackers. math, science, or creative
subjects like writing and art.

05
Ask your guidance counselor
about Cybersecurity career
opportunities.

01 02
Get Started! Career Options
Explore the following specializations and write a brief description:
Classes to take in Advanced Math Science.
high school Cryptographer / Cryptanalyst Cyber Defense Incident
Creative Writing (English/Arabic and Communication).
aka Encryption Expert. Responder.
Technology Ethics.

IT-related subjects.

Majors to pursue in Computer Science.

college
Information Technology.

Cybersecurity.

Artificial Intelligence and Cybersecurity.

Cyber Forensics Expert. Cyber Legal Advisor.
Computer Engineering.

Data Science and Cloud Technologies.

Additional ways to Participate in local Cybersecurity contests,clubs,

get a head and camps.

Consult your guidance counselors about career

paths in Cybersecurity.

Ask your teachers to incorporate Cybersecurity

concepts into the lessons.
Cyber Security Engineer.

My Notes

03 04
Information Systems Security Multi-Disciplined Language Cyber Crime Investigator. Technical Support Specialist.
Manager. Analyst.

Software Developer. Vulnerability Assessment Cyber Operator. System Testing & Evaluation
Analyst. Specialist.

IT Project Manager. Systems Administrator.

05 06
Cyber OPS Planner. Information Assurance Analyst.

Knowledge Manager. Pen Tester.

Threat & Warning Analyst.

07
Cyber-tionary

Below are 27 essential Cybersecurity terms along with their definitions that
you can learn to start your Cybersecurity knowledge:

01 Cybersecurity
The protection of networks, information technology systems, operational
technology systems, and their components, including hardware and
software, the services they provide, and the data they contain, from any
unauthorized access, disruption, modification, or exploitation. The concept of
cybersecurity encompasses information security, electronic security, digital
security, and more.

02 Cyberspace
The interconnected network of information technology infrastructure,
including the Internet, communication networks, computer systems, and
Internet-connected devices; along with the associated hardware and
control devices.

03 Critical National Infrastructure

The interconnected network of information technology infrastructure,
including the Internet, communication networks, computer systems, and
Internet-connected devices; along with the associated hardware and
control devices.
• A significant negative impact on the availability, integrity, or delivery of
essential services, including services that could lead to loss of property
and/or life and/or injuries in the event of their compromise taking into
account the economic and/or social impacts at the national level.
• A significant impact on national security and/or national defense and/or
the state’s economy or national assets.

08
04 Availability 08 Accountability
Ensuring access and use on demand by an authorized user, process, or The ability to trace the path of a specific activity or event back to the
system in a reliable manner. responsible party, the originator of the activity. This supports non-repudiation,
fault diagnosis, intrusion detection and prevention, and post-detection

05 Integrity
actions such as recovery and legal proceedings.

09 Authentication
Protection against unauthorized modification or destruction of information,
and also includes ensuring non-repudiation of information and authenticity.
Verifying the identity of a user, process, or device, and is often a prerequisite
for granting access to technical resources. It is not related to determining
06 Confidentiality access rights to technical resources and assets.
The property of non-disclosure of information to an unauthorized user,
process, or system except in the event of authorization to access it.
10 Multi-Factor Authentication
A security system that verifies the identity of a user; it requires the use of

07 Information Assurance multiple independent elements of authentication mechanisms. Authentication

mechanisms include several elements:
The measures that protect information and information systems by ensuring
• Knowledge: something the user knows (such as a password).
their availability, integrity, authenticity, non-repudiation, and confidentiality.
• Possession: something the user possesses (such as a token or a temporary
SMS for login) and is called a one-time password.
• Inherence: a biometric characteristic related to the user himself (such as
My Notes a fingerprint).

My Notes

09 10
11 Authorization 15 Defense-in-Depth
Defining the rights/licenses to access information and technical resources for A concept that means clearly defining multiple defensive layers of security
the entity in general, and controlling and verifying access levels in particular. controls through integration between people, technology, and operational
capabilities.

12 Assets
Tangible or intangible resources that are valuable to the organization. 16 Cyber Attack
Including employees, technologies, facilities, patents, software and services, The unauthorized exploitation of computer systems, networks, and
information and characteristics (such as the organization’s reputation, organizations that rely on information and communications technology
identity, and cognitive or professional capabilities). for the purpose of causing harm. It includes any type of malicious activity
that attempts to gain unauthorized access to, disable, prevent, or destroy

13
information system resources or the information itself.
Cryptography
Rules that include principles, means, and methods for storing and transmitting
data or information in a specific form in order to hide its semantic content
17 Distributed Denial-of-Service (DDoS) Attack

and prevent unauthorized use and undetected modification, so that Attempts to disable the system and make its services unavailable by sending
unauthorized persons cannot read or process it. a large number of requests from multiple sources at the same time.

14 Cybersecurity Resilience 18 Phising Emails

An organization’s overall ability to withstand, absorb, and recover from cyber Masquerading as trusted entities through email messages to obtain
incidents in a timely manner. sensitive information, such as usernames, passwords, or credit card details,
for malicious and harmful purposes.

My Notes My Notes

11 12
19 Threat Intelligence 24 Firewall
Organized information that has been analyzed about recent, current, and Hardware or software that restricts network data traffic according to a set of
potential attacks that could pose a cyber threat to the organization. access control rules that govern what is allowed and what is not.

20 Information Sharing 25 Vulnerability

The exchange of data and information, or knowledge - or both - for use in Any type of weakness in a computer system, its programs or applications, or
managing risks and threats or responding to cyber events. in a set of procedures, that makes cybersecurity vulnerable to threats.

21 Malware 26 Vulnerability Assessment

Short for “malicious software,” it refers to any software designed to harm or A systematic process of examining information systems or applications to
exploit any programmable device, service, or network. identify the level of security controls, identify their shortcomings, and provide
data that can be used to predict the effectiveness of security controls and
ensure their effectiveness after implementation.
22 Ransomware
A type of malicious software designed to block access to a computer system
or data until a sum of money is paid.
27 Penetration Testing
The process of testing a system, network, website, or mobile app to identify
vulnerabilities that could be exploited to carry out a cyber attack.
23 Disaster Recovery
Activities, programs, and plans designed to restore an organization’s critical
business functions and services to their normal state after a cyber-attack or
disruption of these services and functions.

My Notes My Notes

13 14
 With Regards
NATIONAL CYBER SECURITY CENTER

www.ncsc.gov.bh
#CyberWiser
 COPYRIGHT © 2024
NCSC ALL RIGHTS RESERVED