|
|
|
|
|
|
by indigochill
3103 days ago
|
|
|
Security fundamentally is just "the art and science of how things work". Breaches in security are caused by malicious actors finding vulnerabilities in trusted systems, such as when Chinese webcams shipped with default credentials which made it trivial for the Mirai botnet to take them over and acquire so many devices that it could DDoS Dyn. Towards that end, just about anything you learn can be applied in some way towards security. The conventional recommendations others have made will get your foot in the door, but ultimately security is a lifestyle of never-ending learning and imaginative reasoning about systems. So to directly answer your questions, yes, there are links between data science and security (others have mentioned its use in things like malware research, but going the other way it's also important to store your data securely to prevent theft, destruction, or tampering) and you can learn something about information security pretty much anywhere in-depth information about computers is taught. Which information is relevant to your interests will just depend on which aspect of security is of interest to you. |
|
|
Alex Stamos, the CISO of Facebook, likened the causes of security breaches to a pyramid. The bottom of the pyramid, where the vast majority of security breaches happen (perhaps 80%), are caused by basic fraud: shared passwords, phishing, asking the user to do something like self-XSS. Of the remainder, perhaps 80% of security breaches are done through the more common, more mundane attacks like unpatched vulnerabilities or misconfigurations. It's only a fraction of a fraction of a percent of attacks that are done using zero-day vulns.
As much as what you said is relevant for security, I would argue that engineers think that security is more of an engineering problem set than it is.