From Law to CyberSecurity

GiG88GiG88 Member Posts: 3 ■■□□□□□□□□
Hi guys!
I have a bachelor degree in law, with a specialization about the data breach in the General Data Protection Regulation.

Since the job market in legal profession is completely saturated, o would like to specialize in a cybersec path!

The topics i like more are Incident Hadlling/Response or Digital Forensics, closer to my data breach legal specialization and my  personal interest :)

I requested informations to some schools, but everyone told me that the courses in i.h. ad digital forensics are too difficult for a beginner without any  i.t. background like me.

Do you have some suggestions to shifting my career from law to cybersecurity?

I hope you can help me :)    Thank you soooo much!!!

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,854 Admin
    edited August 9
    I would say dovetail your law experience with cybersecurity to find a new career path. Digital Forensics is all about documenting and presenting digital evidence in a court of law. In DF, it's the legal people that are paid the big $$$$ and the techs in the white lab coats are the ones making $15/hour. Do you have a lot of experience with and in courts of law in the EU? Expert witness experience certainly counts as well.
  • GiG88GiG88 Member Posts: 3 ■■□□□□□□□□
    JDMurray said:
    I would say dovetail your law experience with cybersecurity to find a new career path. Digital Forensics is all about documenting and presenting digital evidence in a court of law. In DF, it's the legal people that are paid the big $$$$ and the techs in the white lab coats are the ones making $15/hour. Do you have a lot of experience with and in courts of law in the EU? Expert witness experience certainly counts as well.
    I don't have much experience; that is why I was thinking about focusing on the incident response domain, which also has compliance implications!
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,854 Admin
    IR can vary so much between different organizations. A small org IR team may be concerned with compliance/governance, but a large orgs will have compliance/governance teams that would work with IR. In a large org, it's unlikely you will walk into an IR position with no real IR experience. IR people typically start in a SOC or security service desk environment and move laterally to an IR team because they have gained "firm-specific knowledge" and "Jr. IR experience" performing their security monitoring and customer service work. Oh yeah--very large orgs can have multiple IR teams, one for each business unit, which gives you more opportunities to move. Those orgs will have a lot of great IR training materials that non-IR security people can access too.
  • GiG88GiG88 Member Posts: 3 ■■□□□□□□□□
    I've been looking information for 2 months about IR and this is the best answer!! You give me the perfect information!!! Thank you so much :)
Sign In or Register to comment.