Is Coding Important for Cyber Security?

There are a lot of beginners asking how important it is to learn programming for cyber security, and the swift answer is, well it depends. Because just starting off, there are many roles that don’t really require you to code, and based on how advanced you want to get, programming may or may not be all that important for you.

let's take it this way, all the tools you use in cyber security are written in code, and programming lets you write tools. So what are these tools and what is the advantage in comprehending how to build them?

On a conceptual level, tools extend your strength to change the environment around you, whether in the natural or digital world. Combined with purpose, they let you create action and change. So the more advanced your tools are the more leverage you have, and the wider range of operations and change you can achieve.

In the world of cybersecurity being able to get results depends on the type of software tools in your inventory and your expertise in using them. the combination of tools + skills = Ability really determines your overall cyber capability so to improve your effectiveness it's important to balance both.

Currently, in the field of cyber security, most people fall into one of three categories:

User: they only know the basics of using one or a few different software systems, and only in situations that they’ve been trained in. They aren’t able to apply their training to solve problems independently in more complex scenarios without the help or mentorship of more experienced professionals. The vast majority of people in cyber security would fall in this category, and knowing how to code isn’t all that important for them, because they’ve yet to learn many of the most common tools in the role they’re already in, whether it’s Wireshark, Metasploit, Autopsy, Burp Suite, Volatility, etc.

You’ll be much better off first focusing on the fundamental principles at this stage like understanding computer networking, operating system architecture, and solving technical problems.

Operators: they are quite experienced at using a variety of software to get things done, and can creatively chain them together in real-world scenarios. These guys are the backbone of companies’ IT and security policies and are often the commanders of security operations centers. But for those without the ability to code, the downside is that when you’re in a situation without an immediately apparent tool available, there’s not much you can do about it.

Taking the time to learn some programming can really amplify your ability at this stage since it lets you automate many of the tasks that you once performed manually.

Developers: they are actively involved in operations, they can understand the ins and outs of the tools they use. Knowing how to program lets them modify existing software or craft something more custom to solve specialized cyber security problems. people who can chain tools together or write custom-built code have increasing levels of expertise that are orders of significance higher. those with programming backgrounds tend to progress faster and deeper in their learning journeys than those who don’t.

The operator-developer type people are some of the best cybersecurity professionals, you may work with them in your team and can learn much more from them than any certification.

It’s important to draw the line between scripting and software development since many people will use the word “programming” or “coding” interchangeably to describe both of them.

Scripting: It refers to writing short snippets of code in an interpreted language to automate tasks or stick the functionality of other tools together.

Software development: It is a broader term that covers scripting, but also involves writing algorithms or libraries as part of a larger, more complex toolchain.

People usually consider Python or Bash as a scripting language and Compiled ones like C++ or Java to be more toward software development, but it's dynamic and depends on your purpose and potential outcome. Python and bash are effective to perform tasks quickly whether C++ or Java are more robust and enduring. This isn’t true across the industry, as people can bounce around the spectrum, but it’s a decent rule of thumb.

For those of you who really aren’t into software development-level of programming, you can get pretty ahead by at least learning how to read and write scripts, since, on the operator side of the tasks, your focus is primarily on the pre-built tools with some degree of customized automation forced in.

It’s not massively critical to have a coding background, I personally think it’s better to start off learning scripting, which can be swift to learn and a bit more practical for day-to-day technical tasks.

A few resources that I recommend for learning scripting are:

  1. Automate the Boring Stuff with Python | First 15 Videos on Youtube
  2. Learn Linux Shell Scripting — Fundamentals of Bash
  3. Learn Windows PowerShell in a Month of Lunches
  4. 52 Weeks of Python- David Bombal

It’s totally possible to have a successful journey in cyber security without programming skills. As you gain more experience, you’ll quickly find that the types of problems you’ll be dealing with aren’t easily fixed by static tools. All you can do is maybe rely on someone else on your team to help you implement a solution, or learn how to do it yourself.

Being able to craft your own tools with code makes you so much more versatile and well-rounded as a cyber professional. It really turns the tables and puts you in the position of helping others on the team be more effective, which at the end of the day, translates into more opportunities in different organizations.

What I don’t have access to I get creative. Cyber Security Researcher | OSINT | Digital Privacy | GPCSSI’21