Is security really the big thing right now?

Unknown

Everyone keeps telling me security is the big thing right now and its wise to get into it. Is there any real truth to that?

Iristheangel

It's A big thing but there are a lot of equally important things out there such as networking, database, software development, Linux administration, etc. It also depends on location. For example, security is huge in Washington,DC but there might be less jobs for an InfoSec professional in say... North Dakota. In California, there is a huge need for Linux admins but Windows admins are a dime a dozen.

the_Grinch

Security is on everyone's minds that is the truth. But getting into it because it is the "big" thing is not a wise decision. The thing to remember is when you're in a security position you must always be on top of emerging trends. Now don't take this as me saying then in IT in general you don't have to be up on the latest trends. My meaning is you have to stay up to date on all the newest attacks, latest patches, and all the other risks associated with security. On top of the fact that you won't always have a metric you can show to the company to say "see? we are protecting everything." The best saying I can thing of is about wrestling, they use to always say it's not a sport it's a lifestyle. Same goes for security.

ptilsen

If there is A single hot area right now, it's cloud. Security is still big, but so are networking, database, Linux, etc. as Iris said.

I continue to recommend IT professionals specialize based on their interests more than perceived market value. There are so many areas one can be successful in it is really immaterial which you pick (within reason; e.g. specializing in BlackBerry or Novell would be foolish) in terms of compensation.

Legacy User

I dont really have interest in the security sector but just was curious due to so many different people saying the samething about security. Actually i heard the "cloud" isnt a viable option just yet to guarantee the delivery of resources.

Mstavridis

My rule of thumb is if is big now, generally before you can get to this "big thing" it won't be as big any more, you should just keep moving along with your own goals in mind and not the goals of the "crowd". Don't go chasing things down.

ptilsen

Understood, OP. Regardless of what is feasible for business or even rationally definable, "cloud" is the biggest "hot topic", if you will. Security might be 2nd, and security certainly is a hot topic. Although it has waxed and waned over the last 20 years with major events (TJ Max, Sasser, ILOVEYOU, etc.), it is truly a hot topic now and over the past couple of years as a result of significant changes in industrial and governmental regulatory bodies along with the emergence of "cyber-warfare" in mainstream media.

I still refer back to my post in terms of actual employment opportunities, and would actually expand on it by saying that security can be harder to break into as there aren't as many incremental steps as in other areas (e.g., MS-centric Sysadmins have clear progression from helpdesk to DST to server admin to specialization).

networker050184

Agree with ptilsen, the big thing right now is 'cloud', was security next it will be another buzz word. If you end up chasing these things you are going to be doing yourself a disservice in the long run IMO. Find something that has a constant need and you enjoy and run with it.

MrBishop

Security is always going to be a big thing for any company and is at the the top of the list. If you can't secure your data; then why would anyone have faith in doing business with you? Just like with any other field in IT, you will need to keep on top all the current security concerns. Its not like you have to reinvent the wheel, because there are plenty of websites out there that do it for you; you just have to read up on the current trends. For example, website: InformationWeek | Business Technology News, Reviews and Blogs would be something to follow. There are others that you would want to subscribe to or read on a daily basis.

Legacy User

Never said I was going to chase whatever trend is "in" right now. Its very true if you are not up to speed when its "hot" to be competitive by the time you are its no longer the "hot" ticket. just wanted too see what the general consensus was on that matter...sheesh now back to my voice studies

MAC_Addy

All this cloud hype is making a "cloud" in my head. I'm seriously considering taking some more m$ certs, especially the cloud certification. I just haven't researched it too much, don't know if it'll be a good move.

I want to be a network engineer, but if a position comes up that needs Cisco AND some type of cloud cert I'd be sorted.

onesaint

I'd have to agree with Ptilsen on the cloud front. The Cloud is ambiguous and on par with security for what's hot. The trick about clouds is there are so many different ideas behind what they are and will be. Much akin to security with it's many faucets. The "private" cloud is huge and growing as is the IaaS movement. Look at things like Openstack and the companies behind it.

DevilWAH

Like people have said security is always going to be one of the core skills to know.

However security is jsut like any other technology..

Take phones for example, 10 years ago analog was the ain skill required, now though its all about IP and cconverged communications.

or core networking, at one time was basc switchs and routers, now you have wireless, QOS, and high avalibilty plus the many other new technologie hitting the market.

Security is jsut the same and is a very ambigious tearm. Just look at fire walls, at one time what we now thing of as basic access lists was state of the art, but we are now far beyond that with statefull packet inspections where we can filter not only on sorce and destiantion but on the payload being carried. stripping out and allowing specifice funcanality with in protocals. Then you have remote acccess technlogies (VPN's), Network access control systems. each a speclised area in its self.

So whle security will always be a big part of IT, the security of today will soon be out dated as new technologies come along. One thing I have noticed is that security moves a lot faster than many other areas. when you look at the advances in firewalls, and compare it to say routing, fire walls are different beasts compared to only 5 or so years back, while the core routing protocols have remained quite static.

MY view is that security is quite a dynamic role, and is constently evolving. this also means its always a good time to get into it, as you know when you start that what you are leaning about now may well be ut of date in a year.

If you like constently learning and adapting to meet new challanges then seccurity is a good field to be in.

higherho

Regardless of your position, you should always be thinking security concepts and being proactive in security in whatever IT career path you choose.

DBA - Is your Database encrypted? Anything passing through on the application level is this encrypted? Are you using the System account to run your SQL services? Or a specific user account?

SA - Is your servers locked down? Are you using https on your WSUS and a separate website not the default? ARe your web server files on a different partition than your system files? Is your DNS hardened / lock down? Are you performing retina (or other scanners) on your network at least monthly?

Network Admin - Using port security on your access switches and set to the default violation shutdown? IOS up to date? Using Vlan filtering and segmenting your network? Have a private and public DMZ properly setup? (just some basic stuff)


Security is all around us and it will keep growing and expanding. I think in the future many organizations will be asking "So do you have any security practicies / concepts / studies? " type of experience more so than virtualization, cloud , etc