Bruce Schneier: So You Want to Be a Security Expert

laughing_man · July 2012

Good blog post from Bruce Schneier on learning the ropes in security:

Schneier on Security: So You Want to Be a Security Expert

The key part is: "Computer security is fundamentally a practitioner's art, and that requires practice."

No truer words in security I am afraid. I have found more than any other job I have had, that InfoSec is work you HAVE to take home with you. Sure I kick back and relax, but often times, I have the itch to go read up on new exploits, test them out on my own time. I find that if you don't, you will quickly be left behind.

tpatt100 · July 2012

Thanks for the link will bookmark it for future reference

the_Grinch · July 2012

Haven't read the blog post yet, but I'll never forget what one of my security professors told us on the first day. He stood in front of class and said if you aren't willing to read up on new security concepts everyday, 365/24/7, then you should leave his class right then. Very true.

tpatt100 · July 2012

I think that is why I am eventually only going to keep a higher level cert or two current and not worry so much about pursuing most of the others. I think my spare time would be better spent working on a few general topics rather than focusing on so many topics that I become so generalized I can't really do much except talk about it.

jasong318 · July 2012

Awesome article, thanks for the link! I agree that it's an every changing field and you are almost forced to constantly research, learn, experiment, and adapt or risk becoming outmoded.

JDMurray · July 2012

This quote got a standing ovation from me: "I am a fan of security certifications, which can often demonstrate all of these things to a potential employer quickly and easily."

HLRS · July 2012

thank you sir, good stuff

Bruce Schneier: So You Want to Be a Security Expert

Comments