On 02/20/2012 11:17 AM, Josh More wrote: > There are a lot of people who ask me at events and on IRC how to get > started, so I wrote up this little HOWTO. It's very cert-heavy, as the > most common question I get is "which certification do I need to break into > security"... so I have to start with the news that it just doesn't work > that way.
I'm always finding myself having trouble answering this question to people myself, because I'm from there era when there really was no security industry. I self-taught myself back in the 80's and early 90's, and when the internet boom hit, the demand for security people of any sort whatsoever, completely outstripped the fact that I was a high school dropout with no degree, who'd taught himself by way of hard-won hands-on experience. One of the talks I'm putting together, is a little reminiscing of those days, and how the time has passed for 'people like me' in some ways (or at least, we're needed elsewhere in the Industry now). And that many of the things we disdained early on, are becoming more vital now.. Some things however, will never change: and my #1 bit of advice for anyone getting into Infosec is "Do something else first!". I still think that the #1 most effective skill any infosec person can have, is a frame of reference from outside security. Prior experience in tech support, systems administration, development is pretty much *always* preferable over someone straight out of college with a two-year security-related degree. Beyond that, the field is growing in scope with each passing year, that you may as well ask "How do I get a job in IT" for the same effect now. The best advice is always going to be "By doing stuff with computers". No amount of formal training is *ever* going to overcome not having an answer for that ultimate IT interview question "Tell me about the projects you work on, in your own time" _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
