SBN

How to become an information security professional

Introduction

Information security is not only a growing field, but one in which there is a tremendous need for knowledgeable talent. Our society has become more dangerous and complex, with consuming simple online services putting our personal security at risk. In view of this, many companies and government agencies are searching for individuals that can protect their interests from these growing risks.

Some forward-thinking individuals have seen this trend and recognize many opportunities in the information security field. Many people are now interested in finding out how they can enter the field; however, understanding which training path to take can be very difficult. And there are others already working in the IT field who simply want to change careers or become more proficient in information security.

I’ve been asked the same question by many people trying to break into the industry. All of them seem to have one thing in common: thinking that gaining a special certification will immediately catapult them into being a “qualified security professional.” While certain certifications are useful, they are not the only thing that needs to be considered. This brings me to my first suggestion for those wanting to make this a career … 

Develop the security mindset

This step is probably the most difficult, but it is the most important. Without having the security mindset, you will not be effective at your work and you will overlook hidden threats. This step involves being able to think outside of “expected behaviors,” as this is where most threats will lurk.

How can you develop a security mindset? Considering unexpected behavior includes becoming accustomed to looking at scenarios from many different angles. Get used to seeking accurate detail and don’t be satisfied with surface answers. If you do not thoroughly understand something from start to finish, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Jesse Valentin. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/5WTqMDFsFos/