(In this presentation, penetration tester and “TSA Key Guy” Johnny Christmas and I discuss the problems inherent to the disconnect between the information security community and the public and media at large, and how to bridge the skills and stigmas gap between “us” and “them”.)
Chapter 7: Landing the Job So, we’ve come this far in your infosec journey. You’ve studied hard, attended conferences, played a CTF or two, updated your resume, and networked a bit within the information security community. Great work! Let’s prepare for your very first information security interview. === What to Say === There… Read More Starting an InfoSec Career – The Megamix – Chapter 7
I do quite a bit of InfoSec résumé reviewing and critiquing, both personally and professionally, so I’m repeatedly asked for tips on common problems. In order to ensure that these problems were not exclusive to me, I recently had a lengthy discussion with a number of InfoSec professionals involved in hiring (thank you!). We discussed… Read More The Worst InfoSec Resume, Ever
[You can find the previous chapters in this continuing blog series here: Starting an InfoSec Career – The Megamix – Chapters 1-3 Starting an InfoSec Career – The Megamix – Chapters 4-5] Chapter 6: Self-Study Options In the previous chapters, I’ve discussed potential career paths, education and certification options, and the fundamental knowledge needed to become a… Read More Starting an InfoSec Career – The Megamix – Chapter 6
In case you’ve been living under a rock for the past several days, IBM posted, then ultimately removed a video promoting STEM fields for women via “hacking hairdryers”, to a great deal of public outcry from STEM professionals. The unhappiness stemmed not only from perceived sexism, but also tremendously poor timing as the ad was… Read More Hair Dryers, Hacking, and Us
Even once a person realizes he or she has a passion for information security, moving in the field can seem a daunting task. The education market is oversaturated with degrees, certifications, and training programs. Meanwhile, many prominent hackers mock those programs publicly. Although I’ve touched on security education and training quite a bit, I’m continually… Read More Starting an InfoSec Career – The Megamix – Chapters 1-3
Around con time, I’m frequently asked ‘how to become a computer hacker’. Since it’s a delightfully non-specific question, I have decided to illustrate my response for posterity: The most critical things when getting into infosec are the right attitude, curiosity, and interest, a solid foundation of technical knowledge, and the motivation to take advantage of… Read More How to become a hacker… now with 80% more pictures.
One of my friends commented today as the infosec community broke into another quabble that, If nothing else, today we learned how fragile the InfoSec community is. — Robert Olson (@NerdProf) September 9, 2015 Okay. Let’s step back for a moment. Disagree or agree with me, but kindly let me present an argument. Have you… Read More Community
It’s no secret that I’m a fan of SANS and their associated GIAC infosec certifications. Certifications aren’t worth a ton of credibility in the information security arena, but the SANS training and testing mechanisms really do ensure that students have to have some clue about the topic to pass. The courses aren’t cheap, but SANS… Read More Better GIAC Testing with Pancakes
Wow! I can’t believe Gen Con is already over. We had an amazing time at the con and giving our Hacking in Fiction panel for 43 lovely people on Thursday night. I want to extend a big thanks to my co-speakers, Johnny and Beltface. We ended up going over our allotted 90 minutes again –… Read More Gen Con 2015 – A Big “Thank You!” from Us to You!