[You can find the previous chapters in this continuing blog series here: Starting an InfoSec Career – The Megamix – Chapters 1-3 Starting an InfoSec Career – The Megamix – Chapters 4-5] Chapter 6: Self-Study Options In the previous chapters, I’ve discussed potential career paths, education and certification options, and the fundamental knowledge needed to become a… Read More Starting an InfoSec Career – The Megamix – Chapter 6
In case you’ve been living under a rock for the past several days, IBM posted, then ultimately removed a video promoting STEM fields for women via “hacking hairdryers”, to a great deal of public outcry from STEM professionals. The unhappiness stemmed not only from perceived sexism, but also tremendously poor timing as the ad was… Read More Hair Dryers, Hacking, and Us
Chapter 4: Blue Team Careers With the help of many people in InfoSec who kindly gave me advice and quotes, I have created a perhaps overly simplistic listing of common InfoSec roles in today’s market. For each role I have listed a brief summary of what the job does, where these jobs can be found… Read More Starting an InfoSec Career – The Megamix – Chapters 4-5
Even once a person realizes he or she has a passion for information security, moving in the field can seem a daunting task. The education market is oversaturated with degrees, certifications, and training programs. Meanwhile, many prominent hackers mock those programs publicly. Although I’ve touched on security education and training quite a bit, I’m continually… Read More Starting an InfoSec Career – The Megamix – Chapters 1-3
Around con time, I’m frequently asked ‘how to become a computer hacker’. Since it’s a delightfully non-specific question, I have decided to illustrate my response for posterity: The most critical things when getting into infosec are the right attitude, curiosity, and interest, a solid foundation of technical knowledge, and the motivation to take advantage of… Read More How to become a hacker… now with 80% more pictures.
One of my friends commented today as the infosec community broke into another quabble that, If nothing else, today we learned how fragile the InfoSec community is. — Robert Olson (@NerdProf) September 9, 2015 Okay. Let’s step back for a moment. Disagree or agree with me, but kindly let me present an argument. Have you… Read More Community
It’s no secret that I’m a fan of SANS and their associated GIAC infosec certifications. Certifications aren’t worth a ton of credibility in the information security arena, but the SANS training and testing mechanisms really do ensure that students have to have some clue about the topic to pass. The courses aren’t cheap, but SANS… Read More Better GIAC Testing with Pancakes
Wow! I can’t believe Gen Con is already over. We had an amazing time at the con and giving our Hacking in Fiction panel for 43 lovely people on Thursday night. I want to extend a big thanks to my co-speakers, Johnny and Beltface. We ended up going over our allotted 90 minutes again –… Read More Gen Con 2015 – A Big “Thank You!” from Us to You!
It’s almost that time again! Johnny Xmas, Beltface, and myself will be returning next week to Gen Con 2015 in Indianapolis (under the Circle City Con flag) to begin the yearly rotation of our panel on the state of hacking in fiction. Something I hear repeatedly mourned by infosec professionals is that there’s not enough… Read More Gen Con 2015 Preview – Hacking in Media: The Good, The Bad, and The Ugly (2015 Edition)
I had the honor and pleasure of being asked to teach a four hour incident response class at last month’s Circle City Con in Indianapolis, IN (you can watch a recording, here). The subject was preestablished based on attendee interest: building an incident response program in small, medium, and large enterprises. Granted, most of the… Read More The Gamemaster’s Guide to Incident Response