If you want to become an IT security guru, you need a unique approach that sets you apart from the others. You need each of the following skills so you know every dimension of this vital topic.
1. Programming. Yes, you read that right. A little bit of programming can go a long way toward helping you understand how software architecture relates to system security at-large. The more programming you learn the better. Say, for instance, you were to write some drivers for a given operating system. The act of doing that makes you aware of the security limitations of that system.
2. Fearlessness. This isn’t ordinary bravery we’re talking about. This is the attitude of constantly reaching beyond your comfort zone. For example, if you’re comfortable with Linux and that’s all you’ve known, then set up a system at home with MacOS X, a couple of flavors of Windows and throw in an Amiga system, to boot. Create an automated login server, a backup server, plus build a router and firewall from zilch.
By stretching your repertoire to include new things you normally wouldn’t do, you keep your mind and your outlook fresh. You begin to see your ordinary technology from a new perspective. You may make discoveries that otherwise may never have occurred to you.
3. Humility. You may have been told what an “assumption” is. The implication isn’t nice and for good reason. Assumptions create blindness. Security features, for instance, don’t always make a system secure. Assuming that they do only leaves you vulnerable. Double and triple check everything you think you know. Be humble that you could be wrong about something and that there is always something new to learn about everything. Even the basics!
4. Confidence. Think for yourself. Having faith in your own perception and intelligence allows you to assess what you’ve been told. Think about what might be absent from information you’ve been given. Think about the source of that data. Everyone, including yourself, has an agenda. Perhaps the source of that information is not working in your own best interests. Trust yourself to spot such outpoints in the information you’ve been given. This helps you get around the assumptions others might want you to make.
5. Hunger to Learn. Not only should you read voraciously, but take all the training you can. Don’t be so arrogant to think that you can gain nothing from training in the basics. When you first learned those basics, you didn’t know what you know now. Seeing that “old” information with newer, more “enlightened” eyes can sometimes lead to new revelations.
Here’s a bonus tip. Corporate training where you work, especially the online training courses that are readily available on the internet, can prove valuable. Such e-learning is convenient and usually can be taken at your own schedule and pace. Finding out what everyone else in the company learned from IT security training might help understand the challenges ahead as the new IT security guru.