Good morning,

I am seeking a bit of advice from a career / education perspective. I'm a Process Control Engineer, working at a public utility. I work in SCADA systems, PLC's, and DCS's (Distributed Control Systems). Sorry for all the acronyms, but I figure you folks are used to them, with all the certs floating around out there.

I am very interested in focusing my career on the SCADA / cyber security side of things. My background is in Chemical Engineering, not IT, however; and right now, I sort of feel like I'm trying to take a sip of water from a fire hose.

With my work experience in SCADA systems, I've had to tinker around in Domain Controllers, firewalls, DMZ's, DCOM, SQL, etc... I know just enough to be able to troubleshoot some minor problems, but by no means am I an expert. I definitely can't explain the "why's" at this point.

So I've decided to apply to a Master's program in Information Security. I want to focus on the SCADA side of things, and how they are segregated from business networks. The protocols I typically work with would be TCP/IP and Modbus / Modbus+. And OPC (is that a protocol? See, I've got so much to learn...).

There are four pre-requisites required before acceptance into the program that I am interested in. I'll be taking these, starting in the Fall. They are:

• Fall semester: 1) discrete / logical structures; 2) JAVA programming
• Spring semester: 3) computer org / assembly; 4) program design & data structures

So those are the official requirements, but given my non-IT background, I feel that I ought to beef up a bit more before actually entering the program. That's really where I'm seeking advice, and with that in mind, I'm considering the following:

• Currently, I'm doing "independent study" of the Network+ exam. I am not sure whether I'll actually take the cert, but it is definitely providing me with good foundations, so I'm going to cover all of the material.
• I plan to take a C++ course over the summer, based on the recommendation of a friend that is in a Computer Forensics program at the university I'll be attending.
• While I'm taking care of the InfoSec pre-reqs, I was thinking I might enroll roll in a CISCO Network Academy on the side, and try to get a CCNA. (My supervisor at work is thinking about building CCNP into one of our career ladders. I explained to him that CCNA comes before CCNP.)

After I started the Info Sec program, I think that I'd continue to take some courses on the side...

• C
• SQL
• ...?

I'm also on the market for a laptop that would get me through the program. I've noticed that a lot of the students are using MacBook Pros. I have a MacBook myself, but I was surprised to see so many students using the Mac OSX as opposed to Windows. Could anyone offer me some insight as to why this might be the case?

My Crypto friend recommended a MacBook Pro, with VMWare installed so that I could install a Virtual Machine of a Windows OS as needed... any recommendations as to which OS I'd want -- XP, Vista, or 7?

I've also seen a LOT of discussions here about Linux / Unix. Would I want to install that in VMWare, as well? I do have a --little-- bit of experience in Ubuntu, from setting up a TikiWiki server for my former employer. I am by no means an expert.

Finally, if anyone has a similar background in SCADA, I'd love to develop a relationship with a mentor. (Would that make me a mentoree or mentee? I'm not clear on the proper term here.)

Kind regards