HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 27 guests and 1 member online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Is ethical hacking a growth area?
Ethical Hacker Community Forums
January 09, 2009, 03:00:31 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2009 - May 4 - 9. Boot Camps & an Ethical Hacking Conf. www.chicagocon.com
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Is ethical hacking a growth area?  (Read 4567 times)
0 Members and 1 Guest are viewing this topic.
jimbob
Sr. Member
****
Offline Offline

Posts: 332



View Profile WWW
« on: December 11, 2006, 11:17:33 AM »
Hi,
Does anyone have a real-world feel for whether ethical hacking is a growing industry? Not being directly in the industry it's hard to gauge if this is something more companies are investing in. Are contracts going to the big vendors or is there enough to go around that the smaller independent firms are getting a look in?

Jim
Logged
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 365



View Profile WWW
« Reply #1 on: December 11, 2006, 11:46:41 AM »
This is just my option... I feel you need to have a wide set of skills if you plan to go out on your own. If you are employed with a lager consulting firm you can be very specialized but if you are a smaller shop you will have to have other skills, like be a good Network Engineer or Network Admin. Medium and larger companies have the money to pay for more advanced services but the smaller businesses will not be able to contract or hire just a Security Engineer. So if you’re a small consulting firm you will have to have value added services like network set-up and lock down or firewall installation and then also be able to assist with network trouble shooting. The area of network security is a fast growing field but you need a wide area of skills to properly market yourself. One good are is the Medical Field. With all the hype trying to make sure small practices are HIPPA compliant you can do well in most cities if you specialized in a nitch market till you get competition.  The market is growing but it is best to understand the area you are in before getting too specialized in just one area of security or ethical hacking.


Slimjim100
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
CrazyGert
Newbie
*
Offline Offline

Posts: 1



View Profile WWW
« Reply #2 on: December 11, 2006, 12:09:01 PM »
Yep, I agree...you have to be wide educated...

While this being my first post on this forum, I believe it is important to have a wide range of skills...being network skills (e.g. Cisco / Nortel), server skills (web / linux / MS) and client skills (linux / MS / Mac)....

This way only you can do pen testing on your won...
Anything else you need to have a team of pen testers, combining each individual skill to make the perfect pen testing team...

Greetz

Gert
Logged
CCNA CNE MCP CEH
Cutaway
Jr. Member
**
Offline Offline

Posts: 96


Cutaway


View Profile WWW
« Reply #3 on: December 13, 2006, 01:26:28 AM »
Having a wide range of skills is indeed a necessity.  This should be the goal of all new security professionals.  And, as time passes, you will recognize the requirement to maintain a broad knowledge base through continued education. 

However, as a security professional grows s/he will undoubtedly find s/he is moving towards a field of specialty.  Be it assessments, pentesting, incident response, malware analysis, policy writing and analysis, etc.  The move may be because of business necessity but hopefully it will be because of personal choice and interest.

As to the original question of "is ethical hacking a growth industry" my answer is yes.  Legitimate as well as criminal businesses are just now starting to harvest the real potential of technology that is integrated into the masses.  There is going to be an explosion of technology and Internet based innovation.  Because of this there will be a need for security professionals who can keep up with these changes and protect business critical assets.  We will also probably see an advance in the political and military aspect of threats to business assets.

It seems to me that there has been a boom in the security consulting and research industry.  But there has also been a steady increase to the size of the security teams in large businesses.  So, I believe that you are going to have your choice of directions.

Go forth and do good things,
Cutaway
Logged
Go forth and do good things,
Cutaway
luckydevil
Newbie
*
Offline Offline

Posts: 19



View Profile
« Reply #4 on: December 18, 2006, 04:46:13 PM »
I have to agree with the other replies to this post. You need a broad skill base.

One thing i have noticed, working in the public sector in the UK, is that when trying to chose an external compnay to carry out any testing they have to reach a specific level of approval - eg CHECK via CESG. This is all well and good but it limits the availability of companies as this is neither cheap or easy to obtain. In order to get accredited you need to spend quite a bit of cash so unless you are either working for a big company or an ex-government crew then it is quite hard/expensive, not sure how this works in the US so correct me if i am wrong.
The problem is then that you have a smaller list of companies to chose  from and although some are good others are not so good and as someone mentioned in a post before just because you select a thrid party to do some work and a flash consultant turns up, who is to say that they will actually do the job for you.
Personally i prefer to go with smaller companies as they, in my experience, work on a more personal basis rather than just doing a job. I have recently gone through the process to chose a company and was only offered to attend the pen test by one company, which in the end i suggested to go for. Not a big thing but it is nice to think that if i wanted i could go and watch what was done rather than just waiting for the report to arrive.
With this in mind it makes it harder for small companies and consultants to get the bigger contracts because they need to spend the cash just to get through the front door.
Sorry to move slightly off topic but this is something that does bug me and i think is limiting for people looking to break into the market.
Logged
Nothing is impossible just improbable!!!
jimbob
Sr. Member
****
Offline Offline

Posts: 332



View Profile WWW
« Reply #5 on: December 28, 2006, 07:05:20 AM »
Thanks for the replies, they made for interesting reading. It will be interesting to see if there are more jobs advertised in future in this area. It's still very specialized so I imagine it will stay off the radar of mainstream recruitment.

Regards,
Jimbob
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.044 seconds with 22 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.