Ideally those interested in InfoSec would try out several roles and see where they have the most interest.
I think a good way to identify what your area interested in or passionate about would be to study for a broad security certification like Security+ or CISSP. These certs cover allot of different aspects of security and should allow those that study for them to sink their teeth in a particular area or subject.
I personally like helping people. Penetration Testing seems to be a good place to help those that have vulnerabilities see them, equate them to business financials, and perhaps even point the IT staff in the right direction.
Another way to accomplish this would be to surf the webs using information security search terms. The problem is this could hinder user if they click on the wrong link or don’t know the right terms to search.
Possibly a more focused beginning would be to find a local group that holds information security in high regard and use them to broaden your infosec knowledge.
Any way you do it… I think the first step has to be finding which activities peak your interest. Then you can dive in and learn.
But wait there is more………
Jason mentioned in his column that that many focused people holding conference presentations. This is really where the rubber meets the road. If you are really excited about something help other become excited!
Viewing 1 reply thread
– EH-Net Live!Thurs Oct 29 @ 1:00 PM US ET. Details Coming Soon!