A majority of people coming into security are drawn to the hacker skills. They want to participate in Penetration Testing, Red Teams, and other assessment activities. They want to break things. Some want to fix things too. Few understand the breadth of an information security organization.
[Tweet “Many want to break things. Some want to fix things. Few understand the breadth of an infosec org.”]
I’ve written up a list of disciplines typically found in an information security group along with a list of tools that they usually end up buying. This isn’t a list of things that a CISO should build their program around, but a list of ideas for people entering the security space or looking to broaden their security knowledge. We need people in all disciplines.
- Security Architecture
- Vendor Assessments
- Risk Assessments
- Identity Management
- Incident Management
- Threat Intelligence
- Application Security
- Vulnerability Management
- Business Continuity/Disaster Recovery
- Content Filtering
- Web Application Firewall
- Intrusion Prevention/Detection (IPS/IDS)
- Data Loss Prevention (DLP)
- Single Sign On (SSO)
- Multi-Factor Authentication
- Log Collection/Aggregation
- Static Code
- Dynamic Scanning
What do you do with this list? Two things:
- Broaden Your Security Knowledge — Whatever your current background in security, start learning areas of security that you aren’t currently working in. Understand how other disciplines work and how other tools fit into the security processes. Especially if you’re early on in your career, expanding your knowledge can be a huge advantage.
- Understand How It All Comes Together — While you may be an expert in one area, it’s important to understand the complex puzzle that needs to fit together to make a security organization work. Even if you don’t learn other areas, you should understand how they fit together. If you’re advocating for funding for your program, understand the needs of your peers. They more you can help put the pieces together, the more success you can be.