PaulDotCom mailing list archives
Specialise to survive?
From: allen.deryke at hushmail.com (allen.deryke at hushmail.com)
Date: Sun, 16 Aug 2009 12:01:34 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm of the opinion that the core question of this tread could be answered by looking at other industries. Specialization in any given industry is entirely driven by demand, and demand fluctuates easily to outside influence. In short from a survivability standpoint, there are more INFOSEC jobs then Penetration Testing Jobs, and there are certainly more Network Security jobs then Firewall jobs. If you hit a rough patch in your career I think you may want to have a resume handy showing how broad your skill set is. That said your specialization(s) are whats going to set you apart from other potential candidates. Rather then a jack of all trades master of none, I strive to be a jack of most trades and master of a few. A specialist can certainly be a loose cannon when operating outside of his scope, no different from a generalist who's in over his head who risks overlooking critical details. As professionals we need to not only recognize our strengths and short comings, but also be willing to call upon assistance when needed. This is truly a separate topic worthy of further discussion. In my experience at two very large US telecommunication companies; I would say that a generalist may not be what HR was looking for, but its certainly what they needed. Large organizations suffer huge productivity losses due to over-specialization. I've spent far to many hours of my life on a conference bridge of 20-30 specialists that barely understand their role in a more involved incident response. Certainly having three different teams assigned to defining firewall policy, implementing firewall policy, and documenting firewall policy can quickly make the work environment less responsive and more bureaucratic. In summary I would argue in favor of the generalist who's chosen a specialty to devote 20-40% of his/her focus. When thinking of survivability you cannot afford to be short sighted, as your career develops you will likely become more responsible for broader areas of an organizations security. That said an experienced generalist will certainly be able to cover these areas more effectively. The is especially important should you develop managerial ambitions. I would certainly be afraid of a CISO that spent 20 years only doing client side anti-virus deployments. Allen DeRyke PS. I would try to remain somewhat vendor neutral regardless of your specialization, you may never need to know Juniper in a Cisco environment but when it comes to survivability you would certainly want to say ?Yes, I know that? rather then ?Well my thing is really $vendor, but they went out of business? On Sun, 16 Aug 2009 10:07:00 -0400 Raffi Jamgotchian <raffi at flossyourmind.com> wrote:
That's precisely what's wrong about your argument. Your asumption is that the generalist doesn't have deep understanding in any subject. A good generalist can do the work of many people. But the same good generalist needs to know when to call in for help. In my experience, present company excluded of course, specialists that are typically so narrow in thinking cause more issues than not. Because they don't completely understand the affects on surrounding disciplines. ---- Raffi On Aug 16, 2009, at 8:49 AM, Shane Kelly <shane at nightcoder.org> wrote:I think you are going to have incompetent people at either sideof thespectrum. You could argue that generalists are multi-handed specialists /orthat specialists do not have sufficient understanding ofsurroundareas. You could also argue that generalists do not have enoughtechnicalunderstanding or patience to pursue a given specialism. It ultimately comes down to how must time and effort people are willing to invest in understanding their acclaimed subject.IMHO, youcan not encapsulate peoples skill level at a 100 foot view oftheredepth into the subject. You need people in both sides of thefield.Generalists to have enough knowledge to understand whereorganisationsshould focus efforts. Specialists to focus on that area and have deep technicalknowledge ofthat area to ensure a quality work is performed. In my view, generalists make good sales people, specialists get recognised in the security field for there technicalachievements.Shane 2009/8/16 Raffi Jamgotchian <raffi at flossyourmind.com>:Hear hear. Whether a generalist or a specialist, hubris willbiteyou. ---- Raffi On Aug 15, 2009, at 10:35 PM, Michael Douglas<mick at pauldotcom.com>wrote:jack of all trades messed up the environmentOK this is the one area where I wasn't too clear on theearlierthread. I'm assuming that you are competent in everythingthat yousay you're going to do. Unfortunately, this isn't the case.Thereare many Jerks of All Trades who will mess things up badly. For those who mentioned it above, yes being a generalist doestendto get you in the small and medium sized businesses... but thereareexceptions... take my day job for instance. For those of youwhodon't know, I work at OCLC -- a non-profit library coop.We're whatI'd consider large. We have over 72,000 libraries in our collective. We have a database with holdings information on about 1.2billion(yes billion) records (books and other stuff). We have a fewthousandservers... yet they hired me... A generalist! I'm a generalist... but a big part of my ability to get thingsdone is admitting what I don't know. For instance, a big part of myskillwith forensics is how I DON'T mess up data. If things get tohairyfor me, I can wrap things up and call in folks who are betterthanme (and remember, there ALWAYS is someone better than you --thinkingotherwise is the first step on the path to destruction) knowing when to sit down and hack or when to walk away isprobablythe greatest skill anyone in computers can have! - Mick On Sat, Aug 15, 2009 at 2:42 PM, JohnNavarro<jnavtx at gmail.com>wrote:Good point Tim! Robert, I do think that a "jack of all trades" type will fitinbetter to smaller companies, whereas the specialized, from myexperience,seem to have a better chance at getting into larger corporations. It wasnevermy intention to be "specialized", but having worked at afirewallvendor it was just easier to find those opportunities that required aspecificskillset. Of course it could be that the jack of all trades messed uptheenvironment and they needed someone specialized to come in and clean itup ;)On Sat, Aug 15, 2009 at 8:16 AM, Tim Krabec<tkrabec at gmail.com>wrote:Don't forget your specialization does not have to becomputer/program related You don't have to specialize in "forensic analysis ofdevorakkeyboards for AS/400 systems emulating Apple IIc systems" You could specialize in database recovery for smallbusinesses.Or BCP & DR for law offices or real estate companies. -- Tim Krabec Kracomp 772-597-2349 smbminute.com kracomp.blogspot.com www.kracomp.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcomMain Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcomMain Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkqILV4ACgkQDIjDYcBm5pbBtAQAnaBIgq4OsorqzzXTDO7p697T+yyN HvRdMkIwzow9JkQwgYyo8Ob8B7bpRVhLAhoIPqIvU88iyoMW41zTWKHdRqmyAI9pqUZQ v2lcagrg28NHIKCRNg06nrKcuA5y80gARxZg34+SfZBNBvenucqSGi59914mvMvUzdh6 lSV0BOc= =zZQp -----END PGP SIGNATURE-----
Current thread:
- Specialise to survive?, (continued)
- Specialise to survive? Shane Kelly (Aug 16)
- Specialise to survive? Raffi Jamgotchian (Aug 16)
- Specialise to survive? Michael Douglas (Aug 16)
- Specialise to survive? Jason Wood (Aug 16)
- Specialise to survive? Michael Douglas (Aug 16)
- Specialise to survive? Matt Hillman (Aug 18)
- Specialise to survive? Shane Kelly (Aug 18)
- Specialise to survive? Jason Wood (Aug 15)
- Specialise to survive? Subba Rao (Sep 27)