Penetration Testing mailing list archives
[PEN-TEST] FW: [PEN-TEST] Education. Formal or not?
From: Andrew.Walls () AU COFLEXIP COM
Date: Wed, 8 Nov 2000 06:31:23 +0100
Do not expect to acquire your technical skills in school. The kinds of skills you need for practicing technical security are acquired through practice. On the other hand, the skills required to write/critique policy statements, conduct security investigations and audits, etc. are 'soft' skills that can be acquired through classes. These activities also require a breadth of understanding which can be developed through taking classes in areas outside of the technical arena (you know all that other stuff - business, accounting, art, psychology, philosophy, etc.). The employees I have who have college degrees show a mental flexibility in multiple contexts which I rarely encounter in employees who have terminated their scholastics at high school or technical certification programs. The degree will definitely benefit you in the long run. There will come a time when you will not get a job through technical abilities but through your ability to communicate, manage, etc. When that time comes (and it will come!) the presence of a college degree in your resume will reinforce your personal presentation as a well-rounded manager. Remember that you may want to move around at some point in your life and prospective employers may never have heard of your previous employers. At that stage, having a degree from a recognized academic institution can be very helpful. Good luck! -------------------------------------------------------------------------- -- Andrew Walls, ITPU Manager Asia Pacific, Coflexip Stena Offshore andrew.walls () au coflexip com +61-8-9431-8565 FAX +61-8-9430-8520 MOB 0411871302 2 Birksgate Road, North Fremantle, WA 6159 Australia PGP Fingerprint: E0F7 296E D6D5 6057 1E1D F61B 2602 CB8A -----Original Message----- From: Penetration Testers <PEN-TEST () SECURITYFOCUS COM> at csoap-internet Sent: Tuesday, November 07, 2000 10:00 PM To: PEN-TEST () SECURITYFOCUS COM at CSOAP-Internet Subject: [PEN-TEST] Education. Formal or not? I apologize if this is inappropriate, but I have no other qualified party to address this to. Both myself and others that I know are in a bit of a dilemma . I'm a younger member of the information security community. I am working as a security administrator and attending college nearly full time. While at school I learn nothing about what I am interested in. Sure we do have programming and networking classes, but it is all very behind what is going on right now. Most of my time is spent correcting the teacher with "that was 3 years ago" or "read this book and you'll see what I'm talking about". On the whole I am wondering if it is actually inhibiting me from learning more important and valuable things. While at home and at work I am able to stay on top of what is going on now and advance my knowledge. This practice of learning important and pertinent information is heavily bogged down by the work load caused by the inferior curriculum of college. Meanwhile my non-college attending peers are advancing faster than I can due to their lack of time restrictions. So I decided to ask you, the more seasoned members of infosec community what your thoughts and experiences are concerning this matter. My questions are: 1.Is college a waste of time for pen-test/auditing/risk assessment professionals? 2.If so how does one prove what they know to a perspective employer? 3.What is the practical value of a college degree in our field? What about in the long run? Thanks in advance.. Phoodrow Wilson. << File: RFC822.TXT >>
Current thread:
- [PEN-TEST] FW: [PEN-TEST] Education. Formal or not? Andrew . Walls (Nov 09)