Re: Path to IT Security

[bk <chort0 () gmail com>]

On Jan 18, 2011, at 8:10 AM, Emmanuel Apreko wrote:

> After researching i found out that the most prestigious security certification is the CISSP and it seems like a very 
> long journey to it since i have no experience in it at all but need to get my foot in.

Any certificate that is a based on a multiple-choice test is basically testing your ability to memorize and recall, not 
your actual competence in a field.

> Could anyone please advise me on the best path to being a security professional? ie from beginner to pro? 
>
> All advise will be well appreciated.

Go to conferences (small local ones, not the big expensive ones), start following InfoSec people on Twitter, read 
InfoSec blogs.  You'll learn more doing those than from all the certificates combine.

Once you have a knowledge, then study for a cert if you think you need it to get a job.  It should be pretty easy, 
since you'll be familiar with most of the ideas already.

I got a certificate to get past HR and because it looks pretentious on a business card.  It wasn't worth the hassle of 
submitting paperwork and paying dues to continue having it, so I let it lapse.  I haven't had any problem getting a job 
since then.

--
bk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/