[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] About the infosec skills shortage
From: InfoSec News <alerts () infosecnews ! org>
Date: 2015-01-27 9:23:46
Message-ID: alpine.DEB.2.02.1501270923330.31911 () infosecnews ! org
[Download RAW message or body]
http://3vildata.tumblr.com/post/109188919632/about-the-infosec-skills-shortage
By https://twitter.com/addelindh and
https://twitter.com/0xtero
http://3vildata.tumblr.com/
Jan 26th, 2015
Today I got into an argument on Twitter that started with me saying
something sarcastic in reference to a recent statement by a vendor and
ended with a discussion about the skills shortage in security. Twitter can
be a difficult medium sometimes and I don't really feel that I got my
point across, so this is my attempt to correct that.
Before I start I would like to point out that in no way do I think that
this is the only reason there is a skills shortage in security, but that I
do consider it a large contributing factor.
In the beginning, there was firewalls
Enterprise investment in security has traditionally been in products such
as firewalls, anti-virus, IPS/IDS, and so on. Security products has in
turn been marketed and sold as "solutions" rather than tools; heavily
automated and not really much to work with. Because of this, they have
been considered as infrastructure components rather than applications, you
just install and configure them and then let them do their magic.
Automation is great, until it isn't
The thing about buying automated solutions is that it removes the
incentive to invest in knowledge of the problem the solution was supposed
to solve. Why pay money so that someone can learn how to solve a problem
that has already been solved, right? For an enterprise, this makes perfect
sense, and for a while it worked.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic