A lot of the emails sent to me ask a basic question: Just how does one break into computer security or what skills should you learn to get that first security job. Lately though, I have been receiving many more queries on specifically how one can leverage an existing skill set to become an information-technology security analyst.
A great question and one that resonates on a personal level as well. The bulk of us who practice computer security today generally share one common denominator -- the fact that we didnt just fall into our present jobs. We all came to this field from various other jobs in the computer industry. Back in the day for me, there was simply no place to take computer-security-centric curriculum. Of course, that's changing today, with more colleges and universities offering computer security courses now.
In the past, because of the lack of formal education being offered for computer security, it was then left up to the individual to gain the specific skills needed to be a security analyst. Today, that is less true and one can certainly aim to become a security analyst taking courses and getting certifications. However, working on migrating the actual skills that you presently have, as most security analysts did before their was formal curriculum, continues to be my preferred way. You might well be surprised at the many commonalities between say system administration skills and that of the security analyst.
It is becoming more and more crucial for us to realize that our best advocate is ourselves. There will likely be no one extolling your virtues, and or handing you your dream job on a silver platter. With that in mind we have to then do our best to recognize our shortcomings and just as importantly our strong points. Much as I just alluded to, one then has to do an inventory of the skills that you possess. Just about any competent system administrator can easily transition to that coveted security analyst job.
Do all roads lead to Rome?
It stands to reason then that system administrators, hardware jockeys -- the people who take care of routers, switches and other devices -- and database administrators all have some core skills in common.
Yet it's the system administrator who is generally the one to perform all of the aforementioned jobs, unless they are lucky enough to work for a large company or the government. Let's list a brief sampling of some of the core skills, and then see how they can be easily translated to a security analyst role:
- Knowledge of Microsoft Windows,
- Knowledge of major protocols,
- Network architecture concepts,
- Familiarity with firewalls, anti-virus solutions, and content filtering programs, and
- Project management experience.
One of the core skills of any system administrator is having an excellent knowledge of the operating systems in use on their networks. For many networks today, that would mean a mix of Microsoft Windows and either Linux or BSD, since it's been my experience that most networks don't use a single operating system. This knowledge then neatly maps to computer security, because security analysts are no different in that they must also have an excellent understanding of various operating systems.
If you administer a Microsoft Windows network then you are well aware of NetBIOS and network shares. One would say they are a fundamental concept of Windows. It is also a fairly well known security risk only in so much as it is often left unprotected. For the savvy system administrator, then, it's common sense to use passwords to access network shares. This is one concrete example of system administrator knowledge being easily ported to the world of the security analyst.