.:Computer Defense:.

When you speak to individuals working in our industry, you'll get a variety of answers for what they do. This near endless list of titles includes:

• Software Engineer
• Software Developer
• Security Engineer
• Support Specialist
• Research Engineer
• Network Admin
• System Admin

The list goes on and on. Historically, I've divided those within IT into one of four groups:

• Developer
• Information Security (IS) Professional
• Information Technology (IT) Professional
• Web Developer

These days Web Developer could probably be folded into Developer since there's so much beyond simple HTML used to build web sites. That leaves us with Developer, IS Pro, and IT Pro. I tend to think that that is a fairly reasonable distinction, at a high level with one caveat. IS isn't really on the same level as the other two. Most people that you talk to have experience in either IT or Development when they move into IS. IS is a skillset that's built onto one of those two. Let's look at this another way...

Imagine this is a RPG and your Level 1 IT Worker. You can choose the abilities you upgrade and they include "Programming", "Router Config", "OSI Model", etc. The level ups for these may include "C++", "Java", "Routing Protocols", "Routed Protocols". This means you could follow the path of IT Pro, Developer or "Jack of all Trades". It isn't until you reach one of these levels that you unlock the next round of abilities (the IS skills) which may include "Packet Analysis" (requires Routing and Routed Protocols) and Binary Analysis (requires "Programming" + 1 Level UP). Only at that point do you move to "IS Pro".

You're probably saying to yourself, "WTF is he talking about?" After all, I'm reading this and thinking that. What I'm talking about is this blog post, 'what do you need to know to work in infosec'. To put it plainly, the list is wrong. Well the list isn't wrong, the list is correct, but the title is wrong. With the exception of one or two items, this list reads more like a "what do you need to know to be a sysadmin" or "what do you need to know to work at a helpdesk"

Now as I said, IT is a stepping stone to IS, so yes, at one point or another you probably learned many of these if you now work in IS, but these aren't the things you need to know to work in IS, these are the things you need to know to work in IT.

So let's take a look at the 'What you need to know...  ' list and figure out where the line items fit. If we take the ones you really need to know to work in IS we've got maybe 5-7 items (1, 11, 14, 15, 17, 18 and 19) - I'll let you decide if it's some or all.  Let's think about some of the others. Numbers 2 -5 are all networking related, I know people in IS who've never touched them... now as a network admin or member of the network group (which would fall under IT) these would be important skills. With numbers 6 - 9, we're looking at a sys admin, or help desk employee (again positions I'd consider to be IT related). Now 10, 12, 13, and 16. These could be argued a few ways but I'm going to call them help desk or support type things and bundle that up into the IT category.

So what's my point? To state that I disagree with a definition of infosec that "needs" all those abilities. Then again, people may even disagree with the 5-7 I felt could be kept. In the end that list is a great list if you want to go get the title of Network Admin or Sys Admin, or even in some cases Security Admin but even at that, working in a enterprise security group where you may deal with all those tasks (it seems doubtful that you'd rely on the security team to install software though) that's one very small aspect of infosec.