Justin Hall is Director – Security Services for CBTS. In Part 1 of this 3-part series, Justin discusses how a core knowledge of enterprise IT is critical in order to effectively protect networks.
For several years I’ve been going back to my alma mater, the University of Cincinnati, to speak to groups of undergrad and graduate students about the information security industry. My goal is to demystify security and inspire them to consider a career in one of a dozen security disciplines.
Invariably during these talks I am asked a very common question: “How do I get a job in the security industry?” In response, I’ll share my own 20-year story, starting in PC repair and sales, moving to tech support, systems administration, and running an IT department, before jumping into a security career – first as an engineer, architect, and consultant, and then running a security team.
I’ll also share three essentials to successfully landing a security job, which I’m going to cover in this blog series. There’s no single path to the industry, to be sure. In order to develop a foundation that can land an entry-level job and provide an arc to a long-term career, it’s worth looking into these fundamentals.
Today, we’ll cover number one: a core knowledge of enterprise IT. This is perhaps a bit obvious – certainly someone needs to be technical and understand how a computer works to survive in security, right?
The depth required goes beyond CPU, RAM, and a hard disk. To effectively protect any company network, one needs to recognize the critical components – servers, workstations, network devices, applications, and security defenses. How do they interact? In what network segments do they typically sit? What products or solutions are commonly used in each of these categories? At a high level, what are the essential configuration best practices for each?
For example: Imagine a network used by a physician’s office. Think about the variety of computing devices in use there: Beyond traditional workstations, multi-function printers, and laptops, you might see connected medical devices, credit-card processing machines, and surveillance cameras. Servers would run authentication systems, file management, accounting and finance, ERP, messaging, and electronic medical record apps. Some may be running from local servers, and some may sit in the cloud. Network devices will include switches, routers, wireless access points, and firewalls.
Now imagine a software company. What types of assets would be the same as the physician’s office? What would be different? How would their IT needs be similar/different? What about a retailer or bank? What happens when you add multiple sites/locations? Imagine scaling up to the size of a multinational conglomerate. Think about the pieces and parts that need to change, duplicate, or scale.
This scope of understanding is what I mean by “knowing enterprise IT.” There’s a level of depth in addition to the breadth, though. Defending an environment with Windows workstations and servers, for example, means understanding the fundamentals of what makes Windows tick – the filesystem, registry, Group Policy, configuration, and the like.
How does one acquire this knowledge?
Thanks for reading! Stay tuned for part two.
Read more about Security offerings from CBTS. And read this case study to learn how CBTS helped an enterprise client form a security strategy to advance their maturity, increase their risk management capabilities, reduce the attack surface for each business line, and improve their overall corporate security posture.