Do Security Experts Who Only Have Classroom Experience Deserve Any Respect?

certificates alone do not make you a security expert

When you are dealing with the world of computers, there is a mix of knowledge that you gather from school and knowledge that you pick up by discovering things for yourself.

This is the same as in other fields but in computers you can go quite far with your skill set if you never step a foot in college.

This is not the same as being a doctor or a nuclear physicist.

With those types of jobs, at one point you are going to have to go to school no matter how smart you are.

In computers, there is so much knowledge available online that you can not only read about, but actually put to use on your very own computer, that schooling is almost irrelevant.

Almost.

security-experts

You’re Nothing Without Real Experience

In the world of security, the schooling issue goes one step deeper.

There are certain people in the security world that actually look down on others in the field that have gathered their knowledge strictly from school or certificate training.

The security researchers do not have a problem with you if you went to college.

They mainly have a problem with you, if you went to college to learn how to be a security researcher.

Going to school for computer science would give you a lot more respect.

They feel that the people who are best qualified at stopping hackers are other hackers.

Certificates Don’t Make You An Expert

If you learn to stop hackers by books alone, then you will never be able to catch the bad guys.

Most of this resentment is because of the lack of ability that others who only have certificates have shown.

They were able to pass a test and now they are certified security engineers.

Keep in mind this is not the rule for all cases.

There are some very good security experts that gained their knowledge as part of a certificate.

But they learned more on their own, after they passed the test.

Security experts who do not do this are part of the reason that there are still so many holes that are reported on a regular basis.

A simple test is not adequate enough to get you enough experience to stop hackers in the wild.

You will need to learn how to discover and write exploits yourself.

Then you will start to understand the techniques that are used to bypass security.

This is one field where it is a good thing to have a trusted fox guarding the hen house.

Becoming a security researcher through certificates and schooling is not a bad thing.

But you will have to gather some on the field training if you want respect from your fellow employees.

They have to feel that you know the computer inside and out.

If you sound like you are just regurgitating material that you learned from training, they will be able to tell quickly.

If you go to school and put the necessary work in, then you will become a fine security professional.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Comments

  1. With a caveat, I would agree that theoretical knowledge is not enough.

    I would suggest, as that caveat, that security researchers who are in the University environment, don’t *just* “do it from books”, but tend to have a more real-world approach, particularly if studying a post-graduate degree, and I would also argue some of these know far more about security that some “real world” experts, because they also have the time to look for, and exploit issues that they then report, as opposed to take advantage of.

    All said, real world experience is the best way, but sometimes, particularly in niche research, the academic approach can yield better results. IN particular, in proposing theoretical exploits.

    Just my 2ยข worth.

    Another great blog post.

    Best,

    Justin.

    • Thanks, as ever, for your inciteful comment Justin.

      I was especially interested in your view that academic knowledge was useful in niche research – care to elaborate on what you mean exactly?

Trackbacks

  1. […] you how to protect your computer.It will also take you beyond that and show you how to become a security professional.In this article I will go over several of these software tools so that you can be on your way to […]

  2. […] the simple truth is that no matter if you are a natural hacker or a trained security researcher, you will need to know the inner workings of the computer in order to become exceptional at your […]

  3. […] If he is not following well known protocols then there is a good chance that he is lazy or he doesn’t know what he is doing. […]

  4. […] Can Downloading Illegal Files Put My Computer Security At Risk?2%Do Security Experts Who Only Have Classroom Experience Deserve Any Respect?2%Hey! Teacher! Leave Them Laptops Alone! 1%Some Weekend Reading For Twitter Fans – 40 More Security […]

Speak Your Mind

*