Becoming an Ethical Hacker by Gary Rivlin

Becoming an Ethical Hacker by Gary Rivlin

Author:Gary Rivlin
Language: eng
Format: epub
Publisher: Simon & Schuster
Published: 2019-05-06T16:00:00+00:00


• • •

IN MAY 2018, WEINSTEIN took the stage at the local security conference called DefendCon. This was his chance, at the age of forty-eight, to share some of the wisdom he’s gained from nearly three decades as a programmer and engineer, including thirteen in computer security. He called the speech “Building a Security Engineering Team,” but it was really his opportunity to deflate tired old tropes he had been hearing for much of his career in tech. He began with a sampling of headlines that underscored that the demand for people interested in info-sec greatly outstrips the supply. (One example: “Fight Against Hackers Hurt by Huge Shortage of Cyber Workers.”) But right away he was listing “fallacies” that get in the way of hiring good people.

Weinstein flashed a slide on the screen: ENTRY LEVEL IS NOT AN OPTION. That was fallacy number one and something he hears all the time in info-sec. “Companies will say, ‘We can’t afford to hire entry level; we need people who can hit the ground running,’ ” he said. But he had no security experience when he first went to work at Microsoft in his midthirties. “You can sit around and wait for the perfect unicorn, for the person who has all the skills you need for a role. But you’re probably going to be unhappy because most of the time you’ll be looking for that person for a long time.” He wondered if sometimes that attitude wasn’t a failure of management: surely a project can be broken down so there are tasks that can be accomplished by someone just entering the info-sec field. Rather than looking for the perfect background, he counseled, “Find people who want to solve problems.”

Second and third on Weinstein’s list of things a good hiring manager should never say: “The security mind-set is inborn, not teachable” and “Technical excellence requires an early start.” These are corollaries to the idea that the only people worth pursuing in the info-sec world have been coding since they were in diapers, as Parisa Tabriz had put it. Almost everything is teachable, Weinstein said. “If you cannot teach something, you don’t really understand it,” Weinstein told the audience. “You may be able to do it, but you don’t understand it.” More important than looking for natural talent, he advised, is finding people who want to be engaged in your project. “You hear that people have a natural talent in X,” he said. “What that really means is they found X engaging enough so they kept at it long enough until they got good at it. You have to be willing to be bad at something if you’re ever going to be good at it.” More important than skill level, he said, “is a curiosity to learn and a desire to get better.

“There’s a common belief among people in the industry that technical skill is all that matters. But I reject that,” Weinstein said. “If you’re technically very skilled but toxic to the people around you,



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Popular ebooks
Deep Learning with Python by François Chollet(12593)
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7792)
Grails in Action by Glen Smith Peter Ledbrook(7705)
Secrets of the JavaScript Ninja by John Resig Bear Bibeault(6426)
Kotlin in Action by Dmitry Jemerov(5076)
WordPress Plugin Development Cookbook by Yannick Lefebvre(3860)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Learning React: Functional Web Development with React and Redux by Banks Alex & Porcello Eve(3093)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2873)
The Art Of Deception by Kevin Mitnick(2615)
Drugs Unlimited by Mike Power(2475)
The Innovators: How a Group of Hackers, Geniuses, and Geeks Created the Digital Revolution by Walter Isaacson(2368)
Kali Linux - An Ethical Hacker's Cookbook: End-to-end penetration testing solutions by Sharma Himanshu(2317)
A Blueprint for Production-Ready Web Applications: Leverage industry best practices to create complete web apps with Python, TypeScript, and AWS by Dr. Philip Jones(2276)
Writing for the Web: Creating Compelling Web Content Using Words, Pictures and Sound (Eva Spring's Library) by Lynda Felder(2268)
SEO 2018: Learn search engine optimization with smart internet marketing strategies by Adam Clarke(2197)
JavaScript by Example by S Dani Akash(2141)
DarkMarket by Misha Glenny(2086)
Wireless Hacking 101 by Karina Astudillo(2083)
Hands-On Cybersecurity with Blockchain by Rajneesh Gupta(2008)