IBM… Microsoft… Cisco… Juniper… Linux… Sun… HP…
Product specific training is available from a variety of sources. These are great because they teach how to use the particular product. Each of these may include an information security component, but generally they are focused on how-to-use the product.
If a person knows how to use and configure the product then why should additional training money be spent on information security? Here are 5 good reasons…
- To many people, good security is about passwords. While passwords are important, training will help you to develop an InfoSec mindset that goes beyond just passwords. Good training will cause you to consider the implications of the system configurations. It will help you to begin to view everything through the lens of confidentiality, integrity and availability.
- There is a significant difference between the default installation of Linux and a secure installation of Linux (or Windows, or Apache, or IIS). InfoSec training will help you learn to bridge the gap between a working installation and a secure, hardened installation. Hardening is the process of configuring the system so that exposures are limited, unnecessary services are not installed, and unauthorized access is denied.
- No matter how much you know today, participating in InfoSec training will help you learn what you don’t know. Many people are subject-matter experts in one or two areas, but it is rare to find someone who has an all-encompassing understanding of all areas of information security. It is helpful to know what you don’t know
- Most system and network administrators have an intuitive grasp of InfoSec needs in their organization. Information security training will help you to gain insights useful as you sell the need to management. There will be nuggets of information in the training that you can incorporate into your 30 second “elevator speech” to the CEO promoting infosec in your organization.
- No matter your level of experience, you will learn new skills. Whether you find out how the Bad Guys use netcat to open a communication channel, or you learn the latest legal issues, there are things you can learn.
Bonus Reason…
- Finally, many training programs can help you earn certifications that may help increase your earning potential. The SANS Institute offers training that directly maps to their GIAC certifications. Training is available to help prepare for the CISSP certification. Other training is available that will help prepare you for other security credentials.
- Dan
