Drazen Drazic posted
today asking what the new "core skills" are we should all be
developing. Well, I'd say there is no "core skill" in information
security. The field is beginning to become so broad that one can't
possibly posses all skills... even though that is what a lot of
companies ask if you look at job advertisements. They all want someone
that can administer servers, configure the firewall, maintain the
network, program custom scripts and applications, update the website,
know everything about risk management, be a penetration tester, know
forensics, be a disaster recovery specialist, do audits, etcetera. Many
of these are so large subjects in themselves that usually multiple
people are needed with specific specializations in one or more of these
subjects. But I can't think of someone that can do all of the above, and
more, and still keep up with new versions of software, hardware,
standards, legislation and stay abreast of new trends and technologies.
