About Me

My photo
Bay Area, CA, United States
I'm a computer security professional, most interested in cybercrime and computer forensics. I'm also on Twitter @bond_alexander All opinions are my own unless explicitly stated.

Sunday, July 4, 2010

Who I am, and what I mean by Renaissance security professional

The "Renaissance man" is an ideal that's fallen out of favor in modern times. These days, people are expected to be specialists instead of having skill in a range of disciplines. In my opinion, the modern ideal is short-sighted. No person can be effective unless they have skill in several areas, intellectual and social. The people who achieve the most in their lives are those who have diverse skills and interests, such as Ben Franklin.

Although I've always had a diverse set of interests, it was JJ Thompson of Rook Consulting who really showed me how valuable it is to have a broad range of skill for a computer security career, and who coined the term "Renaissance security professional". Computer security needs to be more than just about technology. There is no "magic box" (hardware or software) that will make our networks impenetrable. Computer security professionals need to have an understanding of business so that we can converse with people outside our fields to show them why we're trying to make whatever change we're doing, rather than just trying to use fear, uncertainty and doubt (FUD) to make our arguments. We need to understand psychology and human behavior so that our security policies are realistic, rather than trying to demand people remember impossibly complex passwords without writing them down. An understanding of military history can inform better strategies for network defense. Besides these examples, a broad-based skill set makes one better prepared for whatever comes in life, and makes for a better person.

This is what I intend to do, and this blog will be part of that effort.

1 comment:

  1. Alex, it was nice to meet you at the COT conference this year. I'm glad to see that you are indeed a man of action and stood up a Renaissance Security blog! I look forward to reading more and following where you choose to take your readers.

    Best Wishes,
    J.J. Thompson

    ReplyDelete