I read a commentary by Bruce Schneier about security mindset (thanks Anton C.).
What he says is true. If you have the mindset, you see the world in a different way.
I've been interested in security since I was a teenager, but got professionally involved in it about 6-7 years ago. I was security-minded already then, but things really changed after a long audit period involving many different projects. I had a very knowledgeable guy sparring, challenging and teaching me (a mentor), but the audit period finally put me over the edge.
I couldn't help but look and noticing things that I considered some sort of risk, and how to exploit the issue. Perhaps it was because of all the attention to details you need to put in a large audit, where you really have to adapt to new environments, technologies and think out of the box most of the time, to think like an attacker. I'm certain that also my personal interest in security and spending some time with it even during freetime has helped.
How about you, did your mindset develop during time or have you always had it?
0 comments:
Post a Comment