A New Guy's Impression of The Info Sec Profession. presented at BSidesColumbus 2014

by Tyler Smith,

Summary : After a little over a year of Info Sec'n it up, I have some interesting observations about the profession. From the different personalities, to interactions with non-security IT people and the daily routine. I have amassed a number of observations in a short time that became painfully obvious to me as an outsider. Observations that in many cases go wholly unnoticed when seen from the long time insider's perspective. I see opportunities for improvement that are nearly universal. My goal is to share my unique outsider turned insider perspective with others; before my assimilation into the collective is complete, and this gift of perspective is lost forever. This will be a valuable talk for anyone with an interest in security. If you're new(er than me) you can see some of the things I have learned in my first year working as part of a small team for one of the 5 largest healthcare systems in the United States. If you happen to be in a leadership position, you're likely to glean things that your direct reports either can't see, or won't tell you about. For those who have the T-shirt and have long since attained salty veteran status; you'll get to see information security from a different perspective than what you have become accustomed. So, when was the last time you though about why you do what you do every day? As someone new to the scene, I just spent over a year trying to reconcile every assigned task, interaction, and common practice with my own experience, background and sense of what is reasonable and effective.