Take a deep, cleansing breath, and say it with me: “Compliance is not security.” Good. One more time. “Compliance is not security.” It’s okay. We’re all friends here. No need for false pretenses. We all know how much truth is contained in those four simple words. Information Security is a tricky business, due largely in […]

Time magazine recently published an article summarizing CareerCast’s research on the most/least stressful jobs. At the top of the Most Stressful list: Enlisted Military Personnel. That makes PERFECT sense. High physical and travel demands, ridiculously low salary, and life-threatening situations that leave many physically and mentally scarred for the rest of their lives. Respect. What […]

A friend and fellow geek recently reached out for some career advice. He’s currently working as an app developer, and he was wondering what steps he could take to steer his career more toward application security. Since I’m a geek with a degree in music education now working as an information security consultant who also teaches infosec classes all over […]

First things first: if the only reason you’re considering a career in infosec is the money, maybe infosec isn’t the right career choice for you. Information security professionals are a passionate lot. If you don’t believe me, attend any infosec convention (Black Hat, DEFCON, ShmooCon, GrrCON, CanSecWest, DerbyCon… the list goes on and on) and […]

In July of 2011, the unemployment rate reported by information security analysts was a striking 0%. Not only were information security analysts reporting steady employment, they even reported an increase of 6,000 jobs between the first and second quarter of the same year. Two and a half years later, the Pentagon announced that it planned […]