Friday, April 06, 2012

IT Security Training

People occasionally ask me what kind of training and courses to take to get into IT Security.
I think the best summary I have found is in this CompTIA Roadmap graphic: (click to go to the interactive one on CompTIA's website)

 


Basically, get your self started in IT. If you have absolutely no computer experience start with an A+.
Then, for the most part, I agree with this map in terms of what falls into the Beginner, intermediate, Advanced, Specialist and Expert categories. I think C|EH could probably be moved down a notch or two though.

I don't like CompTIA's career path lines though. If you think you can go MTA Security, Sec+, CASP, CISA, CISSP and ignore all the stuff on other lines... you will be really disappointed.

Basically you want to get on any other line besides the training path (that's pretty much a dead end unless you just want to teach)  I would say Networking, Network Admin, or Services/Helpdesk would be good starting points, and pick up equal level certs on the security line as you go along.

If you don't have a solid background in SOMETHING, whether that be networks, operating systems, databases, whatever... you won't be able to handle the security.

No comments: