8 Tips for IT Security Novices

IT security is a complex field for those of us that do not have any sort of background to begin. Here’s a few tips for getting into IT that we found via Quora on how to gain traction in the field:

  1. Be paranoid – Check everything.

  2. Think like a hacker – It isn’t always about tools. Understand both the defensive and attacker mindset.

  3. Start a responsible disclosure program – This can be described as a simple page with rules that allow security researchers to submit vulnerabilities securely to your team. A program doesn’t cost anything to create, so it’s a no brainer as an extra layer of security.

  4. Write clean code – As a code builds up and gets sloppy, it becomes more prone to hacks. Make sure to refactor your code. If you don’t know what it does: figure it out or get rid of it!

  5. Think with the business mindset – Without understanding the business, you cannot secure the assets. Understand what information drives the business.

  6. Measure, Measure & Measure – As an IT Security person, assess the true value the tool provides for the organization and report to your management. Analyze the false positives, compare the true incidents/breaches to incidents undetected by the tool. Whether it’s an antivirus tool or intrusion detection one, measure and monitor these statistics. Communicate the security value to the business executives.

  7. Prepare – Knowing how to analyze the security event logs, where to search and what to look for can spell success in organizations to prevent attacks in real-time and take appropriate actions.

  8. Create an awareness culture – Security must be a business enabler and everyone’s responsibility. Presenting the facts, leverage the industry statistics and case studies.

Thanks to the help of Quora users Sai Raman, Erik Fair and Drew Sing.

Leave a comment


10 Signs Your IT Support
is Reactive, Not Proactive

Download our exclusive eBook to learn how your business can benefit from proactive IT support.