Just wondering, in today’s day and age, what constitutes the DNA of an effective InfoSec Professional -
Is it one who is versatile with a breadth of experience across various technology or is it someone who is super specializes in one area of security? Is it one with an entreprenuerial spirit, a visionary, …
I would like to compile various opinions as to what one thought was the DNA of an effective InfoSec Professional
Merriam-Webster defines effective as “producing a decided, decisive, or desired effect”
Feb 28, 2007 at 12:22 pm
It’s hard to determine. At some point, I thought it was technical competence. Then I thought it was business sense. Then I thought it was charisma. Then I thought it was the ability to coach.
Now, I don’t know. =)
Mar 10, 2007 at 2:57 pm
Having technical acumen, and great business senses, seem like requirements for InfoSec professionals. To be effective also requires problem solving and critical thinking skills. So combine technical acumen and critical thinking skills and you have an effective InfoSec Professional.
May 3, 2007 at 10:09 am
Increasingly, InfoSec professionals need to be tri-athletes, especially the more senior the role. By tri-athlete I mean somebody who has 1) a strong foundation in IT/ Information Security, 2) a clear understanding of the business and it’s risk appetite and 3) the ability to lead through communication, example and influence.
That maybe more than three. But those are the qualities shared my the most successful people I know in this biz and what companies/my clients are desperately looking for.
May 3, 2007 at 6:32 pm
I couldn’t agree more with you Jeff.
Balancing IT InfoSec with the Business Risk and effectively doing that with an ICE (influence, communication and example) perspective need to be the ATCG of an effective security professional. Thanks for calling it out eloquently.