Why security managers need hands-on skills
Posted by: Ken Harthun
Security, Security best practice, Security management
This says it all (as things from SANS usually do), so I won’t belabor the point. This is the preamble to SANS NewsBites, July 17, 2012, Vol. 14, Num. 057:
Just heard the best answer ever to the question of whether security
managers need to have hands-on technical skills. An Air Force Major was
complaining to an Air Force course director that the major didn’t need
to know networking and security taught in the intensive in house Air
Force course, “My people will do that; I never will; I am a manager.”
The course director asked the major, “Do you know what a router access
control list is?”
Major: “Yes.”
Course director: “Have you ever sat down at a terminal and written an ACL?”
Major: “No”
Course director: “Then how do you know your netadmin is doing it right,
when just one error in one line can stop all the traffic on your
network?”
Major: eyes wide
Course director: “And how do you know whether your netadmin isn’t
blowing smoke?”
Major: “Get me registered for the course.”Alan
Alan Paller is director of research at the SANS Institute.
Comment
RSS Feed
Email a friend
