Security Skills (and such)

The new year has begun and everybody has had their go at crystal-balling on the new year.

Joyce Brocaglia is writing on "The Most-Wanted Security Skills of 2007 (and Beyond)" over at CSO. According to her, skills that were (and will be) in demand would be E-discovery and litigation support, Application security assessment and remediation, Threat modeling, Identity and access management, PCI auditing and assessment, Enterprise and operational risk management and Technical sales.

Now that is a pretty diverse set of job roles in demand, and it covers a broad section of the market (with the possible exception of infrastructure security and compliance). What seems to be common for most of them is that they form a bridge between a technology discipline (for instance forensics) and a business need (for instance legal compliance).

Viewed from 30,000 feet, security professionals should seek to pair their existing technology skills with a business need. The most lucrative niches will be in areas where there's no scale yet, be it because the area is new or because it requires more proficiency and experience.

And whatever the niche it is they chose, they should be prepared to demonstrate their skill and experience. I have a feeling it just might turn out that for many that's done easier in the technology than in the business arena.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT