Announcing the Infosec 10 Minute Mentor

Posted on December 17, 2008

I haz a question...When I was starting out, I had a bunch of questions about life in the IT security industry but no-one with real Infosec experience to turn to. I simply didn’t have the connections back then, nor a trusted advisor/mentor. Looking back, the downside was I took some longer paths than necessary in the learn/fail cycle. The upside is that ultimately I learned to do that quite quickly (failing cheaply and quickly is a desirable trait).

What Is Your Question?

If you have a question about some aspect of working as an IT security professional, send it in and I’ll reply right here on the blog. I’ve been in this industry for 10 years and am happy to share my learning/experience. To understand a little about my background, check my about page.

As guidance, the question should be short and to the point with enough context that I can give you a meaningful answer. By context I mean a few sentences about your situation - enough that I can have a good shot at giving you an answer.

My promise to you is that if you send in a reasonable, well thought out question, I *will* post a reply right here on this blog. Plus I’ll leave comments open on the blog post so other readers can chip in and give their perspective. I won’t publish your email address and will scrub any other personal identifiers except your first name.

What’s a good question?

Simple: anything that helps someone else answer their question :-)

Yeah baby, this is all spreading good karma…

Send your questions to:

P.S I’m treating this as a 28 day experiment - I’ll extend the experiment if people find this useful.

image credit: coscurro

Breaking Into The IT Security Industry For Fun And Profit

Posted on March 13, 2008

Photo Credit: kk+

I, Craig Balding, Am A Former Security Wannabe.

Well..that’s not entirely true.

The truth is that you never really stop being a security wannabe - no matter how others perceive you. Its simply that if you keep moving forward, you become less of a wannabe than the people moving slower than you :-).

In the course of my security journey I have been privileged to meet and work with some of the smartest security people across the globe.

From reverse engineers at the cutting edge, to digital crime fighters of the highest caliber. All of these people shared one thing in common - at some point, they too were a ’security wannabe’.

The Questions This Blog Will Try To Address

  • How do you make the transition from security wannabe to paid security security wannabe?
  • What skills/experience do you need to pick up along the way?
  • Are there ‘fun’ jobs in the IT security industry? What “cool stuff” do people get to do? What is a typical day like for someone employed as a ‘your-future-job-role’
  • How do you do some of the things you do? (e.g. Incident Response, Penetration Testing)

If digital security sounds exciting to you, or you’re already an aspiring security wannabe then you are at the right place!

Or if you’ve always been told that security is just about ‘passwords’ and ‘antivirus’ then let me show you behind the curtain.

Finally, if you - like me - claim to be a former security wannabe…welcome home ;-).

Enjoy the blog,


P.S Something you want to see? Leave a comment or email me.