Taginterview

Skills gap in IT security

The article tries to explain why companies have trouble hiring security pros. Some good items in there, but I think it misses the larger point. Too many companies simply don’t understand what they need and treat security as a check box that they mark off on some form. They believe that “security” consists of creation of myriads of policies, procedures and documents for every eventuality. Doubtless, that’s a part of it, but it has to start with evaluating risks, threats and having a proper mindset.

This reminds me of a security position that I once interviewed for. One interviewer really wanted to know the specific number of Active Directory Organizational Units (OUs) I have worked with. That is akin to asking a prospective sysadmin how many files he has worked with. The number is arbitrary and absolutely irrelevant to underlying complexity, nesting, policies, etc.  At the time, they told me that they’ve been trying to fill the position for more than 6 months…..Somehow that wasn’t surprising to me…

Interview with the creator of Nginx

This is an interesting interview with a creator of one of the best web servers out there. The original interview is in Russian and the translation (by google) is fairly difficult to read. I took a crack at writing a better translation and I think this might be a bit better.

Continue reading

© 2017 Mind End

Theme by Anders NorenUp ↑