Even when you become an information security professional, you may still find yourself not knowing what to do in information security. And here’s a tip on how to get out of it.
Today I have more than eighteen years working exclusively with information security, and there are still situations where I am taken by surprise with something new, requested by the client.
Which doesn’t mean I don’t update myself, but it’s practically impossible to know about all technology matters.
Sooner or later, an acronym, a brand, a framework will appear that will be new to you.
What to do when you don’t know?
The ideal is to remain calm and not show that you don’t know or even that you have mastered the subject.
The technique is to ask for more information, ask your interlocutor to give more examples or the reason why he is sending you that particular demand.
The more information you have, write it down and make a summary, like: “So what you need is….” and explain in other words what the person asked you for.
Then run after, study, search, research, find a friend who knows about it and ask for help. Learn everything you can.
On a second opportunity, show everything you’ve learned.
See more details in this episode #22 of the Blue Team Academy podcast.