How to get out of the situation of not knowing something in Information Security

Even when you become an information security professional, you may still find yourself not knowing what to do in information security. And here’s a tip on how to get out of it.

Today I have more than eighteen years working exclusively with information security, and there are still situations where I am taken by surprise with something new, requested by the client.

Which doesn’t mean I don’t update myself, but it’s practically impossible to know about all technology matters.

Sooner or later, an acronym, a brand, a framework will appear that will be new to you.

What to do when you don’t know?

The ideal is to remain calm and not show that you don’t know or even that you have mastered the subject.

The technique is to ask for more information, ask your interlocutor to give more examples or the reason why he is sending you that particular demand.

The more information you have, write it down and make a summary, like: “So what you need is….” and explain in other words what the person asked you for.

Then run after, study, search, research, find a friend who knows about it and ask for help. Learn everything you can.

On a second opportunity, show everything you’ve learned.

See more details in this episode #22 of the Blue Team Academy podcast.

Author: fabio

Fabio Sobiecki is a systems analyst, graduated from Unopar and specialist in Information Security from Senac and has an MBA from FGV. Since 2004, he works with Information Security, between 1998 and 2004, he worked with information technology, in the area of infrastructure and computer networks. Fabio Sobiecki is certified by (ISC) 2 as CISSP and CCSP, since 2008 and 2017, respectively. He is currently president of the São Paulo chapter (ISC) 2 and is a solutions engineer at RSA.

Leave a Reply

Your email address will not be published. Required fields are marked *