• Phil Venables

Coding Skills and Security

I've increasingly found, with respect to coding, security has come full circle. Those of us who started in the 80's/90's had to code (or stitch together) stuff because for most of what you needed to do you couldn't buy it or download it. This was everything from firewalls, crypto, authentication, authorization, logging, rudimentary IDS, even in some cases some pretty neat home grown malware defenses. Pretty much all you could buy initially was access control, host security (crypto) modules and anti-virus.

Now, coding skills are needed again to partner more closely with development teams, to stitch together tools, configure systems ("policy as code"), and adapt or contribute to the myriad of fine open source projects. This shouldn't diminish the huge diversity of roles and skills that need to exist in the modern risk team [cyber or not]: risk analysis, analytics, modeling, design, communication, education and sales. Yes, those also need some coding expertise but not core to the role.

Bottom line : IMHO coding skills / experience are important, and we've definitely come full circle for security engineers - but in the past decades the field has diversified such that even more skills / roles beyond coding are also needed.

403 views0 comments

Recent Posts

See All

Cybersecurity : The Winner’s Game and The Loser’s Game

There is a seminal paper in finance by Charles Ellis called the The Loser’s Game which, in simple terms, foretells the move from active to passive investing and the reasons for it. My favorite bit of

Return on Investment for Security

The concept of return on investment (ROI) for security has bugged me for a long time. Not because it isn’t a laudable goal. Of course, any investment you make should deliver something in return. Rathe

"Hell Yes, or No" vs. "Soft Yes, and Fast Quit"

I am a big fan of the concept of saying, “Hell Yes, or No” to decide whether to do something or not. Derek Sivers has written well about this. Similarly I really enjoy reading Greg McKeown on the conc

Subscribe for updates.

© 2020 Philip Venables.