While CISOs aren't generally required to conduct penetration tests or reverse engineer applications, they do need to understand the basics of how today's attackers operate. "Many of the breaches today aren't sophisticated, they employ techniques that have been used time and time again; however, they are successful because many security professionals abide by a generic checklist, which may or may not reduce risk. In my experience, the best way to understand how attackers think is to use the wealth of information available today," he says.
While these seven habits are certainty not all inclusive, security and IT pros believe they're essential to success. Even though security talent is hard to come by, there's still no room for complacency, no matter how deep one's technical skills. "The way the world is shrinking, if you aren't motivated and capable, you're not long for the work force. That's why these skills are so essential, because only A and B level players are going to make the grade. There's no room in a competitive environment for average or below," says Digital Trust's Martin.
Sign up for Computerworld eNewsletters.