SANS Boston 2010: Never too old to learn
A week in the classrooms of SANS Boston 2010 has shown Bill Brenner how much more there is to learn about the art of information security.
By Bill Brenner , Senior Editor
August 04, 2010 — CSO —
When a journalist writes about the same topic for a long time, he or she runs the risk of becoming jaded. You lose a certain fire in the belly and you don't jump up and chase stories with the same zeal you had in the beginning. When I was night editor for a daily newspaper, I saw it all the time among the veteran police reporters.
I imagine information security practitioners face the same danger. When you've been running the same scans, working on the same machines and reading the same best-practice tips long enough, it's not hard to start missing little things that can become a data breach later on.
That's when frequent training can make all the difference.
I decided to check out the annual SANS Boston training program. I'm always looking for tech-rich content to sharpen my knowledge. For security journalists, security conferences like Black Hat, RSA and many more are usually the place to get that broader perspective. But they're also tasked with writing stories about the proceedings, which means learning new things can take a backseat to meeting a story quota. I've walked that tightrope many times over the years.
So it was refreshing to go to something like SANS Boston. There are no news stories to be had. These are six-day courses that take the student deep into the weeds. You start with the basics and work your way up.
I didn't stick with one class for the entire time as most attendees do. I bounced from one class to the next to get a taste of everything that was going on. But I absorbed a lot of rich content along the way.
First, I sat in a course run by Dave Shackleford, an Atlanta-based security consultant and frequent SANS instructor. The course, "SANS Security Essentials Bootcamp Style," focused hard on the language and underlying theory of computer security, the goal being to give students the chops to handle the constant fire drills that go with IT security management.
Next, I checked out the course run by SANS Institute President Stephen Northcutt called "SANS Security Leadership Essentials for Managers with Knowledge Compression." This course also focused on network fundamentals, along with a fire hose full of content around applications, power, cooling and safety, architectural approaches to defense-in-depth techniques, cyber attacks, vulnerability assessment and management, security policies, contingency and continuity planning, awareness management, risk management analysis, incident handling, Web application security, offensive and defensive information warfare, and a management practicum. I spent most of my time there focusing on vulnerability management, and walked away with the material for a series of articles.