I started my career in the network engineering and network administration field. I held lots of those technical certifications from the likes of Microsoft, Novell and Cisco. I thought I was pretty smart. And in truth, I was. I knew how to build a stable and reliable network that could support thousands of users across large geographic regions. I could implement access control lists on firewalls, routers and switches. I could provide access to resources with Active Directory or Novell Directory Services and restrict access like nobody’s business.
Problem was, I was too close to it. I missed some of the security details because I had the same view every day. Once I started to focus on security, I quickly realized that I was missing some design principles that could enhance the security of the system. That’s when I decided to focus on just security.