July 10, 2021

One of the biggest myths that prevent people from entering the InfoSec field is thinking that one needs to be a good coder first.

I often see people in several security threads remarking that in order to enter the InfoSec field, you must first have a good understanding of programming languages (these are probably mostly made by just students or people in niche roles). This often drives those who’re genuinely interested to focus on being good at programming instead of learning the more important skills: networking, sysad, security/risk mgmt., etc. In the real world, information security work is mostly setting up and monitoring controls to comply with policies/regulations, use of tools such as scanners and SIEMs, analyzing output from those tools, responding to suspected incidents, and then basically documenting everything. Depending on your role as well, parricularly within a SOC setting, Python and bash or powershell could come in handy. But that’s basically it for most security work. Sure you can be a better cyber guy if you’re good at programming – but then again it still depends on your role (Most GRC folks don’t know how to code but are paid very well and work fewer hours).

Unless you want to focus exclusively on writing secure software, doing pentests, or reverse engineering (these roles are often found within cybersecurity firms), then you are not expected to be fluent in multiple languages.

TL:DR InfoSec is an enormous field where you can dedinitely find roles that don’t require extensive programming skills like you were led to believe. Most infosec work is really compliance and utilizing security tools rather than coding.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.