Jiu Jitsu vs InfoSec: Time on the Mat

Tim MalcomVetter
Jul 20, 2017 · 1 min read

This is part of a series comparing Jiu Jitsu with InfoSec.

You can learn a lot about Jiu Jitsu, except how to actually do it, from a book, a written source, or even a commentator. You can learn terms and concepts, but you need to get on the mat and go through the motions to internalize them.

In InfoSec, it’s the same — a practitioner with a theoretical knowledge, but not a corresponding hands-on skillset is often less valuable than a practitioner with limited/no theoretical knowledge, but higher hands-on skills. That’s why some who have been in the field for years complain about the CISSP, which is “a mile wide and inch deep,” compared to practical certificate/training programs, such as the OSCP.

Yes, some InfoSec roles are more strategic than tactical, but people in those roles who have spent time doing the hands-on, tactical work are often better at the strategic work than those who have not.

So go spend some time on the mat, build up those hands-on skills.

Read more: Jiu Jitsu vs InfoSec: Personal Space Bubble

)

Tim MalcomVetter

Written by

Red Team Leader at Fortune 1. I left my clever profile in my other social network: https://www.linkedin.com/in/malcomvetter

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade