Jiu Jitsu vs InfoSec: Time on the Mat
This is part of a series comparing Jiu Jitsu with InfoSec.
You can learn a lot about Jiu Jitsu, except how to actually do it, from a book, a written source, or even a commentator. You can learn terms and concepts, but you need to get on the mat and go through the motions to internalize them.
In InfoSec, it’s the same — a practitioner with a theoretical knowledge, but not a corresponding hands-on skillset is often less valuable than a practitioner with limited/no theoretical knowledge, but higher hands-on skills. That’s why some who have been in the field for years complain about the CISSP, which is “a mile wide and inch deep,” compared to practical certificate/training programs, such as the OSCP.
Yes, some InfoSec roles are more strategic than tactical, but people in those roles who have spent time doing the hands-on, tactical work are often better at the strategic work than those who have not.
So go spend some time on the mat, build up those hands-on skills.
Read more: Jiu Jitsu vs InfoSec: Personal Space Bubble
