143
6
Th e eT e r n a l Ya w n :
Ca r e e r s in in f o r m a T i o n
se C u r i T Y
us far, I have spoken of the old and new skill sets in security.
e Hacker was the typical security analyst of the late 1990s era,
as described in Chapter 2. In Chapter 3, I introduced the checklists
and standards evangelist (CASE) paradigm—and it was this phe-
nomenon that replaced the Hacker ethic in security service provision
and end-user information risk management. e CASE is a skill set
as deployed in security today. It can be technically oriented in that
they do have IT skills, but the actual practices of modern-day security
departments are mostly nontechnical in nature.
In this chapter, I analyze some of the motivations people have for
getting in