Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: So umm... Best Way to Start Your Own Security Consulting/ Penetration Testing Company

  1. #11
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    It's been all said, but I will sum up.

    To start your own InfoSec Consultancy, you need, first and formost, the ability to successfully startup ANY COMPANY...it doesn't have to be an IT Security company...if you can't start your own pizza delivery company, you won't be able to start a consulting firm. Add to that the skills, reputation, and capability to be an trusted security consultant (either by having the skills yourself, or hiring the right people with said skills and reputation) and then, maybe...MAYBE, you can make a go of it.

    LLC's and startups are like @ssh0les...nearly EVERYONE has one. I know I did. Didn't do me for jack or schitt.

    Not trying to dissuade you, but I doubt most of the people on this forum who I respect and look to as my equals or betters... they probably wouldn't be any more successful than I, if we went off and tried to do this ourselves. It's not NEARLY so easy or cool as it sounds.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  2. #12
    Member
    Join Date
    Apr 2002
    Posts
    52
    Thanks for all the replies, particulary nihil has been very helpfull. So a start up company that is strictly a security consulting group would have a hard time competing with the few large firms that dominate the field, yet as a small company with smaller goals in mind you would have trouble finding enough clients to keep the business afloat long term without some serious ability to sell yourself. That's kind of what I figured.

    Now breaking into the market as a tech group covering a wide range of services such as network design, computer repair and troubleshooting, along with more small business oriented solutions could be the gateway towards making a name, building relationships and creating a foundation to introduce higher end services to people who already trust you. This makes sense from a business standpoint.

    I'm curious as to what sort of schools or programs offer placement with existing companies. Xenolithic mentioned Co-Operative education programs and RIT and these sound interesting. Could you give me more information or point me in the right direction for finding out about what these programs are and the benifits?

    Aspman linked me to pages describing the CHECK and CLAS certs, which I havent heard of before. Are these limited to the UK and its government or is it a worldclass credential? Either way that sounds like it's far from my grasp but interesting to know about.

    So the idea that having a big name being more important that actual skill is a very candid peek into the security field. That's just a trait of big business I suppose. Now how about the credibilty of certifications over schooling? Or that of technical training vs. a full blown degree?

  3. #13
    Junior Member
    Join Date
    Apr 2002
    Posts
    16
    Originally posted here by Liquid_Darkness
    I'm curious as to what sort of schools or programs offer placement with existing companies. Xenolithic mentioned Co-Operative education programs and RIT and these sound interesting. Could you give me more information or point me in the right direction for finding out about what these programs are and the benifits?
    I'm in the Applied Networking and Systems Administration program at RIT and what we do is extend the standard 4 year college degree program into a 5 year program with 3 semesters/quarters/whatever dedicated to field work. The placement is entirely up to the student as to where they want to go, and if the school doesn't bring in the recruiters then you can seek employment yourself and then apply for co-op credit.

    SPARSA Alums have gone on to work for Security Managment Partners (SMP), Crowe, and CounterPane, we currently have a friend who's at Mitnick LLC

    Anyway, the program is built into the standard education that one can get from RIT. I'm not sure as to how many schools offer such a program mainly because I'm a student/staffer at the Institution with SPARSA and the ANSA program.

    You can find out more @
    RIT Office of CoOp and Careers

    If you're interested, I can put you in contact with one of our SPARSA Alums who are now in the field.
    Vice President of Practices
    RIT\'s Security Practices and Research Student Association
    http://www.sparsa.org

  4. #14
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    DeVry Institute always has commercials on TV for "guarunteed job placement services to all graduates". I know Colorado Technical University (not just in Colorado...a few other states are covered, too) has a similar program.

    I know that, with the right polish and experience, a proper candidate can get on with Big Security Firms (TM) WITHOUT education or certification...if they can prove their worth. Firms like, oh, I dunno...ISS, Symantec, VeriSign, etc.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •