I've been kicking around in InfoSec since 1996. Once I met InfoSec, nothing else has held my passion as much. Yes this is a bit odd, but it is what it is, it is what I love. It is "good" versus "evil" - something fascinating to me. More on that later, as I delineate criminals from those seeking to help by finding vulns. For now, here's the point.
So I did a poll on Twitter, expecting maybe 50 votes, but instead I got over 2000 votes.
I've seen tweets saying if you don't write code, you're worthless (or will be soon) in InfoSec. Have seen pro-certification advocates, and those who disrespect certificate holders. The needing a degree to be effective in InfoSec and get a job has been hotly debated. Have seen tweets advocating doing bad acts as necessary to having street creds.
Looks like part of the answer is, your nature.. Effectiveness in contributing to InfoSec community takes wanting to help, humility, altruism, critical thinking, communication skills and curiosity.
Ability to not be lazy and Google what you need to know is key.
It's kind of like The Breakfast Club.
People who are effective in InfoSec might follow the classic movie's final essay turned in.
It takes all of our skills working together to defeat the true bad folks attacking the innocent. I could do a bunch of fancy words here, but this is my gist :)
