Home page logo

basics logo Security Basics mailing list archives

Re: IT Manager to CISO
From: ichib0d crane <themadichib0d () gmail com>
Date: Thu, 28 Apr 2011 08:39:44 -0700

Well, people with CISSP often get a bad rap because they have a
tendency of making huge idiotic blunders but at least compared to
Security+ it's better. Security+ is a basic cert that pretty much says
you know not to open random email attachments, firewalls are good,
wifi is bad, ect. There are tons of info sec certs out there and they
pretty much are mainly good for your resume and thats it. Since you
already got the job certs are not all too relevant to you unless you
start looking for a new job explicitly in infosec. What I'd do if I
were you is enumerate everything you'll be in charge of and then get
matching books. Know your network better than anyone else and know
precisely what your network demands security wise. More importantly,
don't be afraid to be pushy and become the 'bad guy' if it means
correcting a STUPID mistake.

On Wed, Apr 27, 2011 at 1:37 AM,  <olufemimogaji () gmail com> wrote:

Hi all,

I'm currently the de facto IT manager for a small IT services firm. The nature of our business requires that we 
follow PCI standards as per logical security. Here's the thing, the CISO is leaving next month, and I've been told 
I'll be taking his position. I already have a lot of exposure to info sec, I have a CCNP (the former version with 
ISCW) and a I'm an MCP (Active Directory for WS 2008). What I need to know is what cert I should go out there and get 
to make me more cemented in this new CISO role, at least to keep the auditors happy, as they sometimes like to 
question your competence. The outgoing CISO, even though he was trained by some of our partners, had NO certs, and 
this exposed him to uncomfy questions from hard nosed auditors. Security+ or CISSP exam? Or any others? Any form of 
guiding light will be highly appreciated.


Femi M.

Sent from my BlackBerry® Smartphone

Sent from my BlackBerry® Smartphone

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]