This is part 2 of a series posts reflecting on a Fred Pryor class titled Managing Your Emotions Under Pressure. There is more pressure than ever in the workplace. There is just a lot of information to absorb and a lot of tasks to perform. Most of my readers will understand that. They use RSS …
Continue reading ‘Managing Emotions Under Pressure – part 2’ »
It’s always nice when your own auditors follow company policy. We have an external auditor in for the next 6 week in order to obtain FISMA certification. At the kickoff meeting, we told the auditors that they were not allowed to put their computers on our internal network, but they were more than welcome to use …
The UNIX administrator asked me to scan his systems that are withing the scope of our Certification and Accreditation package. We have an auditor coming in next week to check our progress toward obtaining “authority to operate” and he wanted to make sure his systems were clean. I found that our recently upgraded firewall now …
Occasionally people ask how I got where I am. I’ve been meaning to add an ‘about me’ but haven’t gotten around to it. A question earlier this week reminded me that this post was sitting in my draft folder. A lot of people are sniffing after information security because they think they smell the green. …
Did I mention that my company updated their education assistance policy? After 5 years of allowing people to leave freely the second their company paid for degree was obtained, after I’ve been taking classes for two years, now in the final year of my degree they have changed the program so that if I leave …
Dan Greer was the Keynote speaker at Shmoocon. For a statistician he made a rather broad brush statement that current security workers have no formal training. Yet now every college has a security course. The non-credentialed he says are the ones with skills while those with credentials are the charlatans. Was the world really better …
Certification and Accreditation. Is it the path to security? Does it even purport to be that? I find myself asking that question as I review the site security plan we are putting together where I work. I’m all for best practices. But one best practice is not applicable everywhere. As Jesper Johhanson has written, it …
SANS is modifying the requirements for the GIAC Certification so seekers will no longer be required to write a written practical. In the past there has been a requirement of a practical as well as multiple tests. The written practical was a great thing for the GIAC. Some certifications are seen as a paper certification, …
I got an email last week from SANS stating that they are looking at interest in a MS in Information Security Management for a MS in Information Security Technology Leadership. They don’t state any specifics but it seems clear from the context that they are looking at creating a Masters programs based around (or completely …
I recertified my GIAC certification in Securing Windows this week. According the the certification description, GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including add-on services such as Internet Information Server and Certificate Services.