I noticed this week that a site out there is using wp-o-matic to present my work as his own information security blog. Some people incorrectly think that a RSS feed is a permanent license to do whatever you want with content. Its not. While it doesn’t look like it, I do spend a lot of …
Its hard to believe that three years have passed since I got my CISSP certification. It renewal time. I sent off my annual payment to ISC2 and I’m well past the minimum required Continuing Professional Education credits (CPEs). Here’s a link to an interesting blog entry, Do you Still Value your CISSP.I love the opening …
Occasionally people ask how I got where I am. I’ve been meaning to add an ‘about me’ but haven’t gotten around to it. A question earlier this week reminded me that this post was sitting in my draft folder. A lot of people are sniffing after information security because they think they smell the green. …
http://software.silicon.com/security/0,39024655,39152300,00.htm IT departments should not be calling the shots on security, according to Jay Heiser, research VP at Gartner Research. Instead, companies need to take a business-oriented, risk-management approach. Stepping back from technical details allows a company’s IT practices to be forward-looking, aligned with the core business, and provide better return on investment. Zurich Financial …
Continue reading ‘Gartner: Security Leadership belongs to CxO’ »
I got word on saturday that I passed the CISSP exam that I too last week. All that is left now is getting a current CISSP to sign the form verifying my experience and also writing up a resume to turn in for this. Once this is sent in, there may be an audit. I …
I’ve been wondering about what the University of Fairfax is. Diploma Mill or what. They’ve been sponsoring some CISSP study sessions locally and some CISSP webcasts that I watched. They offer a PhD in Information Systems concentrating in Information Assurance. While the website did look like it is a real program rather than a diploma …
I mentioned a few posts back that I was going to a local SANS conference. We’re 2/3s of the way through the SANS – CISSP + S conference and its been a great experience. Because it is a prep course, by nature it avoids two of my main annoyances in training. No one is signed …
Tomorrow I’m heading off to a SANS conference in Herndon VA. I’m taking a CISSP course from Eric Cole. Its not really the best time for this. SANS conferences are kind of like drinking from the firehose of knowledge. Actually it will be interesting to see if that is still my opinion. My last SANS …
SearchSecurity.com has free CISSP training webcasts available for a limited time. It does require registration. I watched the first class/domain over the weekend and though it was interesting. I came away with a few things to think about. The presentation is very rapid fire. There is way too much material in domain1 to fit into …
SANS is modifying the requirements for the GIAC Certification so seekers will no longer be required to write a written practical. In the past there has been a requirement of a practical as well as multiple tests. The written practical was a great thing for the GIAC. Some certifications are seen as a paper certification, …