Blog Posts Tagged with "Professional"


We Are Infosec Professionals - Who the Hell Are You?

July 14, 2011 Added by:Javvad Malik

I explained to someone that I worked in infosec, they commented, “there’s not much you guys do given all the hacking that’s gone on lately.” I could have just explained how a lot of the so-called hacking attacks were actually DDOS, or that human error was responsible, but my mind wandered...

Comments  (11)


Impending Doom and IT Security's Downward Spiral

June 06, 2011 Added by:Rafal Los

If you've been in Information Security for any meaningful period of time you can surely side with the frustration and disappointment many of the long-time residents of Infosec-ville are feeling as breach after breach piles on in the news. The result of all of this is a downward spiral...

Comments  (1)


The Dangers of Opening Your Mouth

May 03, 2011 Added by:Eric Irvin

It's important that we continue to listen as much as we talk, and dissect statements, data, and ideas as critically as possible. As the world of Information Security grows, we can not afford to be spoon-fed our thoughts and ideas from speakers, magazine articles, and vendors...

Comments  (1)


The Difference Between Doing IT and Infosec

April 20, 2011 Added by:Robb Reck

The primary issue is that the skills that make for a great IT professional are not the same that make for a great information security professional. IT professionals manage systems, information security professionals manage risk...

Comments  (2)


She Blinded Me With Infosec...

April 11, 2011 Added by:Infosec Island Admin

One must admit that no matter how many times an assessment is carried out and things are found/exploited there are ALWAYS more vulnerabilities being introduced. You will never get them all and the client, if they understand this, will become inured to it...

Comments  (0)


RSA Breach Long Term Impact for Security Professionals

March 30, 2011 Added by:Nick Owen

With the explosion of cloud-based services, organizations are relying on the security of their vendor's vendors. What lessons can we learn from the RSA and Comodo episodes, and how should it impact decision making? Here are some longer-term items to think about...

Comments  (0)


The RSA Hack: Don't Overreact

March 27, 2011 Added by:Eric Cissorsky

When IT Security panics, it causes ripple effects throughout the enterprise. In the event this turns out to be a serious breach, you will be credited with keeping your cool and weathering the storm. Overreacting to any security incident can undermine your department's credibility...

Comments  (0)


Building Out a Security Skills Matrix

February 24, 2011 Added by:Brad Bemis

As the manager of a security operations team, I needed a way to track the current skills/knowledge levels of my team, and its progress over time. That’s what this matrix did for me – and it could do the same for you to – IF you’re willing to take the time to build one that is...

Comments  (1)


Changing Infosec Perceptions by Being 'Nice'

February 22, 2011 Added by:Brad Bemis

Pardon my language, but in my experience you don’t have to be a prick to be an effective security professional – in fact, being a prick is counterproductive in almost every way imaginable. Being nice however, will serve you in ways that I can’t even begin to explain...

Comments  (1)


Competence-in-Depth: A Working Model

February 14, 2011 Added by:Brad Bemis

Information security is an incredibly diverse field. It is also a relatively new profession if you discount its long history in government and academia. As a developing professional discipline there are a number of challenges – we still have a lot of growing up and getting smart to do...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »