Re: IT Manager to CISO

[ichib0d crane <themadichib0d () gmail com>]

Well, people with CISSP often get a bad rap because they have a
tendency of making huge idiotic blunders but at least compared to
Security+ it's better. Security+ is a basic cert that pretty much says
you know not to open random email attachments, firewalls are good,
wifi is bad, ect. There are tons of info sec certs out there and they
pretty much are mainly good for your resume and thats it. Since you
already got the job certs are not all too relevant to you unless you
start looking for a new job explicitly in infosec. What I'd do if I
were you is enumerate everything you'll be in charge of and then get
matching books. Know your network better than anyone else and know
precisely what your network demands security wise. More importantly,
don't be afraid to be pushy and become the 'bad guy' if it means
correcting a STUPID mistake.

On Wed, Apr 27, 2011 at 1:37 AM,  <olufemimogaji () gmail com> wrote:
> Hi all,
>
> I'm currently the de facto IT manager for a small IT services firm. The nature of our business requires that we 
> follow PCI standards as per logical security. Here's the thing, the CISO is leaving next month, and I've been told 
> I'll be taking his position. I already have a lot of exposure to info sec, I have a CCNP (the former version with 
> ISCW) and a I'm an MCP (Active Directory for WS 2008). What I need to know is what cert I should go out there and get 
> to make me more cemented in this new CISO role, at least to keep the auditors happy, as they sometimes like to 
> question your competence. The outgoing CISO, even though he was trained by some of our partners, had NO certs, and 
> this exposed him to uncomfy questions from hard nosed auditors. Security+ or CISSP exam? Or any others? Any form of 
> guiding light will be highly appreciated.
>
> Regards,
>
> Femi M.
>
>
>
>
> Sent from my BlackBerry® Smartphone
>
>
>
> Sent from my BlackBerry® Smartphone

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------