Security Basics mailing list archives
RE: IT Manager to CISO
From: Jeremi Gosney <Jeremi.Gosney () motricity com>
Date: Thu, 28 Apr 2011 20:29:49 +0000
I wouldn't exactly call the CISSP well-respected -- it's respected within certain circles and among certain types of people. I tend to view the CISSP as a black mark on a resume. We don't really place a whole lot of weight on certifications to begin with as there are very few that actually demonstrate practical knowledge / skill, but if CISSP is the only cert on the resume, it goes in the trash. If upper management is your goal, my advice would be to go for both GSLC and G2700 (hopefully your organization does ISO 27000). At least you will still have a soul after obtaining those. ________________________________________ From: listbounce () securityfocus com [listbounce () securityfocus com] on behalf of Jonathan Younie [jonnyp4lsec () gmail com] Sent: Wednesday, April 27, 2011 5:21 PM To: olufemimogaji () gmail com Cc: security-basics () securityfocus com Subject: Re: IT Manager to CISO Femi, From any standpoint, there's no comparing the two certifications. The Security+ exam is an entry level exam suitable for most people who are just entering the field. The CISSP is a well respected exam for people who are experienced and involved in designing and managing all forms of security at a high level. In fact, the certification requires being vouched for by other certified CISSPs and demonstration of numerous years of InfoSec related experience. It covers a broad spectrum of information and demonstrates a knowledge of industry standards rather than singular products or philosophies. Another exam you might consider is the Certified Information Security Manager (CISM) offered by ISACA [http://www.isaca.org/Certification/CISM-Certified-Information-Security-Manager/Pages/default.aspx]. This is an exam designed for high level security managers who have to cover all realms of security from a technical and administrative aspect. Both of those are hard for anyone to scoff at. Hope that helps. Jonathan Younie On 4/27/2011 4:37 AM, olufemimogaji () gmail com wrote:
Hi all, I'm currently the de facto IT manager for a small IT services firm. The nature of our business requires that we follow PCI standards as per logical security. Here's the thing, the CISO is leaving next month, and I've been told I'll be taking his position. I already have a lot of exposure to info sec, I have a CCNP (the former version with ISCW) and a I'm an MCP (Active Directory for WS 2008). What I need to know is what cert I should go out there and get to make me more cemented in this new CISO role, at least to keep the auditors happy, as they sometimes like to question your competence. The outgoing CISO, even though he was trained by some of our partners, had NO certs, and this exposed him to uncomfy questions from hard nosed auditors. Security+ or CISSP exam? Or any others? Any form of guiding light will be highly appreciated. Regards, Femi M. Sent from my BlackBerry® Smartphone Sent from my BlackBerry® Smartphone
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- IT Manager to CISO olufemimogaji (Apr 27)
- Re: IT Manager to CISO Omar Salvador Alcalá Ruiz (Apr 28)
- RE: IT Manager to CISO Egerue, Ugochukwu (Apr 28)
- RE: IT Manager to CISO rogue5 (Apr 28)
- Re: IT Manager to CISO Ricardo Ferreira (Apr 28)
- RE: IT Manager to CISO Craig Hotchkiss (Apr 28)
- RE: IT Manager to CISO Valin, Christian (Apr 28)
- RE: IT Manager to CISO David Gillett (Apr 28)
- Re: IT Manager to CISO Todd Haverkos (Apr 28)
- Re: IT Manager to CISO Jonathan Younie (Apr 28)
- RE: IT Manager to CISO Jeremi Gosney (Apr 28)
- Re: IT Manager to CISO ichib0d crane (Apr 28)
- RE: IT Manager to CISO David Gillett (Apr 28)
- <Possible follow-ups>
- Re: IT Manager to CISO olufemimogaji (Apr 28)