Security Basics mailing list archives

Re: IT Manager to CISO

From: olufemimogaji () gmail com
Date: Thu, 28 Apr 2011 04:51:23 +0000

Hi All,

Thanks for all for all your input. Your thoughts seem to follow a familiar pattern:. CISSP, SANS and CISM. Soon as I 
read all these emails I called a training firm I knew and booked for their CISSP training. 

Thanks again!

Femi M.

------Original Message------
From: James Alcasid
To: olufemimogaji () gmail com
Cc: security-basics () securityfocus com
Subject: Re: IT Manager to CISO
Sent: 28 Apr 2011 00:51

Femi,
Certification wise if you do not already have your CISSP you should study for it or at least have a Security+. The CISA 
and CISM are also credentials that may be appropriate for a CISO. You may also look into the SANS courses in infosec 
management. What would really be of great value is formal education on the principles of risk management and continuity 
of operation. Project management skills and understanding the project life cycles are important. Are you familiar with 
COBIT? Does your organization have internal auditors? Know those people, they are your friends. Who does the external 
audit? Get to know those people as well.


On Apr 27, 2011, at 4:37 AM, olufemimogaji () gmail com wrote:


Hi all,

I'm currently the de facto IT manager for a small IT services firm. The nature of our business requires that we 
follow PCI standards as per logical security. Here's the thing, the CISO is leaving next month, and I've been told 
I'll be taking his position. I already have a lot of exposure to info sec, I have a CCNP (the former version with 
ISCW) and a I'm an MCP (Active Directory for WS 2008). What I need to know is what cert I should go out there and get 
to make me more cemented in this new CISO role, at least to keep the auditors happy, as they sometimes like to 
question your competence. The outgoing CISO, even though he was trained by some of our partners, had NO certs, and 
this exposed him to uncomfy questions from hard nosed auditors. Security+ or CISSP exam? Or any others? Any form of 
guiding light will be highly appreciated.

Regards,

Femi M.




Sent from my BlackBerry® Smartphone



Sent from my BlackBerry® Smartphone






Sent from my BlackBerry® Smartphone

Current thread:

RE: IT Manager to CISO, (continued)
- - RE: IT Manager to CISO rogue5 (Apr 28)
- Re: IT Manager to CISO Ricardo Ferreira (Apr 28)
  - RE: IT Manager to CISO Craig Hotchkiss (Apr 28)
- RE: IT Manager to CISO Valin, Christian (Apr 28)
- RE: IT Manager to CISO David Gillett (Apr 28)
- Re: IT Manager to CISO Todd Haverkos (Apr 28)
- Re: IT Manager to CISO Jonathan Younie (Apr 28)
  - RE: IT Manager to CISO Jeremi Gosney (Apr 28)
- Re: IT Manager to CISO ichib0d crane (Apr 28)
  - RE: IT Manager to CISO David Gillett (Apr 28)
- Re: IT Manager to CISO olufemimogaji (Apr 28)