Re: Article: Study Says Security Expertise In Short Supply

From: ron (ronat_private)
Date: Tue Nov 27 2001 - 18:07:35 PST

Next message: resumes@matrixx-group.com: "Position Available - IT Technical Auditor - Computer & Data Security - CISA, SSCP, CIA"

Previous message: cgoodwinat_private: "Seeking Security Software Marketing Associate"
In reply to: Meritt James: "Article: Study Says Security Expertise In Short Supply"
Next in thread: Scott Brown: "RE: Article: Study Says Security Expertise In Short Supply"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

from the article:

By analyzing the 4.5 million online tests and certifications taken on the

      Brainbench site during the last 12 months, the firm's Cyber Defense
IQ
      Report shows disaster recovery and planning, with only 111
certified
      professionals in the nation, to be the weakest of the five skill
sets analyzed.
      "With disaster recovery, the truth is everyone thinks someone else
is doing
      it," says Mike Russiello, Brainbench's president and CEO.

intersting 'study' they preformed, great marketing hype for them also.
But, it's an old rant, not really supported by the IT industry.  Face it,
companies are not really into security as of yet.  sure many are putting
up perimiter defenses, and yet, howmany are really securing their exposed
web and mail systems?  How many find their DNS servers hacked  to pieces
weekly?  And even the US government is sorely lacking in any real sense
of dealing with securing their systems, just look at the GAO reports on
government sites for the past two  to three years.  It's surprising how
few comapnies really take security seriously untill they are hit in the
backside, and then it's a battle all the way to the desktop to impliment
polices and get the employees to comply.  One of the most common rants in
the firewalls related lists is: "how do I stop our users from breaking
our policy and doing this nasty thing on the internet/web". I,plyiong
that there is no real buy in and support from upper mgt in
implimentation.  It's a pity, but, it's a fact.

Thanks,

Ron DuFresne

Meritt James wrote:

> "According to a recent report from online certification company
> Brainbench, disaster-recovery and network-security skills are scarce
> within the IT workforce."
>
> ................
>
> Full article at http://www.informationweek.com/story/IWK20011121S0015
> --
> James W. Meritt CISSP, CISA
> Booz | Allen | Hamilton
> phone: (410) 684-6566

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior consultant:  darkstar.sysinfo.com
                   http://darkstar.sysinfo.com
 "Cutting the space budget really restores my faith in humanity.  It
 eliminates dreams, goals, and ideals and lets us get straight to the
 business of hate, debauchery, and self-annihilation."
                 -- Johnny Hart
 testing, only testing, and damn good at it too!
~~
 The good thing about potential is,
         as long as you do nothing,
                 you'll always have it.

Next message: resumes@matrixx-group.com: "Position Available - IT Technical Auditor - Computer & Data Security - CISA, SSCP, CIA"
Previous message: cgoodwinat_private: "Seeking Security Software Marketing Associate"
In reply to: Meritt James: "Article: Study Says Security Expertise In Short Supply"
Next in thread: Scott Brown: "RE: Article: Study Says Security Expertise In Short Supply"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 28 2001 - 12:22:10 PST