Blog Posts Tagged with "CISSP"
Information Security Management Handbook
January 28, 2013 Added by:Ben Rothke
While the book is organized under the CISSP CBK domains, it should not readily be used as a primary reference for those studying for the CISSP exam, given its unmanageable length as a primary reference...
Comments (0)
CISSP for Dummies
October 24, 2012 Added by:Ben Rothke
The CISSP is the most popular and arguably most valuable information security certification. While SANS GIAC certifications are technically more intensive, the CISSP is the 900-pound gorilla of information security certifications. For those looking review guide, CISSP for Dummies is a worthwhile reference...
Comments (1)
Four Horsemen of the Infosec Apocalypse and the Freak Power Ticket
September 18, 2012 Added by:Scot Terban
All of this will be tempered by what happens next for Dave and Chris. Will they be able to penetrate the old boy network? Will they be able to, once ensconced in the ISC(2) inner sanctum, make any kinds of change that would make the CISSP more meaningful? Time will tell my friends...
Comments (1)
Four Days and Counting for (ISC)2 BoD Petitioners
September 13, 2012 Added by:Le Grecs
The same "good 'ol boys/girls" keep returning time and time again. When their terms are up, they "sit out a year" and then the next board nominates them as one of the BoD-recommended candidates. Keeping the same old board will result in a certification that continues to be disconnected...
Comments (0)
Chief Information Security Officer (CISO) Certified?
September 09, 2012 Added by:Jayson Wylie
The requirements involved with obtaining a certification past September 30th 2012 may not be beneficial for a CISO, andI do not know how applicants with this new certification will stand apart from those with graduate degrees in their understanding of security solutions...
Comments (7)
Scot Terban ISC(2) Board Petition UPDATE
September 05, 2012 Added by:Scot Terban
It seems that when one “petitions” to run for the board, one must have the signatories send an email instead of just fill out their information on some excel sheet or online petition. If you are wanting to sign the petition for my being able to run for the BoD please email me...
Comments (0)
Official Statement on ISC2 and the Freak Power Ticket
August 26, 2012 Added by:Scot Terban
Vote for the horsemen. If not me, then the others for a bigger point here. Those of you who take the ISC and CISSP seriously need to look at your org. Do you think that any with this certification are good at what we do because we took a test and adhere to some ethics rules the board ignores when they see fit?
Comments (0)
Your CISSP is Worthless - So Now What?
August 23, 2012 Added by:Dave Shackleford
OK, so it’s not really worthless. So what do I propose? I say scrap the whole thing. Start over. Build a cert and program that tests fundamental skills and means something to employers who really need things done. Offer existing cert holders one year and a free test to get the new one. Otherwise, they’re out...
Comments (21)
Vote for Boris Sverdlik aka JadedSecurity for ISC2 Board
August 23, 2012 Added by:Boris Sverdlik
I’m not going to promise things that I may or may not be able to deliver on, but I can promise I will stick to what I believe is a shared vision in the community for a value add certifying body. In order to change perception of the certification and the certifying body we need to change...
Comments (0)
Scot Terban ISC2 Board Candidacy
August 23, 2012 Added by:Scot Terban
Ok, so after a flurry of tweets about the candidacy of others, my name got thrown in there like so much pasta being chucked at a wall. Well, it stuck in my case and I decided to run. So, if you think that I can get in there and stir up some trouble, and maybe make some changes then VOTE FOR ME in this petition...
Comments (0)
Sign Dave Lewis' Petition for the ISC2 Board Election
August 22, 2012 Added by:Infosec Island Admin
Dave Lewis wants to work to restore the CISSP exam and it’s place in the community as something to be respected, help bring the ISC2 into the wider acceptance, help make it a force for positive change, and ensure that the ISC2 is representative and accountable to it’s membership...
Comments (1)
CISSP Reloaded Domain Eight: BCPs and DRs
June 14, 2012 Added by:Javvad Malik
Some companies are not factoring cloud-based or 3rd party hosted applications into their DR plans because contractually the cloud provider is responsible. What would you do if your cloud-provider got hit by a disaster they couldn’t recover from. What would you do in order to continue your business operations?
Comments (0)
CISSP Reloaded Domain 7: Applications and Systems Development
May 08, 2012 Added by:Javvad Malik
Secure applications aren’t the result of evolution or chance conditions coming together. Secure applications are only created with a definite degree of intelligent design. You, as the security person are responsible for providing that intelligent design into the application...
Comments (0)
CISSP Reloaded Domain Six: Operations Security
April 18, 2012 Added by:Javvad Malik
Some argue that operations security is primarily focused around IT and bring up the old argument of IT vs infosec and the baggage that comes along with that. It’s an argument as old as whether PC’s are better than Macs, Ninja’s could beat Pirates or Cagney was better than Lacey...
Comments (0)
CISSP Reloaded Domain 5: Security Architecture and Models
April 09, 2012 Added by:Javvad Malik
This domain has a good title and there is probably a lot one can talk about. There are not enough competent security architects on the market. Sure you can get a lot of penetration testers of or risk and compliance type people. But good architects are hard to come by...
Comments (0)
CISSP Reloaded Domain 4: Cryptography
March 28, 2012 Added by:Javvad Malik
Cryptography, the dark art of information security. The deus-ex-machina, the silver bullet, the be all and end all of all security measures, so profound cryptography was first classed as a munitions. Widely misunderstood, often poorly implemented...
Comments (1)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform