Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: CISSP Question

From: "David Harley" <david.a.harley () gmail com>
Date: Wed, 16 May 2007 14:27:28 +0100
David - well said. I think we're all in heated agreement on 
the key issues.
Both you and Simmons are helping us all if you engage others 
in thinking about these issues.


Thanks, Ken. Useful and interesting topics. Unfortunately I have a publisher
breathing down my neck right now, but hope to be able to contribute to those
discussions in due course. Your point about transitional tools is well
taken. The big certs like CISM, GIAC and CISSP certainly grab attention in
the job market, but a savvy employer should take into account -any-
initiative towards career development that a candidate can demonstrate.


MS says that 
security really should be integrated in all of the various 
products and programs and not an add-on or stand-alone offering.


I'm only partly sympathetic to that. We don't all need to know about
Bell-LaPadula, and, of course, the fallacy that security is something
separate to everything else is part of the reason that insecurity is the
norm. But if we leave security entirely to the non-specialists, we'll all
get left behind.

And now I really have to go and meet a deadline. ;-)

-- 
David Harley CISSP, Small Blue-Green World
Security Author/Editor/Consultant/Researcher
AVIEN Guide to Malware:
http://www.smallblue-greenworld.co.uk/pages/avienguide.html
Security Bibliography:
http://www.smallblue-greenworld.co.uk/pages/bibliography.html
Previous By Date Next
Previous By Thread Next

Current thread: