Tuesday, April 29, 2008

Security Catalyst Forums

I've written often about all the ways I have met people. My network has certainly grown in the last year between facebook, linkedin, the numerous blogs that I read and the numerous blogs that they all link to.

One place that has certainly been a terrific place to meet smart people interested in Information Security and to harvest some of their ideas are the Security Catalyst Forums. Registration is free and gets you access to some really amazing people.

Each week someone volunteers to sum up the last week's postings and this week is my turn so here goes...

Andrew Hay is doing his CISSP and has been given a lot of advice by the members. Generally it is agreed that cccure.org is a good resource but always ready to jump in and start new Security Catalyst initiatives, Michael wants to put together a resource for those Catalyst Members studying for the CISSP.

I personally did the official CISSP boot camp training course and found it well worth doing. I bought the official ISC2 guide but found it to be too wordy and technical. It is a great resource though and I have used it many times since my exam but at 10pm after a days work it is the last thing your eyes want to see.

Education seems to be a theme at the moment - Didier Stevens write his GSSP-C exam and Kevin Riggins is debating doing a Masters in Information Protection/Assurance.

Information Security is slowly becoming so much more more than just Firewalls and Antivirus and the education needed is becoming vast. I think it has already come to the point where it is impossible to know everything and practitioners now need to work out what section of Information Security they want to get into.

I personally am interested in the management side of InfoSec but if I choose that then I will not be able to get deeply into any particular part of InfoSec anymore. I have my CISSP and would love to get a Masters like the one above but GSSP-C would be too restrictive for me but to each his own. Well done Didier and good luck Andrew, Kevin and all those that are looking to grow their knowledge.

Don Weber raises an interesting question - should businesses be monitoring search queries via their proxy servers. My feeling is that yes, they should. Companies should monitor everything and they have the right (in South Africa at least) to do so. However, (there is always an however with me) context is everything. One has to use the information that one gets from logs as a guide and try to understand exactly why someone browses so much or such strange sites or whatever. I believe that Information Security has to become a central part of the organisation and has to make connections with all departments. All browsing issues must be driven by HR with technical and policy help from InfoSec.

There were other discussions, jobs posted and conferences listed but I'm not going to go into them all. The last thing I'd like to say is that I asked a question on the Security Catalyst Forums and got some quality replies - all different but all quality that will allow me to do my job that much better.

No comments: