New security professionals are best suited to focus on a timely framework like Common Criteria, ISO 27001/2 or COBIT, depending on which systems they will be evaluated against in practice. In terms of new platforms like VMware, there's more leverage in working with a currently accepted framework of controls that can be used for assessments in the here and now.
Dig deeper on COBIT
Related Q&A from Mike Rothman, Contributor
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.