
	Home > Commitment to staying on top of the technology

Book Excerpt:

EMAIL THIS

Commitment to staying on top of the technology

08 Sep 2005 | Information Shield

Digg This!

StumbleUpon

Del.icio.us

The information security manager must furthermore keep abreast of recent developments in the information security field. Attending a conference or two each year will generally not constitute sufficient effort. The manager must read technical magazines, subscribe to online news services, and if he or she is located near a major city, attend an occasional professional society meeting as well. A familiarity with the latest developments is essential if the manager is going to be able to recommend appropriate responses to recently discovered vulnerabilities. A familiarity with the latest developments is also essential if the manager is going to be grounded in the information security related standard of due care (this will be an essential reference point for discussions about adjustments to information security controls). If the manager doesn't possess this current knowledge and if the manager hasn't applied this knowledge, the organization runs a high risk that it will learn about its vulnerabilities only when it's victimized. If the manager doesn't possess and apply this knowledge, it's likely the organization will be using information security solutions that are unnecessarily costly, burdensome and/or antiquated. If the manager doesn't possess this knowledge, he or she is not going to effectively present proposals for change to top management. The risk of having a manager who is not in touch with the latest developments is greater in large organizations where such an individual may be able to hide because others do the technical work; in a small organization it is unthinkable that the information security manager would not also be able to do extensive hands-on work such as install and fine tune a firewall.

INFORMATION SECURITY MANAGER QUALIFICATIONS

Introduction
Excellent communication skills
Good relationship management skills
Ability to manage many important projects simultaneously
Ability to resolve conflicts between security and business objectives
Ability to see the big picture
Basic familiarity with information security technology
Real world hands-on experience
Commitment to staying on top of the technology
Honesty and high-integrity character
Familiarity with information security management
Tolerance for ambiguity and uncertainty
Demonstrated good judgement
Ability to work independently
A certain amount of polish

Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield

Download Appendix B, Personal Qualifications

Digg This! StumbleUpon Del.icio.us

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search Additional Security Research and Solutions

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy