Week 7: Training yourself and your IT staff

Two or three times a year

When vulnerabilities are discovered hourly, new technology comes out weekly, and computing power doubles every 18 months, staying current is vital.

Bosses want the brightest, but they don't want to pay to maintain that high-caliber expertise. You have to find a way to stay current in spite of those who believe the training is too expensive and you won't be there should something go wrong.

My favorite training is the conference -- for minimal cost, and in a concentrated time period, you learn the latest tools and technology and reinforce what you know. How do you convince your employer to send you? 1) Educate yourself on the conference. Pinpoint specific sessions you want to attend and show how they will benefit your company. 2) Know the cost: airfare, hotel, food, rental car, conference fee, etc. 3) Write a concise memo, attach it to your brochure and present it to your boss, also including:

  • Networking opportunities you'll have with peers who share similar challenges
  • Suppliers/equipment companies you plan to meet
  • How long you will be gone and how operations will continue in your absence
  • A date for a trip report with your boss upon your return

Ways to keep training costs down:

  • Attend a conference within driving distance.
  • Check out conferences that offer lower group rates or a lower fee for registering early.
  • Offer to speak on a subject

    Requires Free Membership to View

  • relevant to the conference; often you'll get free admission to the conference, and sometimes travel and hotel compensation. Favorite topics are case studies, lessons learned, new technology, how to and solutions found.
  • Host your own conference. Facilities use often comes out of a different budget, and your boss may be agreeable to the exposure for the organization and the learning opportunities.

More information:

Many organizations often have expos and free sessions, and many security and technical professional groups have security conferences throughout the year -- many for less than the cost of a college class. Some of them are:


About the author
Shelley Bard, CISSP, is a senior security network engineer with Verizon Federal Network Systems (FNS). An infosecurity professional for 17 years, Bard has briefed and written infosecurity assessments and technical reports for the White House and Department of Defense, special interest groups, industry and academia. Please e-mail any comments to securityplanner@infosecuritymag.com

Opinions expressed in this column are those of Shelley Bard and don't necessarily reflect those of Verizon FNS.

Last week:Your information security education, training and awareness program
Next week: Reviewing your policies and procedures

This was first published in January 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.