Basic familiarity with information security technology

The information security manager must be knowledgeable in information security technical areas such as encryption, smart cards and system access control. Not only must the manager not be duped by technical specialists, he or she must know the best technology to apply in response to an organization's information security needs. Without this knowledge the manager will lose credibility, and thereby jeopardize current and future information security initiatives. Generally a manager will not have the luxury of learning a great deal about information security technology on the job, so organizations should not hire an inexperienced person and expect that they will be able to pick up the technology as they go along. Familiarity with the technology does not mean that an information security manager is expected to personally get involved in highly-technical work, for example program a digital certificate user authentication system, but it does mean that the manager would know when such a technology should be used. In general, a successful information security manager must be familiar with the methods used, the processes employed and the business reasons cited to justify information security measures. The successful manager should also be familiar with the successful ways to enforce information security requirements with what is often an uncooperative end-user population.


  Excellent communication skills
  Good relationship management skills
  Ability to manage many important projects simultaneously
  Ability to resolve conflicts between security and business objectives
  Ability to see the big picture
  Basic familiarity with information security technology
  Real world hands-on experience
  Commitment to staying on top of the technology
  Honesty and high-integrity character
  Familiarity with information security management
  Tolerance for ambiguity and uncertainty
  Demonstrated good judgement
  Ability to work independently
  A certain amount of polish

Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield

Download Appendix B, Personal Qualifications
This was last published in September 2005

Dig Deeper on Information security policies, procedures and guidelines

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.