[talk] "death of IT"
jpb at jimby.name
Sun Mar 29 14:59:51 EDT 2020
On Sun, 29 Mar 2020 12:15:00 -0400
James E Keenan <jkeenan at pobox.com> wrote:
> On 3/29/20 10:16 AM, Brian Callahan wrote:
> >> Futher, per ISO 27002 who will:
> >> - create and enforce segregation of duties?
> >> - create, deliver, and track information security awareness and
> >> training?
> >> - track assets?
> >> - manage access rights?
> >> - ensure cryptographic keys are competently managed?
> >> - enforce secure disposal or re-use of equipment?
> >> - manage installation of software on operational systems?
> >> - create, monitor, and enforce network controls?
> >> - perform system acceptance testing?
> >> - monitor supplier relationships?
> >> - assess, respond, and remediate information security
> >> vulnerabilities?
> >> - create, test, and actually perform business continuity in the
> >> event of a disaster (or a pandemic)?
> >> - ensure the protection of your privacy and personal information?
> > Wish my Infosec students were on this list--we covered ISO 27002 on
> > Thursday! Great stuff Jim.
> > I often end up teaching a lot of these skills indirectly in my
> > programming courses because they are so crucial.
> One of the limitations of being almost completely self-taught as a
> programmer is that I never learned any of the stuff on that list.
Perhaps, but if you've worked in the corporate world for any length of
time, you see them all the time. Pretty much everything on that list is
a job for somebody, but hopefully not all the same person!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3631 bytes
Desc: not available
More information about the talk