[talk] "death of IT"
James E Keenan
jkeenan at pobox.com
Sun Mar 29 12:15:00 EDT 2020
On 3/29/20 10:16 AM, Brian Callahan wrote:
>
[snip]
>>
>> Futher, per ISO 27002 who will:
>>
>> - create and enforce segregation of duties?
>> - create, deliver, and track information security awareness and
>> training?
>> - track assets?
>> - manage access rights?
>> - ensure cryptographic keys are competently managed?
>> - enforce secure disposal or re-use of equipment?
>> - manage installation of software on operational systems?
>> - create, monitor, and enforce network controls?
>> - perform system acceptance testing?
>> - monitor supplier relationships?
>> - assess, respond, and remediate information security vulnerabilities?
>> - create, test, and actually perform business continuity in the event
>> of a disaster (or a pandemic)?
>> - ensure the protection of your privacy and personal information?
>>
>>
>
> Wish my Infosec students were on this list--we covered ISO 27002 on
> Thursday! Great stuff Jim.
> I often end up teaching a lot of these skills indirectly in my
> programming courses because they are so crucial.
>
One of the limitations of being almost completely self-taught as a
programmer is that I never learned any of the stuff on that list.
jimk
More information about the talk
mailing list