[talk] "death of IT"

James E Keenan jkeenan at pobox.com
Sun Mar 29 12:15:00 EDT 2020


On 3/29/20 10:16 AM, Brian Callahan wrote:
> 
[snip]

>>
>> Futher, per ISO 27002 who will:
>>
>>   - create and enforce segregation of duties?
>>   - create, deliver, and track information security awareness and
>>     training?
>>   - track assets?
>>   - manage access rights?
>>   - ensure cryptographic keys are competently managed?
>>   - enforce secure disposal or re-use of equipment?
>>   - manage installation of software on operational systems?
>>   - create, monitor, and enforce network controls?
>>   - perform system acceptance testing?
>>   - monitor supplier relationships?
>>   - assess, respond, and remediate information security vulnerabilities?
>>   - create, test, and actually perform business continuity in the event
>>     of a disaster (or a pandemic)?
>>   - ensure the protection of your privacy and personal information?
>>
>>
> 
> Wish my Infosec students were on this list--we covered ISO 27002 on 
> Thursday! Great stuff Jim.
> I often end up teaching a lot of these skills indirectly in my 
> programming courses because they are so crucial.
> 

One of the limitations of being almost completely self-taught as a 
programmer is that I never learned any of the stuff on that list.

jimk




More information about the talk mailing list