[talk] "death of IT"
jpb
jpb at jimby.name
Sun Mar 29 14:59:51 EDT 2020
On Sun, 29 Mar 2020 12:15:00 -0400
James E Keenan <jkeenan at pobox.com> wrote:
> On 3/29/20 10:16 AM, Brian Callahan wrote:
> >
> [snip]
>
> >>
> >> Futher, per ISO 27002 who will:
> >>
> >> - create and enforce segregation of duties?
> >> - create, deliver, and track information security awareness and
> >> training?
> >> - track assets?
> >> - manage access rights?
> >> - ensure cryptographic keys are competently managed?
> >> - enforce secure disposal or re-use of equipment?
> >> - manage installation of software on operational systems?
> >> - create, monitor, and enforce network controls?
> >> - perform system acceptance testing?
> >> - monitor supplier relationships?
> >> - assess, respond, and remediate information security
> >> vulnerabilities?
> >> - create, test, and actually perform business continuity in the
> >> event of a disaster (or a pandemic)?
> >> - ensure the protection of your privacy and personal information?
> >>
> >>
> >
> > Wish my Infosec students were on this list--we covered ISO 27002 on
> > Thursday! Great stuff Jim.
> > I often end up teaching a lot of these skills indirectly in my
> > programming courses because they are so crucial.
> >
>
> One of the limitations of being almost completely self-taught as a
> programmer is that I never learned any of the stuff on that list.
>
> jimk
>
Perhaps, but if you've worked in the corporate world for any length of
time, you see them all the time. Pretty much everything on that list is
a job for somebody, but hopefully not all the same person!
Cheers,
Jim B.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3631 bytes
Desc: not available
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20200329/7ee18a8e/attachment.bin>
More information about the talk
mailing list