[talk] "death of IT"

jpb jpb at jimby.name
Sun Mar 29 14:59:51 EDT 2020


On Sun, 29 Mar 2020 12:15:00 -0400
James E Keenan <jkeenan at pobox.com> wrote:

> On 3/29/20 10:16 AM, Brian Callahan wrote:
> >   
> [snip]
> 
> >>
> >> Futher, per ISO 27002 who will:
> >>
> >>   - create and enforce segregation of duties?
> >>   - create, deliver, and track information security awareness and
> >>     training?
> >>   - track assets?
> >>   - manage access rights?
> >>   - ensure cryptographic keys are competently managed?
> >>   - enforce secure disposal or re-use of equipment?
> >>   - manage installation of software on operational systems?
> >>   - create, monitor, and enforce network controls?
> >>   - perform system acceptance testing?
> >>   - monitor supplier relationships?
> >>   - assess, respond, and remediate information security
> >> vulnerabilities?
> >>   - create, test, and actually perform business continuity in the
> >> event of a disaster (or a pandemic)?
> >>   - ensure the protection of your privacy and personal information?
> >>
> >>  
> > 
> > Wish my Infosec students were on this list--we covered ISO 27002 on 
> > Thursday! Great stuff Jim.
> > I often end up teaching a lot of these skills indirectly in my 
> > programming courses because they are so crucial.
> >   
> 
> One of the limitations of being almost completely self-taught as a 
> programmer is that I never learned any of the stuff on that list.
> 
> jimk
> 

Perhaps, but if you've worked in the corporate world for any length of
time, you see them all the time.  Pretty much everything on that list is
a job for somebody, but hopefully not all the same person!

Cheers,
Jim B.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3631 bytes
Desc: not available
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20200329/7ee18a8e/attachment.bin>


More information about the talk mailing list