Cyber security governance jobs are growing significantly faster than information technology jobs. However, this very exciting industry lacks the number of skilled professionals required to fill the available jobs.
Some common roles within cyber security include cyber security governance manager/consultant, information assurance, security analyst, forensics consultant, penetration tester and malware analyst/reverse engineering. With these types of opportunities available, new or aspiring cyber security professionals should focus on continually increasing their skillsets, because the cyber security industry is continually changing.
Magic! It is the basis for countless children’s stories filled with adventure and excitement. It is also how many kids think cyberspace works. There is nothing like seeing our child’s reaction when the slight of a magician’s hand produces awe-inspiring results. However, as IT professionals we know the internet is no Penn & Teller illusion. A technical understanding of their digital lives is a crucial life lesson for today’s youth.
How many of the kids in our lives truly know what mom or dad or their aunt or uncle do at work? Let’s face it, many of us find it difficult to explain our work to most adults, maybe even our bosses. Or we assume that our kids won’t understand because we think it is too complicated for them. Maybe it is easier to let kids think that in tech we wave our magic wands at code or pull rabbits out of servers. Except, we all know that’s not true.
Syed Adnan Shahab, CGEIT, TOGAF9, PMP, ITIL v3 Expert, CISSP, CISA, CRISC, CISM, CCSP, Riyadh Chapter, recently shared his CGEIT certification success story with ISACA Now in a question and answer session.
At the inaugural CSX 2016 Asia Pacific conference 14-16 November in Singapore, Richard Quest, CNN’s foremost international business correspondent and host of Quest Means Business, will present a keynote address on what he considers the biggest single threat to any CEO today—ransomware.
ISACA Now recently had a virtual conversation with Quest on the cyber security issues that are foremost in the minds of business leaders around the world. Quest discusses breaches, solving the cyber security problem, and the key takeaway from his keynote address.
For an information security professional, one of the most important areas for an organization is building a corporate security culture. Building a security culture begins with the IS professional: being transparent and passionate about security, speaking about security initiatives at company meetings, and providing recurring security awareness talks.
This grass-roots, bottom-up approach should be coupled with an increased focus on executives. Getting their support and buy-in is absolutely critical. If the CEO does not have to have a strong password, why should anyone else in the company? If the CEO does not take time to do security awareness training, why should anyone else? Show me a company with a CEO who takes information security seriously and I’ll show you a company with a strong security culture.
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.