2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
It seems to just be "understood" that if you're accepting favors you're doing so because the vendor expects to influence you and that you've compromised yourself if you start down that path. During the course of my career, I've seen only a couple of incidents of this type.
Careful coordination is needed: Are we duplicating services? Worse, are there risks that fall between the cracks, into the gray areas on the borders of our separate assurance functions?
While the debate over privacy swirls, the actual voice of the consumer is rarely heard. Until now. And what the consumers have to say in new research about privacy notices and data usage may surprise you.
Although it's encouraging that security is now considered part of the software quality paradigm for customers' needs, the question remains: "Do we have the cyber skills needed for today's chaotic, application-driven world and its ever-increasing need for security?"
"We appear to be asking DHS to take on new cybersecurity roles and missions while it is establishing its basic core competencies," Melissa Hathaway says. "Is this reasonable? Do we want DHS to become a first party regulator?"
The federal government has an assortment of career series - music specialist, broom and brush making, baking and so forth - but none for cybersecurity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
