1 / 11

The Path to Becoming a Security Professional

The Path to Becoming a Security Professional. Andrea C. Hoy, CISSP, CISM President, ISSA Orange County CISO Executive Task Force Chief Technology Officer, iQwest www.securIT.us www.iQwest.com 12 April 2006. EDUCAUSE Marriott City Center, Denver, CO. My Background or.

hedva
Download Presentation

The Path to Becoming a Security Professional

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Path to Becoming a Security Professional Andrea C. Hoy, CISSP, CISM President, ISSA Orange County CISO Executive Task Force Chief Technology Officer, iQwest www.securIT.uswww.iQwest.com 12 April 2006 EDUCAUSE Marriott City Center, Denver, CO

  2. My Background or The Path I took to Become CISO for a Fortune 200 & 500 Playground rules still exist “Verbal Judo” Glass ceilings did exist! But glass breaks

  3. What I Learned on the Job Security Org Charts vary as much as 1st year students’ majors change! Reporting Structures can Help or Hinder Who you know not What you know – not always Even Big Corporations Don’t Know what they Want, but They sure Know what they Don’t Want to Hear!

  4. Where’s InfoSecurity? 5/ 9 / 6%

  5. “Job Description” Please!? WANTED – Candidate must… • Info Security Policy & Procedures • DRP/BCP • Enterprise Program Management • Risk Management • Fraud/Investigations • Physical Security • Non-IT Risk Functions • Legal Liability – “Who gives the sample?” • Windows/Mac/Linux/Unix/Sun Solaris/AIX • CISSP/MCSE/Cisco/GIAC, etc..

  6. The Perspective from Above The CISO/CSO/CRO is a Strategic permanent position in the business. 2004 17% 2005 58% I.S. is a Business Enabler and Essential to our Business. It is no longer an Overhead Cost. 2004 25% 2005 49%

  7. What do the Troops look like on This Path? (Backgrounds) EDUCATION *2003, 2004, 2005 data from CSO Magazine/Price Waterhouse Coopers – State of the CSO & CISO Exec Forum, ATL – March 2006

  8. What do the Troops look like on This Path? (Backgrounds) Certifications • Source: CISO Bootcamp, A. Hoy & Assoicates & State of the CISO 2003/2004/2005 -PWC

  9. What do the Troops look like on This Path? (Backgrounds) PREVIOUS OCCUPATIONS • IT/IS 63% • Physical Security • Military • Law Enforcement • Business Operations • Audit • Other • Legal Highest (Most Common) to Lowest (Least Common)

  10. StaffingHow Many Information Security Professionals are Enough for Success? # of Full Time Info Security Employees 11% 23% 24% 11% Avg. 3 31% * Slide from CISO Bootcamp – A. Hoy & Associates

  11. How To Help Progress the InfoSecurity Profession Give Zen! • If you have made it to the Boardroom/President’s Office, • DO Surveys!!!! • Share your story • Mentor a Student Intern or Hire a New Grad • Create a Succession Plan • Always maintain absolute integrity • Help your fellow InfoSecurity Professional/ CISO to be get there! • Join IS organizations • Support your staff • Don’t take yourself too seriously!

More Related