Another Certification – CISSP

I passed my CISSP certification exam this week and submitted my supporting documentation to my endorser and the (isc)2 to complete the process.   Many people study diligently to pass it and this exam very effectively tested my comprehension of all domains of the Common Body of Knowledge (CBK) and the resultant implications of information security.… Continue reading Another Certification – CISSP

Introduction to The Dude Says, Episode 001

Introductory episode to The Dude Says, where I share my background and what I’m working on.   GIAC GCCC #242        

Compliance versus Security … Coming to Trial?

Compliance is about auditable business processes that are related to meeting legal, regulatory & contractual requirements. Infosec is a confluence of strategic & tactical processes & controls with a goal of ensuring confidentiality, integrity & availability of data & systems.  There is overlap but the two things are effectively different and aimed at different needs… Continue reading Compliance versus Security … Coming to Trial?