Here are three articles that I was able to pull together from a Google search very quickly. SpyEye malware borrows Zeus trick to mask fraud, Hacking group releases more Stratfor subscriber data, and Government engineers actively plan for cyberwar. What does this mean exactly? I tell you. These three examples show that not only are we not safe in cyberspace, but that it’s OBVIOUS that we aren’t safe.
As IT professionals, we need to know how to keep the people in our organization secured. Luckily, we have a great path for you to take to ensure that you can do this.
Let’s start with Security +
CompTIA Security+® (2008 Objectives) is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ (2008 Edition) Certification examination (exam number SY0-201). In this course, you will build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.
Next, the just released CompTIA Advanced Security Practitioner (CASP).
You will examine advanced security concepts, principles, and implementations that pertain to enterprise level security.
Upon successful completion of this course, students will be able to:
•identify enterprise security fundamentals.
•apply enterprise security technology solutions.
•implement security design and solutions.
•manage risk, policies and procedures within an enterprise.
•integrate security solutions within an enterprise.
•conduct security research and analysis.
Finally we have CISSP Certification.
This five day, instructor-led course trains students in all areas of the security Common Body of Knowledge (CBK). They will learn about security policy development, secure software development procedures, network vulnerabilities, attack types and corresponding countermeasures, cryptography concepts and their uses, disaster recovery plans and procedures, risk analysis, crucial laws and regulations, forensics basics, computer crime investigation procedures, physical security, and much, much more. They will explore the contents and concepts that make up the diverse domains and learn how they work together to provide true “in-depth” defense.
The certification process for the Information Systems Security Officer training and certification program prepares and certifies individuals to analyze an organization’s information security infrastructure in respects to threats, risks, and design a security program to mitigate risks relevent to 2011 and beyond. ISSO’s will also be proficient in risk analysis, risk mitigation, application security, network security, operations security, business continuity and disaster recovery planning.
Let’s all make a New Year’s resolution to be as secure as possible in 2012.