Comments on: Some more advice for security admins / managers http://infosecplace.com/blog/2006/07/09/some-more-advice-for-security-admins-managers/ Commentary on the State of Information Security Thu, 02 Feb 2012 20:22:19 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: An Information Security Place » Blog Archive » Alert Logic talk http://infosecplace.com/blog/2006/07/09/some-more-advice-for-security-admins-managers/comment-page-1/#comment-3436 An Information Security Place » Blog Archive » Alert Logic talk Tue, 28 Nov 2006 22:12:30 +0000 http://infosecplace.com/blog/?p=135#comment-3436 [...] To give them a more in depth look from the technical side, I reproduced my post about all the many and varied security devices a security manager has to work on (IDS, IPS, firewalls, routers, switches, email gateways, etc.) and the maintenance on them. Then I hit them with the many non-technical issues a security manager has to deal with, like employee issues, meetings, project management, budgets, etc. I could see that many in the room had not thought about those as being security manager tasks. [...] [...] To give them a more in depth look from the technical side, I reproduced my post about all the many and varied security devices a security manager has to work on (IDS, IPS, firewalls, routers, switches, email gateways, etc.) and the maintenance on them. Then I hit them with the many non-technical issues a security manager has to deal with, like employee issues, meetings, project management, budgets, etc. I could see that many in the room had not thought about those as being security manager tasks. [...]

]]> By: An Information Security Place » Blog Archive » One of the reasons I am getting out of security management… http://infosecplace.com/blog/2006/07/09/some-more-advice-for-security-admins-managers/comment-page-1/#comment-684 An Information Security Place » Blog Archive » One of the reasons I am getting out of security management… Wed, 06 Sep 2006 04:16:56 +0000 http://infosecplace.com/blog/?p=135#comment-684 [...] A while back, I published a list of all the things I do on a daily / weekly / monthly basis as a security manager.  When I look back at that list, I am seeing about nine tenths of it as reactionary chores.  And I am tired of being in such a state of constant reaction, even when I do everything I can to be proactive.  It just gets old.  [...] [...] A while back, I published a list of all the things I do on a daily / weekly / monthly basis as a security manager.  When I look back at that list, I am seeing about nine tenths of it as reactionary chores.  And I am tired of being in such a state of constant reaction, even when I do everything I can to be proactive.  It just gets old.  [...]

]]> By: An Information Security Place » Blog Archive » My “NAC Happy Week” chime in - Please give me remediation! http://infosecplace.com/blog/2006/07/09/some-more-advice-for-security-admins-managers/comment-page-1/#comment-355 An Information Security Place » Blog Archive » My “NAC Happy Week” chime in - Please give me remediation! Fri, 11 Aug 2006 17:51:36 +0000 http://infosecplace.com/blog/?p=135#comment-355 [...] I mean, I just don’t get it.  I am not speaking for the rest of the security managers out there, but I know that it just makes sense to me for someone who is going to offer quarantining to offer remediation as well.  Is it because no one has made it that far?  Is it because the market is not asking for it?  Is it because there are options available, so you just don’t want to spend the dollars to do it?  And if you are going to partner with someone for it, INTEGRATE IT.  Don’t make me manage another solution.  Tie the dang things together, and make it work.  Remember my busy security manager post?  We need help!  Give us a solution that works from A to Z.  Not A to W, then BigFix can handle X,Y, and Z (now I’ve said my ABC’s, next time won’t you…  sorry, too much Sesame Street - I have small children). [...] [...] I mean, I just don’t get it.  I am not speaking for the rest of the security managers out there, but I know that it just makes sense to me for someone who is going to offer quarantining to offer remediation as well.  Is it because no one has made it that far?  Is it because the market is not asking for it?  Is it because there are options available, so you just don’t want to spend the dollars to do it?  And if you are going to partner with someone for it, INTEGRATE IT.  Don’t make me manage another solution.  Tie the dang things together, and make it work.  Remember my busy security manager post?  We need help!  Give us a solution that works from A to Z.  Not A to W, then BigFix can handle X,Y, and Z (now I’ve said my ABC’s, next time won’t you…  sorry, too much Sesame Street – I have small children). [...]

]]> By: Michael http://infosecplace.com/blog/2006/07/09/some-more-advice-for-security-admins-managers/comment-page-1/#comment-45 Michael Mon, 10 Jul 2006 16:37:00 +0000 http://infosecplace.com/blog/?p=135#comment-45 Don't forget care and feeding of the security professional, to include certification maintenance (CISSP CPE's), training, vendor presentations, etc. Those things take time in the work day as well, even if your workday is already 24/7. Don’t forget care and feeding of the security professional, to include certification maintenance (CISSP CPE’s), training, vendor presentations, etc.

Those things take time in the work day as well, even if your workday is already 24/7.

]]>