Wednesday, October 08, 2008
Is this a true statement regarding CISSP ?
Below is a quote from Phil Lauro:
- Unfortunately many CISSP certified individuals are just trying to deal with amateurs who can read the Google hacking database and insider stupidity. They really tend to concentrate on the simplest problems. Most security teams are not ready to handle or prevent an organized cyber-attack by professionals.
Way to many of the "security Professionals" can't read software, let alone program or ferret out problems in the SDLC. In fact I would take 1 talented programmer over a room full of security professionals to assist me with SDLC security every time.
Then their are the managers "willing to accept the risks", what kind of joke is that? CSO stands for Chief Security Offer, not lapdog! Why have one if you won't listen to them or have simply filled the position with your most current butt buddy.
Links to this post: