RE: IT Manager to CISO

Hi Femi,

Please do go ahead and aggressively pursue the CISSP certification as
the starting point. CISSP will expose you to all the domains of


Ugochukwu Egerue
IT Risk Management
United Bank for Africa Plc|(UBA House/15)
57 Marina, Lagos, Nigeria
Direct: +234-1-280-7248
Office: +234-1-264-4651-700. Ext:18248
Mobile: +2348062146022
...Africa's global bank

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of olufemimogaji@xxxxxxxxx
Sent: Wednesday, April 27, 2011 9:37 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: IT Manager to CISO

Hi all,

I'm currently the de facto IT manager for a small IT services firm. The
nature of our business requires that we follow PCI standards as per
logical security. Here's the thing, the CISO is leaving next month, and
I've been told I'll be taking his position. I already have a lot of
exposure to info sec, I have a CCNP (the former version with ISCW) and a
I'm an MCP (Active Directory for WS 2008). What I need to know is what
cert I should go out there and get to make me more cemented in this new
CISO role, at least to keep the auditors happy, as they sometimes like
to question your competence. The outgoing CISO, even though he was
trained by some of our partners, had NO certs, and this exposed him to
uncomfy questions from hard nosed auditors. Security+ or CISSP exam? Or
any others? Any form of guiding light will be highly appreciated.


Femi M.

Sent from my BlackBerry(r) Smartphone

Sent from my BlackBerry(r) Smartphone

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442f727d1

Relevant Pages

  • Re: CISSP Question
    ... Have a minimum of four years of direct full-time security professional ... You don't have to be affiliated with an organization to take the CISSP ... ISACA does have a standard that is used in many places. ...
  • RE: CISSP Question
    ... 2 Market Street Sydney NSW 2000 ... Subject: CISSP Question ... I am working VERY hard now to get my Masters in Information Systems Security as I am in a dead-end job as a Paralegal. ... To qualify for CISSP, you should have at least four years of experience in one ...
  • RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE)
    ... you do not need 6 years of "security" work you only need to have ... you do not need to have a CISSP vouch for your experience. ... Credentials can only be looked at to strengthen the credibility of a ... You have an option to go with a managed service (Cenzic ...
  • RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE)
    ... general security credential. ... I understand that a CISSP can tell me that ... Credentials can only be looked at to strengthen the credibility of a ... Download FREE whitepaper on how a managed service ...
  • RE: question about CISSP experience requirements
    ... got my CISSP a some years back so there is some ... should specifically identify security experience. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ... The NSA has designated Norwich University a center ...