I'm trying to add short descriptions, plus categories, for easier reading.
[EN] Engaging Your Staff in Security Requires Leadership – Not Free Coffee Mugs: a general note with items on how to get a team more involved.
[EN] Managing Nerds: a developed note about the way a nerd's intellect works. I find it quite revealing and I do commit with but one warning: a typical IT team is not only made up of nerds.
[EN] Facing A Crisis of Leadership: a good article on the risk of having a geek for a CIO and with one central idea that I mightily approve: "An [...] action that focuses on cost-centric or non-value-added improvement initiatives is nonstrategic and deserves scrutiny."
[FR] Herve Schauer Consultants' Newsletter N°77, January 2011: interesting editorial on the ill-understood and ill-applied ISO 27001 certification. Hervé Schauer goes in details about the way ISO 27001 is often thought of as a kind of "security-targeted ISO 9001". It's not just about documenting security, it's mainly about managing it (deciding, acting, spreading responsibility/accountability/ownership).
Log management field:
[EN] Top 10 Things Your Log Management Vendor Won't Tell You: a checklist against log vendors quacks. Would be a good reading if you're planning a logging project or -worse- if someone else is planning it for you.
[EN] 11 Log Resolutions for 2011: I would retitle this as "11 Steps to Initiate Logging". Concrete action propositions to make a step into the world of logging.
[EN] 25 Improv Tricks That Will Make You a Better Business Person: a nice, comprehensive list about behaviour at work. From a recruitment site. This one is worth sending to every colleague you have.
[EN] Move your security career forward by looking back: a personal guide to look back at 2010 and act for a better career development in 2011. Good pieces of advice, requires some time to think about it. Bookmark it and come back later.
Thursday, February 3, 2011
Posted by Christophe Pradier at 2/03/2011 10:23:00 PM