ISSO Professionals - What You Can do to Help Others

Previous page
Table of content
Next page


ISSO Professionals—What You Can do to Help Others

Give a man a fish and he will eat for a day. Teach a man to fish and he will eat for the rest of his life.[7]—Chinese proverb

Those of you who have spent a few decades in the ISSO or InfoSec profession have learned quite a bit about how to do your jobs. Some things you learned easily and some things you unfortunately had to learn the hard way.

Looking back on your careers, as long or as short as they may be, did you, or do you, have a mentor, someone to help you learn InfoSec? Did you have someone to rely on—a kind of InfoSec father or grandfather figure to guide you? If you did, you are one of the few but lucky ones.

Many of you in the ISSO profession probably learned the hard way—by trial and error, without a mentor. Wouldn't it have been nice for someone to have been there to answer your questions and to guide you around those bad learning experiences? Yes, experience is a great teacher, but there is the easy way, with help from another, and the hard way, on your own.

Those of you who have years of InfoSec and ISSO experience should be ISSO professionals. As part of calling oneself a professional, one should also be doing things to give back to the profession. It is important that we all help each other and work together to make this honorable and necessary profession one where we can help each other and learn from each other. Doing so will make it so much easier in furthering our cause of protecting information assets as effectively (good) and efficiently (cheap) as possible so as not to adversely affect our employers' costs and schedules.

In many corporations, the culture is such that those of you in the ISSO profession are as well liked as the auditor or a tax collector. We must all strive to change this attitude and help each other to do so. It is our professional responsibility to get people to understand that we in the ISSO profession are an integral part of corporate business, and we do assist in making a difference by helping our corporations gain and maintain that competitive advantage.

Some men see things as they are and ask, "why?" I dream things that never were and ask, "why not?"[8]—Robert Francis Kennedy

As part of your career development plan, you should add tasks such as mentoring, lecturing, writing, teaching, and being an active participant in our professional associations. You may say that you have enough to do and you don't have any time for such things. Well, make the time. You owe it to yourself and the rest of those in the profession.

If you are wondering what is in it for you, other than more work, remember that such tasks also assist in providing you with visibility to others. That visibility will be helpful when someone is looking for the best ISSO professional he or she can hire. Also, if you decide to eventually go on your own and become a consultant, you will have a track record of contacts and visibility, and you will be well thought of. After all, you are a published author, international lecturer, experienced, educated, certified, so obviously you must know more than other consultants who are competing with you and don't have your track record. So, there is a great benefit to you and your own career development (see Figure 15.4).

click to expand
Figure 15.4: What helps makes an InfoSec specialist a professional.

Another thing you can do is share your knowledge through such methods as[9]:

  • Writing InfoSec-related articles,

  • Conducting InfoSec-related lectures, or

  • Writing books on InfoSec-related topics.

Educational Institutions

In many nation-states of the world, colleges and universities are beginning to recognize the need for providing formal education curriculum and courses that address the needs of security professionals. There are also trade schools and community service programs where your expertise may be useful. For example, you may volunteer to give some training to seniors at a senior center on how best to avoid fraudsters, identify theft, and such.

As an ISSO professional, you should seek out colleges and universities in your area, and if you have the necessary qualifications, you should consider teaching a course or two part-time, usually in their evening programs. As with lectures, writing, and active membership in security-related associations, teaching is part of being an ISSO professional. There are many benefits to teaching InfoSec-related courses at the local community colleges or universities. Among them are:

  • Recognition;

  • Supporting the community—always a big corporate public relations goal;

  • Having students provide research for future articles, lectures, and books;

  • Practicing public speaking for conference lectures and vice versa;

  • Giving something back to the profession by helping others along; and

  • Learning new security methods, concepts, ideas, and the like.

Mentoring

Being an ISSO professional, as was previously mentioned, requires one to be a mentor, to help others learn and be better at their jobs of assets protection. Being a mentor requires patience and a true desire to help others along their security career paths. It also has its own rewards. Unless you try it, you won't know the satisfaction and the good feeling that come with helping others learn and develop as security specialists.

Why should others have to learn the hard way as many of us have in the past? Shouldn't we all be working together as advocates for a profession that offers job satisfaction and is a much-needed profession within government agencies and corporations in today's hostile world in which we all live, work, and play? To do otherwise is not professional.

  • men tor [m n t wr, m ntƏr] noun (plural men tors)

  • experienced adviser and supporter: somebody, usually older and more experienced, who provides advice and support to, and watches over and fosters the progress of, a younger, less experienced person

  • transitive verb (past men tored, past participle men tored, present participle men tor ing, 3rd person present singular men tors)

  • be a mentor to somebody: to act as a mentor to somebody, especially a junior colleague

  • [Mid-18th century. Via French from, ultimately, Greek Mentōr (see Mentor ).][10]

[7]From http://www.quoteland.com/topic.asp?CATEGORY_ID=140

[8]From: http://www.quoteland.com/author.asp?AUTHOR_ID=324 NB: This quote is a paraphrase of a similar quote by G. B. Shaw.

[9]Detailed information on how to get started in lecturing and writing can be found on the author's Web site: http://www.shockwavewriters.com. Click on Books, this book, and this chapter.

[10]Encarta World English Dictionary, & (P) 1999, Microsoft Corporation. All rights reserved. Developed for Microsoft by Bloomsbury Publishing Plc.


Previous page
Table of content
Next page
The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors: Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
Strategies for Information Technology Governance
A+ Fast Pass
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
InDesign Type: Professional Typography with Adobe InDesign CS2
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy