Security for a day

Okay, if you swap the words out of the song for the Wizards of Oz with the title of this post it sort of works.

Thought I’d give taking ISACA’s Certified Information Security Manager (CISM) certification a go given the large amount of non-IT literate business people I’ve been dealing with needing careful hand holding when it comes to providing security to their operations. These people know their business operations inside and out until it’s connected to a computer and then it suddenly a black box of mystery.

As part of service to the business we (IT security folk) learn their language, terms and requirements but some business owners seem disinterested in even attempting the understanding the fundamentals of something that’s now critical to their business survival. Is it a simple fear of the unknown or the fear of being mocked for asking someone to explain something they have no understanding of ? Business-crippling IT stories are now filtering into the popular mainstream media, as a few examples:  administrators going mad and faceless people attacking companies from the far side of the world, deleting their web sites and even the very IT security aware companies losing their critical data.

If it makes the business folk feel as if I’m approachable without me having an MBA, seems an easy step to take to help breach that gap.

I’m booked in for the 10 December 2011 exam in Sydney, so better get on with some study.