Categories
Home
Career Management
Interviews
Recruitment
Resumes
Sitemap
Popular Materials

Think Wide If You're Thinking About Changing Your Career

No matter how fun you think your job is in the beginning there are several reasons why you can get tired at your work after a while. Changes in life. You have got other priorities or a need to get new tasks and new clients are some examples. One advantage is that it is almost always much easier to get a new job when you already have a job.


Free Cover Letter Creator

One of the many annoyances that people get in this economic trough these days could well go to the one rejection after another of the cover letters. This recession has definitely left millions unemployed. Even the most talented and qualified people find it a much frustrating experience to send all those pointless cover letters which don"t even seem cause a ripple back . Do you have the same feelings when each time you want to send a cover letter in exactly the same way as before? Maybe all you need is a change.


Cloud computing and the death of the CIO

In the public sector, this misplaced importance, or lack of it, can be seen in the occasional but rather high profile security missteps usually coming in the form of confidential data being ò€˜accidentally" posted on publicly viewable websites1 or lost in a stolen USB memory stick.

These failures at securing information is less to do with not having the right technology as there is a failure to understand the importance of security and the proper adherence to set guidelines.

Ross Anderson, professor of Security Engineering at the University of Cambridge Computer Laboratory said that "over the last few years, it"s become clear that many systems fail not for technical reasons so much as from misplaced incentives - often the people who could protect them are not the people who suffer the costs of failure."

Information security is no longer the sole responsibility of the IT department. Although IT remains the custodian of the systems that monitor and protect information, business unit managers or department heads have begun to take some measure of accountability for data lost during their watch.

Jason Pearce, director of Sales Engineering at M86 Security, a provider of real-time threat protection solutions, says that business unit managers in public sector organizations are becoming increasingly involved in IT security as major stakeholders who are able to put across specific points of concern regarding their own business units.

Ò  Jason Pearce

"We see HR (human resources) typically very involved in discussions and enforcement of acceptable usage policies. Finance departments are starting to realize the importance of encryption to protect data. Overall business unit managers are becoming very much like their counterparts in the private sector. Security is being embraced as something that is an integral part of how the whole business is protected," noted Pearce.

Richard Moss, director at eBorders, a consulting outfit based in Asia, says that IT managers in the public sector are no different from their private sector counterparts.

"They receive the same training, the same qualifications and are members of the same industry associations. The difference is they have different challenges and constraints ò€“ effectively they play the game of IT Security on a different playing field to the private sector and invariably end up with political constraints and challenges that the private sectors organizations do not face," Moss observes.

So why do we continue to read in the media about security breaches within the ranks of the public sector?

Moss points out that many government agencies have got their data security models wrong. "They have significant changes in their IT and Operational environments and are simply unable to keep up with the continuous changes they experience or struggle with the constraints (often political) placed upon them. This is why we tend to see public sector security in ò€˜reactive mode" often fixing the problem after the security breach has occurred," he adds.

Ò 

Pearce agrees although he warns that the same issues appear in the private sector. It all comes down to process and procedures. He suggests that regular audits of security implementations would make it easier to identify areas of weakness.

"The biggest loophole I see is the ability to centrally manage all the logs and alerts that these various tool provide, and to quickly identify breaches in policy enforcement based on the information the tools are collecting. It"s all well and good to apply different technologies, but if there is no simple and effective way for security personnel to get the right information to react then that is a major issue," laments Pearce.

Increasingly cloud vendors are touting their ability to offer greater data security. Some are claiming to deploy some of the best technologies and experts money can buy to build robust, secure systems. There is potential for government IT and business unit heads to see the cloud as a panacea for their security problems. Are they right to do so?

Pearce says that while organizations like the Could Security Alliance and others are already providing good resources to help educate and alleviate the fears around cloud computing, much still needs to happen.

"The most critical element of cloud computing is how businesses adapt to the transformation required under the cloud computing model. It is very important that IT leaders are engaged actively to ensure that the right information security best practices are being built without being an inhibitor to the adoption of cloud," he adds.

Ò  Richard Moss

Moss says that the threats will remain the same in the cloud, only the target will change. "As organizations, public or private, move to cloud the challenge is to ensure that your security requirements are met in an outsourced environment, and in an environment where new threats will emerge that current technology and policy is not yet prepared for," he warns.

"Hopefully, if costs savings can be realized in terms of IT expenditure, public sector organizations will be able to reinvest in IT security - however, this invariably will become a political and budgetary decision not based upon a true needs/threat analysis."

Tom Leighton, co-founder and chief scientist at Akamai Technologies believes that organizations and businesses have not changed significantly in relation to security.

"We treat security today at almost the same level as we did 30 or 40 years ago when the Arpanet was created, when the only people who used it were respected researchers at a few universities and industries, and the government. They had no need for security because these were trusted people. Not only that, they were smart enough [that] they could be trusted not to do something by accident that could hurt the network. So no security was embedded in the protocols, and we"ve never really gone back and addressed that. And so we"ve embraced the Internet wholeheartedly for all the right reasons, but now we"re faced with the fact that there are vulnerabilities," said Leighton.Ò 

At a C-level forum on cloud computing, I raised the idea that the head of IT has no future in the cloud ò€“ at least based on his or her current role. The audience intently listened to one panelist whose company has moved to the cloud head-on. She noted that in the process of moving to the cloud the IT department"s role has changed as well.

Moss predicts that the Chief Information Officer (CIO) is going to be a relic of the past thanks to cloud computing.

"If you"re a CIO today and in your mid 40"s you just might make retirement with the same job title. But that role will disappear with the wide adoption of Cloud Computing sometime in the next 10-15 year," predicts Moss.

According to Moss, the Chief Security Officer (alternately referred to as Chief Information Security Officer or CISO) will increase in importance to ensure that correct security posture is maintained inside and outside the organization.

"During this period, the CSO role will change from what it is today. Despite its rise in importance, budget allocations and span of control will reduce significantly and be replaced by a leadership function that includes virtual teams inside the organization and outside the organization from the cloud provider and from external consultants and contractors who will be brought in to work on specific projects and then let go again," predicts Moss.

Pearce doesn"t believe that organizations will move everything IT into the cloud. "I still believe there are a lot of security issues that haven"t been addressed with cloud computing and I"m a firm believer that the most critical IT functions for organizations will remain in-house," he adds.

"I can see a situation where some cloud based security components will be taken up by organizations and in fact at M86 Security we are already seeing a lot of customers investigating cloud based web content filtering and email for remote users."

Whichever direction organizations will take, what is clear is that cloud computing is here to stay. Consumers don"t really care where the information comes from or where it is stored ò€“ as long as it is safe from unauthorized access. For the IT department, public or private, that is the challenge.

Additional resources:

1.Ò http://security.networksasia.net//content/naughty-foxy-reveals-lax-hong-kong-police-procedure-confidential-documents

2.Ò http://security.org.my/index.php?/archives/Department-of-Security-and-Health,-Ministry-of-Human-Resources-Malaysia-Publishes-List-of-Emails-and-Passwords-of-Its-Staff.html






Add your comment:
Your name:
Site Address: http://
Your message:
Enter todays date, 2 digits
(spam):
 

© Copyright 2009