Security Skills Lacking
2 March , 2008 | 
Author This is a common problem that many parts of IT face. Management ever come up to you and say “can you sort this out for me it shouldn’t take more than a few hours.” Well this lack of understanding of IT from our managers is what is leaving the organisations exposed to breaches.
Clearly many managers do not understand IT law, I find this a terrible oversight that leaves many companies exposed to poor outcomes when there is a failing of there IT policy and procedures.
Recently I was doing some work on a clients site and they had me sign a piece of paper for internet access about acceptable use. It would now be considered that for that organisations they will be covered against a misdemeanour. My legal studies would lead me to the conclusion that they are likely on shaky ground, for a few reasons they have not clearly identified what are a couple of items open for interpretation. what is offensive and what is acceptable use. Now maybe another time they might just put me on a induction course that will clearly outline these, however until that is clearly stated then what may be considered offensive by the organisation may not be yours or mine interpretation.
It is these problems that management have about IT and security that are leaving the IT practitioners hanging out as without this being understood how do they understand the firefights the practitioners are wrangling inside and outside the organisations. If they can’t understand this how do they get to a place where they have sufficient skills. Offering training will be good, but how does it benefit people. Does a new Checkpoint course really help solve the problem or should we look deeper at other types of training to take people out side the box to solve the problems. I certainly think a lot of management needs to go there.
See ya round
Peter
Security skills of IT workforce lacking, survey finds – Network World
Posted in 