I had a conversation with my boss yesterday and I was mentioning that after taking Project Management I'm glad to understand it better, but also glad to realize I will always want to be on the "doing" side of tech, not the "managing" side.

He told me that as VP of IT he desperately misses actually doing the tech work and does next to none these days.

I always saw my goals as leading toward being a CISO someday, but now I'm not sure I want that... CISOs of Mastodon, what are your thoughts? Do you get to do any technical work or is it mostly management? Do you like where you landed? Is being a CISO fun?

#informationsecurity #informationtechnology #cybersecurity #cybersecurityprofessional #CISO

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

Dear #ISC2 ... so, you want a "safe and secure cyber world"? You want to be relevant to cybersecurity practitioners?

1) Be available on Mastodon where the bulk of the practitioners have gone to.
2) Fix your web site. Regardless of the browser I use I always get an error initially when I try to connect. And, the cookie banner at the top has a tendency to reload itself after one clicks on the OK button. I've had it pop up as many as two more times after the initial reload.
3) Sometimes when I log into my.isc2.org and then try to access the CPE portal on cpe.isc2.org, I have to log in again.

One wonders if you are aware of how many practitioners are considering not renewing their certifications with you. #cybersecuritycertifications #cybersecurityprofessional

Not me giving all my Pokémon in Violet different malware strain names for their nicknames. #pokemon #cybersecurityprofessional

The ultimate catfish is "presentation for the board" me vs. "weekly meeting with the rest of the IT team" me.

Giving some serious stock photo vibes here. 🤣

#cybersecurityprofessional #informationsecurity #informationtechnology