Email address is not displayed with comment.
Name is required to post a comment
Please enter a valid email address
The phrase “let’s kill all the lawyers” comes from William Shakespeare’s play, King Henry VI, Part 2. This is one of the most misinterpreted lines in all of Shakespeare’s works, and it is often used inaccurately, expressing a dislike for attorneys. This is not the way that Shakespeare intended it. Shakespeare was not one to suggest the slaying of lawyers as a way to cure society’s problems. As an information security professional, have you often found yourself frustrated by the growing collection of cyber-based rules, guidance, regulations, and contemplations that our lawmakers can conjure up? As if the job of securing network systems isn’t hard enough, now we need the long arm of the law reaching in to offer more hurdles? Do you often wonder aloud “whose side are these attorneys on anyway”?
If you have found yourself in the vexing position described above, perhaps it is time to look at this from a different perspective. While Shakespeare was not an adoring fan of lawyers, as shown in other plays, such as the graveyard scene in Hamlet, he recognized their necessity in the world. When we think of all the transactions in our lives that require legal guidance, it becomes clear that lawyers fill a valuable purpose. Would you ever buy a house without an attorney’s advice? Would you prepare a last will and testament without some legal guidance? Would you defend yourself in a court of law without a lawyer? It is clear that lawyers see things quite differently than non-lawyers. It is also clear that information security professionals see things differently than most non-security people.
Many information security professionals began their careers as curious youths who explored how computers worked, often pushing the machine, or the programs in that machine, beyond their expected behavior. According to history , what started as a club of model train enthusiasts, soon moved on to computers. These were the original hackers. Many of these hackers started to learn the value of securing systems against threats. Explorations of vulnerabilities became another favorite pastime.
Over time, these threat mitigation techniques, and vulnerability explorations gave rise to an entirely new profession known as information security. InfoSec, to which it is commonly referred, became a discipline with such abroad range of skills, that certification examinations were created to test these skills and knowledge. The most well-known InfoSec exams is the CISSP. A certification, such as the CISSP, adds legitimacy to a conversation with an executive, such as an attorney who may see things from a non-security perspective.
Regulations are often written by people with legal training. Many times, the stroke of a regulatory pen can create a rule that is beneficial towards individual privacy, but not necessarily technically easy to achieve, or administratively easy to maintain. For example, a cursory examination of some of the privacy regulations across the globe reveals some very common sentiments. Regulations from China , South Africa , the European Union’s General Data Protection Regulation ( GDPR ), and India all share the following principles:
When viewed from the attorney’s perspective, these common themes make perfect sense. However, none of these rules can be achieved without technical consultation. Some examples include:
Why Does The CISSP Credential Matter?
Studying for the CISSP exam can be a challenge. There is so much information to understand, and some of the topics may be far from a candidate’s area of expertise or professional focus. However, that is why attaining the CISSP qualification matters to many hiring managers. An information security professional with the CISSP designation is known to bring a more mature perspective to any business critical discussion.
When speaking to someone who has undergone the rigorous training required to become an attorney, it is important to approach the conversation with the confidence of knowing the subject matter. CISSP training can help with the ability to explain technical concepts so they resonate with the attorney’s mindset.
Attorneys are necessary for so many important aspects of our lives. Contrary to the days of Shakespeare, our world has become tightly intertwined with electronic data. This has introduced the need for strong information security, and a person who holds the CISSP credential can bridge the gap between the legal teams and other technical teams to create a secure, legally sound organization.
The knowledge required to be a successful Information security professional is vast, and constantly expanding. Every day, new events reshape the security landscape, requiring a combination of experience and knowledge. When an organization needs subject matter expertise, they can rely on those who hold the CISSP designation for a wide breadth of knowledge and experience that is not limited to just information security.
The CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles , including those in the following positions:
(ISC)² was the first information security certifying body to meet the requirements of the American National Standards Institute (ANSI) ISO/IEC Standard 17024 and the CISSP certification has met Department of Defense (DoD) Directive 8570.1.
To discover more about CISSP read our whitepaper, Discover the Importance of being a qualified cybersecurity professional .
pois0n cc shop cc cvv shop
Email address is not displayed with comment.