Great Circle Associates Firewalls
(June 1997)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: RE: Definition of a security expert
From: Joseph Judge <joej @ joesmac . ultranet . com>
Date: Sat, 28 Jun 1997 19:18:04 -0400
To: "masantis @ ntmail . askin . es" <masantis @ ntmail . askin . es>, "'Char_Sample @ notes . pw . com'" <Char_Sample @ notes . pw . com>
Cc: "pnash @ hanshan . bbnplanet . com" <pnash @ hanshan . bbnplanet . com>, "adam @ homeport . org" <adam @ homeport . org>, "craigaa @ iafrica . com" <craigaa @ iafrica . com>, "firewalls @ GreatCircle . COM" <firewalls @ GreatCircle . COM>

I just *have* to jump in on this one :-) 

I'm at the edges of being a pointy-haired manager-type and the
biggest risk to my company that keeps me up at night is:
- administration / management of the machines themselves (i.e. 
secure sys admin)
- management "negotiations", "agreements", "maneuvering" (i.e. 
politics from above)

The first is easily overcome with process/training/etc ... uh, if your support
staff reports the the same management structure as the firewall owners
(then that 2nd issue comes into play).  The second is where egos and
will tussle it out at the expense of doing the more correct thing.

So, I have to agree with Char: politics will place you more at risk than
anything I've seen.  No 6-week expert or 6-year expert will help when
that politic silliness kicks in.

I'll lend a crumb of wisdom here. I'm no Einstein, this has been beaten
into me over the last couple years until it sunk in:
... all control, direction and management of your firewall should fall into
the same chunk of management tasked with its success as being a
secure firewall.  

Hope it helps.

	- joe

----------
From: 	Char_Sample @
 notes .
 pw .
 com[SMTP:Char_Sample @
 notes .
 pw .
 com]
Sent: 	Saturday, June 28, 1997 8:38 AM
To: 	masantis @
 ntmail .
 askin .
 es
Cc: 	pnash @
 hanshan .
 bbnplanet .
 com; adam @
 homeport .
 org; craigaa @
 iafrica .
 com; firewalls @
 GreatCircle .
 COM
Subject: 	Re: Definition of a security expert

I would have to differ with that opinion on office politics since that has been 
consistently shown to subvert some of the best security controls.  

char
To: pnash @ hanshan.bbnplanet.com @ Internet
cc: adam @ homeport.org @ Internet, craigaa @ iafrica.com @ Internet, firewalls 
@ GreatCircle.COM @ Internet 
From: masantis @ ntmail.askin.es @ Internet
Date: 06/27/97 01:05:37 PM CED
Subject: Re: Definition of a security expert

Paul,

In your response you stated your would hope that this is the case.  Is it??
Office politics should not even into the equation since that takes away
from the endless effort of learning and being current in the incredibly
fast growing field.  

What type of strong background ??  In what particular aspects of the field
are your referring to ??

/mark

At 03:37 PM 6/25/97 -0400, Paul Nash wrote:
>>Now the next question is if you are deemed or so nighted a security
>>expert is that written into a specific job description or just part of
>>other roles and responsibilities..??? 
>>/mark
>
>I would hope that it is written into a specific job description and
>not thrown into the common 'admin' description.  Yes, a Computer Security
>Expert is a capable admin (I believe he has to be), but he's more then
>that.  He's a specialist in an incredibly fast growing field.  He has to
>have a strong background on the systems he is going to secure, and if he
>doesn't have the background, he must be a very fast worker, and must be
>able to quickly adapt, and able to apply his knowledge in an effective
>manor... Willing to work long hours & deal with office politics is always
>a plus :)
>
> -Paul
>
>----
>Paul Nash           (617) 873-6604
>SitePatrol Implementation Engineer
>BBN Planet           
>pnash @
 bbnplanet .
 com    
>
>
#########################################################
'Turn on, Boot Up, Jack in' 
#########################################################

______________________________
Miguel Andres Santisteban               
Product Manager                 
Address: Av.Valdelaparra n. 27  
28100 Alcobendas Madrid         
Phone: 34 1 661.83.04           
Fax:    34 1 661.01.47          
E-Mail:<masantis @
 askin .
 es>      
______________________________  
 

/* 
******************************************************************************************** 
*/
/* char sample;  that really is my name                    */
/* phone: (410)412-8161                     */
/* e-mail: char_sample @
 notes .
 pw .
 com                   */
/* 
******************************************************************************************** 
*/




Indexed By Date Previous: Re: Firewall
From: Bernd Eckenfels <lists @ lina . inka . de>
Next: Re: Firewall
From: Mike Hedlund <mike @ isi . net>
Indexed By Thread Previous: Re: Definition of a security expert
From: Char_Sample @ notes . pw . com
Next: Pulling out Checkpoint-1 Firewalls 'Discussion' [off topic]
From: eristone @ earthlink . net

Google
 
Search Internet Search www.greatcircle.com