Security Resolutions for 2015

As we begin the New Year, it is critical for companies to understand the impact of cybersecurity breaches and attacks—and young professionals can play a key role in this.

As a young professional, I believe our objective should be to help our senior leaders define security levels and protect their key assets this year. How can we plan to do that? Here are some of my ideas for the New Year’s resolutions for young professionals (though professionals of any age will benefit from these tips):

Knowledge-sharing: It is very important to share our knowledge with others because the world is too big to know everything. ISACA provides good support for knowledge sharing through publications, blog posts, guidelines and the community around it, including at conferences and local chapter events. Furthermore, using social media is a good way to exchange with people.

Also, I recommend planning meetings, security breakfasts and trainings with your colleagues to help them understand the objective.

Personal training plan: Each day, new security features appear and we need to continuously update our cybersecurity skills. This is why a personal training plan is useful. The Cybersecurity Fundamentals Certificatefrom ISACA’s Cybersecurity Nexus (CSX) or the Certified Information Security Manager (CISM) Certified in the Governance of Enterprise IT (CGEIT) certification can be a good way to upgrade your skills and get recognized. Also, the virtualization age allows us to create labs for making tests with few resources. Personally, I focus on enhancing my capabilities in risk and governance management, such as penetration testing.

Educating users, management and the board: Many times, a user clicks on a link and downloads malware or something of that nature. Educating people takes time and patience, but allows you to create a strong security culture that lasts through time. Do not hesitate to explain the importance of security with a pragmatic view that relates to their own interests. Some people are more careful about finance and others about personal responsibilities. Create some user-friendly guidelines such as a guide on how to protect your privacy on Facebook to help convey your message.

Discovering new cultures: All countries are different and we need to respect them and be aware about local cultures we work with. Personally, I want to leave my country this year to discover a new working method, a new way of thinking and to increase my comprehension about the world. One benefit about being a young professional at ISACA is that the global association connects you with fellow professionals from around the world.
And you, what do you plan for 2015?

Damien Bertero
Security Engineer, France

[ISACA]