10+ Signs Mgmt Doesn’t Really Support Analytics

Your management says it wants more analytics, but does it really support analytics? Here’s 10+ signs that indicate that your mgmt:

• Does NOT knows what it takes to get analytics off the ground
• Believes that analytics multiply like rabbits, naturally
• Is NOT willing to make the adjustments required to deliver and sustain real value.

Continue reading →

Advertisement

Top 10 Reasons Why Being an IT Auditor is So Hard

Before you choose a career as an IT auditor, consider my top 10 reasons why being an IT auditor is so hard.

Continue reading →

Some of my Favorites

Since some of you are newer to the blog, I thought I’d bring a couple of my favorite posts to your attention.

Continue reading →

Best Blog Posts of 2014

Here’s the blog posts that all of you

liked best in 2014, based on hit count.

I’ve also included the most popular

posts from earlier years.

See if you missed any.

Continue reading →

You Might be an ACL Freak if…

You might be an Audit Command Language (ACL) freak if more than 2 of the following are true:

• At work, you have a second computer (or virtual machine) just for running ACL.

Continue reading →

2014 Top Paying Certs (United States)

Below is a list of the top paying certs for 2014 (including average salary amount).

The list is based on the 2014 IT Skills and Salary Survey conducted by Global Knowledge and Penton, completed in October 2013.

After the list, I offer a few comments on some of the certs and the salaries.

Continue reading →

5 Things I Hate About ACL

I have 5 things I really hate about ACL. 

No, these aren’t critical issues, but I deal with them constantly, and they waste my time. All of them deal with the user interface.

Continue reading →

Top 10 Reasons to be an IT Auditor

Here’s my list of the top 10 reasons to be an IT auditor:

10. You have access to all systems, data, and people (with a business reason, of course). Employees rarely ignore you.

9. You can uncover fraud, mischief, ignorance, and just plain laziness. Either way, you “add value to the business” (yeah, I hate that term too, but it is what audit is about, and so appropriate).

Continue reading →

Top 10 Reasons NOT to Virtualize

Trend Micro’s Dave Asprey has posted 10 reasons not to virtualize.

I generally disagree with all of them (as I’ll explain later), but I think he missed the REAL #1 reason not to virtualize…

Continue reading →

Master List of Blogging Tips and Articles

I occasionally blog about blogging, so to make these posts easier to find (and link to), here’s a list (index) of all the blogging posts on this blog, in alphabetical order, and by most popular.
I’ll add other posts as they are written.

Continue reading →

Master List of ACL Articles and Tips

To make these posts easier to find (and link to), here’s a list of all the ACL posts on this blog in alphabetical order, and by most popular.
I’ll add other posts as they are written.

Continue reading →

Top 7 Reasons for Security Certification

Here’s my top 7 reasons for getting a security certification:

1. It opens the hiring door. Or more simply stated, employers are looking for them. More and more, if you’re not certified, your resume won’t get past Human Resources. When they scan your application and resume, you’ll end up in the digital delete bucket if the screening software doesn’t see those special letters (CISSP, GIAC, CISA, CCSP, CISM, etc.). Continue reading →

Top 10 Cybercrime Specialist Jobs

According to the FBI, crime pays pretty well sometimes, at least for a while. And cybercrimers are hiring. Like the rest of the workforce, crooks are specializing. In this speech, Steven R. Chabinsky, FBI Cyber Division Deputy Assistant Director, discusses the top 10 crooked specialties:

Continue reading →

Top 10 Ways to be a Lovable Auditor

A while back, I noted some reasons why people hate auditors. Well, you can hop those hurdles, and be an auditor that people love or at least respect. Here’s how:

Continue reading →

How to Bypass Security

A recent Lifehacker article makes life easier (and cheaper) for users and harder for companies and their IT and security pros. Top 10 Ways to Access Blocked Stuff on The Web provides tips (not all ethical) on how to go around, over, under, or through the following fences:

Continue reading →

Top 10 Pay-Boosting Tech Certifications

According to Dice, the job search site, certain certifications increase technology professionals’ salaries at all experience levels.

After surveying nearly 17,000 techies, Dice found that the following certifications draw the most additional dollars (no particular order):

Continue reading →

Top 10 IT Jobs

According to CIO magazine, here’s the hot IT jobs (followed by comments by me in italics):

NOTE: IT Auditors, don’t pass over this article!

1. Security specialist/ethical hacker

One specialty, computer forensics, is hot. Forensic labs are almost always behind in their work. Is it due to a lack of good technicians or that forensic folks aren’t cheap? Either answer is good news.

Continue reading →

Top 100 Network Security Tools

Top 100 Network Security Tools is the third article in a series on audit and security tools. The first article, How to  Stay out of Jail, stresses that you need a GOOJ card before you use any security tools or techniques. The second article, What Needs to be on a GOOJ Card, outlines how to create a GOOJ card.

Key point: Never use security or cracker tools on networks or devices from your employer or that you do not own unless you have permission in writing.

In this article, I describe a few security tools that I believe every auditor or security analyst should be familiar with, or at the very least, be aware of.

Continue reading →

Top 10 Bad Jobs

I was checking out the latest post of my new blogger colleague from London, Audit Monkey, and read the following….

I’m sitting here in reflective mood thinking what the ‘Top 10′ worst possible jobs could be. Here’s my list.

Continue reading →