What a month! I have been extremely busy both at work and outside it. I have started writing several papers - one on business case for identity management and its difficulties and another one on security in EAI and B2Bi context. Also my haphazard learning methods have paid off - I passed the CISSP exam. Besides that I have landed a new security management job, so my interests at the moment are revolving very much around security, service management and project security assurance. This is demonstrates by a feet high stack of paper on my desk comprised of BS 7799, BS 15000, ITIL, CRAMM, DITSCAP, Data Protection guidance and several others from which I am trying to pick the best bits and compile into a coherent approach. So the last month and has been really a bit of a blur in my memory.
Several people send emailed me about their security weblogs, so I have to update the list.
- Jose Nazario runs a security news aggregator
- David Crankshaw’s Geonexus site on security management (hey we could exchange some recipes!)
- Anil John’s cyberforge unfortunately felt a victim to some dark forces.
- Paul Robichaux’s E2K Security is a good site on messaging and Windows security that goes with Paul’s book.