From the Geek Mail: 2011 Top Tech Jobs
Received from: Daily Edge at IT Business Edge
CyberCoders, a worldwide recruiting firm, has analyzed hiring statistics from a pool of more than 12,000 CyberCoders job listings to determine the top 10 tech jobs for 2011 — focusing on which job types offer the most open positions, career growth and compensation. CyberCoders finds that technical candidates often make more, are in higher demand, and have a better chance for career growth versus candidates who apply for marketing or health care positions.
Matt Miller, Chief Technology Officer of CyberCoders, says, “There is a resurgence of companies hiring tech candidates caused in part by industries which need to automate their business systems.” Miller says, “Automating business systems often results in an increased need for software engineers and technical specialty positions, especially among start-ups.” At the beginning of 2011, CyberCoders had more than 1,400 available positions in technology, up 196 percent from the previous year. Read more
Information Security Management in the Wild Wide Web
Back in 2004, I prefaced a thesis that I wrote back then by stating at how our global connectivity has drastically changed the way we live and do business. The technology advances, I noted, particularly the improvement in personal computing had been so profound that it has revolutionized our culture, education, commerce and the global economy opening all of us to new horizons and new opportunities. Because of these advancements, useful data that can make or break a business transaction or data that can significantly save lives now travels widely and quickly. We have all become very dependent on technology and the convenience that it provides to all of us.
I then added that the gift of interconnectivity does not come for free, it has opened all of us to threats to our privacy, identity, intellectual property and other confidential information that our society never have to face before. Read more
Simple Math: Maybe the Difference in your Cert Exam Pass/Fail Chances
Picture this. You locked yourself up in a room for two months or so with no social interaction. You’ve excommunicated your family for that time period. You even missed the Super Bowl and the birth of your first child (okay maybe a little too dramatic, I know you would not dare miss the Super Bowl). In any case, you did all this because you have a goal. You wanted to be certified. You studied and studied. You read the book cover-to-cover. You paid top money for a class. You joined study groups. You took countless of practice exams and even bought several brain dump resources for good measure. You studied ’til the cows came home.
On the day of the exam you were as confident as a porcupine with extended twills (imagine that 
…). You know in your heart you’ve done what you could. You are anxious. You are ready. Then here comes the first question. You think to yourself, “WTF is this? I don’t remember reading about this.” Then the next question was so vague you wondered if it was actually written in English. The third question, seemed like there are two answers instead of one. The fourth was no easier. By the fifth question, all that confidence went down the toilet and by the sixth you are in a near panic. Read more
IT / InfoSec Management through the A.R.M. Framework (no arm twisting necessary)
I will post a more detailed entry on this framework at a later date. A.R.M. stands for Assess-Resolve-Manage. It was a little simplified concept that I put together back in 2004 as part of my MBA thesis on Information Security for Small Businesses. The framework is actually adaptive enough that it can be implemented for effective IT management or any other form of management for that matter. Read more
Simple Principles for Effective IT Management
50-30-20 Principle
- IT is about 50% people, 30% process and 20% product (technology)
- Success of any IT department depends upon the people within the department and the people it supports. There has to be buy-in to IT initiatives and that the department offers value to its customer base
- Processes (Procedures, Guidelines, Standards and Policies) should be aligned with overall business objectives to ensure that IT is not simply a cost center for the organization but also a value-add and integral part of overall revenue stream of the company. A key factor to ensure that there is alignment between IT and Business and that these processes support the objectives is buy-in from all the stakeholders within the organization Read more
Journal of Global Information Technology Management [Magazine Subscription]
Journal of Global Information Technology Management (JGITM) is a multidisciplinary journal. JGITM publishs articles and reports related to all aspects of the application of information technology for international business. The Journal is international in all aspects.
Journal of Global Information Technology Management (JGITM) is a multidisciplinary journal. JGITM publishs articles and reports related to all aspects of the application of information tec (more…)
CISSP Exam Note (Telecommunications and Networking Security Domain) – LAN/WAN Devices, Types and Speeds of Leased Lines, etc.
LAN Devices
Repeaters (Layer 1) – amplify signal, no added intelligence, no filtering
Hubs (Layer 1) – used to connect multiple LAN devices, no added intelligence
Bridges (Layer 2)
- Amplifies signal and adds some intelligence
- Forwards the data to all network segments if the Media Access Control (MAC) or hardware address of the destination computer is not on the local network segment
- Automatically forwards all broadcast traffic
Information Technology for Management: Transforming Organizations in the Digital Economy (Hardcover)
Thoroughly Updated Sixth Edition! Social networks are transforming how people communicate, work, and play. This comprehensive new edition highlights this new technology and scores of others that are changing how organizations operate and compete in the current global environment. The cover depicts two examples of social network. The larger image is a visualization of the trust relationships in a web-based social network. The smaller figures are default avatars from Second (more…)
Information Technology for Management: Improving Performance in the Digital Economy (Hardcover)
Information technology has changed how businesses operate and succeed in today’s global economy. Organizations can now use IT to transform themselves and achieve a tremendous competitive advantage. Information Technology for Management: Transforming Organizations in the Digital Economy, Seventh Edition highlights how this new technology is changing the current business environment and what effect it has on today’s students. The text addresses the major principles of MIS in (more…)
The Password Dilemma
I heard parts of this topic on the radio the other day and didn’t really understand the guy’s point since I only caught the tail end of the discussion until I read this article from the Boston Globe. In a nutshell, it challenges the notion of using and changing passwords as required by most organizations and as preached by security professionals. The research described in this article also challenges many of the security best-practices advocated by security experts and how they are actually a hindrance to shall we say, progress.
One thing that I’d like to point out though, it does not take a genius to create a strong password, which for all accounts and purposes there is no such thing. It gives as much protection as a locked door knob to your house. It gives you a layer of protection, but not the protection. Just like a door knob, it can help prevent casual intruders, but not those who are really intent in breaking in. But, I digress. Read more
Join Me On Facebook
Business Tech Press Releases- Cisco CCNP SWITCH Training Released by TrainSignal February 8, 2012
- The Pinball Arcade Launches on iOS and Android February 8, 2012
- Synopsys Announces Earnings Release Date for the First Quarter Fiscal Year 2012 February 8, 2012
- Apogee Shares Success Story at Major Industry Conference February 8, 2012
- Great Place to Work® Celebrates Strong Workplace Cultures Through the "We Heart Our Workplace" Video Contest February 8, 2012
- From the National Vulnerability Database
- CVE-2012-1034 (episerver_cms) February 7, 2012Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]nvd@nist.gov
- CVE-2011-5076 (hdwiki) February 6, 2012SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. […]nvd@nist.gov
- CVE-2012-1021 (4images) February 6, 2012Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action. […]nvd@nist.gov
- CVE-2012-1031 (episerver_cms) February 6, 2012Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417. […]nvd@nist.gov
- CVE-2012-1008 (officesip_server) February 6, 2012OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message. […]nvd@nist.gov
- CVE-2012-0992 (openemr) February 6, 2012interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter. […]nvd@nist.gov
- CVE-2012-1004 (foswiki) February 6, 2012Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephon […]nvd@nist.gov
- CVE-2012-1019 (xwiki_enterprise) February 6, 2012Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when editing a user profile, or (3) projectVersion parameter to xwiki/bin/view/DownloadCode/D […]nvd@nist.gov
- CVE-2012-1002 (openconf) February 6, 2012Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown impact and attack vectors. […]nvd@nist.gov
- CVE-2012-1029 (tube_ace) February 6, 2012SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information. […]nvd@nist.gov
- CVE-2012-1034 (episerver_cms) February 7, 2012