The more QSAs, the better you must be against your competition!
I am proud to announce that Securus Global (ie; in case you did not know, our company), has 5 QSAs now!!!
Now if you are working in a large multi-national, that won’t seem like much. But here in the Aisa Pacific region, that places us at close to the top in terms of number of certified “experts” in PCI DSS! We must be good now! We have more than most of our competition!!!! We’re going to win more business now!
Hmmm……”We must be good now!”…..we always were, even with 1 QSA. But, the last statement is so true. We are going to win more business now in the PCI DSS area….because of numbers. We know that because we lost jobs last year for no other reason than we had less QSAs than a couple of our competitors.
Sadly, certification numbers to some mean the world. While it doesn’t sound like much, 6 jobs we lost for PCI came down to the CIO or CEO going against the security dudes recommendation that they go with SG for no other reason than company X has more QSAs! WTF? True…….
Yeah, we lost a few other bids on price but that’s life….it happens when some people don’t know you but I now know, I have, based upon stats, the opportunity to win some of those jobs we would have lost.
Critical thinking has not made it’s way to many CIOs…….never has since the “CIO” title was invented and CIOs are still the main reason why most companies are so badly managing security. We rave on and on and on about security dudes needing to be “certified”…..that’s not the problem…..CIOs need to be certified! If you work in IT and are at that level and know jack about IT security, you are the stuff of Scott Adam’s inspiration!
July 21st, 2008 at 10:10 am
C’mon, DD.
I won’t have this talk - bagging CIOs. They’re all top-notch. Sections of our media would have us believe the sun permanently shines out of their collective, CIO, back sides.
In fact they’re so good, many CIOs are also visionaries, apparently. Thats right, “visionaries”.
Sound a little over the top ? If you don’t believe me, check out http://www.zdnet.com.au & have a gawk at their never-ending, saccharine infused CIO suck-job, titled the CIO “Vision” series.
July 21st, 2008 at 2:00 pm
Breed em out’ that’s what I say! Certify em’, test em’, force em to do a 4 hour exercise that invloves sketching a large enterprise network layout, budget and explain the inherent challenges and benefits of technology… also a technical history test and explain the benefits/drawbacks of major old vs new technlogies… data centers, enterprise service bus, CRM, ERP, databases, networking, virtualisation etc… metrics, scorecards yadda yadda, sure others could follow up on this and there’s a tonne of ‘frameworks’.. ye catch my drift, is it a figurehead role, a parasitic role, a simbiotic or a visionary role?
July 22nd, 2008 at 7:57 pm
@BG, visionary waffle based upon what Gartners, IDCs etc tell them is the easy way to successfully being a CIO in most companies. Talking high-level “strategy” mixed in with PPT slides that really make no sense is key to ensuring that only he/she supposedly understands the concepts of the new corporate IT plan. Go on video and waffle on with the same crap and you’re a media hero as well.
@D2, it has to happen - how many would pass and how many would say that that knowledge is not part of their role description? Hmmmmm……
July 24th, 2008 at 11:57 am
Yeah,
our CIOs are top notch, but apparently, some believe they don’t earn enough. I get it now. You see, this is where the ‘visionary’ stuff comes in - using one’s corporate expense cards. How visionary ! Perhaps zdnet should interview this bloke as well !!
http://www.zdnet.com.au/news/business/soa/Queensland-Health-fires-CIO/0,139023166,339290729,00.htm