I introduced my security resource education initiative last week (click here if you missed it). Each week, I’ll present six leading resources which will be useful to all information security professionals as well as many IT professionals.

As everyone knows there is no end to the professional development efforts for any professional and this column is dedicated to providing resources that will be useful for all IT security professionals and IT professionals to study and learn.

They are provided to support the improvement of your organization’s security practices and security posture, and always remember, there is no better way to learn than by doing.

The resources provided this week include guidance regarding:

• the insider threat issue,

• leading methods for developing secure Web code,

• what security is truly facing (a war), and

• a Web site dedicated to the ISO27000 security standard series.


Dan Swanson