notacomputergeek

I have four college degrees but decided to try to get my first certification – ISACA CISM. I chose the CISM, because of my interest in the management side of information security. Over the last several years, I’ve also noticed that IT staff’s focus is now centered around cybersecurity – protecting IT systems from malicious attacks and making systems more resilient.

I see some similarities of cybersecurity and what we went through with Y2K. Cybersecurity is somewhat based on due diligence as was Y2K. If something bad happens, you will have to prove that you took the necessary steps to protect your environment or risk being sued. The difference is that Y2K is based on one event in time and current cybersecurity practices have no end in sight.

To help me complete my CISM Certification journey, last week, I became a member of ISACA, started reading ISACA’s website suggestions and resources, and bought a book that also had a companion book with exam questions. I’ll try to keep you updated on my progress.

A bit of my history
I was an IT Manager for a company leading up to Y2K and we spent 2 years preparing for this event. The company hired a Y2K Manager from internal staff and the IT team spent many hours attending meetings and testing our systems to make sure we didn’t wake up to a nightmare scenario on January 1, 2000. As much as I knew about our preparation and many other companies’ preparation, I knew nothing bad would happen, but we were all at work past midnight making sure everything was still running. To this day, I think the Y2K hype only benefited the lawyers who profited from rewriting and advising on contracts, disclaimers, and policies.