Dragan on Security

Recent statistics show that a professional security certification will enable information technology security workers to earn higher salaries. For example, a Foote Partners study released the first week of July concludes that security professionals with security certifications earn up to 15 percent more than their non-certified colleagues. And from October to April, a group of 27 security certifications examined by the Foote study grew in value by an average of 1.7 percent. Foote Partners CEO David Foote says that demand for certified security professionals is growing following a recent downturn. And the demand is being driven not by compliance and government regulation, but by customers who are “demanding more security” from companies. The fallout from major data breaches such as the TJX breach has caused consternation among corporate executives, prompting many executives to make additional commitments to security. A Department of Defense mandate requiring certification from IT security professionals is also increasing demand for certified security professionals, says Foote.

Full article: Salary premiums for security certifications increasing, study shows.

How theory has been applied in practice - Peter Brundrett, the PM behind the integrity levels work in Windows Vista has written a very detailed whitepaper on the subject: Windows Vista Integrity Mechanism Technical Reference.

My son (14 years old) created and published new game. You can download it HERE. It has got 50 levels of adventure. Feel free to download, comment and give suggestions. Enjoy!

Paper in ComSIS journal (see here and here).

Abstract. This paper presents preview of the new book titled “Security of Computer Systems and Networks” (original in Serbian language “Sigurnost računarskih sistema i mreža”) – textbook for University lectures, but also a book that covers majority of important areas concerning current state of security. The book is the result of lecturing experience, research in this area, and also practical experience that authors have in many fields, including but not limited to architecture and design of security products and software, network projects, consultancy, analysis of issues and problems and providing solutions to them. It is not just a textbook for students, as it is suitable for all IT professionals and also for company management including IT as well as general management for companies, organizations and government agencies that base their vital infrastructure on computer and mobile technology. It is suitable for decision makers and for people who want to get almost complete overview of the computer and network security as it is now. In some areas of computer security, such as intrusion prevention and detection systems, e-commerce, and proper network and operating system security administration, this book goes one step further, presenting some novelties in the field and suggesting new solutions for actual problems.

Read press release here.