Vikas on Security

The conventional way to gain knowledge about a field, before joining the industry, is to get certifications or acquire a degree.  The first can be done by self study but requires a considerable investment of money and suffers from the lack of feedback and interaction among peers. The latter is much more involved experience but costs a lot in both money and time required. It also is not a viable option for people in full time careers. A new entrant to the field is MOOC or Massive Open Online courses pioneered by  Coursera .                 There are a large number of courses on Coursera and its major rival  Udacity .  Though the courses were initially skewed towards computer science but slowly courses on other fields have also also started showing up.  The courses have classes based on Video Lectures supplemented by Quizzes, Mid Term and Final Tests along with peer reviewed assignments. One interest...

ISACA is a non profit organisation which conducts 4 exams in the Information Systems field. These are the CISA for IS Auditing ,  CISM  for Info Sec Mgt, CRISC for Risk Mgt and CGEIT for IT Governance. To give these exams it is beneficial to become a member as it gets discounts on the exam fees and study aids. For example I have listed the exam fees of  CISM  exam for June 2013 exam below. Member Non-Member Online* early registration deadline fee US $410 US $585 Online* final registration deadline fee US $460          US $635                The member fees is 175$ less than a non member. However, the membership fees is 135 $ for online application plus chapter fees ranging from $15 to $25 depending on where you are residing. So the effective discount is 25-30$ only. However, being a member also entitles you to discounts on v...

There are number of certifications which can one can pursue and obtain  in the field of Information Security. The main ones are             (a) CISSP  (Certified Information Security System Professional) from (ISC)2 -   -  Very technical and exhaustive.            (b) CISM (Certified Information Security Manager) from ISACA  - Focused on Management aspects and covers various standards and less technical than CISSP                        (c) GIAC Security Essentials  from SANS. - focused on basics                        (d) Lead Auditor ISO 270001 - very broad and based on the ISO standard  In this post I am going to give you a brief overview of  CISM certification  in terms of eligibility, procedure and study material required for this ex...