the_cia: For one who is veering off into Internal Audit, without a background in Accounting, what advice would u give ?

The description provided is very vague. Internal audit does not have to be strictly financial but I do understand as the term is used loosely. I would advice you to pursue the CISA certification which enables you to audit information systems basically helping you understand business processes, IT governance frameworks, controls

boneruns: I have been posted to Operational Risk Management department of the Bank I work as an Entry level. I hope to finally move to Information Security Management Unit. I will be following this thread to learn more.

Can IT related courses like CCNA, CCNP, Microsoft and CEH develop me more as I want to finally specialize in Information Security?

Advices please.

Yeah they would help, the caveat however is information security is not IT security although a huge component of this. In other words you have to wear a different hat most times and not think like a techie. e.g to address Governance Risk Compliance and Privacy requirements. Make sense?

sandysprax:


You have just spoken like a true Information Security Professional. They're very aware of the risks inherent in surfing the web and are therefore always conscious of what they do just like myself. I've sent you an email already. I sent it at about the same time I made my last post. Hoping to hear soon from you. Cheers!

No worries and thanks. I haven't received any mail from you checked my spam box too.

sandysprax:


Thanks for your response.


For the sake of selflessness, I'll post exactly what I'll be mailing to you on here so you can decide which of them is convenient for you to respond to. I hope this arrangement is okay by you?


I don't exactly have a question but I was just looking for some pep talk/mentoring basically. I'm looking for entry level positions to kick start my career but like someone here rightly mentioned, it is difficult finding companies here in Nigeria that are willing to accept fresh graduates with little or no experience. I've even resorted to searching for companies that will be willing to absorb me as an intern for which I'm very ready to work for free as my objective is not to make money but to build a career in this area.


I've taken the liberty of looking through your website, i.e kamhen.com and it seems to me like an IT Security Training Institute. I can also see that you have an office here in Abuja. Fortunately, I live in Abuja. I'd like for you to book me an appointment to come see you if possible for further discussions about my certification plans.


Many thanks.

@Sandysprax, It's not an IT security training institute, it works with one though. Kamhen provides information security services. Please note that IT security and Information security are not the same but are closely related.I am not in the country at the moment so we could communicate via the ether. I can't leave my email on here because it's a public forum..(don't wanna get spammed as spammers could harvest emails on here amongst other threats). you can contact me on the email provided and we can exchange details for skype and we can have a chat. That said having a CISM, CISA, CISSP helps, and getting acquainted with security standards like ISO 27001 and ISO 27005 for risk management will help put things in perspective.

@Sandysprax. I believe the initial definition was geared towards IT or information security risks. Others have expanded on this as there are other types of risk.Someone mentioned that it's a back office function..I don't see how he came to that conclusion when there is risk management at an enterprise level. You can email info@kamhen.com with specific questions and get some advice. best of luck.

Stick up for ur values if they mean that much to you. A predator like that would look at it from the point of view that no girl is worth all that trouble. Like I suggested b4 record ur conversations. Most smartphones like an IPhone can do this discreetly. I'll suggest u record every meeting with him...the files are time stamped and of great quality. Be sure that your intentions are made clear to him that u r not interested so that it's not seen as entrapment. Note that he's probably been doing this a long time and is asking a lot of other girls for the same favour.In fact if u find others in the same position u can collaborate on this by reporting the issue to the authorities. Use this leverage when u need to after u have mentioned this to some other lecturers & students u trust so they r aware. Sad that some of the suggestions offered to u by some other posters are rather poor but if u don't buck the trend this molester wud continue to do this for years to come, maybe to some of our kids still underaged till when they get to school...Best of luck

Record any meeting with him. All the conversations that wud implicate him which could act as evidence. Don't use it till when push comes to shove but at least u have some leverage

China "resolutely opposes" U.S. curbs on IT imports: state media http://www.reuters.com/article/2013/03/30/us-china-us-trade-idUSBRE92T01J20130330

Exactly @drnoel ...A thing we need to prevent....Gbawe noted that we need to help ourselves and stop whining which is basically what the report is trying to do.Note that the West are buying the same equipment from the Chinese so it's not a question of just trying to circumvent their equipment for Western companies or interests. The West is trying to protect itself and as such we should take similar steps. With the state sanctioned Cyberattacks originating from China against the West, it's just another advantage or weapon to have....So heaven forbid that we get into a diplomatic row with China....we wouldn't even be able to get to the bargaining table and they shut us down....Just a thot

Good point...we can't totally absolve the West from the same practice. There is nothing like zero risk but u can reduce the risk. Case in point you have some sort of regulation and legislation that wud reduce these risks with companies in the West, the Chinese don't have thse restrictions to deal with ...they don't even have privacy laws. That said the US will trample on rights with legislation like FISA (Foreign Intelligence Surveillance Act) which allows them to pull information from any ISP in the US on foreigners. So this forum for instance I can see has it's server in the US everything on here is monitored. So that said the same level of caution should be adopted when dealing with all of them which I think is the point here.

I don't know if u read the full report on the FB page but I don't think it's a question of not engaging the Chinese but we need to do it with caution and some intelligence to avoid the same mistakes our forefathers committed with the europeans. A lot of our african leaders are going into long term agreements whils giving away a huge amount of our resources and do not really pass on the knowledge. Sanusi's piece in the Financial Times attests to this so have a few other ppl.There is a Cyberwar going on at the moment in the world and Nigeria hasn't got a clue what's going on