Information Security: Starting Out

Going from technical guru to Information Security Manager can be a bigger step than you might think. Taking on the role of IT Security Officer in an enterprise that treats information security as an IT problem can offer many challenges and many opportunities to learn. Each organisation is unique and identifying those approaches that do not work is an important step forward in the journey to an effective information security program. This paper is focused on delivering some broad guidance to the newly appointed information security professional. A direct reflection of the author's experiences, it targets administrative areas that are often over looked by those with a strong technical only background.