![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://linux.community/api/v3/image_proxy?url=https%3A%2F%2Flemmy.world%2Fpictrs%2Fimage%2F66240c84-f42d-4e6c-9720-180a7f9928e7.png)
CISM and CISSP here.
For entry level, stick to hands on qualifications like sec+ and pentest+. Apply to large firms, and be mindful of the career path you want to follow (such as security engineering, secops, governance/audit, consulting etc).
CISM and CISSP here.
For entry level, stick to hands on qualifications like sec+ and pentest+. Apply to large firms, and be mindful of the career path you want to follow (such as security engineering, secops, governance/audit, consulting etc).
illegal where? do you think a website hosted in Russia or Pakistan is going to care about an american family whose details get listed there?
I’d be happy if that happened.
I’d like it to go that way too but realistically, no government in the world is going to go after a massive hedge fund or investment bank for failing to stop a company asset stripping a public utility for profit.
yes that would be awesome, but the problem is that “make it publicly owned” means “buy out their shares” which is giving them a bailout, plus “service all the debt the company is in” which is another bailout, before you’ve even got started with fixing the horrible lack of investment over many years
so the shareholders pull their funds, the water companies struggle and the taxpayer has to step in to bail them out.
problem is then that shareholders will pull their money and invest elsewhere leaving the taxpayer to pick up the pieces. clever privatisations always leave the public purse to bail out any losses 😒
the solution: don’t privatise in the first place. it’s like selling all your shit at a pawn shop
would love to but where does the money come from to buy out all the shareholders? you would need to raise tens of billions - remember we just spent £10bn to give people a 1% tax cut
and before you say “fuck the shareholders,” remember that lots of them are your pension fund
i thought he was doing a poo
yes but then the US doesn’t expect to sell huge quantities of its cars in China and upset the market. Nor would China permit that.
Except it’s not capitalism when China does it, it’s socialism. The EV manufacturers like BYD have had massive subsidies from the state to bring those products to market, and that level of state support and intervention is not palatable to Americans.
Political, Climate change and National Security concerns aside, the subsidies are how the US government are about to justify the tariffs.
yes so you’re agreeing with me
Yup, but you have to think “how would malicious software/spyware/whatever get in our source code and if it does, how would we detect it?”
that’s where ISO and SOC II add value and give some assurance that detective, preventative and corrective controls exist and are working to prevent an issue.
If the company maliciously inserts back doors into closed source code and sells it like that, no amount of external audit is going to defend against that because they’ll just hide the code from the auditors.
the closest you’ll get is probably SOC II Type 2 or ISO 27001. While nowhere near perfect, those certifications validate that organisational controls such as change management, employee background screening, SDLC and production access controls functioned over the past 12 months. An external audit by an accredited specialist is required to obtain those certifications.
it’s pro hoc, not cum hoc. which is to not say that it is not objectively, very funny.
place one solar panel on your roof, connect it to your mains input, all possibilities of reliable energy use disaggregation go out the window.
no we gots to find money for tax cuts and also to buy more weapons and stuff.
*prick
I’d love a small box with a button that literally just calls my phone, has a mic and speaker and nothing else, no screen, no software, no proprietary lock-in. just a button.
sounds like “how to get prescribed as a terrorist organisation 101”