nA cybersecurity professional for over three decades,nnShera Thackery Bake, ISSMP, CISSP, has had a lengthy career inspired bynher father’s military service and early work on the space program.nn
nnMost of my early life was brought up with an understanding of the need fornsecurity. My father was in finance and accounting in the U.S. military andnwe lived in many locations in the U.S. and Europe following World War II.n
nnAfter getting my Masters degree in mathematics, I was required to have a TopnSecret and above clearance level in order to work on the Apollo spacenprogram. We used computers from many locations via phone line communicationsnthat were not readily available to most businesses. If fact, unless you hadna huge budget your business did not use computers at all at this point.n
nn
nThe Evolution of Computing
nn
nnWith the advances of the space race and in computing generally, times andntechnology changed and brought about the notion of time-sharing and thenarrival of smaller computers like those from DEC, GM and Honeywell fornmid-size businesses. Time-sharing allowed small business to buy time fromnothers, such as those with mainframes with unused capacity, to supply theirncomputing needs. However, the security for protecting a company’s data fromnothers using the same machine was scant to non-existent at this early stagenin what we now consider the modern era of computing.n
nnI changed jobs to work for the State of Florida’s Auditor General on ansystem being developed for State agencies to record their accountingntransactions and then be used by auditors (both internal and external) tonprepare information for legislative staff, along with state-wide financialnstatements for the federal government, which are audited by the AuditornGeneral.n
nnThis system was in need of security procedures and methods, but software tonassist with this was not yet available but being designed be vendors likenIBM with RACF. Because of my background in this area. I was assigned to comenup with solutions to the security problem. I was sent to a securitynconference sponsored by Computer Security Institute looking for ideas. Atnthat time ISC2 was being established, creating a new certification, thenCISSP, and looking for people with security experience to develop thencertification exam. I got the forms and filled them out and was accepted. Mynoffice was thrilled.n
nn
nCISSP Created Career Options
nn
nnBecoming a CISSP was a door opener for me in my job as an auditor of ITnsystems. I was able to pitch to legislative staff the need for a securitynmanager position within state agency IT support functions. Then, I worked tonget Florida statutes written to require each agency to have a securitynmanager and a CIO. We then set up a state organization with a state CIO andnstate security manager. This state group was required by Florida statute tonprovide guidelines, standards and rules for agency IT to use to protect ITnresources and data. Later the law was amended to add a privacy officer.n
nnNext, we started monthly meetings of all the agency CIOs and separatenmeetings for the agency security managers. Most of the people assigned tonthese positions needed help in understanding what cybersecurity was and whatnthey needed to do. With the help of many great state employees, weneventually convinced the Florida legislature to provide training funds to benused for courseware and exam preparation for the CISSP exam. We also startedna Y2K project in the late 1990s to ensure that switchover at the millenniumnwent smoothly. It did, thanks to a multiagency project that provednsuccessful. The presidential election in 2000 was a major challenge at thatntime and helped us get the attention we needed for investment and expansion.nThe events of 9/11 also proved to be a pivotal moment, that refocusednattention and state investment on all things security.n
nn
nCybersecurity and Natural Disasters
nn
nnIn 2004 and 2005 Florida experienced many hurricanes. The lessons we learnednfrom hurricane Andrew in 1992 changed our continuity of operations plann(COOP) plans and procedures assisting us through these events. Followingnthese major incidents, the funds for additional professional developmentnwere provided and we started getting all our security managers and staffncertified with CISSP.n
nnFlorida as a state government continues with a committed staff who providencybersecurity for all types of services to its residents. The growth ofncomputer usage by citizens has exploded since the desktop PC and internetnconnectivity became commonplace. We continue to grow in population and arengrateful for the state officials who continue to see our vision ofncybersecurity that began many years ago.n
nnI retired after 35 years with the Office of the Auditor General, but stillnstay in touch with some of my colleagues who served to make the State ofnFlorida such a great place to live. Many who earned their CISSPncertification have also achieved advancement in their careers as a result.n
nnThank you ISC2 for 30+ years of work and support of the CISSP certification.n
n- n
- n Find out more about the CISSP certificationn n heren n n
- n Download then n CISSP Ultimate Guiden n to learn more about the CISSP along with the career and qualificationn pathways it supportn n
- n Then n CISSP exam changes on April 15, 2024n n , read about the changes and our Peace of Mind Protection that includes an second exam sitting, if neededn n