Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

(ISC)² says governments need infosed community to drive strategy and standards

With its own research anticipating a doubling of the workforce by 2015, the association says it is encouraging policy makers to leverage the collective expertise of the professional community to address skills requirements, as well as their defenses.

John Colley, CISSP, the association’s managing director for EMEA, has called for this issue to be acting upon by Western governments, if they are to stay ahead in the world of IT security.

Colley, who made his comments today at the opening of the 4th annual MEDays Forum - which takes place over the next four days in Tangiers, Morocco – has called on political leaders looking to drive the cyber security agenda forward by investing in three key areas.

Building on the comments that he made with Infosecurity at the RSA Europe event in London last month, Colley noted that security skills and competency requirements do not appear to be high on the international discussion agenda.

“I believe many countries are examining the capacity and competencies required for national security, but there is a risk of too much focus on national politics rather than a real understanding of what is required”, he said.

“They should be careful not to work in isolation. Nationally focused schemes risk confusion in a landscape that requires an ability to communicate and operate across borders”, he added.

The three key areas that Colley is looking for IT security specialists to focus in on include better engagement with the information security profession, raising the skills development for future, and increasing public awareness and education on the need for IT security.

Policymakers, says the (ISC)²,’s managing director, need to leverage the collective expertise of the profession and support information and knowledge sharing during the cyber security strategy development and competency assessment process to avoid the development of poor policy at a very high cost to the public.

On the skills development front, meanwhile, Colley argues in favor of skills development for the future – governments and academics should be looking to resource for the future in terms of workforce, generational instincts and skill requirements.

There is, for example, a real gap across the EMEA region with most academic programmes targeting the lucrative working student with graduate MSc programmes.

Public investment should encourage career interest and unearth instincts at an earlier stage, while public-private partnerships should support the development of skills that are in demand in the workplace.

Finally, Colley recommends that there needs to be better public education and awareness on security issues - many governments and organizations, he notes, have undertaken programmes to create public awareness of the threats and educate all age groups on the safe use of IT and the Internet.

This is, he says, another area in which there is a growing body of collective international experience and an active professional community that can serve as an essential resource in all countries to meet this need.

Colley - who currently chairs the UK government information assurance professional bodies advisory group – said that the international professional organizations, who have harnessed the collective experience of subject matter experts at the top of their field representing private and public sector organizations alike, put a great deal of effort into establishing the foundations for a common understanding across the globe.

“They represent a cohesive community that serves as a significant resource to all stakeholders, including policymakers, the academic community, and many other social and publicly focussed organizations”, he noted.