(ISC)2, the global organisation dedicated to training and
accrediting IT security staff, has launched an international drive
to highlight the professionalism of information
security.
What has been an ad hoc career with no universally accepted
qualifications or standard career paths is on the verge of becoming
an established profession, said Peter Berlich, board member of
(ISC)2.
The growth of compliance regulations, the need to integrate
business networks securely and the emergence of security as a
business driver rather than a cost centre are driving demands to
give security professionals the same status as engineers and
accountants.
Members of (ISC)2, the International Information Systems Security
Certification Consortium, which represents more than 30,000
security professionals worldwide, is working with some of the UK's
leading security professionals to develop proposals for a new IT
security body, dubbed the Institute for Information Security
Professionals.
The body aims to become an organisation for IT security
professionals, akin to the IEE for electrical engineers or the
IMechE for mechanical engineers. It will accredit security
qualifications, lay down minimum standards of knowledge and
experience for and create formal continuing professional
development programmes.
(ISC)2 is also taking its own steps to raise the standards of
professionalism in IT security and has declared 2005 the year of
the information security professional.
"The year is designed to highlight, evangelise and promote
professionalism in the industry," said Berlich.
(ISC)2's research has shown that security has developed from a
purely technical issue into a management issue as businesses have
had to place renewed emphasis on corporate accountability and
compliance.
Against this background, (ISC)2 believes it is time for information
security to be treated as a recognised profession, with a formal
career path and widely recognised qualifications and training
programmes.
The first stage is to raise awareness of information security as a
distinct profession. For (ISC)2 this means running a concerted
publicity campaign to highlight the achievements, skills and
expertise of IT security professionals.
The programme has won backing from a range of government
organisations, users such as General Motors, and universities and
IT suppliers.
Berlich said there was no conflict between (ISC)2's work and the
work being done by prominent IT security professionals, including
some of (ISC)2's own members, to develop a new body for security
professionals.
"Anyone who promotes specialisation is an ally," he said. "(ISC)2
is watching this closely and working closely together with the
working group."
BT develops formal career plan for security staff>>