The lack of trained IT security professionals is a worldwide
problem, says
Art Coviello, president of EMC's security division, RSA.
"It is a big problem. Security consultants are at a premium," he
told Computer Weekly.
RSA is lobbying governments around the world to promote
education around information security.
"We just do not have enough [security] people in the vendor
community as well as the public and private sectors," Coviello
said.
Subsidising research around information security is another way
government could help in the fight against cybercrime, he said.
According to IT certification organisation (ISC)2, there is a
critical shortage of IT professionals with skills in
security within business application software.
In September, (ISC)2 announced an IT professional certification
programme aimed at improving security throughout the application
software life cycle.
The
Certified Secure Software Lifecycle Professional (CSSLP)
education programme was developed in collaboration with several
software producers.
John Colley, (ISC)2 managing director at EMEA, said "No matter
how good the security is, if the applications run by business are
insecure, all the other stuff is largely a waste of time."