International information security professional and certification body (ISC)2 has revamped its advisory board to mobilise members of the professional community and shape public policy.
Each member of the new advisory board for Europe, the Middle East and Africa (EAB) is to champion action by information security professionals in industry, government and special interest groups.
They will engage with and mobilise the region’s professional community, including the 12,000 (ISC)2 certified members in Europe, the Middle East and Africa (EMEA).
The EAB is one of six regional and subject-focused advisory boards managed by (ISC)2 around the world.
The restructure is aimed at addressing a consultation gap in public policy and to enhance the infosec professional community’s ability to affect broad efforts to protect society.
To achieve this, the EAB will co-ordinate cyber security consultation and volunteer support from across the professional community.
Initiatives will be aimed at protecting communities from cyber crime; improving the public’s ability to defend itself against cyber risks; and addressing the acute shortage of skilled professionals to meet current and future requirements in information security.
“The international professional security community has a significant role to play in the development of our digital society, and we are giving that community a voice through the EAB,” said John Colley, regional managing director for (ISC)2 and co-chair of the EAB.
“Information security has become a top priority, with disparate strategic interest groups and government actions proliferating at a rate that risks real confusion. As the largest body behind one of the first professions to develop at an international level, we have a great opportunity to build on foundations of recognised, internationally accepted principals of practice while offering input that can be politically agnostic and relevant across national borders,” he said.
Colley believes the new EAB will help boost the profile of the infosec profession, which will lead to wider consultation of its members on security issues of public interest.
"One of the key areas of action by the EAB will be ambassadorship programmes, which will enable members to talk about what they do," he said.
The EAB was restructured in response to members' desire to give back to society, while addressing a significant consultation gap in public and industry-led efforts to address cyber security issues, said Richard Nealon, member of the (ISC)2 board of directors and co-chair of the EAB.
"The current instinct is to consult big industry and vendors with very few discussions actually including the information security professionals tackling the issues at hand. The EAB will work to balance the perspective,” said Nealon.
The initiative builds on the recent launch of the (ISC)2 local chapter programme, with chapters open to all information security professionals, Colley told Computer Weekly
Since this programme’s September launch last year, over 20 applications have been received from both small and major market countries to form chapters in the EMEA region, he said.
John Lyons, chief executive officer of the International Cyber Security Protection Alliance (ICSPA) said: “We anticipate the efforts of the EAB will extend our reach and contribute a wealth of knowledge to the work we are undertaking to raise standards in the international fight against cyber crime.”
(ISC)2 has signed a global memorandum of understanding with the ICSPA to support its work with law enforcement agencies and governments around the world.
“Having the weight of such a large professional community represents a real contribution. We look forward to working together," said Lyons.
Karen Price, chief executive of e-skills UK, said: “Ensuring that the UK has a workforce, from entry level right up to the board, that is aware of cyber security threats and able to tackle them, is a real priority. We are committed to improving expertise across industry and collaborating with employers, training providers and organisations such as (ISC)2 to achieve this.”
Judy Baker, chair, Cyber Security Challenge UK, said (ISC)2 had been an active supporter as a professional association.
"We look forward to receiving the support of their broader membership, as our ambitions are to reach out to wider audiences within the UK, do more with younger candidates and potentially share and partner with other nations. We welcome the direction and position (ISC)2 is taking," she said.
The Initial programme agreed at the inaugural EAB meeting last month includes:
Input from the profession into the International Cyber Security Protection Alliance (ICSPA) Project 2020 – an initiative led by Europol to predict cyber crime trends
- A review of and outreach to the growing number of public and special interest groups working on the development of a common understanding of IT and information security skills requirements in Europe, including eskills UK and the Council for European Professional Informatics Societies (CEPIS);
- An academic special interest group led by (ISC)2 members who work in academia to examine gaps in undergraduate curricula, such as the lack of security content in computing courses and other concerns;
- Support for the Cybersecurity Challenge UK, including the development of an online virtual challenge in secure software development and efforts to enhance visibility for diverse career opportunities;
- Expansion of the goodwill programmes run by the (ISC)2 Foundation, in particular the (ISC)2 security awareness initiative for school children, Safe and Secure Online, into seven new European countries.