Energis encourages staff to gain international security certificate

IT services and telecoms supplier Energis has begun a training initiative to encourage its IT security and sales staff to extend...

IT services and telecoms supplier Energis has begun a training initiative to encourage its IT security and sales staff to extend their skills and gain internationally-recognised qualifications in security technology and techniques.

The company believes the initiative will give it the edge over competitors, by providing it with a pool of highly skilled security experts who will be able to liaise with end-users and have the knowledge to understand and solve their security problems.

Dean Smith, who joined Energis as director of security management from Barclaycard last month, said the training programme was among the most ambitious in the industry.

About 20 sales staff and 42 IT staff are taking part in the five-level training programme, which covers everything from management skills to highly technical aspects of security.

The company said it is encouraging all of its staff to gain the certified information systems security professional qualification. Energis is laying on intensive one-week boot camps to train staff for the qualification.

Employees will then go on to take a more advanced "general security expert" qualification, which tests the competence of staff in responding to security incidents, configuring firewalls, and intrusion detection systems.

The qualification, which requires a series of exam passes, usually takes two or three years to attain. Staff have to resit their exams every two years to keep the qualification - ensuring that they keep their skills up-to-date.

Smith said the quality of the training was one of the things that attracted him to joining Energis. "This is unique in the industry. The amount of rigour is greater than anything I have seen before," he said.

The heavy investment in training motivates staff and helps Energis to retain talented employees, he added.

Smith takes over responsibility for security teams throughout the Energis business, dealing with areas as diverse as managed services, incident response and patch management. He plans to bring the teams together to work to a more coherent strategy.

Energis, which provides services to the BBC, Boots, Tesco and the government, has increased the number of security staff it employs over the past 12 months from 12 to 28.

CISSP exam structure       

The certified information systems security professional examination consists of 250 multiple-choice questions. Candidates have up to six hours to complete the examination. Ten "information systems security test domains" are covered in the examination:  

  • Business continuity planning  
  • Access control systems and methodology  
  • Applications and systems development  
  • Cryptography  
  • Law, investigation and ethics  
  • Operations security  
  • Physical security  
  • Security architecture and models  
  • Security management practices  
  • Telecoms, network and internet security.

Read more on IT risk management