Demand for security certification grows with governance pressures

The development of increasingly stringent corporate governance regulations, ranging from Basel 2 to Sarbanes-Oxley, is fuelling a...

The development of increasingly stringent corporate governance regulations, ranging from Basel 2 to Sarbanes-Oxley, is fuelling a growing demand for accredited IT security experts.

The International Information Systems Security Certification Consortium (known as (ISC) ²), the professional body for IT security experts, said that its membership had grown rapidly over the past two years as governance assumes a higher priority in businesses worldwide.

The organisation, which developed the Certified Information Systems Security Professional (CISSP) qualification, considered a "gold standard" for information security staff in the US, said regulations such as Sarbanes-Oxley are raising the profile of accreditation in the UK and Europe.

John Colley, (ISC) ² president and head of information security at the Royal Bank of Scotland, said that over the past six months increasing numbers of companies were beginning to specify CISSP qualifications in recruitment advertisements.

"What we are seeing in the US with Sarbanes-Oxley is that the executives of corporations have to have a means of understanding risk. Bearing in mind that Sarbanes can put directors into prison, they want to make sure they have sound processes and people in place," Colley said.

The organisation, which has begun a campaign to highlight the advantages of employing accredited security staff in Europe, claims that CISSP provides businesses with a quality benchmark for recruiting security professionals.

"If I am recruiting someone, if they have a CISSP, there are a lot of questions I don't need to ask them," said Colley.

The number of CISSP-qualified professionals in the UK has grown over the past two years from a few hundred to over 1,000, and is increasing at the rate of 25 a month, said Colley. Worldwide, there are 25,000 certified professionals.

US research suggests that the body's members, who have to keep their skills up to date each year to keep their CISSP qualifications, can earn salaries more than £2,750 higher than non-accredited security staff, and in some cases £5,500 greater.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.