Delegates in favour of new body for security professionals

IT security professionals attending the ISSA conference are working to establish their own dedicated professional body.

IT security professionals attending the ISSA conference are working to establish their own dedicated professional body.

In a straw poll conducted by Computer Weekly, members of ISSA overwhelmingly backed plans to create a professional body to provide standards for IT security professionals.

The proposed body, dubbed the Institute for Information Security Professionals, has won backing from some of the UK's largest organisations, including BP, BT and the Royal Bank of Scotland.

Paul Simmonds, ICI's global information security director, said a new body with entry requirements would make it easier for employers to recruit qualified professionals. "If you are trying to recruit someone, how do you know they are any good?" he said.

Chris Simpson, head of Scotland Yard's computer crime unit, also welcomed the plan. Many computer crimes are the result of poor security, he said. "The more we can raise professionalism in IT security the better," he said.

Joe Wright, a security professional with a financial organisation, said there is a case for a new body to supplement the British Computer Society, now that security is beginning to emerge as a separate discipline from the rest of IT. "When the BCS started there were no viruses and the world was very different. It was a different industry and security was not public facing, so I think there is a case for having a new organisation," he said.

Karthikeyan Shanmugam, a security professional and researcher at Brunel University, said that a new body would encourage security professionals to collaborate and share best practice.

"I think it is a good idea," said Terry Schraider, security consultant. "I think we could do with a certain amount of regulation of the industry. The thing that interests me more is having standards and methodologies."

"If there is a well organised forum where you can share best practice, that would be helpful," said Kevin Reagan, Cisco security consultant.

Steve Coates, an IT security professional, said a dedicated body for security professionals was not before time. "It has been a long time coming," he said, adding that a professional body would make it easier for employers to identify and hire high quality IT security people.

Colin Hart, a security consultant, welcomed the proposed organisation. "It is a great idea. Whether the practicalities can live up to the hopes, I don't know," he said.

Andy Jones, a security professional with BT, said that a new body could help to separate the good security professionals from the bad. "There are too many people who call themselves security professionals," he said.

Read more on IT risk management