[ISN] Security pros must improve, says new body

InfoSec News isn at c4i.org
Tue Feb 28 03:04:01 EST 2006


By Maxwell Cooter
27 February 2006

The IT security industry is ill-served by its existing accreditation
procedure and needs more help in handling the increasing number of
security threats. That's the view of the newly-established Institute
of Information Security Professionals (IISP) [1] which has been set up
to address the knowledge gap in this area.

Speaking at the London launch, the institute's chairman, Paul Dorey, 
said that the organisation had been formed for two reasons: one was to 
address the growing demand for information on security, and the second 
was to address the issue of professional accountability. 

He said that existing qualifications such as degree level IT security
courses and Cisco's CCSP [2] were excellent in their own way but they
were "knowledge qualifications". He said that security professionals
needed more than just technical knowledge to do their jobs
effectively, likening them to young doctors who needed mentoring after
completing the formal part of their medical training.

The IISP has been backed by industry, academia and the UK government. 
The launch was held at the Department of Trade and Industry (DTI) 
which has already applied to be one of the founder members.

The organisation's CEO, Nick Coleman said that the DTI was in good 
company. "We have more than 220 applications from individuals and 20 
applications from corporates before the formal launch. We're already 

He said that there were three types of membership: full (to be 
launched in September this year), associate and affiliate. He said 
that associate members would have to demonstrate technical expertise 
and full members would be expected to meet even more rigorous 
criteria. "We will carry out due diligence on all applicants," he 

Coleman said that although the IISP had been set up as a UK 
organisation, it had already had applications from the U.S., 
Australia, France and South Korea. "It was our intention to go global 
at some point in the future," he said but he thought that the interest 
from other countries was an indication of the need for such an 

The IISP is set to announce a series of initiatives at the forthcoming 
Infosec exhibition and conference to be held in London in April.

[1] http://www.instisp.com/
[2] http://www.cisco.com/web/learning/le3/le2/le37/le54/learning_certification_type_home.html

More information about the ISN mailing list