
The increasing organisation of those looking to compromise computer systems means security practitioners have to become more professional, says Rolf Moulton, interim CEO of The International Information Systems Security Certification Consortium, which refers to itself as (ISC)2.
(ISC)2 is a US-based organisation which provides professional certification of computer security practitioners, maintains ethics and provides continuing educational programmes for this sector.
Earlier this week the (ISC)2 international board held its first meeting in SA and ITWeb spoke to its interim president and CEO Rolf Moulton, who says the trend within IT security is to move towards risk management, rather than countering of specific threats.
"Naturally, threats to security systems are becoming more motivated for financial gain, rather than just intellectual and malevolent acts. This means financial institutions are likely to be the most heavily targeted," he says.
There is an international move throughout the corporate world to employ IT security specialists with the appropriate qualifications in order to meet governance and legal standards, Moulton says.
"From what we have seen, corporations have a great need for certified computer security professionals and the demand far outstrips supply."
(ISC)2 was formed in 1989 and has about 40 000 certified professionals worldwide. Moulton says the organisation is placing a special emphasis on Africa and South Eastern Asia.
"The use of computer systems in those two areas has seen explosive growth and there is a corresponding need for security," he says.
(ISC)2 offers two security certifications: the Certified Information System Security Professional (CISSP) and the Systems Security Certified Practitioner, with the former considered to be the higher standard.
Locally, 211 CISSP qualifications have been attained since 1997.
Share