Breaking into security

The time is right to consider focusing on a future as an IT security professional, as threats the skills to counter them continue to increase

Tags: BCS The Chartered Institute for IT (www.bcs.org/)
  • E-Mail
Breaking into security Dr Mike Westmacott, MBCS CITP, is a security consultant and member of the BCS.
By  Mike Westmacott Published  May 5, 2014

Have you considered a career in security? Mike Westmacott, MBCS, CITP, says the time is right to consider focusing on a future as an IT security professional, as threats the skills to counter them continue to increase.

It may seem sensationalist to say this, but we might be running the risk of allowing cybercriminals to gain an advantage over the professional IT community. In order to understand if this statement may be correct we need to consider a number of factors.

It’s never been a better time for cybercrime. Computer usage is increasing, for both social and business areas, and it will continue to do so. This naturally leads to an increase in the ways in which we as individuals and the organisations we work for may be attacked. Not only do the numerous gadgets and systems that we have increase the technical attack surface we expose, but our personal attack surface also increases as we place ever more information about ourselves onto the internet.

In order to stay consistently ahead of a moving opponent, the criminals, organisations, and states that pose a threat to us, we must not just develop technical solutions, but work to improve our capability in all areas of information security — a strategy being adopted across the globe.

For example, in the Middle East where cybercrime attacks on individuals, Government services, utility and financial services and businesses are on the increase, a recent report from Mohamed N. El-Guindy, Information Systems Security Association, Egypt Chapter, Founder and President, suggests that Middle East states need to understand that off-the-shelf technologies will not solve any security issue but it might make things worse. The report goes on to say that states need to address their internal issues and invest in their human capital to adapt with the 21st century or the consequences will be more dangerous in the years ahead.

In the UK, the National Cyber Security Programme  is investing £650 million into information security over four years  to ensure that the sector develops at the rate it needs it. A significant proportion of these funds will go towards training and education; highlighting that both professional and public education is a key objective of the programme. This boost means that the information security industry in the UK will be able to continue to expand and the demand for practitioners that are highly skilled and, more importantly, those that are starting their career in the sector will become even stronger than it currently is.

However, the opportunities for roles in cyber security are not limited to the UK, businesses across the globe, are recruiting for experts in this increasingly important field. In the Middle East, as in the rest of the world, roles in cyber security are becoming ever more in demand and the variety of roles that are open offer great opportunities for individuals looking to start or diversify their career. While many of the primary roles require expertise in some area of IT, at the same time the increasing number of businesses directly involved means that there are also typical back office and business support positions as well.

For anyone who is interested in pursuing such a career BCS, The Chartered Institute for IT offers a range of advice and options including a career pathway (see next page) plus an innovative simple online process to determine what type of role would be suitable, which also applies to other careers. The process is being developed and offered by the BCS Young Professionals Information Security Group (YPISG), which is providing online resources that will allow professionals to perform this type of analysis themselves. It will draw on resources such as SFIAplus and will provide a skills matrix and a mapping to different types of jobs.

Once you know what you want to do, BCS can also help you develop a training and career path to reach your goal.

Different roles will have different entry level requirements. BCS offers a wide range of professional certifications to help you start your career in information security, which address the need to ensure the confidentiality, integrity and availability of information assets. With a broad based foundation course which provides a comprehensive overview of all the key principles of information security, you can progress to practitioner certifications which provide more in depth insights into information risk management and business continuity as well as data protection and freedom of information legislation.

BCS certifications are internationally recognised and have been developed in line with widely accepted and proven best practices. They are aligned to the ISO/IEC 27000 series and BS 25999 standards, such as the BCS Certificate in Information Security Management Principles which provides you with a good knowledge and understanding of the wide range of subject areas that make up information security management including risk management, technical and management controls, legal framework, people and physical security, security standards and business continuity. Other options include Certificate in Business Continuity Management, Certificate in Data Protection, Certificate in Freedom of Information, and Certificate in Information Risk Management.

BCS is committed to developing its Information Security portfolio and will be launching two new certifications in the near future.

The Institute can also support IT professionals through its range of specialist groups and branches, including four specialist groups that focus on security. They regularly run events each year and produce the Aspects of Identity Yearbook, looking at the security issues that professionals and society need to address.

If you’re looking for an exciting role in an area of IT that is expanding, take a look at the careers that are available  then take the time to demonstrate that you’re capable of making that career a reality. The person best placed to do this is…you.

Dr Mike Westmacott, MBCS CITP, is a security consultant and member of the BCS.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code