21 Sept 2005
An institute for IT security experts will be set up in January next
year to improve professionalism throughout the computer security
The organisation, backed by the Department of Trade and Industry, the
Cabinet Office and major UK firms such as BP, BT and The Royal Bank of
Scotland, aims to promote professional standards and provide mentoring
and work experience.
The plan was first announced in January this year, and Computing has
learned that it will start up in early 2006.
The Institute for Information Security Professionals (IISP) will
certify security experts in a similar way to many other professions,
such as the British Medical Association for doctors.
IT security professionals who qualify for membership will have to
adhere to a code of conduct and attend workshops.
"Knowing that someone has the experience, qualifications and adheres
to a set of ethics is very important. It will improve confidence in
the security industry and help when it comes to choosing people for
jobs," said Nick Coleman, chairman of IT security suppliers group
Saint, which is involved in the project.
The organisation has already conducted market research to identify an
acceptable membership fee, and is in discussion with existing
institutes which may be appointed to run the scheme independently.
"Doctors leave university with some of the best sets of degrees out
there, but they don't immediately get a scalpel and start operating,"
said Paul Dorey, IISP founder and chief information security officer
at BP. "They have mentoring and coaching before they are allowed to
operate, and similar standards should exist in security."
Development of the IISP is being led by Fred Piper, professor of
security at University of London's Royal Holloway College, but
leadership is expected to be handed over to an elected leader when it
has an independent infrastructure next year.
InfoSec News v2.0 - Coming Soon!