Plans to “professionalise” the information security have been described as “too rigid for industry”.
According to John Colley, managing director for (ISC)2 EMEA, the report from the Department for Business Innovation and Skills were worrying due to an over reliance on the CESG Certified Professional (CCP) as a foundation for all skills development in the United Kingdom.
“I fear the CCP scheme will not meet the needs of the commercial sector. This scheme goes into fine detail to define roles, several levels of competency specific to those roles, and locks everyone into a rigid, expensive, and over-complicated process, for maintaining something that is never going to be fit for purpose,” says Colley.
The paper detailed the government’s support for cyber skills development and specific initiatives to be funded in 2014/2015. Among some very welcome commitments to work with industry on skills and work experience initiatives, the scheme would form the basis for the development of university curricula, funding incentive schemes through the Higher Education Authority; and to provide guidance for business of all sizes.
Colley said that the CCP scheme, originally launched for government in October 2012, has been developed based on the IISP skills framework published in 2007 after no communication around how the CCP scheme is to be kept up-to-date. GCHQ, the government’s intelligence and security agency, was tasked with developing the CCP scheme.
Colley said: “GCHQ brings a lot to the table, but it is not the only perspective that is relevant here. It is important to see strong endorsement from government for cyber training and education programmes, but one with such a narrow focus is limiting. By the time everything is documented and published, there is a huge risk that requirements will have changed.
“We need to cultivate volumes of people with solid foundations to develop and adapt in what is a very dynamic field of practice. People following the CCP scheme will be locked into a focussed career path and struggle to move laterally, which is exactly how people develop that all-round knowledge and experience that allows them to advance in the commercial sector today. I would like to see a broader, more inclusive approach that allows market-influenced development to continue to respond to the very fluid requirements of the profession.”
