Saturday Sep 21, 2024
Saturday Sep 21, 2024
Tuesday, 17 December 2013 00:01 - - {{hitsCtrl.values.hits}}
At a press briefing held last week in Colombo, International Information Systems Security Certification Consortium Inc. (ISC)2 Executive Director Hord Tipton said: “(ISC)2 is the world’s largest not-for-profit body dedicated to cyber security. At present, all businesses are going global and to maintain the consistent standards of our members, we follow international certification and accreditation criteria. Over the last two years, we grew to 108 chapters with over 90,000 members in more than 135 countries, and soon we will pass the 100,000 membership mark. All our members are very enthusiastic about their volunteer work roles with (ISC)2.”
Further elaborating on Tipton’s statement, (ISC)2 Managing Director Asia Pacific Clayton Jones said: “These certifications help us connect with professionals who are well versed in the current context of cyber security. At present, around nine countries in Asia provide the necessary training to enhance the skills of these professionals and from today, the (ISC)2 Sri Lanka Chapter will be authorised to conduct training and examinations to issue credentials.”
Training and education
“The need for people is huge in this sector, especially for skilled professionals. Many individuals who get into the information security sector are highly qualified, however, they need the necessary skill sets to continue their work in this field. Training and education, as I see it, is a lifelong process. It is important that the right material is used across the board. Our training and certification will enable our members to become fully knowledgeable, not only in their field of choice, but also work hand-in-hand in the entire sector,” Tipton stated describing the training process.
Jones observed that (ISC)2 has the best education modules and that they rely on their volunteers around the world to conduct training programs. “I have to say at this point that without the support of Lal Dias and his team, we wouldn’t have possibly established an (ISC)2 chapter in Sri Lanka. I must add that these certification courses will be provided at an affordable rate. A course we conduct for US$ 2695 in other parts of the world will only cost about US$ 800 in Sri Lanka.”
Position of SL CERT
Lal Dias described CERT-CC role and its key focus in the country as a Government body: “CERT-CC stands for Computer Emergency Readiness Team – Coordination Centre. Established in 2006, we are a subsidiary of the Information and Communications Technology Agency (ICTA) of the Government of Sri Lanka.
“We are committed to protect information technology users in the public and private sectors, and the general public by providing up-to-date information on potential threats and vulnerabilities, and undertake computer emergency response handling services. Though we recruited highly qualified IT graduates during our initiation, we had to train them to become cyber security professionals.”
To date, he added, Sri Lanka CERT-CC, along with the ICTA, has assisted individuals and organisations in creating awareness and building proficiency in cyber security. Over the last two years, (ISC)2 also came in as sponsors for the Cyber Security Week and has also provided their resource persons to conduct training programs.
Cyber security: Need of the hour
Reiterating the importance of cyber security, Tipton stated that at present, most information security professionals are converts from other sectors. “As a 25-year-old international body, we now understand that cyber security is becoming increasingly vital. Our members need to have the necessary awareness to act on cyber threats and overcome the challenges ahead of them.”
He added: “We need to be more concerned about our future generations who are vulnerable and exposed to things that they see online on a day-to-day basis. In a recently conducted survey, we found out that the use of social media is rapidly increasing among children who are 10-14 years. We need to create awareness and educate them on how to be safe while using online applications and networking sites.”
Tipon then highlighted three key areas that need to be focused on:
1.Make children aware that things that they post online will be stored for years in the respective social media site’s servers.
2.To match the challenging career aspects, educational systems need to be prepared. They need to include information and online security aspects in to their ICT modules.
3.Individuals need to be trained to become ethical computer security experts (White Hat).
As part of its CSR portfolio, (ISC)2 conducts free training programs on cyber security for schoolchildren and is also looking at introducing a training program for senior citizens as well. At present, it has conducted training programs for over 130,000 schoolchildren across the globe.
“Since we are training school children and educating them to take a new career path, we are using the assistance of school teachers to prepare the training programs. Therefore, the teaching methods prove to be more effective,” he noted.
