Who Will Protect Our Way of Life?
By David Shearer, CISSP
The modern world is driven by data. To keep our vulnerable tech infrastructure safe and build the resilient cybersecurity workforce of the future, (ISC)² sets the bar with cybersecurity certifications, professional development and advocacy to keep up with the global demand for expertise.
Take a look around the room you are sitting in. What is important to you that you want to protect? What is precious or potentially priceless to you that you want to keep safe? If you’re at home, perhaps it is a loved one or a cherished personal item. If you’re in your office, maybe it is your laptop, with massive amounts of private data connected to your personal, financial and professional existence.
We all have things we want to protect for many reasons. And in today’s interconnected world, it is increasingly critical to view these things as not only vital in our lives but potentially vulnerable. As our data, our knowledge, our connections, our homes and our cities become more intertwined with digital functions, so too does the possibility that each can be exploited for all of the wrong reasons by cybercriminals.
There is no going back to a time when our lives and our infrastructure were independent of digital operations and when we weren’t constantly creating, sharing and exchanging data. Smart homes, smart cities and smart nations built on a foundation of digital infrastructure are here today and will only evolve in the future. The connected life we now live in and continue to expand upon is here to stay.
Protecting our data and personal information has never been more essential than it is today. Every month, we hear news of a new data breach in the headlines. In fact, data breaches are on pace to break records again this year, with a 50 percent or greater increase over the last four years, according to a recent report from Based SecurRiskity*. And you likely know someone who has been personally victimized by a cyber thief who stole private credentials or financial information.
A skilled security workforce has never been more critical to our way of life
In order to ensure that our most important assets and information are safe, we need a skilled workforce of cybersecurity professionals who can help us defend the essential elements in our connected world. We need a legion of people passionate about shielding our information assets and technology that offer us the access and convenience we now expect and demand.
At (ISC)², our mission is to inspire a safe and secure cyber world. Our 140,000+ members worldwide take this mission into their work and guide their organizations to put in place security best practices as the world’s most admired and respected security leaders.
But now, more than ever before, our vision must be spread far and wide. A cybersecurity workforce shortage continues to pinch hiring managers at organizations globally. As the demand for security knowledge ramps up, the number of skilled professionals has not kept pace. We are at a critical time as businesses invest in digital transformation initiatives. They need security leaders and practitioners to help them turn these plans into reality, with security baked in at the beginning of the transformation process. But they are coming up short in their search for employees with the right knowledge, skills, abilities and experience to help them make it happen.
Through our certifications and membership programs, we strive to prepare candidates for examination, certify, train and further develop security professionals to reverse this trend. Our efforts aim to ensure that the future security worker has three attributes:
Validation of skills and training: Companies need security pros with the right skills and knowledge to help them do business online and in a digitally-connected world. They need leaders in their security divisions with the most up-to-date training and understanding of the threat landscape and the techniques criminals are employing today. (ISC)2 addresses these needs with rigorous examination processes that gauge knowledge, skills and abilities through critical thinking-based exam questions, and endorsement processes that are designed to validate an individual’s experience.
Life-long learner: Security professionals must be non-stop learners who are passionate about continuing to add to their training and education. Security is a constantly evolving discipline that demands the kind of professional who strives to keep pace with current technology and evolving business enablement solutions.
Unwavering ethics: Security professionals are in a position of tremendous trust and access. All security team members must have the character to conduct themselves with the highest level of ethics. They must possess the kind of moral compass that constantly prompts them to do the right thing, at all times. Security professionals should officially commit themselves to adhering to high ethical standards.
The time is now to build our global coalition of cybersecurity professionals
As the world becomes increasingly digital and data fuels our way of life, technology is evolving and so are the strategies cybercriminals use to exploit us. In many ways we are at war with cybercriminals who will stop at nothing to steal what is dear to us.
It has never been more crucial for businesses who want to be seen as innovators and market leaders to position themselves as leaders in security and risk management as well. Clients, partners and consumers demand this, and will continue to insist on doing business only with companies that have placed a premium on security investment. Security should now be an integral part of the value stream in business and is increasingly expected to be a business driver, demonstrating ROI from security projects. Those companies that do this well will rise to the top in the future economy. Those who ignore security do so at their peril.
But in order to achieve this security mindset in global organizations, we need the right professionals to guide us there. We must work together to build a coalition of skilled, knowledgeable, ethical security leaders and practitioners that will protect and defend us. We need to harmonize efforts among private and public sectors, businesses, governments and educational institutions to make this happen. Why? Because meaningful cybersecurity requires a sustained global effort. For 30 years, (ISC)² has been leading the conversation and driving solutions through our association members around the world. There is no question this digital world we have created needs and deserves protecting.
David Shearer, CISSP, Chief Executive Officer, (ISC)²
David Shearer has more than 30 years of business experience including as the chief operating officer for (ISC)², associate chief information officer for International Technology Services at the U.S. Department of Agriculture, the deputy chief information officer at the U.S. Department of the Interior, and the executive for architecture, engineering and technical services at the U.S. Patent and Trademark Office. Mr. Shearer has been responsible for managing and providing services via international IT infrastructures, and he has implemented large-scale SAP Enterprise Resource Planning (ERP) projects. He has led large geographically separated staffs that support global solutions. Mr. Shearer holds a B.S. from Park College, a M.S. from Syracuse University, management and technical certificates from the U.S. National Defense University, and he is a U.S. federal executive presidential rank award recipient. As (ISC)²’s chief executive officer, he is responsible for the overall direction and management of the organization and its Center for Cyber Safety and Education.