This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

ISACA head: Retrain military personnel to work in information security

Share this article:
Report claims armed forces would be 'fatally compromised' by a cyber attack
Report claims armed forces would be 'fatally compromised' by a cyber attack

Ex-military intelligence officers should be trained to work in IT security to serve their needs and fill the skills shortage.

Amar Singh, chair of the London Chapter security group of ISACA and CISO of News International, told SC Magazine that finding a way to help former soldiers and army intelligence officers take up a new career in information security was one of his key aims.

He said: “I want to give them the assurance so that when they leave [the armed forces], it is not the end of the world and offer them a route into the corporate world. I don't think they are getting that help.”

As well as working with teenagers and school children on developing ‘cyber education', he said that he envisions events offering advice and opportunities to make these people aware of the opportunities and training on offer.

“I believe that soldiers are actually very good information assurance and security and audit people,” he said.

“The whole IT arena is a great place for soldiers to be in, in my opinion, and in information security they have a lot of discipline, but they are not being given guidance on that.

“I don't know why this is, just because they don't have commercial skills and do not have any certifications, they do not know what is available once they leave the army.”

Singh later said that this was something that he was very passionate about, especially as ISACA has certifications and he wanted to see what could be done to help these people get into the corporate world.

He also said that there are opportunities for a former soldier with five to ten years' service experience, but asked what support there is for them to get into information assurance and security.

Sarb Sembhi, chair of the ISACA government and regulatory advisory sub-committee for Europe and Africa, and a former president of the London chapter, said training was about taking good people with good skills, ‘de-risking it' and retraining them.

He said: “There are two sides to things: on one hand we have more data breaches than we have ever had, we have hackers succeeding where they had not before and reports of malware that doesn't get detected for years, so [it is] worse than it's ever been.

“Then on the other a bunch of people who have been in security a while and are trying to lead the way with thought leadership and be the best they can, while others have been around for a few years and have a couple of certifications and sometimes lack the leadership and technical abilities together and want to provide what is needed. That is missing in some respects. Although there is a general skills gap in information security, there is still a skills gap within those already there.”

Terry Neal, CEO of training firm Infosec Skills, agreed that more work should be done with former military intelligence officers as they have transferable skills that are relevant, for example dealing with obstacles and crises, attention to visual detail, research and written/oral presentation skills.

“If they also have IT skills, all they need is the right training and they could be valuable members of the information assurance community,” he said.

“If they have no existing IT skills then an academic qualification should be sought first so that they have a foundation upon which information assurance skills can be taught.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...