Within just two years, the world will need more than two million cyber-security professionals, all of whom need training, certification and continuing professional development.
The new global president of ISACA, Christos Dimitriadis, sees it as his challenge to ensure that ISACA plays a key role in delivering that professional support to help unleash the potential of IT.
“IT is the backbone of the world economy – it's everywhere – but a number of issues block the potential for IT to serve us as a society,” he told SCMagazineUK.com in an exclusive interview at ISACA's EuroCACS 2015 conference in Copenhagen this week.
ISACA started life in 1969 as the Information Systems Audit and Control Association to provide information and guidance in the growing field of auditing controls for computer systems, but today it's remit goes beyond that to encompass cyber-security.
Cybersecurity Nexus (CSX) is the organisation's response to the need for cyber-security credentials, research and guidance, training and education and cyber-security collaborations. It has its roots in a 2010 strategic discussion which identified it as a pressing industry need.
Dimitriadis believes that CSX is the most innovative cyber-security training package available for two reasons:
Firstly, the exams are based on practical cyber-security defence scenarios. “We have seen environments that are more about training ethical hackers. This [CSX] is more on the protection side. This gives the confidence to the employer that this person has the skills to provide security,” he said.
Secondly, and he said most importantly, is that ISACA is about more than just cyber-security. “It's about audit, information security, governance of enterprise IT and risk management. The true benefit is that when ISACA publishes something about cyber it's taking into account all of the professions because in the end the cyber security capability in a company can't be achieved if you only have cyber security experts.”
CSX maps to the individual and his/her career path, with the result that it's about more than training – it's also about career management. “By blending all the professions together and addressing the special needs of each profession through this roadmap, we give true value to the individual. This is what the individual needs,” Dimitriadis said.
ISACA enjoys a worldwide membership of 115,000, spread across 80 countries and 200 chapters. In addition, it counts 25,000 certificate holders who have not opted for formal membership as part of the ISACA network.
There are huge opportunities to grow the membership by concentrating on underrepresented geographic areas and demographic segments. The organisation is strongest in North America, followed by Europe/Africa, but there is scope for development in Asia, Latin America and Australia/Oceania, he said.
There is also the opportunity to encourage more women into the association and the industry – a task which ISACA has embraced with its Women in Technology programme and conference strands.
However, growth for growth's sake is not ISACA's mission. As Dimitriadis explained, as a not-for-profit organisation, ISACA's aim is not building the membership roll but creating innovative education products and improving services to its existing members and chapters.
“ISACA is about opportunity and my vision is to grasp this opportunity to help governments, to be a trusted consultant for governments around the world, to be a trusted partner for enterprises, but most importantly to be a very good and valuable mentor for individuals,” he said.
In his interview with SC, Dimitriadis praised the work of his predecessor, Rob Stroud. “Rob did a fantastic job while he was president last year. He launched CSX and took a lot of initiatives. Part of becoming president was to sit down with Rob and try to get all the information and guidance and assistance from Rob to enable me to take over so I could carry on this work in my first day as president.”
Stroud said that ISACA was lucky to have Dimitriadis who is a “great example of the future of the industry”.
“We have called on someone who is doing well in his organisation, in terms of running business transformation at Intralot [based in Greece],” Stroud said. “He is of the younger generation, which is nice... and he comes with a vision to drive ISACA forward.”
Stroud had the advantage of launching CSX. “Christos has the job of actually delivering it,” he laughed. “So he gets to oversee that and ensure we deliver that, not only the exams but also the qualities that employers want. The proof of success of this will be employers having candidates that have proven they have the skills and can be meaningful employees in their organisations.”