ISACA S CYBERSECURITY NEXUS (CSX) October 2015

Transcription

1 ISACA S CYBERSECURITY NEXUS (CSX) October 2015

2 DO2 EXECUTIVE OVERVIEW Will you be a Cyber defender? ISACA launched the Cybersecurity Nexus (CSX) program earlier this year. CSX, developed in collaboration with chief information security officers and cybersecurity experts from leading companies around the world, fills an unmet need for a single, central location where security professionals and their enterprises can find cybersecurity research, guidance, certificates and certifications, education, mentoring and community. The continued growth of cyberattacks comes with a steep price tag. A World Economic Forum/McKinsey report estimates that not changing current approaches to cybersecurity could cost the global economy US $3 trillion.2 Today, there is a sizeable gap between formal education and real world needs. This, in itself, is an area requiring immediate focus so that the industry can get better at detecting and mitigating cyberthreats.

3 Bild 2 DO2 * Move the RSA survey to the line under About ISACA.and move those slides up accordingly. * Add "Conference" after RSA and add "survey" after "2015" * You have "student poll" on this twice * needs a better head than "Agenda" Deborah Oetjen (ISACA HQ);

4 DO2 EXECUTIVE OVERVIEW Cybersecurity Skills Crisis Global Market Need is Clear: ISACA & RSA State of Cybersecurity: Implications for 2015 survey ISACA 2015 Global Cybersecurity Status Report Highlights ISACA Student Poll CSX Roadmap: CSX Training and Certifications CSX Resources and Tools Career Management CSX 2015, Washington DC

5 Bild 3 DO2 * Move the RSA survey to the line under About ISACA.and move those slides up accordingly. * Add "Conference" after RSA and add "survey" after "2015" * You have "student poll" on this twice * needs a better head than "Agenda" Deborah Oetjen (ISACA HQ);

6 CYBERSECURITY: MARKET NEED The research is clear. Cybersecurity has evolved from critical topic into a public safety issue. 82% of enterprises expect to experience a cyber incident in More than 35% are unable to fill open cybersecurity positions 69% say certification is required for cybersecurity jobs. Only 33% say qualified candidates have hands-on experience. 46% say technical skills are needed. There is a cybersecurity skills crisis: 1 million unfilled jobs. (Cisco)

7 STATE OF CYBERSECURITY: IMPLICATIONS FOR 2015 ISACA and RSA CONFERENCE JOINT SURVEY

8

9 2015 GLOBAL CYBERSECURITY STATUS REPORT 3,400+ RESPONDENTS WORLDWIDE

10 ISACA STUDENT POLL Do you feel that you will have adequate cybersecurity knowledge to do the type of job you are seeking when you graduate? Yes (47%) No (22%) Unsure (29%) Do you plan to pursue a cybersecurity related certificate or certification? Yes (74%) Unsure (19%) No (7%) 0% 50% 100% I do not need cybersecurity knowledge for the job I am seeking (2%) 88% of students plan to work in a field or job that requires some level of cybersecurity knowledge after graduation. 8

11 CSX: THE ROADMAP cybersecurity.isaca.org

12 ISACA AND CSX AT THE FOREFRONT ISACA and CSX are Leaders in Cybersecurity Career Management Cybersecurity is a natural extension building on how ISACA has evolved to serve the needs of professionals worldwide. ISACA collaborates with leading global governments and organizations at the center of cybersecurity. Through CSX, ISACA is providing the first holistic program for cybersecurity career progression. 10

13 OUR SOLUTION CSX Is Providing a Single Source for Cybersecurity Professionals: our holistic program will be the first and only one stop shop providing a complete solution and covering the full career lifecycle. Credentialing and Training Education/ Conferences Membership Resources/ Publications Career Management 11

14 CYBERSECURITY TRAINING AND CERTIFICATIONS CSX training and certifications offered for skill levels and specialties throughout a professional s career. 12

15 COMPETITIVE ADVANTAGE ISACA will be the only organization to provide the full spectrum of training, certifications, events, research, thought leadership, career management, and more, in one place. 13

16 CSX CERTIFICATIONS - OVERVIEW Certified Information Security Manager CSX Expert CSX Specialist Identify CSX Specialist Detect CSX Specialist Protect CSX Specialist Respond CSX Specialist Recover CSX Practitioner Cybersecurity Fundamentals Certificate 14

17 PRIMARY CHANNELS Training Providers Academic Institutions Enterprises Government 15

18 TARGET ROLES AND MARKET SEGMENTS PRIMARY TARGETS College Students/Recent Grads Security Practitioners Management SECONDARY TARGETS Professionals in technical and/or business roles who contribute to cybersecurity or who need to have knowledge of cybersecurity practices and tools Technical professionals: network analysts, network architects, DBAs, software programmers Business professionals: network managers and directors, information risk managers, business analysts, project managers 16

19 PRIMARY VERTICALS AND MARKETING GOALS Primary Universities: Verticals Market Segment Leading in Computer Sciences with Industry- Leading Curriculum Students: Higher Ed Young Professionals: Recent Grads Entry Level 1-5 Years Experience Practitioners Mid Management: Years Experience Senior/C-Level: CISOs CIOs CISMs Key Marketing Strategies Awareness Education Awareness Education Adoption Awareness Adoption Awareness Adoption Awareness Organizational Adoption Organizational Education Program Areas and Offers Customized Curriculum Student Career Planning Onsite Education Cybersecurity Fundamentals Certificate Fundamentals Study Guide CSX I Certification Training Courses Student Membership Career Management CSX 2015 North America Conference Cybersecurity Fundamentals Certificate Fundamentals Study Guide CSX I Certification Training Courses Sandbox Subscription Career Management CSX 2015 North America Conference CSX I Certification CSX II Certification CSX III Certification Study Guide Training Courses Sandbox Subscription Professional Membership Career Management CSX 2015 North America Conference Enterprise Training Onsite Training & Education Content Hiring Influencers Professional Membership CSX 2015 North America Conference CISO Forums Marketing Focus Brand Awareness Activities Outreach Brand Awareness Activities Direct Sales Brand Awareness Activities Direct Sales Brand Awareness Activities Direct Sales Brand Awareness Activities Channel Sales Support Marketing Tactics Direct Mail Tradeshows/Conferences Collateral Virtual Conferences Webinars Direct Mail Tradeshows/Conferences Collateral Webinars SEM Direct Mail Tradeshows/Conferences Collateral Virtual Conferences Website (landing pages, banner ads, content, video) Digital Advertising Communications (PR, Social Media, Speakers, Blog, CSX Nexus News Hub) SEM Direct Mail Tradeshows/Conferences Collateral Virtual Conferences Website (landing pages, banner ads, content, video) Digital Advertising Communications (PR, Social Media, Speakers, Blog, CSX Nexus News Hub) SEM Direct Mail Tradeshows/Conferences Collateral Virtual Conferences Website (landing pages, banner ads, content, video) Digital Advertising Communications SEM 17

20 MARKETING CHANNELS 18

21 KEY MESSAGES ISACA is introducing the first-ever performance-based cybersecurity certifications so employers can confidently identify and hire people with proven skills and technical ability. CSX training will help build a cybersecurity-trained global workforce using an innovative online cyber practice lab. Professionals can practice and improve skills in a real-world environment. CSX helps individuals gain skills and expertise to build, grow and change their careers in a constantly evolving field. Supporting Messages: Skilled cybersecurity professionals are urgently needed to fill thousands of open jobs globally. 82 percent of organizations expect to experience a cyber attack in 2015, yet more than one in three (35 percent) are unable to fill cybersecurity positions.* Less than half feel their security teams are able to detect and respond to complex incidents* 69% require certification when looking for cybersecurity candidates.* *According to the State of Cybersecurity: Implications for 2015 study by ISACA and RSA. 19

22 CYBERSECURITY TRAINING AND CERTIFICATIONS CSX Practitioner Demonstrates ability to serve as a first responder to a cybersecurity incident following established procedures and defined processes. (1 certification, 3 training courses; prerequisite for CSX Specialist) CSX Specialist Demonstrates effective skills and deep knowledge in one or more of the five areas based closely on the NIST Cybersecurity Framework: Identify, Detect, Protect, Respond and Recover. (5 certifications, 5 training courses; requires CSX Practitioner) CSX Expert Demonstrates ability of a master/expert-level cybersecurity professional who can identify, analyze, respond to, and mitigate complex cybersecurity incidents. (1 certification, 1 training course; no prerequisites required) Certified Information Security Manager certification (26,000+ professionals certified since inception; named the second-highest-paying certification by Global Knowledge s 2015 IT Skills and Salary Survey; 5+ years experience required) 20

23 CAREER MANAGEMENT CSX focuses on providing you with the resources to continuously hone your skills, expand your knowledge, and start (and keep) your career on a trajectory towards achieving your goals. 21

24 CAREER MANAGEMENT 22

25 CAREER MANAGEMENT 23

26 CSX RESOURCES AND TOOLS Cybersecurity Guidance for Small and Medium-Sized Enterprises Overview of Digital Forensics UPCOMING ELEMENTS: Career management road map 2015 APT study Threats and opportunities tool 24

27 19-21 October 2015 Washington, DC, USA 70+ sessions tailored by career level Women in Security Global CyberLympics World Finals #CSXNA

28 DO10 ABOUT ISACA Assuring trust in a dynamically changing digital world Global association serving 140,000 cybersecurity, assurance, governance and risk professionals Members in 180 countries; 200+ chapters worldwide Launched Cybersecurity Nexus (CSX) in 2014 to address growing cybersecurity skills crisis and develop a skilled cyber workforce Skills-based training Performance-based certifications Developed and maintains the COBIT framework Offers the CISA, CISM, CGEIT and CRISC certifications

29 Bild 26 DO10 * Move the RSA survey to the line under About ISACA.and move those slides up accordingly. * Add "Conference" after RSA and add "survey" after "2015" * You have "student poll" on this twice * needs a better head than "Agenda" Deborah Oetjen (ISACA HQ);

30 DO9 cybersecurity.isaca.org Contact:

31 Bild 27 DO9 * Use only the csx here Deborah Oetjen (ISACA HQ);

32 THANK YOU