Full-Speed Ahead: The Demand for Security Certification by James R. Wade

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Full-Speed Ahead: The Demand for Security Certification by James R. Wade"

Transcription

1 Full-Speed Ahead: The Demand for Security Certification by James R. Wade It s no secret that technology is creating a more connected world every day. But as new technologies are released and adopted, the threats also increase. Historically, corporate America has been slow to install new security measures around these technologies until a problem gets out of control (for example, instant messaging). Instead, most companies are in continual catch-up mode and require a significant investment to overcome the emerging threat to their intellectual property, organizational assets and customer data. These emerging threats, along with a much more demanding regulatory environment, are creating a groundswell of demand for highly qualified, certified information security professionals who possess knowledge of general principles, as well as skills in areas specific to the needs of the employer. Internal and External Threats One of the most pressing threats today is the insider, an individual who may be an employee, contractor, vendor or strategic partner that accesses a network or computer environment for non-business purposes. The annual security study from the Computer Security Institute (CSI) and the FBI has long indicated that one of the greatest threats to an enterprise is the insider, but there s little case law from investigations to support that finding, so the emphasis in most organizations is still on hackers. However, those statistics shouldn t divert us from the fact that we need to pay attention to internal resources and how they re using the network. For instance, it s estimated that insiders waste up to three hours each day on the Internet engaged in activities that deplete resources and business productivity. Most companies allow some personal use and are reluctant to establish an onerous policy. But those companies that are monitoring Internet usage by their employees and partners are discovering shocking information, such as regular access to pornographic sites or use of instant messaging (IM) to bypass regulatory requirements with financial institutions. (The Securities and Exchange Commission requires institutions to keep records of all s for two years.) Another significant threat is intellectual property theft. With today s ability to move data, individuals can walk into an environment with a thumb drive and copy large quantities of data practically undetected. Few organizations restrict access to desktop or laptop computing resources to prevent or detect the introduction of unauthorized storage media. People who have physical access to an area can gain entry to unprotected systems and perhaps get access to proprietary data much easier than before. Another threat to intellectual property is the usage of IM. In the past, information security professionals have placed so much emphasis on protecting and regulating corporate e- mail structures that few organizations have looked at IM as a security issue and don t recognize the need to regulate it as they do . Voice over Internet Protocol (VoIP) is another emerging threat. In the past, companies regulated their telecommunications bills because they found that employees abused telecommunications resources. With the speed and the ability to transfer information via voice and data over the Internet, companies need to devise a new strategy to monitor

2 the use of that resource and the data that s being transmitted outside their own environment. In addition, companies are experiencing pressure from external regulators and new corporate governance rules such as Sarbanes-Oxley, which requires publicly traded companies to adequately protect their systems and information assets that impact the financial position. Organizations are making significant investments to comply with recent regulations and must anticipate the continuing pressure from regulatory requirements to protect sensitive and critical information. To neutralize these threats and comply with new regulations, organizations are increasingly looking to highly trained information security professionals for the answer. Companies understand that they need to hire the right professionals with the right expertise. Otherwise, the potential negative impact on their business could be enormous. Security Skills Demand The demand in recent years for these specific security skill sets and capabilities has outpaced the demand for more generalized IT knowledge, and the population of IT security professionals has grown quickly. In 2004, IT research analyst group IDC conducted the first major study of the global information security workforce, sponsored by the International Information Systems Security Certification Consortium (ISC)2. IDC analyzed responses from 5,371 full-time information security professionals in more than 80 countries that had purchasing, hiring or management responsibilities, with nearly half employed by organizations with $1 billion or more in annual revenue. The goal of the study was to provide comprehensive, meaningful research data about the information security profession to professionals, corporations, government agencies, academia and others. The study estimated the number of information security professionals worldwide in 2004 to be 1.3 million, a 14.5 percent increase over The number of professionals is expected to increase to 2.1 million by 2008 at a compound annual growth rate (CAGR) of 13.7 percent from Asia-Pacific is expected to grow at a faster CAGR of 18.3 percent during the same period, while the Americas and Europe, Middle East and Africa (EMEA) are projected to grow at a 12 percent CAGR and an 11.4 CAGR, respectively. Career opportunities are abundant in the field today. People can make security their career choice but develop other areas of expertise, such as voice, data or video. Others may choose a career path that leads to a management position, ranging from business continuity to chief security officer (CSO). Another career path for security practitioners may be the measurement and control of enterprise systems to provide independent assurance to the C-suite. Yet another choice could be information security product development and sales. More than 97 percent of the survey s respondents had moderate to very high expectations for career growth. The study stated that security professionals have experienced growth in job prospects, career advancement, higher base income and salary premiums for certification at faster rates than other areas of information technology. All this for a profession that barely existed 10 years ago.

3 A Shift in Corporate Culture In addition to a highly positive outlook for career opportunities, information security professionals also will find themselves in positions of higher responsibility in coming years. The study found that while most information security professionals reported to the IT department, many others were increasingly reporting directly to C-suite executives or a separate security department. This change has been slow to come and is still developing gradually, primarily because it s a change in the mindset about what information security is and isn t. Most C-suite executives see the IT department as the caretaker of all things related to information resources within an enterprise. It is logical to assume that the security of those resources should be the responsibility of that group. However, the traditional corporate governance model has always separated duties and responsibilities in order to offer a system of checks and balances. This hasn t been true with information security. In most organizations, the information security function has been under the control of the senior official charged with the development and operation of those resources, often the CIO. As a result, the culture of many organizations has to change in order to accommodate the movement or the transition of the information security function outside of the IT organization. Another point of struggle has been over what to do with information security after it s extracted from the IT group. Most organizations have been reluctant to create another direct report that they have to oversee and assume responsibility for. It s been difficult to make that required shift to create a separate information security entity that reports to the C-suite, bringing under its control all areas of sensitivity. Security issues are often seen as conflicting with fundamental business processes and perceived need. There s an ongoing battle in organizations between the need to stay connected to help the business grow and the need to protect the organization from significant risks. Organizations are asking themselves if that decision should be in the hands of those who are charged with providing easy access and availability to corporate resources or an information security professional who knows how to balance those risks against appropriate controls. The study shows that the trend is heading toward the latter, which is good news for security professionals and organizations seeking effective security. Most professionals agree that information security should be considered as soon as new business initiatives or strategic decisions are discussed. But professionals need to be able to put security risks in terms the C-suite will understand so information security will be allocated adequate resources separate from the IT budget. The reporting relationship within the corporate structure needs to be at the highest level and must be fully and formally integrated. For example, many organizations have a function that helps manage overall business risk for the enterprise. However, this function rarely has interface with the information security function. So many organizations are making business decisions without even considering the risks those decisions create for the enterprise s information assets. Organizations also will need to shift the way they think of their information assets. A piece of paper, a fax, a telephone even rubbish can be an information asset. The Benefits of Training and Certification With a growing demand for their skills and increasing respect and responsibility in the organization, information security professionals also are required to be highly trained

4 and to validate their expertise through certification. According to the study, information security managers believe continuing education and certification are important to the profession, with strong business acumen also becoming an essential ingredient for professional success. It is said that software is only as good as its last update. A constant refresh and maintenance of the technology is necessary to ensure peak performance and operational efficiency. The same could be said of the professionals developing, integrating, managing and maintaining these systems. Their skills and knowledge base must be kept current for them to properly perform in their assigned roles and functions. Otherwise, they become obsolete, just like the technology they interact with. This is why IT training has become an important issue for organizations HR departments and employees alike. Respondents in the study received an average of 10 days of training in 2003 related to information security, a number that was expected to increase by an average of 25 percent in Respondents identified security management practices, telecommunications and network security, and business continuity and disaster recovery planning as topics necessary for additional training and certification in For organizations staffing up to address security concerns, certifications have become one of the main differentiating elements when individual qualifications are evaluated and compared, similar to medical, accounting and legal professionals. Ninety-three percent of all respondents with hiring responsibilities said certifications were important in their hiring decisions. Hiring managers desire vendor-neutral certifications, such as the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) to demonstrate overall knowledge, as well as vendor-specific certifications, such as the Cisco Certified Security Professional (CCSP) or Microsoft Certified Systems Engineer: Security (MCSE: Security), to demonstrate competency in the organization s specific computing environment. Security hiring managers cited several primary reasons why they prefer security personnel to obtain and keep current certifications. First and foremost, information security certifications verify that an individual has obtained and tested to a predetermined level of knowledge or common body of knowledge in particular security domains. Certifications also extract the guesswork for an employer and afford them some degree of comfort or guarantee regarding an individual s competency or knowledge level. In addition, some security hiring managers insist on information security certifications as a matter of personal preference. Certification also can be critical in terms of legal liability or corporate due diligence. The study found that security professionals with certifications have experienced growth in job prospects, career advancement, higher base salaries and salary premiums for certification at faster rates than other areas of information technology. Future Growth: The Right IT Skills, The Right Business Skills For information security professionals who wish to rise through the ranks of management to executive status, knowledge of management best practices and business-related skill sets are crucial. Although IT skills and security knowledge are important, they must be augmented with solid business understanding of policy,

5 processes and personnel for information security professionals to obtain the title of chief security officer or its equivalent. Individuals who are just entering the field should seek a mentor who is a professional practitioner to help guide their career and provide important advice for career choices. They also should seek internship opportunities through whatever means are available to them. Some universities have work-study programs, as well as mentoring programs and career days. It s important for those interested in the information security field to understand the profession. They may assume that if they have the propensity for technology, it s the right career choice for them. They may not realize that they need to have the ability to communicate effectively in person and in writing, give presentations and verbally interact with all business departments. For example, if you re working with the CFO or his team, you need to understand their needs to be able to influence their information security behavior and adapt your message to that group. According to IDC s analysis, the information security professional s role requires an effective combination of networking experience, security knowledge and understanding of traditional business factors, such as profits, revenue generation, productivity and the growing category of risk management. Connectivity to the computing infrastructure has dramatically changed the way organizations communicate, operate and transact on a daily basis. The need for increased protection of intellectual property, organizational assets, customer data and stakeholders has become a boardroom issue and top priority. Information security staff members are seen as the frontline firefighters in the battle against cyber-crime and other malicious activity. Proper education, certification and continuous training are essential elements to the successful execution of these positions that are growing in significance for the global information economy every day.

6 James R. Wade, CISSP, is a board member and past president of (ISC)2. He has more than three decades of information security experience, including serving as chief information security officer for KeyCorp and chief security officer for the Federal Reserve System. This article originally appeared in Certification Magazine,

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER 2005 Global Information Security Workforce Study Sponsored by: (ISC) 2 Allan Carey December

More information

W H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a t i o n s a n d S t a f f i n g

W H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a t i o n s a n d S t a f f i n g Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a

More information

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org October 2015 Collaboration Members Certification Matters The Cybersecurity Credentials Collaborative (C3) was formed in 2011 to provide

More information

Certification and Training

Certification and Training Certification and Training CSE 4471: Information Security Instructor: Adam C. Champion Autumn Semester 2013 Based on slides by a former student (CSE 551) Outline Organizational information security personnel

More information

Security Transcends Technology

Security Transcends Technology INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com

More information

The Role of Internal Audit in Risk Governance

The Role of Internal Audit in Risk Governance The Role of Internal Audit in Risk Governance How Organizations Are Positioning the Internal Audit Function to Support Their Approach to Risk Management Executive summary Risk is inherent in running any

More information

Preservation and Production of Electronic Records

Preservation and Production of Electronic Records Policy No: 3008 Title of Policy: Preservation and Production of Electronic Records Applies to (check all that apply): Faculty Staff Students Division/Department College _X Topic/Issue: This policy enforces

More information

Securing the Organization: Creating a Partnership Between HR and Information Security

Securing the Organization: Creating a Partnership Between HR and Information Security Securing the Organization: Creating a Partnership Between HR and Information Security A White Paper from (ISC) 2 Securing infrastructure is one of the most critical issues facing business and governments

More information

A2: If the above list did not provide enough detail, please describe, in your own words, your enterprise s primary industry.

A2: If the above list did not provide enough detail, please describe, in your own words, your enterprise s primary industry. MeasureIT Survey Questions (Complete Budget and Staffing) NOTE: Budget questions only - sections A, B, C, G Staffing questions only - sections A, D, E, F, G, H Section A: Primary Demographic Information

More information

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor IT Audit/Security Certifications Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor Certs Anyone? There are many certifications out there

More information

Network Consulting Engineer

Network Consulting Engineer Brochure Network Consulting Engineer February, 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 7 The Cisco Support Center in Krakow To understand

More information

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

Certification for Information System Security Professional (CISSP)

Certification for Information System Security Professional (CISSP) Certification for Information System Security Professional (CISSP) The Art of Service Copyright Notice of rights All rights reserved. No part of this book may be reproduced or transmitted in any form by

More information

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88 Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat

More information

PMO Director. PMO Director

PMO Director. PMO Director PMO Director It s about you Are you curious about how individual projects further a company s strategy? Can you think at the macro level across broad groups of people and services? Do you have an eye for

More information

SENIOR SYSTEMS ANALYST

SENIOR SYSTEMS ANALYST CITY OF MONTEBELLO 109 DEFINITION Under general administrative direction of the City Administrator, provides advanced professional support to departments with very complex computer systems, programs and

More information

intelliview 2007 36% currently hold a degree/certificate in information security or are currently working on one

intelliview 2007 36% currently hold a degree/certificate in information security or are currently working on one intelliview 2007 Profile of Participants in Survey Among those Information Security professionals participating in the study, 36% indicated that they currently hold a degree/certificate in information

More information

SURVEY FINDINGS. Executive Summary. Introduction Budgets and Spending Salaries and Skills Areas of Impact Workforce Expectations

SURVEY FINDINGS. Executive Summary. Introduction Budgets and Spending Salaries and Skills Areas of Impact Workforce Expectations SURVEY FINDINGS TEKsystems Annual IT Forecast 2015 Executive Summary More than 500 IT leaders (CIOs, IT VPs, IT directors and IT hiring managers) were polled on the current state of IT spending, skills

More information

Infrastructure Engineer

Infrastructure Engineer Infrastructure Engineer It s About You Do you have a passion for all types of computer hardware, software, communication and network technology? Do you like to be hands-on and directly involved in improving

More information

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview Data protection and compliance In the cloud and in your data center 1 November 2013 Agenda 1 Introduction 2 Data protection overview 3 Understanding the cloud 4 Where do I start? 5 Wrap-up Page 2 Data

More information

OCCUPATIONAL GROUP: Information Technology. CLASS FAMILY: Security CLASS FAMILY DESCRIPTION:

OCCUPATIONAL GROUP: Information Technology. CLASS FAMILY: Security CLASS FAMILY DESCRIPTION: OCCUPATIONAL GROUP: Information Technology CLASS FAMILY: Security CLASS FAMILY DESCRIPTION: This family of positions provides security and monitoring for the transmission of information in voice, data,

More information

WHITE PAPER: How to get more out of your. telepresence installation with unified interoperable video conferencing technology

WHITE PAPER: How to get more out of your. telepresence installation with unified interoperable video conferencing technology WHITE PAPER: How to get more out of your telepresence installation with unified interoperable video conferencing technology INTRODUCTION From the time it was introduced, corporate telepresence had enabled

More information

(ISC) 2 2012 Career Impact Survey Executive Summary. The Double Edged Sword: Security Career Opportunities Spike While Hiring Challenges Grow

(ISC) 2 2012 Career Impact Survey Executive Summary. The Double Edged Sword: Security Career Opportunities Spike While Hiring Challenges Grow (ISC) 2 2012 Career Impact Survey Executive Summary The Double Edged Sword: Security Career Opportunities Spike While Hiring Challenges Grow Skilled security professionals enjoy job stability and mobility,

More information

Shared Services and Outsourcing Evolution Into a Hybrid Model

Shared Services and Outsourcing Evolution Into a Hybrid Model March 2008 Shared Services and Outsourcing Evolution Into a Hybrid Model By Bill Frech Partner & Managing Director, CFO Services North America TPI CONTENTS 2. Introduction 2. Background 3. A Hybrid Model

More information

Managing data security and privacy risk of third-party vendors

Managing data security and privacy risk of third-party vendors Managing data security and privacy risk of third-party vendors The use of third-party vendors for key business functions is here to stay. Routine sharing of critical information assets, including protected

More information

IT Security Management 100 Success Secrets

IT Security Management 100 Success Secrets IT Security Management 100 Success Secrets 100 Most Asked Questions: The Missing IT Security Management Control, Plan, Implementation, Evaluation and Maintenance Guide Lance Batten IT Security Management

More information

MANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results.

MANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results. MANAGED SERVICES PROVIDER Dynamic Solutions. Superior Results. REVOLUTIONIZE YOUR INSTITUTION BY FULLY LEVERAGING THE BENEFITS OF TECHNOLOGY MAXIMIZE YOUR TECHNOLOGY INVESTMENTS ENHANCE SECURITY OF YOUR

More information

Closing the Business Analysis Skills Gap

Closing the Business Analysis Skills Gap RG Perspective Closing the Business Analysis Skills Gap Finding the immediate solution and preparing for the long term As the Business Analysis bar is raised, skilled BAS become harder to find. Susan Martin

More information

Managed Service Providers for Mid-Sized Companies:

Managed Service Providers for Mid-Sized Companies: Managed Service Providers for Mid-Sized Companies: How companies spending less than $100 million a year on contingent labor can achieve greater efficiency, compliance and cost savings. 2013 Monument Consulting.

More information

Major IT Projects: Continue Expanding Oversight and Strengthen Accountability

Major IT Projects: Continue Expanding Oversight and Strengthen Accountability Secretary of State Audit Report Jeanne P. Atkins, Secretary of State Gary Blackmer, Director, Audits Division Major IT Projects: Continue Expanding Oversight and Strengthen Accountability Summary Information

More information

New-Age Undergraduate Programme

New-Age Undergraduate Programme New-Age Undergraduate Programme B. Tech - Cloud Technology & Information Security (4 Year Full-Time Programme) Academic Year 2015 Page 1 Course Objective B. Tech - Cloud Technology & Information Security

More information

Occupational and Career Outlook for MIS Majors 2012-2018. Ken Laudon New York University Stern School of Business 2011

Occupational and Career Outlook for MIS Majors 2012-2018. Ken Laudon New York University Stern School of Business 2011 Occupational and Career Outlook for MIS Majors 2012-2018 Ken Laudon New York University Stern School of Business 2011 Total employment in the United States is expected to increase by about ten percent

More information

IT Owes Much to PMOs

IT Owes Much to PMOs IT Owes Much to PMOs Doing More with Less Doing more with less is the mantra of IT organizations reuse and productivity, and nowhere recently have these principles been more effectively applied than in

More information

Why it s time to move to online accounting software

Why it s time to move to online accounting software 7Game Changing Trends: Why it s time to move to online accounting software Brought to you by: 7 Game changing trends: Why it s time to move to online accounting software The past decade has brought extraordinary

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com SURVEY Impact of Training: Functional Excellence Leads to Operational Productivity Cushing Anderson IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015

More information

SecurityMetrics. history products expertise team awards

SecurityMetrics. history products expertise team awards SecurityMetrics history products expertise team awards Our company [history] Who we are and where we came from Proud moments in SecurityMetrics History 2000 - Founded by Brad Caldwell 2001 - First bank

More information

Compensation: How RIA firms are attracting and retaining top-tier talent

Compensation: How RIA firms are attracting and retaining top-tier talent Compensation: How RIA firms are attracting and retaining top-tier talent Results from the 2014 RIA Benchmarking Study from Charles Schwab As the RIA industry has grown and matured, individual advisory

More information

Utica College. Information Security Plan

Utica College. Information Security Plan Utica College Information Security Plan Author: James Farr (Information Security Officer) Version: 1.0 November 1 2012 Contents Introduction... 3 Scope... 3 Information Security Organization... 4 Roles

More information

The Value of Information Security Certifications

The Value of Information Security Certifications The Value of Information Security Certifications Ed Zeitler, CISSP Executive Director, (ISC) 2 www.isc2.org Overview Why professional certificate for information security? About (ISC) 2 and its credentials

More information

Build at Your Own Risk: Why Managed Services for Multiscreen Video Make Sense

Build at Your Own Risk: Why Managed Services for Multiscreen Video Make Sense Build at Your Own Risk: Why Managed Services for Multiscreen Video Make Sense The trend of consumers watching TV and videos on their mobile devices is gaining momentum. Research firm IDC predicts that

More information

ACM Courses. Management and Organization Department. Ramon V. del Rosario College of Business. De La Salle University.

ACM Courses. Management and Organization Department. Ramon V. del Rosario College of Business. De La Salle University. ACM Courses Management and Organization Department Ramon V. del Rosario College of Business De La Salle University 2011 ACM-P003-4 Page 0 1.0 COURSE OVERVIEW 1.1 Human Resources Management. The heart of

More information

Global Trends in RPO & Talent Recruitment 2014. pam berklich

Global Trends in RPO & Talent Recruitment 2014. pam berklich Global Trends in RPO & Talent Recruitment 2014 pam berklich The Recruiting Challenge Map Far from simply filling existing gaps as quickly and economically as possible, recruiting has become a high-stakes

More information

IT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules

IT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules IT Security Training Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules Benefits of Certification Provides Assurance to Employers Certification

More information

CIO survey: All s not well at endpoints

CIO survey: All s not well at endpoints Business white paper CIO survey: All s not well at endpoints HP Autonomy s ediscovery market offering Table of contents 4 Understanding the need 4 Endpoint asset 4 Endpoint liability 5 Understanding the

More information

Operations Excellence in Professional Services Firms

Operations Excellence in Professional Services Firms Operations Excellence in Professional Services Firms Published by KENNEDY KENNEDY Consulting Research Consulting Research & Advisory & Advisory Sponsored by Table of Contents Introduction... 3 Market Challenges

More information

Internal Auditing: Assurance, Insight, and Objectivity

Internal Auditing: Assurance, Insight, and Objectivity Internal Auditing: Assurance, Insight, and Objectivity WHAT IS INTERNAL AUDITING? INTERNAL AUDITING business people all around the world are familiar with the term. But do they understand the value it

More information

SOCIAL MEDIA MOBILE DEVICES CLOUD SERVICES INTERNET OF THINGS (IOT)

SOCIAL MEDIA MOBILE DEVICES CLOUD SERVICES INTERNET OF THINGS (IOT) INFORMATION SECURITY AND CYBER LIABILITY RISK MANAGEMENT THE FIFTH ANNUAL SURVEY ON THE CURRENT STATE OF AND TRENDS IN INFORMATION SECURITY AND CYBER LIABILITY RISK MANAGEMENT Sponsored by October 2015

More information

Beyond converged networks: driving user productivity through unified communications and collaboration.

Beyond converged networks: driving user productivity through unified communications and collaboration. Unified communications and collaboration solutions White paper April 2007 Beyond converged networks: driving user productivity through unified communications and collaboration. Page 2 Contents 2 Executive

More information

EVOLVING THE PROJECT MANAGEMENT OFFICE: A COMPETENCY CONTINUUM

EVOLVING THE PROJECT MANAGEMENT OFFICE: A COMPETENCY CONTINUUM EVOLVING THE PROJECT MANAGEMENT OFFICE: A COMPETENCY CONTINUUM Gerard M. Hill Many organizations today have recognized the need for a project management office (PMO) to achieve project management oversight,

More information

Executive - Salary Guide

Executive - Salary Guide Salary Guide Executive - Salary Guide Chief Financial Officer $138,000 to $250,000+ Highest ranking financially-oriented position within a company. Responsibilities include overall financial control and

More information

EXAMPLES OF FUNCTIONAL COMPETENCIES

EXAMPLES OF FUNCTIONAL COMPETENCIES EXAMPLES OF FUNCTIONAL COMPETENCIES Functional competencies are specific to a specific department or type of job. Functional competencies describe the knowledge, skill, and/or abilities required to fulfill

More information

AICPA Discussion Paper - Enhancing Audit Quality, Plans and Perspectives for the U.S. CPA Profession

AICPA Discussion Paper - Enhancing Audit Quality, Plans and Perspectives for the U.S. CPA Profession November 7, 2014 VIA E-MAIL EAQ@aicpa.org Re: AICPA Discussion Paper - Enhancing Audit Quality, Plans and Perspectives for the U.S. CPA Profession To the Members of the AICPA Discussion Paper Initiative:

More information

Position Description: Chief Information Officer Department: Information Technology Information Technology FLSA Status: Exempt. Revised: October, 2014

Position Description: Chief Information Officer Department: Information Technology Information Technology FLSA Status: Exempt. Revised: October, 2014 Position Description: Chief Information Officer Department: Information Technology Division: Information Technology FLSA Status: Exempt Location: Griffiss Revised: October, 2014 PURPOSE: I. Assure the

More information

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers With increasing oversight and growing demands for industry regulations, third party assurance has never been under a keener eye

More information

Facing Information Security Challenges

Facing Information Security Challenges AKTINA Event Information Security & Cloud Challenges March 17, 2016 Facing Information Security Challenges ISACA Cyprus Chapter Paschalis Pissarides CRISC, CISM, CISA Immediate Past President (2010-2014)

More information

Mining for Insight: Rediscovering the Data Archive

Mining for Insight: Rediscovering the Data Archive WHITE PAPER Mining for Insight: Rediscovering the Data Archive Sponsored by: Iron Mountain Laura DuBois June 2015 Sean Pike EXECUTIVE SUMMARY In the past, the main drivers for data archiving centered on

More information

Employing Cloud. White Paper. Matt Quinn, Managing Director, IQ Cloud Consulting

Employing Cloud. White Paper. Matt Quinn, Managing Director, IQ Cloud Consulting Employing Cloud Matt Quinn, Managing Director, IQ Cloud Consulting Content by Ian Moyse, Sales Director Workbooks.com In collaboration with Cloud Essentials Training from ITpreneurs White Paper We re pleased

More information

TELECOMMUNICATIONS SPECIALIST I/II/III

TELECOMMUNICATIONS SPECIALIST I/II/III Monterey County 43L34 43L23 43L35 TELECOMMUNICATIONS SPECIALIST I/II/III DEFINITION Under general supervision, evaluates, procures, and coordinates telephone service and installation of telephone equipment;

More information

Recruitment Process Outsourcing:

Recruitment Process Outsourcing: Recruitment Process Outsourcing: What You Should Look for in an RPO Provider James F. McCoy Vice President & RPO Practice Lead It used to be that companies looked exclusively at cost and process to identify

More information

Weighing in on the Benefits of a SAS 70 Audit for Payroll Service Providers

Weighing in on the Benefits of a SAS 70 Audit for Payroll Service Providers Weighing in on the Benefits of a SAS 70 Audit for Payroll Service Providers With increasing oversight and growing demands for industry regulations, third party assurance has never been under a keener eye

More information

GAO INFORMATION TECHNOLOGY MANAGEMENT. Small Business Administration Needs Policies and Procedures to Control Key IT Processes.

GAO INFORMATION TECHNOLOGY MANAGEMENT. Small Business Administration Needs Policies and Procedures to Control Key IT Processes. GAO United States General Accounting Office Testimony Before the Committee on Small Business, U.S. Senate For Release on Delivery Expected at 9:30 a.m. EDT Thursday, July 20, 2000 INFORMATION TECHNOLOGY

More information

Drawing by: Hamza Rajab, 13 years old. Our People: Human Resources Development

Drawing by: Hamza Rajab, 13 years old. Our People: Human Resources Development Drawing by: Hamza Rajab, 13 years old Our People: Human Resources Human Resources 44 Drawing by: Hilweh Ayman, 12 years old Putting sustainability at the heart of Aramex culture Key Issue Key Area and

More information

Vendor/Industry Certifications and a College Degree: A proposed concentration for network infrastructure

Vendor/Industry Certifications and a College Degree: A proposed concentration for network infrastructure Vendor/Industry Certifications and a College Degree: A proposed concentration for network infrastructure Dr. Garry L. White Gw06@business.txstate.edu Department of Computer Information Systems Texas State

More information

ADMINISTRATIVE POLICY # 32 8 2 (2014) Information Security Roles and Responsibilities

ADMINISTRATIVE POLICY # 32 8 2 (2014) Information Security Roles and Responsibilities Policy Title: Information Security Roles Policy Type: Administrative Policy Number: ADMINISTRATIVE POLICY # 32 8 2 (2014) Information Security Roles Approval Date: 05/28/2014 Revised Responsible Office:

More information

Global Human Capital Trends 2015 Country report: Luxembourg

Global Human Capital Trends 2015 Country report: Luxembourg Global Human Capital Trends 2015 Country report: Luxembourg Global Human Capital Trends 2015 Country report: Luxembourg 1 Leadership: Why a perennial issue? LEADING Leadership: Why a perennial issue? Companies

More information

The National Skills Academy for IT. Cyber Security

The National Skills Academy for IT. Cyber Security The National Skills Academy for IT Cyber Security 1 WELCOME The Rt. Hon. David Blunkett welcomes employers and stakeholders from the Cyber Security Industry NATIONAL SKILLS ACADEMY for IT PLANS FOR TRAINING

More information

Domain 1 The Process of Auditing Information Systems

Domain 1 The Process of Auditing Information Systems Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge

More information

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant Brief introduction My career path

More information

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME: The Computerworld Honors Program Summary developed the first comprehensive penetration testing product for accurately identifying and exploiting specific network vulnerabilities. Until recently, organizations

More information

Information Security Principles and Practices

Information Security Principles and Practices Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge Certification & Information Security Industry standards,

More information

Executive Management of Information Security

Executive Management of Information Security WHITE PAPER Executive Management of Information Security _experience the commitment Entire contents 2004, 2010 by CGI Group Inc. All rights reserved. Reproduction of this publication in any form without

More information

IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013

IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 Debbie Lew Agenda Review what is IT governance Review what is IT risk management A discussion of key IT risks to be aware of Page 2

More information

Cablecom Delivers Unique Customer Experience Through Its Innovative Use of Business Analytics

Cablecom Delivers Unique Customer Experience Through Its Innovative Use of Business Analytics BUYER CASE STUDY Cablecom Delivers Unique Customer Experience Through Its Innovative Use of Business Analytics Dan Vesset Brian McDonough IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA

More information

T6 w a y s t o m a x i m i z e y o u r s u c c e s s

T6 w a y s t o m a x i m i z e y o u r s u c c e s s B e s t P r a c t i c e s f o r I P D e p l o y m e n t i n a M u l t i - v e n d o r E n v i r o n m e n t T6 w a y s t o m a x i m i z e y o u r s u c c e s s Authored by Ajay Kapoor, Senior Manager,

More information

Aftermath of a Data Breach Study

Aftermath of a Data Breach Study Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath

More information

SharePoint Managed Services: How to Make SharePoint Work for You

SharePoint Managed Services: How to Make SharePoint Work for You Introduction Imagine all of your important company announcements are being stored in a single location, reducing the amount of mail flowing into your inbox. Processes are completely automated generating

More information

Unified Communications and the Cloud

Unified Communications and the Cloud Unified Communications and the Cloud Abstract Much has been said of the term cloud computing and the role it will play in the communications ecosystem today. Undoubtedly it is one of the most overused

More information

ACA DANGER ZONE: CAN YOU ASSURE THE C-SUITE YOU RE IN COMPLIANCE?

ACA DANGER ZONE: CAN YOU ASSURE THE C-SUITE YOU RE IN COMPLIANCE? ACA DANGER ZONE: CAN YOU ASSURE THE C-SUITE YOU RE IN COMPLIANCE? 2 YES, YOU CAN STOP WORRYING and Know You re Complying with the Affordable Care Act More than half of large employers surveyed by ADP in

More information

Unified Communications: The Layman s Guide

Unified Communications: The Layman s Guide White Paper Unified Communications: The Layman s Guide Contents Introduction....2 What can you expect in return?....2 How Unified Communications Works....2 Challenges Ahead....2 Are you ready?....3 About

More information

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup. Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.com DA! (by Global knowledge & TechRepublic) Top certifications by salary:

More information

CIBECS / IDG Connect DATA LOSS SURVEY. The latest statistics and trends around user data protection for business. www.cibecs.

CIBECS / IDG Connect DATA LOSS SURVEY. The latest statistics and trends around user data protection for business. www.cibecs. CIBECS / IDG Connect 2014 DATA LOSS SURVEY The latest statistics and trends around user data protection for business. REPORT www.cibecs.com 2 Table of ontents EXECUTIVE 01 02 03 04 05 06 SUMMARY WHO PARTICIPATED

More information

BCM Data Research within a Business Intelligence Dashboard

BCM Data Research within a Business Intelligence Dashboard BCM Data Research within a Business Intelligence Dashboard A powerful, innovative assessment tool designed exclusively for the Business Continuity Profession Collecting BCM data metrics since 2000. The

More information

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9 1 of 9 PURPOSE: To define standards for appropriate and secure use of MCG Health electronic systems, specifically e-mail systems, Internet access, phones (static or mobile; including voice mail) wireless

More information

Six key trends in outsourcing Dominic J. Asta

Six key trends in outsourcing Dominic J. Asta Six key trends in outsourcing Dominic J. Asta /02 Outsourcing has never been the same as offshoring, yet it seems the two concepts have become increasingly interchangeable over the past decade. Despite

More information

REDUCING UC COSTS AND INCREASING BUSINESS PERFORMANCE IN THE CLOUD WITH UCaaS

REDUCING UC COSTS AND INCREASING BUSINESS PERFORMANCE IN THE CLOUD WITH UCaaS REDUCING UC COSTS AND INCREASING BUSINESS PERFORMANCE IN THE CLOUD WITH UCaaS Spiceworks survey reveals IT pros perceptions of UCaaS advantages, concerns and projects doubling of adoption CONTENTS UCaaS:

More information

Executive Summary. The United States Security Industry. Size and Scope, Insights, Trends, and Data

Executive Summary. The United States Security Industry. Size and Scope, Insights, Trends, and Data Executive Summary The United States Security Industry Size and Scope, Insights, Trends, and Data Late in 2012, ASIS International and IOFM conducted the United States Security Industry Survey. Participation

More information

Network Security: What You and Your Skills Are Worth

Network Security: What You and Your Skills Are Worth Network Security: What You and Your Skills Are Worth Bob Fanelli Branch Manager Robert Half Technology NETSECURE 2008 Robert Half Technology. An Equal Opportunity Employer Company Overview Robert Half

More information

Application Security in the Software Development Lifecycle

Application Security in the Software Development Lifecycle Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO

More information

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the

More information

Cloud-based Office 365 provides substantial cost, flexibility benefits over server-based system

Cloud-based Office 365 provides substantial cost, flexibility benefits over server-based system Cloud-based Office 365 provides substantial cost, flexibility benefits over server-based system Prepared by: Ron Beck, Director, McGladrey LLP ron.beck@mcgladrey.com August 2013 In the modern workplace,

More information

Accountants and Auditors

Accountants and Auditors SOC 13-2011: Examine, analyze, and interpret accounting records for the purpose of giving advice or preparing statements. Install or advise on systems of recording costs or other financial and budgetary

More information

March 10, 2014. Dear Chairman Coble and Representative Nadler:

March 10, 2014. Dear Chairman Coble and Representative Nadler: March 10, 2014 Rep. Howard Coble, Chairman Rep. Jerry Nadler, Ranking Member United States House of Representatives Judiciary Subcommittee on Courts, Intellectual Property and the Internet 2138 Rayburn

More information

engineers They re the binary bosses who dream up new computer hardware, software,

engineers They re the binary bosses who dream up new computer hardware, software, 28 Occupational Outlook Quarterly Fall 2000 engineers They re the binary bosses who dream up new computer hardware, software, and systems, making yesterday s science fiction today s fact. Without them,

More information

Big Data, Better Learning? How Big Data is Affecting Organizational Learning

Big Data, Better Learning? How Big Data is Affecting Organizational Learning Big Data, Better Learning? How Big Data is Affecting Organizational Learning June 17, 2014 Sponsored by: Carol Morrison, Senior Research Analyst, i4cp Jenny Dearborn, SVP and Chief Learning Officer, SAP

More information

A Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work

A Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work ALL IN A DAY S WORK A Look at the Varied Responsibilities of Internal Auditors internal auditing: All in a days work The Institute of Internal Auditors Achieving Objectives For the most part, companies

More information

Job Preparedness Indicator Study

Job Preparedness Indicator Study Executive Summary The Career Advisory Board Job Preparedness Indicator Study Research Overview What s Behind the Workforce Skills Gap? In the wake of rapid technological change coupled with economic uncertainty,

More information

Event Services Company Stays Connected with Unified Communications Solution

Event Services Company Stays Connected with Unified Communications Solution Microsoft Office System Customer Solution Case Study Event Services Company Stays Connected with Unified Communications Solution Overview Country or Region: United States Industry: Professional services

More information

ELECTRONIC INFORMATION SECURITY A.R.

ELECTRONIC INFORMATION SECURITY A.R. A.R. Number: 2.6 Effective Date: 2/1/2009 Page: 1 of 7 I. PURPOSE In recognition of the critical role that electronic information systems play in City of Richmond (COR) business activities, this policy

More information

THE SKILLS GAP IN ENTRY-LEVEL MANAGEMENT ACCOUNTING AND FINANCE. The Problem, Its Consequences, and Promising Interventions

THE SKILLS GAP IN ENTRY-LEVEL MANAGEMENT ACCOUNTING AND FINANCE. The Problem, Its Consequences, and Promising Interventions THE SKILLS GAP IN ENTRY-LEVEL MANAGEMENT ACCOUNTING AND FINANCE The Problem, Its Consequences, and Promising Interventions THE SKILLS GAP IN ENTRY-LEVEL MANAGEMENT ACCOUNTING AND FINANCE The Problem, Its

More information