Lately, it seems like a data breach, hack or cyberattack makes the news daily. I was at the recent ISACA/IIA Governance Risk and Control (GRC) conference when I read that hackers stole data on 4.5 million patients of a health system. With incidents like this occurring more frequently, there is an increasing demand for professionals who have the cybersecurity skills and resources to combat this growing threat. It is clear that bad actors have set their sights on the vulnerabilities of any type of enterprise, including medical, business and critical infrastructure.
Despite this growing need for cybersecurity skills, until recently the field was fragmented with no clear path set for those who want to pursue the cybersecurity profession. Recognizing this gap, ISACA conducted extensive research and planning with global business and cybersecurity experts. As a result, ISACA identified a need for a single, central location where security professionals and their enterprises can find cybersecurity research, guidance, certifications, education, mentoring and community. Subsequently, we launched the Cybersecurity Nexus (CSX) in April 2014.
The drumbeat for professionalizing cybersecurity is only getting stronger. A recent report from Salve Regina University’s Pell Centerfor International Relations and Public Policy also proposes an alternative to the current, ad hoc, decentralized approach to cybersecurity workforce development. The authors call for the creation of a professional association dedicated entirely to cybersecurity.
The Pell report notes that forming a new association focused on cybersecurity will take time—time that enterprises don’t have if they are to keep up with the rapidly expanding expertise of hackers. This is also one of the reasons why ISACA made the investment in creating CSX. ISACA is able to use much of its existing infrastructure and global subject matter experts to hit the ground running. ISACA, which has been serving IT professionals for 45 years, has been a highly respected provider of certifications, training and networking for global professionals for more than 30 years.
So when we established CSX, we made a commitment: We will do for cybersecurity professionals what we have done and continue to do for assurance and governance professionals. Whether you are a seasoned professional or new to the field, we will be your resource for the training, credentials, guidance and community to develop your cybersecurity career. In addition to other activities, we are offering the first Cybersecurity Fundamentals Certificate workshop and exam in October, which is also Cybersecurity Awareness Month—a cause for which we are a champion.
This is an exciting time in our industry and an extraordinary time for ISACA and our members. Organizations around the world are in need of skilled and knowledgeable cybersecurity professionals—and we’ll do everything we can to help you succeed in those roles.
Robert E Stroud, CGEIT, CRISC
International President, ISACA