At the recent Security Congress APAC 2016 held in Bangkok, attendees consisted of ICT professionals, information security professionals, practitioners, and university students and professors from some regional universities. It was a successful gathering where the attendees shared their ideas and views. We also had a great student track presentation from a young information security practitioner, Vijay Luiz, CISSP (Read Vijay’s blog on how he got into cybersecurity http://blog.isc2.org/isc2_blog/2016/02/associate-security.html), which the students found very informative. While the Congress was a great success, it became an issue that not everyone spoke the “same language”. Something was amiss and upon looking back, one can only rule that an information security knowledge baseline was lacking amongst attendees. This brings about the importance of creating

In recent years, many young people have felt disenfranchised and robbed of opportunities to pursue career ambitions. This sits in contrast to the fast-developing field of cybersecurity, where hiring managers regularly report staff shortages and lead times of over six months to fill positions. Cybersecurity is fundamental to the digital economy, but the (ISC)2 Global Information Security Workforce Study forecasts a growing workforce shortage of 1.5 million by 2020. As cybersecurity is a relatively new discipline, most organisations look for a minimum of three to five years’ experience, as well as a good understanding of cybersecurity concepts for the roles they are creating. Newcomers struggle to get these roles as employers find it difficult to judge their instincts. Often only

In mid-July, the White House released its “first-ever” Cybersecurity Workforce Strategy, a directive under the Cybersecurity National Action Plan (CNAP) and the President’s 2017 budget. Its goal is to “…grow the pipeline of highly skilled cybersecurity talent entering federal service, and retain and better invest in the talent already in public service.” The government believes that by implementing this Strategy, it will elevate the attractiveness of public service to such a level that every private sector cybersecurity leader will ultimately deem it essential to his/her career to complete a tour of duty in federal service. How many cyber and IT professionals are they looking to attract? According to the White House blog, the magic number is 3,500. How long will