My own views regarding this topic fall squarely into the pro side of the debate, and I will tell you why I think we need to look at this issue.
Our industry has grown from being a very niche and often overlooked discipline within the IT field to one that is recognised as being critical in protecting the data, systems and infrastructure that many rely on daily. This also led to the information security industry becoming now one of the fastest growing markets within IT. A recent report from Market and Markets claims the global information security market will grow to US $120 billion by 2017, growing at an annual rate of 11.3%.
Many countries have recognised how important information security is to their own national security and have developed cyber security strategies to secure their critical network infrastructure.
Needless to say, with this estimated growth and government interest, a lot of players will be looking to move into the field. Many of those will have highly trained, skilled, and professional staff and should be welcomed, especially when there is a shortage of experienced professionals in the sector and it is known that there is currently a 0% unemployment rate in the information security field. Unfortunately, there will also be many who will see this as an opportunity to make huge amounts of money by providing below par services to clients. This will reflect poorly on them, but also on the industry as a whole.
At the moment, there is not much that can be done to prevent anyone from claiming to be an information security expert. Indeed, experienced professionals in the field have taken to online forums and Twitter to lament the lack of quality work many of them encounter when working with clients. We often hear of vulnerability scans being passed off as penetration tests, products being touted and sold as silver bullets for any and every security problem, or compliance checklists being used to determine whether an organisation is secure.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.