London Cyberspace Security Conference

Digital Espionage & Cyber Crime were amongst the topics discussed by 700 government officials, business leaders and information security specialists at a conference in London this month – hosted by the William Hague, the Foreign Secretary.

Ahead of the conference General Shaw, the head of the Ministry of Defence’s cyber security programme, said the Chinese pose the biggest cyber threat to UK business by ‘regularly targeting British companies and government institutions to acquire highly sensitive information’.  He reported that a firm in Warrington that designed a revolutionary blade for wind turbines went bust after hackers stole the blueprint and produced a cheaper version.

A recent report by web security specialists Blue Coat points to the increasing sophistication of web based malware. It’s increasingly dynamic – and the majority of web threats are now delivered from trusted and popular web sites that have been hacked for use by cybercrime. For this reason, reputation defences become less effective. 

Focus operates trusted and popular websites so like many other companies we have a very direct interest in information security.  Our primary site has been targeted in recent weeks and we have had to take defensive actions.

So the challenge for all organisations is to separate the real threats from the scare-mongering and to establish the skills to prevent, deter and respond to malicious or criminal activity.

This is creating opportunity for our customers in the IT community. A significant cyber security career field is emerging. It’s not an entry level job, but it is a growing area for ambitious IT professionals.  ITJobsWatch shows “Information Security” and “Network Security” jobs moving up the IT jobs ranking over the past year by 17 and 88 places respectively.

For those looking at information security training and certification the range of options can be bewildering.  In part this reflects the spread of topics involved. From legal compliance (eg data protection) through to software deployment. From user passwords through to enterprise architecture.  From technical expertise such as penetration testing through to information security management.

Beyond introductory courses, our advice is to source training which is aligned to one of the major accreditation bodies [eg BCS, (ISC)2 and ISACA] and be prepared to refresh skills on a regular basis.

These are our most popular courses:
Information Security Fundamentals
ISEB Information Security Management Principles (CISMP)
CISSP Certified Information Security Professional
CISA – Certified Information Systems Auditor
CEH Certified Ethical Hacker

There is a useful information security certifications guide which can be downloaded free of charge.

Blogalot – November 2011