News Stay informed about the latest enterprise technology news and product updates.

New foundation to promote standards for security pros

Two organizations for security professionals have created a foundation that will promote careers and standards.

Imagine what an organization of 30,000 security professionals could do.

That is exactly what two of the most recognized nonprofit organizations for information security professionals are doing today. The Information Systems Security Association (ISSA) is teaming with the International Information Systems Security Certification Consortium Inc., or (ISC)2, to create a foundation to promote professional standards in information security and engage in other activities that enrich the profession.

The groups have formed a committee to flesh out the scope of the new foundation and work on other details (including coming up with a name). But this is not the first time ISSA and (ISC)2 have worked together. In fact, their histories are quite intertwined. "This isn't a new relationship, but a new phase in our relationship," said Sandra Lambert, founder and chairwoman of ISSA.

Executives from both organizations will run the foundation. Members will have access to the services offered by both groups, including joint events, conferences, research projects and training.

Both ISSA and (ISC)2 will still operate as distinct organizations, but the new foundation will handle projects of mutual interest. The foundation could receive grants or give out scholarships and do other "things that would benefit the profession as a whole," Lambert said.

The mission of ISSA is to offer a place for security professionals to gather in their home cities and have a voice in the direction of the information security field. It also focuses on education and certifications, two elements that are addressed by (ISC)2, Lambert said.

By contrast, (ISC)2, which offers security certifications such as the Certified Information Systems Security Professional (CISSP) and the complementary Systems Security Certified Practitioner (SSCP), has found that its certification holders want a place to meet -- but (ISC)2 doesn't have chapters. "We point them to the ISSA," said Jim Duffy, (ISC)2's executive director.

Both groups want to make information security a mature profession. To accomplish this goal, practitioners must be well skilled. (ISC)2's training and ISSA's community-building activities help them to become so, Duffy said.

Just recently, the two groups worked together to finalize the Generally Accepted Information Security Principles (GAISP), which aim to give the security community a globally consistent, practical framework for protecting information.


Best Web Links on security careers and training news exclusive: "Cert Spotlight: CISSPs 'know' security" expert advice: "How to become a CISSP" news exclusive: "Corporate security career path often cultivated internally" news exclusive: "Cert Spotlight: CISA focuses on information assurance"

FEEDBACK: Calling CISSPs! In which way is the certification most important? Getting a job or keeping a job?
Send your feedback to the news team.

Dig Deeper on Information security policies, procedures and guidelines

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.