“The experts at NIST have put together a comprehensive, yet flexible, plan for organizations to effectively manage cyber risk under the increasing pressure of the nation’s evolving threat landscape,” said W. Hord Tipton.
Clearwater, FL (PRWEB) February 12, 2014
(ISC)2® (“ISC-squared”), the largest not-for-profit membership body of certified information and software security professionals with nearly 100,000 members worldwide, today announced its support of the Cybersecurity Framework released today by the National Institute of Standards and Technology (NIST). Efforts to develop the Framework were called for under Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” as a means of providing guidance to organizations responsible for managing cyber risks in a critical infrastructure environment.
“The experts at NIST have put together a comprehensive, yet flexible, plan for organizations to effectively manage cyber risk under the increasing pressure of the nation’s evolving threat landscape,” said W. Hord Tipton, CISSP, executive director of (ISC)² and former CIO for the U.S. Department of Interior. “Unfortunately, the lack of qualified information security professionals with the skills and knowledge to create, understand, and implement such programs remains an area of improvement that must be further addressed.”
The (ISC)2 Global Information Security Workforce Study reported that today’s professionals lack the skills required to meet the threats that exist today, let alone those that are sure to arise in the future. The Study also found that lower security incident preparedness and the ability to discover and recover from breaches are direct results of the workforce shortage.
“A skilled workforce is the foundation of any successful security program,” added Tipton. “I believe the success of the Cybersecurity Framework will depend on how quickly and effectively the area of workforce shortage is addressed. (ISC)2 has been and will continue to make significant investments in programs that build the cybersecurity workforce pipeline and stands ready to collaborate with stakeholders from various sectors in an effort to further that cause.”
The NIST Cybersecurity Framework can be downloaded at: http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214-final.pdf.
Formed in 1989 and celebrating its 25th anniversary, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with nearly 100,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP), the Certified Cyber Forensics Professional (CCFPSM), Certified Authorization Professional (CAP), HealthCare Information Security and Privacy Practitioner (HCISPP), and Systems Security Certified Practitioner (SSCP) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at http://www.isc2.org.
© 2014, (ISC)² Inc., (ISC)², CISSP, ISSAP, ISSMP, ISSEP, CSSLP, CAP, SSCP and CBK are registered marks, and CCFP and HCISPP are service marks, of (ISC)2, Inc.