Quick Q&A with David Shearer


quick-david1ASM: It’s been an interesting year in terms of cybersecurity – what have been the highlights for (ISC)²?

David Shearer (DS) It’s also been an interesting year for (ISC)². In 2016, cybersecurity has been increasingly regarded as a strategic international issue affecting all levels of society. By the year 2020, the number of networked devices (the internet of things) will outnumber people by six to one, transforming current conceptions of the internet. (Source: UN, Comprehensive study on cybercrime, UNODC, Vienna, 2013.) As mobile data usage and traffic has been increasing rapidly and substantially, faster than prevention technology – cybersecurity measures and policies, countries worldwide are at a higher risk of facing information security challenges more than ever before. Talent capacity building has been one of the most discussed topics in the global arena. No matter where I travelled this year—the Americas, Europe, Asia—I heard the term ‘talent capacity building’ in almost all discussion forums.

(ISC)² members remain at the forefront of cybersecurity, and since 2004, our Global Information Security Workforce Study continues to validate this significant talent shortage. Our members are overworked based on the limited number of qualified people in the workforce and consequently, many are falling behind in their duties. This is compounded by the lack of new people entering the profession. In addition, our members are increasingly involved in a range of audits that consume significant amounts of time, at the expense of operational cybersecurity requirements and responsibilities.

In 2016, we have tried to address the workforce shortage by speaking with various government agencies about how (ISC)² can collaborate with them to enhance the quality of the cybersecurity workforce and increase the numbers in the professional pipeline. Our recent signing of a memorandum of understanding (MOU) with Cyber Security Agency of Singapore (CSA) is one of those moves. The MOU allows CSA and (ISC)² to increase public cybersecurity awareness, and complement existing efforts in the development and maintenance of the cybersecurity competency framework in Singapore…Click HERE to read full Q&A.