At the recent Security Congress APAC 2016 held in Bangkok, attendees consisted of ICT professionals, information security professionals, practitioners, and university students and professors from some regional universities. It was a successful gathering where the attendees shared their ideas and views. We also had a great student track presentation from a young information security practitioner, Vijay Luiz, CISSP (Read Vijay’s blog on how he got into cybersecurity http://blog.isc2.org/isc2_blog/2016/02/associate-security.html), which the students found very informative.
While the Congress was a great success, it became an issue that not everyone spoke the “same language”. Something was amiss and upon looking back, one can only rule that an information security knowledge baseline was lacking amongst attendees. This brings about the importance of creating a common syllabus to teach information security; one that teaches the principles of security, and an understanding of the threats and countermeasures, followed by the application of knowledge. Technology is changing at such a rapid rate that sometimes it just does not make sense to teach technology. We must find a platform to address this disturbing fact and go back to school. We also need to highlight and recognize the educators who have the foresight, bravery and determination to teach the right things.
(ISC)²® has developed the International Academic Program (IAP) in an effort to make real progress in response to these concerns and to bring the right teaching materials back to school. Through the (ISC)² tenth annual Asia-Pacific Information Security Leadership Achievements (Asia-Pacific ISLA®) program, we recognized the brave educators who ventured into the unknown with the introduction of a new recognition category – Information Security Educator. In fact, for the past nine years, we have recognized the work of numerous outstanding educators in the profession. However, this new category was created especially for educators to exemplify our determination to bridge the information security workforce gap. We view education as the real driver in solving the talent shortage.
Dr. Heejo Lee, Professor, Department of Computer Science and Engineering, Korea University was the first Showcased Honoree of this new category, recognized last month in Bangkok. Dr. Heejo Lee has been training undergraduate and graduate students on secure software development, among other information security topics. He also helped students found the Korea University Institute of Computer Security (KUICS), a student security club lead by undergraduates to help cultivate interest in security issues on campus. Dr. Heejo Lee has not only dedicated his life to educating the growing minds of our next generation, but also to spreading cybersecurity knowledge beyond his own country. His community outreach was also commended by the 2016 Asia-Pacific ISLA Nomination Review Committee as this year’s Community Service Star. The recognition of a Community Service Star embodies the philosophy of passing along one’s knowledge and expertise to benefit the community as a whole. Dr. Heejo Lee provided consultation services to countries such as the Philippines, Uzbekistan, Vietnam, Myanmar, Costa Rica and Cambodia, and advised them with policy recommendations after examining the ICT environment and security threat landscape of each country. What I saw from the achievements by the Asia-Pacific ISLA Honorees proves that passion in what you do leads to success in your career. I do hope the students who attended the Asia-Pacific ISLA Gala Dinner will be inspired by their senior peers.
Although the Institute of Higher Learning (IHLs) seemed to start late in the game, the attention they are given these days proves that education is surely in the equation to fill the cybersecurity professional pipeline of tomorrow. At the (ISC)² Asia-Pacific Advisory Council meeting, held the day after the Security Congress APAC 2016 in Bangkok, we gathered the top cybersecurity minds throughout the region. The Council has been trying to address the growing gap in availability of qualified cybersecurity professionals, identified year-over-year since 2004 by the (ISC)² Global Information Security Workforce Study. We have set up a working group within the Advisory Council that will focus developing the International Academic Program (IAP) program in Asia-Pacific. With the support of the Council members, we are now identifying the IHLs in the region that would incorporate the (ISC)² CBK® into their full-time faculty curriculum.
There is a Chinese saying, “It takes ten years to grow a tree, but a hundred years to nurture a talent”. Education is a life-long endeavor, and only through the nurturing of talent will our industry sustain and advance. That is why this year at Security Congress APAC, we focused on investing in new industry entrants. The responsibility of strengthening and growing the cybersecurity field rests not only with the practitioners and professionals, but also with the whole community in an orchestrated manner. (ISC)² is in the best position to create that bridge between academia, industry professionals and new entrants, and I look forward to being part of that progress.
By Clayton Jones, Managing Director, Asia-Pacific, (ISC)²