Growing Need For IT Security Talent Prompts (ISC)2 To Declare 2005 ‘Year Of The Information Security Professional’

INFOSECURITY 2005, New York City, Dec. 8, 2004 – The International Information Systems Security Certification Consortium (ISC)2®, the non-profit organization in its 15th year of educating, qualifying and certifying information security professionals worldwide, today declared 2005 to be the “Year of the Information Security Professional” at Infosecurity 2005 in New York City.

Supported by major organizations such as the Information Systems Security Association (ISSA), Information Technology Association of America (ITAA), the Information Assurance Advisory Council (IAAC), ASIS International, Microsoft, Deloitte and Computer Associates, (ISC)2 will offer joint events, mentoring programs, scholarships and other initiatives to be announced throughout the year. The objectives of the year-long program are to:

* Highlight the worldwide demand for information security professionals and attract high-quality candidates to the profession;
* Continue encouraging organizations to meet the challenges of information security and ensure the security and privacy of customers and partners through the increased professionalism of its security staff; and
* Highlight the increasingly significant role information security professionals play in the global information society to the public at large.

“The role of information security professionals has become critical for protecting consumers, citizens, businesses, government agencies and organizations worldwide in their daily online tasks and interactions,” said James E. Duffy, CISSP, president and CEO of (ISC)2.

“In every field, information security professionals are being called upon to secure the virtual world that we have all come to depend upon,” Duffy said. “Therefore, (ISC)2 has declared 2005 to be the Year of the Information Security Professional with the goal of recruiting new candidates to the profession and educating organizations and the public on the importance of the profession.”

Duffy said the initiative was motivated by the conclusions of the first comprehensive study of the global information security workforce, which showed the demand for professionals would more than double by 2008 to 2.1 million worldwide.

Conducted by IT industry analyst firm IDC for (ISC)2, the study said that the growth of the profession was being driven by competing demands on industry and government to expand access to services and information, new stringent regulatory requirements, and the need for proactive solutions to circumvent emerging threats.

“Customers have told us that security is a critical issue for them and they depend on qualified information security professionals to help maintain the security of their networks,” said Steve Lipner, director of security engineering strategy at Microsoft.

“We applaud (ISC)2 for spearheading this initiative that will spotlight the need for new information security professionals as well as the ongoing efforts of current professionals, and we look forward to working with (ISC)2 and other industry leaders on this educational program throughout the year,” Lipner said.

(ISC)2 will be dedicating at least one session at each of its 2005 daylong professional education events in the U.S., London and Hong Kong to discussing the issues of the Year of the Information Security Professional. To see a listing of currently scheduled events, go to

Other supporting organizations include Royal Holloway University, the leading academic institution in information security in the United Kingdom; Ernst & Young; Honorable Mr. Sin Chung Kai, Hong Kong Legislative Councilor; the Professional Information Security Association in Hong Kong; Singapore Management University; National Computer Systems Pte Ltd, a leading IT professional services provider in Singapore; Special Interest Group in Security and Information Integrity, the leading IT security society based in South Asia; and the Information Security Interest Group in Australia.

For a complete list of supporters, to read the declaration or to learn how an organization can get involved in supporting the Year of the Information Security Professional initiative, please visit

Sarah Bohne, director of corporate communications for (ISC)2, said, “By supporting the Year initiative, organizations gain the opportunity to show their stakeholders, whether investors, employees, constituents, or governing bodies, that they are committed to the protection of their customers’ information assets via a secure cyber world.”

A panel discussion is scheduled at Infosecurity tomorrow, 7:30 to 9 a.m. EST in room number 1C01 in the Jacob K. Javits Center, to discuss the evolving role and impact of the information security professional. The panel, moderated by Ms. Bohne, will feature:

* James R. Wade, CISSP, former CSO of the Federal Reserve and current (ISC)2 board member
* Joyce Brocaglia, president of Alta Associates and an expert in information security human resource issues
* Thomas Marshall, Ph.D., associate professor – MIS, Auburn University
* Marc Noble, CISSP, CISM, deputy computer security officer, U.S. Federal Communications Commission
* David M. Cullinane, CPP, CISSP, president of ISSA

(ISC)2 will be dedicating at least one session at each of its 2005 daylong professional education events in the U.S., London and Hong Kong to discussing the issues of the Year of the Information Security Professional. To see a listing of currently scheduled events, go to

About (ISC)2
Based in Palm Harbor, Florida, USA with offices in London, Hong Kong and Tokyo, the International Information Systems Security Certification Consortium, Inc. (ISC)2® is the premier organization dedicated to providing information security professionals around the world with the standard for professional certification based on (ISC)2’s CBK®, a compendium of industry “best practices” for information security professionals. Since its inception in 1989, the non-profit organization has educated, qualified and certified more than 27,000 information security professionals in 106 countries. (ISC)2 awards the Certified Information Systems Security Professional (CISSP®) and the Systems Security Certified Practitioner (SSCP®) credentials. Both certifications require professional experience and, for the CISSP, the Gold Standard in information security certifications, an endorsement by a professional who is familiar with the background of the candidate. (ISC)2 is the first information security certifying body to meet the requirements of ISO/IEC 17024, a global benchmark for certification of personnel. More information about (ISC)2 is available at

Don't miss