Don’t professionalize, innovatize
why the solution to the issues in the information security profession will not be come from creating (yet another) governing body but could arrive via innovation. (An answer to Brian Honan article on Help Net Security).
By Eh’den (Uri) Biber
Brian Honan wrote an interesting article for help net security entitled “Is it time to professionalize information security?” It covers the discussion about the call to turn the information security into a licensed practice. I highly recommend reading Brian’s article; from it I derived the following points:
- Customers many times are unable to validate the professional level of the so-called-experts
- The quality of the work being done sometimes by so-called-experts is poor
- There is no accountability when the work quality is bad and leads to incidents and no independent body has the ability to “un-license” the so-called-professionals
- We need independent bodies to provide counter advise to interest groups (I assume privacy is a good example here)