Don’t professionalize, innovatize

Don’t professionalize, innovatize

why the solution to the issues in the information security profession will not be come from creating (yet another) governing body but could arrive via innovation. (An answer to Brian Honan article on Help Net Security).

By Eh’den (Uri) Biber

Brian Honan wrote an interesting article for help net security entitled “Is it time to professionalize information security?” It covers the discussion about the call to turn the information security into a licensed practice. I highly recommend reading Brian’s article; from it I derived the following points:

  1. Customers many times are unable to validate the professional level of the so-called-experts
  2. The quality of the work being done sometimes by so-called-experts is  poor
  3. There is no accountability when the work quality is bad and leads to incidents and no independent body has the ability to “un-license” the so-called-professionals
  4. We need independent bodies to provide counter advise to interest groups (I assume privacy is a good example here)

Continue reading