12 Mar 2008
A report from the European Network and Information Security Agency (Enisa) on the economics of IT security has found that accreditation schemes for people and products in the European Union (EU) need to be strengthened and extended.
The EU should boost accreditation schemes related to people certification in IT security and encourage the development of skills certification adapted to different profiles, says the report.
Security accreditation is important because it ensures the products and staff that companies use are not going to compromise the business, according to the report.
"The availability of accreditation and certification schemes can contribute to the trustworthiness of electronic products and services by raising the level of security," it says.
"Information about such schemes should be widely disseminated."
A major challenge for all product certifications is a rapidly changing spread of threats – making it difficult to have a concrete set of standards against which products can be tested.
The report recommends that making security certificates mandatory by law would be problematic because changing technology would mean specific certificates quickly become out of date.
But governments could have a role to play by by encouraging the acceptance of certifications with merit within their own workforce.
The EU should also reinforce bridges between education in schools and universities and private training colleges who provide certifications.
Last week the Tories announced that children in schools and colleges would get IT security training if they got into power.
My comment has to do with this statement "The EU should also reinforce bridges between education in schools and universities and private training colleges who provide certifications". As a fairly recent graduate I feel there is truly a need to link work skills to the theoretical knowledge taught at universities. While some universities encourage their students to take up industry recognised certifications others are too arrogant to acknowledge that the real world experience is what certifications teach. Having gone to one of the top universities in the UK I know that emphasis is placed more on the theoretical aspect of learning which means graduates leave without truly knowing what it means to work in industry. I made a personal decision to pursue a Cisco certification as this teaches the fundamentals of networking and linking it to real world skills; though this benefits Cisco because it stands to sell more routers yet people like me are able to link our theoretical knowledge to real world environment.
In my opinion, the security certifications and any other IT related certifications should be encouraged by universities, this will ensure people have a good idea what the real world is all about. Though I must say the decision on which certification can also be a problem because there are so many to choose from. I hope the industry and education can work this one out.
Posted by: Tom 13 Mar 2008
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
