Cybersecurity specialisation status up for grabs with new ACS accreditation program
The Australian Computer Society (ACS) -- the association for the country's IT sector -- has launched a new cybersecurity accreditation program, allowing specialists in the security field to obtain two new certifications.
The new accreditations are an extension to the ACS Certified Professional and Certified Technologist schemes, and will see cybersecurity experts in Australia able to achieve Certified Professional (Cyber Security) and Certified Technologist (Cyber Security) accreditation.
The cybersecurity specialisation status will require applicants to demonstrate in-depth capability in a range of areas identified in the globally recognised Skills Framework for the Information Age (SFIA), ACS president Anthony Wong explained.
"A key element of cybersecurity is trust. We trust business and government to protect our private and personal data. Establishing a professional certification where applicants must commit to a code of ethics, code of professional practice, and undertake continuing professional development helps provide a level of certainty and trustworthiness," Wong said, speaking at the ACS Cybersecurity event in Canberra on Wednesday.
The ACS expects the two new certifications to provide employers with a guarantee that the cybersecurity individuals they are hiring have the right skills for the role.
"By employing professionals with a [cybersecurity] certification, businesses and government are demonstrating to consumers that their cybersecurity professionals have undergone a rigorous assessment process, demonstrated a commitment to the highest principles, and are well placed to lift the cyber resilience of their organisation," Wong said.
Existing Certified Professionals and Certified Technologists are able to apply to have their certification upgraded through the ACS.
According to Australia's Special Adviser to the Prime Minister on Cyber Security Alastair MacGibbon, the accreditation program from the ACS will help remove the current seagull-like approach to hiring cybersecurity professionals, where government, the enterprise, and big business are all "fighting over the same chip".
Addressing the ACS in Sydney on Tuesday, MacGibbon said it makes sense that as Australia grows its cybersecurity skills and capabilities, it has the right people involved.
"It's widely recognised that there's a skills deficit in ICT broadly, but particularly when it comes to cybersecurity," he said, noting that the country is missing the point if only tertiary institutions are focused on.
"We also need to focus on vocational training, and indeed those that are self-taught."
He said Australia needs to create avenues for self-taught individuals to "come to the side of goodness and light" to actually protect the communities they operate in.
"Which is why initiatives like this one are so important for us, because it tries to make sense of the skills that we have and help to standardise those somewhat," he explained.
"A casual observer would say that there has been an awful lot of conflict, an awful lot of overlap, and often some confusion as to what certifications are best to have.
"Until we actually have the supply right of staff, the supply right of skilled people, we're always seagulls fighting after the same chip that government will sit there and say that it will grow some skills, the private sector might come and offer more money and steal the chip from us, big business will fight over that same person next, and we have this game of inflationary wages -- good for the individual, but bad for business generally -- and of course we have the deficit, we just don't have enough people to be doing the work that's there."
Speaking with ZDNet earlier this year, MacGibbon said he wants the understanding of cybersecurity to be a life skill children of today grow up with, which means taking the conversation to primary school classrooms.
While PhD, university, and even high school students should still be gaining powerful knowledge on the threat landscape, MacGibbon would argue that this kind of structure isn't enough to ensure the success of Australia when it comes to cybersecurity.
"For me, being a successful person in my generation was being able to read and write and do basic maths," he told ZDNet. "What is going to get our kids to be successful in this world is the concept of computation, coding, and communication.
"If we're going to win when it comes to protecting the Australian way of life, in terms of cybersecurity, then it indeed starts in primary schools."
He also wants those in IT to look at furthering their skills in the cybersecurity sector.