According to Frost & Sullivan’s 2017 Global Information Security Workforce Study, 61% of organisations in Asia-Pacific suffer from a shortage of information security staff.
Although this is marginally better than other regions across the world, most organisations believe this shortage is a result of a lack of qualified personnel.
The study also found that one in four hiring managers in Asia-Pacific expects to see their departments grow by 15% or more. This is all good news for information security specialists in the region.
At IT Governance, we understand that information security is a complex, multidisciplinary field, and choosing a learning path that will deliver qualifications to support your career can be daunting.
An ISO 27001 qualification is something no cyber security professional should be without, but it is also worth considering other key qualifications.
Do you need technical training?
Training and HR managers will often ask: ‘Do you want a technical career or a career in management?’
The correct answer for a prospective cyber security professional should always be that they want both, but not necessarily at the same time.
Any career in information security requires knowledge of:
- IT systems, applications and the people that use them;
- The threats and vulnerabilities that characterise the modern-day cyber attack; and
- The security provided by commercial products.
Start with the basics
Those in the early stages of their careers should get as much practical experience as possible and look to achieve industry-standard qualifications offered by the likes of Microsoft, Cisco and HP.
CompTIA (Computing Technology Industry Association) also offers an independent learning path with its A+, Network+ and Security+ qualifications, which are highly valued by employers across Asia-Pacific.
Specialist training and qualifications
Some information security specialists will decide to specialise in ‘dark arts’ – roles that include security architecture, penetration testing, digital forensics, incident management and security/compliance auditing.
These individuals should opt for industry-recognised qualifications awarded by independent organisations and assessed by examination, such as CEH (Certified Ethical Hacker) or GPEN (GIAC Certified Penetration Tester) certificates.
Invest in management qualifications to advance to senior positions
Many senior careers with higher salaries in Asia-Pacific involve becoming a manager or being able to advise others about management.
The role may be managing teams of specialists, or managing the people, processes and technology associated with ensuring effective information security. This requires a thorough knowledge of asset and risk management and the controls required to mitigate the risks to an organisation.
This is where the knowledge and skills gained from ISO 27001 qualifications, such as ISO27001 Foundation (CIS F) and ISO27001 Lead Implementer (CIS LI), have the greatest influence.
Find out more about ISO 27001 training >>
Information security training advice
Our ISO 27001 experts are ready to offer you practical advice about information security training to support your career aspirations.
Get in touch with us to discuss different options to suit your budget and business needs >>