The changing nature of society and business, with the rise of remote access and the explosion of data, has resulted in the need to pay increasing attention to security.
An Ever-Increasing Risk of Cyber Crime
Internet security solution provider, McAfee has estimated that the likely annual cost to the global economy from cybercrime is more than $400 billion. Companies and governments globally are facing an ever-increasing risk of cybercrime. It is not surprising, therefore, that the cybersecurity market is a fast expanding market and is expected to grow from $71 billion in 2014 to $155+ billion by 2019, according to the latest forecast from Gartner.
Cybercrime is a hot topic, as demonstrated by recent high profile cases. In fact, the largest bank robbery of all time was reported in 2015, with $300 million stolen from banks in over 30 countries as the result of a hack.
In February 2015, the US health insurer Anthem suffered a data breach of nearly 80 million records, including personal information such as names, social security numbers, dates of birth, and other sensitive details. Unfortunately, these are not isolated incidents. Organizations need to get serious about protecting their data or they risk fines and loss of trust, which can lead to bankruptcy.
In our modern working environment, we move information and data carrying devices around, continually exposing them to the risk of physical theft and digital breach. Moreover, we continually mingle our private and business information facilities. One of the key findings from IBM’s 2014 Cyber Security Intelligence Index is that 95 percent of all security incidents involve human error. Many of these incidents are successful security attacks from external attackers who prey on human weakness in order to lure insiders within organizations to unwittingly provide them with access to sensitive information. It is essential that individuals at all levels of the organization are aware of security risks and how to protect an organization’s valuable information.
Moreover, we can look at security from software development and a testing perspective, since building security measures into the programming and testing phases help improve resilience to cyber-attack.
Minimizing Corporate Risk and Heightening Resilience to Cyber Attack
Increasing the awareness and competences of professionals in the area of Security will help prepare organizations to take optimal advantage of the opportunities offered by new and innovative ways of doing business, whilst minimizing corporate risk and heightening resilience to cyber-attack. This is why EXIN is rapidly expanding its portfolio of certifications in the Security domain, and related fields like data protection and business continuity.
EXIN’s Cyber Crime certification covers what cybercrime actually is, how it can be prevented and also how to limit the damage in case of an attack. Because people can also be the strongest link in the organization’s resilience, EXIN’s Information Security Management program includes certification at all levels, aimed not only at those managing information but at all those who process information, so that security awareness spreads to individuals at all levels of the organization.
EXIN’s Secure Programming certification provides evidence that the ICT professional knows how to build security measures into the software during the development phase before the software ever goes into the live environment. Paying attention in this way to the prevention of cyber attacks will ensure that the organization is not a sitting duck for cybercriminals.
Similarly, EXIN’s Ethical Hacking certification is proof that the ICT professional knows how to test software and web applications for vulnerabilities using the same methods applied by hackers – which is the only way to truly test for resilience to cyber-attack.
The certifications within the EXIN (Cyber) Security and Governance Portfolio are based on the e-Competence Framework (e-CF) – a quality ensuring and objective framework of world-recognized standards for measuring professional competences, of which EXIN is the co-initiator.
For further information about EXIN, visit www.exin.com.
About the author
In her role as Program Manager, Rita is responsible for managing all aspects relating to the technical content and quality of EXIN programs. Rita has a Master’s degree in Educational Psychology, and is a certified ITIL Practitioner, ISO 20000 Consultant, and Information Security Practitioner, with extensive experience in both the IT and the educational sector. She has been heavily involved in the development of EXIN’s Agile Scrum and DevOps programs.