There is nothing like sitting in a quiet office for a couple of months, working through contract applications to focus the mind on how the corporate world, or at least their HR departments; view our profession. Since my last contract ended I have been working through this process – oh don’t worry, I have been writing a series of books while I was waiting, not just sitting around. But what I have noticed is that there almost seems a competition to see how many certifications and proven experiences can be required. Are they all needed, or are they copied from the CV of the last post holder I wonder? Do organisations understand the range of IS and IC professionals is not linear, it’s a spectrum. Different people have different talents experience and skills. Adding to the development of our profession is not just about gaining certifications, it is about developing the profession as we work, challenging and moving the knowledge forward with our insight and our knowledge and our experience.
So, fundamentally, what is an IS or IC professional?
Wendy Goucher is an information or cyber security consultant -depending which you are looking for. Her focus is operational so trying to keep data as safe as possible while still allowing people to do their job. For that reason she’s done a lot of work in the area of risk recently and hopes one day to understand all the factors that are in play, but feels that to believe she does would risk arrogant deception. Wendy has also written some books, including one on incident response, and in the next year she will be publishing anything up to 5 books for small children and their parents on cyber security. She’s excited and passionate about that prospect so be warned.