Nicolajsen Dougherty (sushiheart1)
recently, Matt Loeb, President and CEO of International Information Systems Audit Association (ISACA), came to China to change some ideas with domestic government departments, industries, academia and members. An'an Niu took this chance to interview president Lu (Mr. Loeb's Chinese name is Lu Bin).
The next is the content sorted out according to the interview record:
Q: please discuss the key reason for your visit?
A: ISACA has 140000 members in the world, more than 700 in China, and a lot more than 2000 with certificates. Its personnel are distributed in specific fields such as for example it audit, information security, network security and risk management. Come to China is to better understand China's information security environment and related personnel development status, in order to provide better services for members. With this visit, I'll also meet many domestic training institutions and leave a deep impression, such as Gu An Tian Xia. We need to straighten out and evaluate when we go back. There could be multiple partners.
Q: what is the role of security in the IT industry?
A: safety is very important. It is not only a technical issue, but also a business management issue. Not merely to protect the machine and data, but also to safeguard the company environment. For that reason the person responsible for protecting these systems and data should have certain qualifications, and training is very necessary.
Q: how do you view industry of personal safety capability certification training?
A: according to Cisco's statistics, there are about 1 . 5 million security vacancies worldwide. But the current situation is that the prevailing technical personnelThe safety skills of the staff aren't enough, and the students don't have any experience and foundation. For that reason enterprises must strengthen on-the-job staff training. In the short run, this gap will persist, so the demand for education certification becomes very urgent. Students with safeness skills will fill this gap, so students should try their best to complete self-training. But nevertheless, students need practical work experience. More over, in student training, the institution needs a lot of investment, so it is most unlikely to anticipate the college to boost investment in this area.
Q: the IT industry it self is highly changeable. What you think can happen to the training market later on?
A: the challenge is change. The security environment is consistently changing, and working out and education methods should maintain the shape. We ought to provide considerably better ways to help members or trainees master knowledge and skills. In the past, the original written examination and reading are not enough. We need to assess the practical ability of professionals. For that reason as time goes on, the demand for simulation or practical ability training increase. ISACA plans to launch significantly more than 150 test centers around the world. These test centers provide simulated environment for safety related tests, measure the practical ability of trainees, and lastly issue certificates.
Q: can you talk about the certification test in this simulated environment?
A: Here is the world's first network security certification predicated on practical skills developed by ISACA, CSX (network security skills certification). To be eligible for CSX, candidates should be in aPass the exam in a flexible network experiment environment predicated on skills. The test simulates the real-world network security scene to examine the candidates' actual combat skills. Students who've obtained CSX certification mean that their abilities in network security incident detection, protection, diagnosis, response and recovery have already been tested used.
CSX certification is split into three levels. ISACA recently officially launched the first level. For practioner of front-line employees, it plans to launch the next am
