The home of Cyber
The Chartered Institute of Information Security (CIISec) is the only pure play information and cyber security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in information and cyber security. CIISec provide a universally accepted focal point for the information cyber security profession, it is an independent not-for-profit body governed by its members, ensuring standards of professionalism for training, qualifications, operating practices and individuals. CIISec has a growing membership that represents over 10,000 individuals in the information and cyber security industry.
CIISec represents professionalism, integrity and excellence within information and cyber security our principal objectives are;
• To promote, for the public benefit, the advancement and dissemination of knowledge in the field of information security
• To develop high ethical standards for practitioners in information security and to promote professional standards in the UK and overseas
• To act as an authoritative body for the purpose of consultation and research in matters of education or public interest concerning information security
Cyber security is one of the most pressing strategic concerns to organisations of any size. It is not simply a matter of technology – partly as attackers can evolve and adapt much faster than new technology can be introduced to counter them, and partly as, like any strategic issue, it depends greatly on the people and processes at the heart of an organisation. With almost 70,000 people employed in the security industry in the UK, it is crucial that these people are trained in the right way and can validate their skills. Understanding this, and acting on it, needs to be the basis of any security strategy that hopes to become successful. However, even if an organisation understands the need to invest in people and processes, there are still challenges to overcome.
CIISec helps make security a strategic concern at the heart of the business, instead of a technical add-on. It does this by helping put people at the core of information and cyber security: providing guidance, certification and helping develop the right training. It helps identify the right skills, in the right people, for the right roles – whether those people are accredited security professionals or fresh to the industry. It gives security professionals the skills and knowledge they need to deal with modern cyber threats throughout their careers: preventing stagnation and helping present a clear career path by showing precisely what skills professionals need to develop. And its framework-based approach to best practices and skills gives the industry a way to validate security skills and roles, allowing organisation and workers to ensure they truly are putting people at the core of cyber security.
CIISec is here to help individuals and organisations develop capability and competency. We have spent over a decade using uniquely developed frameworks to set standards for skills, experience and knowledge across the profession. Our frameworks have been developed in conjunction with industry, government and academia and are to align with and recognise other accreditation bodies’ standards. At the heart of what we do is the CIISec Skills Framework which is widely accepted as the de-facto standard for measuring the competency of Information and Cyber Security professionals. GCHQ/NCSC has used this framework to underpin its Certified Cyber Professional Scheme (CCP)
We work with academia to help develop new courses and entry-routes into the profession, as well as corporate and government organisations to promote the growth of talent in the workplace. In doing so we provide a universally accepted focal point for the information security profession. We accredit information security professionals to ensure that they meet the highest professional standards and our competency-based memberships are widely recognised in the information security industry.
CIISec started out life as the Institute of Information Security Professionals (IISP) when it was founded by leaders of the profession in 2006 to address the problem of how to recognise a competent information security practitioner. From this in 2007 our first Skills Framework was devised to measure skills and competency in cyber security. From here the Skills Framework was used to accredit our growing membership as we worked alongside our Corporate members, Academia and Government. With over a decade of accredited individuals and benchmarking the profession we grew to represent over 8,000 individuals in the cyber security industry. Then on the 12th December 2018, Her Majesty The Queen graciously granted the organisation a Royal Charter of Incorporation and the Chartered Institute of Information Security (CIISec) as we know it today came into being.
"We are in a unique position of being the only pure-play information security institution being granted Charter, which I think demonstrates the importance that government and industry are placing on the ‘professionalisation agenda’ for information security, something we are at the centre of
." Dr Alastair MacWillson, former Chair, CIISec
Become a member