The Chartered Institute of Information Security (CIISec) is the only pure play information security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in information security.
CIISec represents professionalism, integrity and excellence within information and cyber security our principal objectives are
• To promote, for the public benefit, the advancement and dissemination of knowledge in the field of information security
• To develop high ethical standards for practitioners in information security and to promote professional standards in the UK and overseas
• To act as an authoritative body for the purpose of consultation and research in matters of education or public interest concerning information security
IT security is one of the most pressing strategic concerns to organisations of any size. It is not simply a matter of technology – partly as attackers can evolve and adapt much faster than new technology can be introduced to counter them, and partly as, like any strategic issue, it depends greatly on the people and processes at the heart of an organisation. With almost 70,000 people employed in the security industry in the UK, it is crucial that these people are trained in the right way and can validate their skills. Understanding this, and acting on it, needs to be the basis of any security strategy that hopes to become successful. However, even if an organisation understands the need to invest in people and processes, there are still challenges to overcome.
CIISec helps make security a strategic concern at the heart of the business, instead of a technical add-on. It does this by helping put people at the core of IT security: providing guidance, certification and helping develop the right training. It helps identify the right skills, in the right people, for the right roles – whether those people are accredited security professionals or fresh to the industry. It gives security professionals the skills and knowledge they need to deal with modern IT threats throughout their careers: preventing stagnation and helping present a clear career path by showing precisely what skills professionals need to develop. And its framework-based approach to best practices and skills gives the industry a way to validate security skills and roles, allowing organisation and workers to ensure they truly are putting people at the core of IT security.
CIISec is here to help individuals and organisations develop capability and competency. We have spent over a decade using uniquely developed frameworks to set standards for skills, experience and knowledge across the profession. Our frameworks have been developed in conjunction with industry, government and academia and are to align with, and recognise other accreditation bodies’ standards. At the heart of the Institute is the CIISec Skills Framework which is widely accepted as the de-facto standard for measuring competency of Information Security professionals. GCHQ/NCSC has used this framework to underpin its Certified Cyber Professional Scheme (CCP)
We work with academia to help develop new courses and entry-routes into the profession, as well as corporate and government organisations to promote the growth of talent in the workplace. In doing so we provide a universally accepted focal point for the information security profession.
We accredit information security professionals to ensure that they meet the highest professional standards and our competency based memberships are widely recognised in the information security industry.
Become a member