Tag: resilience

ISACA Board Director Niel Harper Secures a Role on the Professional Standards Working Group of UK Cyber Security Council

nielharper

“The UK Cyber Security Council has announced that Niel Harper, a cybersecurity executive and member of the ISACA Board of Directors, has secured a role in its Professional Standards Working Group. This appointment is an important recognition of Harper’s expertise and contributions to the field of cybersecurity.”

Workforce development is critically important to the security and resilience of nation states (and organizations as a matter of fact). There is diversity in the breadth and depth of cyber security skills required across government. These include deep technical skills and the non-technical cyber security skills that are needed across other specialisms and professions, such as digital, policy, commercial and assurance.

Guided by the standards and pathways established by the UK Cyber Security Council, the UK government will develop its understanding of the range of cyber security skills and knowledge required across government and will respond accordingly, ensuring that its workforce is inclusive and diverse.

I am honoured to have been chosen to join the Professional Standards Working Group of the UK Cyber Security Council. Collaborating with top experts in the field to shape the future of cybersecurity standards in the UK is an exciting opportunity.

Caribbean Security & Resilience Awards Winners Announced

nielharper

The winners of the 2021 Caribbean Security & Resilience Awards have been announced!

Congratulations to the other award recipients:

  1. Peter Bäckman (Dominican Republic)
  2. Kwailan M. Bridgewater (Trinidad & Tobago)
  3. Lysandra Capella (Curacao)
  4. Rosa Damaris Diaz de Tejada (Dominican Republic)
  5. Gavin Dennis (Jamaica)
  6. David Gittens (Barbados)
  7. Stevez Gomes (British Virgin Islands)
  8. Garth Gray (Jamaica)
  9. Norval West (Jamaica)

I was quite surprised to be recognised for my contributions in the Caribbean region, and deeply humbled to be in such esteemed company.

Thank you all for what you do day in and day out to keep the Caribbean region #cybersecure!!!!

The official announcement on the International Security Journal’s website can be found here.

ARIN/CaribNOG Technical Community Forum

nielharper

The COVID-19 pandemic continues to impact networks, economies and societies across the Caribbean. More than ever, keeping critical systems secure, resilient, and accessible is a collective responsibility. This year’s Forum presented the opportunity for participants to understand the role the American Registry for Internet Numbers (ARIN) and other Internet development focused organizations play in supporting critical Internet Infrastructure in the Caribbean. It also facilitated the networking of people necessary to truly support and strengthen our technical community in the region.

ARIN has been collaborating closely with CaribNOG, a volunteer-based network operators’ community, to strengthen technical capacity in the region. This forum assembled some of the leading experts in the region and from around the world to address the fourth staging of our Technical Community Forum.

As the first featured speaker, the topic of my address was ‘Global Cybersecurity Trends and Implications.’ I first discussed the global shortage of cyber security personnel and encouraged the Caribbean to focus on the development of cybersecurity experts to support local, regional, and global demand (and also as a key element of national cyber workforce development). I also touched on other topics such as developing cybersecurity programs with constrained budgets, coordination and cooperation towards increase security resilience, and how to stay on top of developments in an increasingly complex threat landscape.

Many thanks to ARIN and CaribNOG for their invitation to speak!

Cybersecurity pros are badly in need of MENTORS: And here’s why…

nielharper

Finding and keeping cyber-talent is a top global concern for public- and private-sector organizations alike. Yet, the prevailing theory among industry analysts is that there is a talent crisis, with ‘experts’ predicting that by 2022 there will be more than 1.8 million unfilled jobs.

The above graphic highlights one of the industry’s most glaring shortcomings: Everyone wants to hire cybersecurity pros, but no one wants to develop, guide, instruct and enhance the career effectiveness of inexperienced/entry-level candidates. It’s a self-destructive, self-refuelling, self-fulfilling prophecy – And it NEEDS to STOP! We simply don’t have an assembly line of top-tier, experienced cyber pros to choose from.

So how do we develop the next generation of cybersecurity leaders? What are some of the individual actions veteran security leaders can take? How do we help those without the finances to obtain expensive security training and certifications? What role does the government have to play?

There are multiple dimensions to the institutionalisation of cyber capacity building. For example, there’s a national response and an enterprise response — and ideally the two should be coordinated (but most often are not).

There are established commercial training and certification programs, which can verify the capabilities of individuals. However, while these certifications can be used to get hired, organizations still have to continuously invest in their employees’ development. This is particular important given how rapidly the threat landscape changes.

From a national perspective, capabilities need to be developed to build trust in the online systems that underpin the digital economy. Part of building trust is creating a workforce of cyber pros to address key threats. Government should create a workforce development program as part of a national cybersecurity strategy, and it should address training at the college, university and professional certification levels.

But in the absence of such actions by corporations or countries, we cybersecurity leaders need to take up the charge. We need to commit to mentoring as many young professionals as we humanly can. It’s not only incumbent upon us to support their career progress, but also to give back to the profession as well as contribute to the overall trust model that underpins the global Internet. Let’s do our part!