search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
PARTNERSHIPUPDATE - PARTNERSHIPUPDATE -


Focus on a Chartered Security


Professional:


John Bore


Cyber security consultant


that I took to heart and really set my feet on the path I’m still walking now.


A few years ago, I decided to link together my rather eclectic experiences, and went down the route of a part-time MSc in cyber security with Northumbria University. This gave me the opportunity to round off the edges of my knowledge along with picking up some foundational skills to develop further on. Finally, a while after that, I had a good enough relationship with my employer at the time to take a chance, and went fully independent to run my own company just after the start of the pandemic.


As a cyber security consultant, what made you decide to become a Chartered Security Professional?


I


n our ongoing series of profiles on Chartered Security Professionals, we interviewed James Bore, a cyber security consultant:


Can you summarise your career so far, including why you chose cyber security?


It’s a slightly challenging one to answer. When I began my career, the Data Protection Act 1998 was only a couple of years old and I started out providing management for school networks, which meant that the new data protection legislation and the idea of information security was taken seriously.


I often joke that the school where I worked was the perfect environment to learn security. It was massively under-resourced (being a team of two at the time, with no real budget), had a reasonable-sized network (200-odd computers), and a huge pool of motivated attackers constantly trying to find ways around our security (2,000-odd students, and some teachers).


That started me on the technical side of things, and over the years I jumped into different areas of IT, gradually sidling closer and closer to the security side of things and away from the technology side.


There are a couple of people in particular who gave me encouraging kicks at the right time in my career, and really helped shape it, although they may not be aware of this. One was one of my earliest managers, who not only gave me an opportunity to get into virtualisation, but also simultaneously gave me the chance to learn the importance of governance and risk management. Then, almost a decade later, my boss at one of the larger Telcos really kicked things up by introducing me to the importance of people skills, networking, and communication to get things done – lessons


© CITY SECURITY MAGAZINE – SPRING 2022


One of the things that I will preach about given the slightest opportunity is the idea that security is the discipline, the skillset and models we use to look at the world, and cyber is just one of many domains where it can be applied. That’s not to say that the technology doesn’t matter, but the security skills and tools that we develop around risk management, threat modelling, governance, policies and procedures, and everything else that makes up the security world are independent of the cyber side of things.


For years I’ve been attending and speaking at physical and hybrid security events, and becoming a CSyP seemed a much better fit with my view of security than taking a more technology-focused option to professional accreditation. It also sets a high bar for standards, while most of the certifications which exist in the cyber security industry assess competence with multiple choice quizzes.


A Royal Charter is a long-established and legally recognised standard for professional achievement.


What difference has it made?


I haven’t been on the Register for long which makes this difficult to assess. At the very least though, it has led to some very positive conversations with clients and colleagues about the role of cyber in security which. given government consultations coming out, seems timely.


How will it help in your next steps?


It gives many of my clients a degree of confidence and reassurance that they are getting the guidance that they are looking for and that I am required to remain current in the field. Given how quickly the cyber security field changes, and how quickly most certifications go in and out of fashion, it’s a mark of competence that stands aside from any vendor certificates or similar.


www.citysecuritymagazine.com


What does CSyP mean?


T


he Register of Chartered Security Professionals was launched in 2011. It was established under a Royal Charter issued to the Worshipful Company of Security Professionals.


Registrants use CSyP as a post nominal. Being admitted to the Register and becoming a CSyP is a means of being recognised and continuing to represent the highest standards and ongoing proficiency. It is the gold standard of competence in security.


CSyPs have to comply with a code of conduct, a professional disciplinary code, and also complete continuous professional development each year.


Applications to the Register are managed by the Security Institute on behalf of the Worshipful Company of Security Professionals. Licenced organisations are the Security Institute and ASIS UK Chapter 208 who can both mentor and support CSyP applicants.


The Register of Chartered Security Professionals is recognised across the UK, including the Association of Security Consultants (ASC), International Professional Security Association (IPSA) and the Centre for the Protection of National Infrastructure (CPNI)


For more information about becoming a Chartered Security Professional please visit www.charteredsecurityprofessional.org


>


What guidance would you give others working in cyber security who are thinking of applying?


For those in cyber security in particular, it is a very different process to any professional certification you’ll be used to. There are no multiple choice tests, or courses to cram in order to pass the assessment. I would very much recommend going to one of the application workshops to start out, and speaking with other CSyPs to get their thoughts on ways for you to apply, and the experience you’ll need to demonstrate.


23


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36