According to Frost & Sullivan’s 2017 Global Information Security Workforce Study, 67% of organisations in the Middle East and Africa suffer from a shortage of information security staff.
The study also found that one in four hiring managers in the Middle East and Africa expect to see departments grow by more than 15%, which is great news for information security specialists in the region.
At IT Governance, we understand that information security is a complex, multidisciplinary field, and choosing a learning path that will deliver qualifications to support your career can be daunting.
An ISO 27001 qualification is something cyber security professionals should invest in, but it is also worth considering other key qualifications.
Do you need the technical-based training?
Training and HR managers will often ask whether you want a technical career or a career in management.
The correct answer for a prospective cyber security professional should always be that they want both – but not necessarily at the same time.
Any career in information security requires knowledge of:
- IT systems, applications and the people who use them;
- The threats and vulnerabilities that characterise the modern-day cyber attack; and
- The security provided by commercial products.
The importance of practical experience and training
Those at the beginning of a cyber security career should aim to get as much practical experience as possible and look to achieve industry-standard qualifications offered by the likes of Microsoft, Cisco and HP.
CompTIA® (Computing Technology Industry Association) also offers an independent learning path, which is highly valued by employers in the GCC (Gulf Cooperation Council) countries. Professionals can get certified with its A+, Network+ and Security+ qualifications.
Specialist training and qualifications in the Gulf
Some information security specialists will opt for specialising in ‘dark arts’ – roles that include security architecture, penetration testing, digital forensics, incident management and security/compliance auditing.
These individuals should invest in industry-recognised qualifications awarded by independent organisations and assessed by examination, such as CEH (Certified Ethical Hacker) or GPEN (GIAC Certified Penetration Tester) certificates.
Qualifications to advance to senior positions
Many senior positions with higher salaries in the GCC countries involve becoming a manager or being able to advise others about management.
The role may be managing teams of specialists, or managing the people, processes and technology associated with ensuring effective information security. Professionals will be required to have a thorough knowledge of asset and risk management and the controls required to mitigate the risks to an organisation.
ISO 27001 training in Dubai
This autumn, IT Governance is bringing its ISO 27001 training courses to Dubai.
Courses will be delivered at our professional training centre in Dubai from November and offer a structured learning path for information security professionals in the UAE.