If you actually read this carefully, it isn't referring directly to
Computer Security, rather it's about Security Guards/bouncers and that
type of thing.
See http://www.homeoffice.gov.uk/psib/index.htm for the lowdown -
particularly the press notice.
The actual wording of the bill is a bit vague. The parts about
'Security Consultants' are probably the closest you're gonna get to
people like us.
Of course, the actual interpretation of the Bill is not for me to make
;)
The main reason for it's introduction is to try and reduce the problems
we have with cowboy bouncers getting a bit heavy handed with people.
Of course it's been extended to cover all aspects of security guarding
- again with the emphasis on the traditional night security guard
types.
>From the website:
<snip>
Designated Sectors
The Bill will apply to security operatives employed in designated
sectors and who fulfil specific functions in the private security
industry.
The designated sectors are:
Manned guarding
Door supervisors
Wheelclamping
Private Investigation
Security Consultants
Keyholders.
The Bill also contains a power to allow the Secretary of State to add
or remove sectors from the list, following a recommendation by the
Authority.
Security Operatives
Within these sectors licences will be issued by the Authority to the
following categories of people:
security contractors, directors and partners of security companies;
employees of security companies;
agency employees, i.e. directors or partners or employees of the agency
or individuals who work for the agency on a contract basis;
employees who manage or supervise security operatives supplied under
contract by a security contractor, a security company or by an agency;
agency-supplied managers or supervisors of security operatives supplied
under contract;
directors of security companies and partners of security firms who do
not themselves carry out designated activities;
in-house door supervisors and wheelclampers and their employers,
managers and supervisors;
others who wheelclamp vehicles on private land against a release fee.
The Authority will determine criteria for the issue of a licence. These
will include a criminal record check undertaken through the Criminal
Records Bureau, once established. This is to ensure that licences are
issued only to fit and proper people. A register of licences will be
maintained by the Authority. Members of the public and other persons
will be able to inspect the register.
<-snip>
Mark Watts.
<<Ususal disclamer about My views and not those of my Employer go
here>>
-----Original Message-----
From: mht [SMTP:[EMAIL PROTECTED]]
Sent: Friday, March 09, 2001 3:58 PM
To: [EMAIL PROTECTED]
Cc: Crumrine, Gary L
Subject: Licensing Information Security Professionals story
Forwarded from ISN:
Has anyone seen this story??, comments
http://www.ntsecurity.net/Articles/Index.cfm?ArticleID=20224
Mark Joseph Edwards
March 7, 2001
Security is still a red-hot industry, showing no signs of cooling down
any time soon. Opportunity abounds for security aficionados to niche
themselves into this exploding market space, as witnessed by several
new consulting firms that have catapulted themselves into the realm of
Fortune 1000 clients. But, as with any hot market, we can expect to
find wolves in sheep's clothing hoping to take advantage of someone.
If you can't afford well-known and trusted security consultants, who
do you hire to assist with your needs? How can you adequately and cost
effectively investigate candidates?
Some security-related professionals, such as gun-carrying security
guards, are required to obtain training and licensing to ensure
they're qualified for their jobs. Obviously that's not the case with
information security, so screening candidates for security-related
work isn't as easy as hiring an armed security guard, whose
credentials and capabilities have already been verified to some
extent. Would licensing information security professionals be a
benefit to society? Some members of British government certainly think
so.
On December 7, 2000, a bill was introduced to the British House of
Lords that proposes that all security consultants receive training and
be licensed by the government before performing work for outside
entities. Licensees would include anyone who performs security work
for a third party. In the case of security consulting businesses,
licensees would also include anyone in the company that manages all or
part of the company's operations or its employees. According to the
bill, the license could cost as much as 36 pounds (about $53 US), and
licensees would have to undergo a background check to ensure they
don't have a criminal history. One premise behind the bill is to help
ensure that unsuitable people don't gain positions of trust in private
industry. The other premise is to provide a deterrent in the form of
criminal punishment for unlicensed practitioners and those people who
hire unlicensed practitioners.
The security industry does need better standards for security
professionals (not to mention software developers), but I'm not sure
how I'd react to such a bill if it were introduced into American
government. Perhaps such standards are better left under direct public
control, similar to how in America we rely on Underwriter's Labs for
product safety and certification testing. Can a similar entity suffice
for information security?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
