Memorandum:
Abstract of Mba; Routes to Security Chartership. [Patel, Rimesh (2013)]. Attached Blog Diagram.
Explanation:
Abstract of Mba; Routes to Security Chartership. [Patel, Rimesh (2013)]. Attached Blog Diagram.
Explanation:
- 4 Hexagons represent any Technology facet such as Storage, Networks, Servers, Devices, Security platform skills.
- 3 Pentagons represent vendor, client and internal project interactions enhancing pre-fix security experiences.
- Star represents chosen seniority in IT vendor facet achieved with pre-fix security experience, to create for example, Security-Storage, Security-Network, Security-Servers, Security-Devices and Security-Cyber Chartered Engineer.
- Figure represents the Charter Security Model. Patel, Rimesh (2013). Strategic Management (2013). Thesis – Management of Cyber Security, University of Wales.
Immediate benefits:
This would naturally complement any companies internal model to make IT or Security skills relevant to the marketplace thus achieving CSITP, C,Eng or I.Eng as required by the candidate.
This would ensure external self-promoting pyramid scheme style CBK models are not required and allow the company to focus and promote its own technical intellectual prowess and brand value ensuring correct knowledge transfer and refine using its own platform products.
Actualisation, Theories and Studies:
Proven theories created based on real life experiences that allowed academic verification within Strategic Management (2013). Thesis – Management of Cyber Security.
References:
Patel, Rimesh (2013). Strategic Management (2013). Thesis. Management of Cyber Security. University of Wales.
Appendix:
Questionnaire Two. Created Charter Model.
This questionnaire two is created as results indicate from questionnaire one that though managers value competency skills over qualifications 90 % of team members had a qualification. Where those with cyber qualifications were valued more in the team.
Results show that team members are motivated when their value of experience and qualifications are in unison, though not all companies have mechanisms to promote this. General value indicates that there are not enough Charted security programmes that combine academic and commercial skills with competency experience.
This thesis will now close the initial questionnaire and focus on the last objective which was to investigate specialist institutions who are best placed to promote managers and employee needs. Institutions like the iet.org would be able to take a candidates qualifications ( academic or non ) and unify them into a grading system, where to ensure fairness a weighting system can be implemented that allows competency experiences the same gravitas as a candidate not having any qualifications.
Analysing the results from the first questionnaire this thesis has created the theory model below as a pragmatic mechanism to allow companies to internally implement a global chartered security programme that works with commercial market qualifications and non commercial qualifications/experience along with cyber security Vendor companies to provide verified competency experience (by the usage of their technical products). This will answer the issues seen within the questionnaire results on how to managers motivate and develop staff at the same time allowing team members to gain a higher status of recognition externally (to the same extent as commercials ones allow) using the companies normal internal mechanisms.
Currently, to obtain a CISSP, members need a minimum of 10 years experience, where here the equivalent is to obtain a CITP. Using this as a foundation the team member works with vendor technology (commercial market driven relevant products) and after three years the team member would be recommended to apply for CSITP by the line manager who over the years would ensure the team member is on track to obtain the CSITP. The USP for this model is not the model itself, but the availability for a cyber engineer to choose which area of cyber-specialism they wish to obtain, by working on that technology Vendor product. As an example, to become proficient in SIEM technology the above 'Vendor Experience' could be 'Vendor certification ' or 'Vendor Experience' .
Alternatively the team member at the start could chose 'without specialism' option and spend the three years working on at least three vendor technologies delivering at least one project in each to obtain the CSITP – this would be agreed with the manager at the start who would then know how to align the three years.