Computing is the UK's most authoritative voice on business technology issues. Do you agree with the views of our readers from the newspaper's letters page? Computing is the UK's most authoritative voice on business technology issues. Do you agree with the views of our readers from the newspaper's letters page? Computing is the UK's most authoritative voice on business technology issues. Do you agree with the views of our readers from the newspaper's letters page?

« Penny pinching on training | Main | A healthy option »

Friday, 23 March 2007

Security scheme needs specifics

A security accreditation scheme such as Crest is definitely a good idea (Ethical hackers face new test, 22 March). But it needs to go further than Check, the public sector equivalent.
The Check system was not especially relevant to non-government organisations, apart from giving them a general sense of trustworthiness. Even that had little practical effect because most clients would want contracts or non-disclosure agreements signed regardless.
It would be good if Crest could provide more specific certification. For example, someone who is a great web application tester could be certified specifically in that area and would not necessarily be certified for database security or firewall security testing.
This would give clients the reassurance that the people doing the work have the right level of specialist knowledge.
Rory McCune

Posted at 03:04 PM in security, skills, strategy |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c82a753ef00d83576b80b69e2

Listed below are links to weblogs that reference Security scheme needs specifics:

Comments

Post a comment

If you have a TypeKey or TypePad account, please Sign In


Contacts

Recent Posts

Recent Comments

Computing blogs

Archives

Categories

Powered by TypePad
© 1995-2006 All rights reserved