GCHQ security accreditation offered to UK companies

IT professionals outside government get chance of GCHQ backed certification

CESG, the information security arm of GCHQ, the UK's spy centre, has announced that its CESG Certified Professional (CCP) scheme has been expanded to include those responsible for securing networks at UK companies.

Originally launched in October 2012 for those working on government networks, the CCP scheme formally recognises the expertise of those working in the information assurance (IA) and cyber security sectors.

Now, for the first time, security professionals responsible for protecting UK industry networks from threats and vulnerabilities, can now take advantage of the scheme, "further positioning CCP as the UK's cyber security professional standard", said CESG.

Since the scheme's launch nearly 700 cyber security professionals responsible for securing UK government networks have been successfully accredited.

The CCP scheme is run by three independent certification bodies, appointed and audited by CESG. These are the APM Group; the IISP, CREST and Royal Holloway ISG consortium; and BCS, the Chartered Institute for IT.

The CCP certifications are valid for three years and provide a CESG approved benchmark of skills, knowledge and expertise in cyber security.

Chris Ensor, CESG deputy director for the National Technical Authority for IA (information assurance), said, "CCP is something that UK industry has been waiting for and I am delighted that we have been able to make the scheme available.

"I would particularly encourage those organisations that support the UK's critical national infrastructure to endorse the scheme and help build a community of UK cyber security professionals that is the envy of the world."

Adam Thilthorpe, director of professionalism, at BCS, said, "Information security and assurance issues are now pivotal to businesses. With 93 percent of organisations experiencing a security breach last year, it is vital that UK Plc ensures its information is safe and that the right people with the right skills are working with their organisations."

The scheme certifies IA specialists against specific IA roles and skills aligned to the competency framework Skills for the Information Age (SFIA) and BCS' SFIAplus.

It offers three levels of certification - practitioner, senior practitioner and lead practitioner - and covers six roles identified by CESG within IA, including: security and information risk advisor, IA architect, IA accreditor, IA auditor, IT security officer and communications security officer.

Join the CSO newsletter!

Error: Please check your email address.

Tags OriginsecuritycareersIT managementBCSGCHQ

More about APMBaptist Community Services NSW & ACTGCHQ

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antony Savvas

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts