The global skills and competency framework for the digital world

#1245 Cybersecurity change request accepted

Cybersecurity is a growing aspect of all IT professionals roles and as such should be included in the framework. The description below highlights particular areas missing from our organisations perspective.

Key skills and activities that are essential to security professionals within our organisation:

  • Identifying and defending against new and changing cyber threats.
  • Implementing protocols to minimise vulnerabilities across a scaled organisation.
  • Capability to react efficiently to apparent cyber threats.
  • Creating models to assess potential information security threats.

To name but a few areas...

Current status of this request: accepted

What we decided

Include in review of Information and cyber security skills for SFIA 8

What we changed

Cyber security related skills have been added and updated for SFIA 8.

[email protected]
Feb 28, 2018 03:32 AM

Many organizations are moving to create a role separate from CIO or CTO. This emerging role is CISO - Chief Information Security Officer. This role would seem to be underpinned in security skills for both information as well as infrastructure.
Skills areas to consider are threat identification , potential threat identification and threat response.

Paul D Jagger
May 25, 2018 08:15 AM

Since this change request was first submitted, SFIA has come on it leaps and bounds in its coverage of Information Security. I counsel against importing the term 'Cyber Security' into the SFIA Framework as it's a nebulous term which the media enjoy using as a portmanteau for all things in Information Security, Information Assurance and Information Risk Management. It may be good for a headline, not so for a detailed skills model.