Indeed, one of the reasons Davis was hired to sit alongside Infosecurity editorial board member, John Colley, also MD EMEA at (ISC)2 - who will remain in his position - was to “create a larger, noisier presence for (ISC)2 in EMEA. We want to be doing what the US are”, Davis told Infosecurity.
The reason for having two managing directors, explained Davis, is quite simply “to serve an increasingly large market that needs more attention.”
Davis was previously principal analyst at ISF.
When asked what his primary objective in his new role is, Davis declared that he’d like to have members in each of the 129 EMEA countries. “(ISC)2 has fully realized that EMEA is one of the most important regions, and having two managing directors demonstrates commitment to the region”, he explained.
“We want EMEA to be as big and vibrant at the US, running lots of events, and enabling lots of communications between members.”
Davis on the Skills Gap
Whilst Davis is aware that work needs to be done “looking for a new generation of security experts” – a generation which he believes are coming from diverse backgrounds, “anything from IT, audit to rocket science” – he is positive about the progress being made.
“More and more people are starting to realize that information security is an actual career, and a nice one at that”, said Davis, who mentioned a “recent realization that you don’t have to be a geek to be an infosec professional”.
Whilst he acknowledged that women are still a concerning minority in the industry (the latest (ISC)2 workforce study suggests 7-11%), he believes that the women who are in the industry are getting more profile.
The main problem, Davis said, is that there is no “academic filter” for graduates into the industry. “A global academic program will help. We need to work better and communicate more with academia. We need to tell students that information security is a viable career path.”
Sometimes though, concedes Davis, employers are reluctant to take a chance on hiring professionals without the right degree or qualifications, thus fuelling the skills gap further. “Small companies can’t afford to take risks on people without the right qualifications”, he told Infosecurity. “Companies often have a culture and pre-determined idea of who fits in and what the accepted norm is, and they filter a CV based on those norms and competencies.”
Ultimately, Davis said, “the industry is a teenager and we’re still finding out how it works.”
Davis on the (ISC)2 Foundation
It’s the nature of the information security to “want to give something back”, Davis told me. “We have a cohort of willing volunteers, all wanting to work for a cause.”
Even within (ISC)2 itself, Davis confirmed, staff often volunteer additional time for ventures they believe in.
One of those, which has more member support than (ISC)2 can currently action, is the safe and secure online program, which puts members into classrooms to help children aged 7-14 learn how to protect themselves online. Infosecurity Magazine and Infosecurity Europe are the official media partners of the safe and secure online program.
Davis aims to raise awareness in order to aid fundraising for the program through better communication to the industry community.
To find out more about the Safe and Secure Online Program, please visit: https://www.isc2cares.org/safe-and-secure/