National Cyber Security Centre
Certifying the professionals
We had a number of great questions during CyberUK2017, and some of those were about the future of Certified Cyber Professionals (CCP). Was the scheme still wanted? Would it continue to be supported by government? Will it be made more applicable to the private sector? If you stayed and listened to Ian Levy's closing keynote you will have heard him clearly reaffirm our commitment to improving professional skills, as well as identifying those skilled cyber security professionals who can help our customers with their particular cyber security challenges. So CCP is not disappearing.
This doesn't mean that CCP is perfect. It is 5 years old and continuing to grow, and as with most growing things changes need to happen for it to flourish. We've been listening carefully to the feedback from users and participants in CCP, and know some areas where we need to make improvements. For instance, the application process is too time-consuming, the role structure is too prescriptive, and we need to ensure that the NCSC is providing the right level of support to the assessors to ensure they can continue to do their jobs effectively as the scheme evolves.
So what are we doing? For a start, we’re considering how to change from assessing people against role definitions to certifying people in cyber security specialisms (eg risk, architecture, audit & review). This will enable the process to focus on the skills that really matter. We are working with the Certification Bodies (CBs) on this. We'll also work with them on how to streamline the evidence requirements for the specialisms, as well as recognising existing qualifications as part of the assessment process.
This will all take time but we'll make sure that as and when the assessment criteria change, people who are certified will be given time to transition into the new process.
We're committed to CCP. It’s here because we need it. CCP is a demonstration of competence and as such is a much-needed benchmark for what is good in cyber security practice.
We'll keep you updated as things progress.
See Anne W and Jon L's blog 'Putting the NCSC's badge on it..' if you want to learn more about what is happening with NCSC's assurance work.
Latest News from
National Cyber Security Centre
Statement: Marriott International data breach03/12/2018 14:15:00
The latest NCSC statement following reports of a data breach affecting Marriott International
GCHQ and the NCSC publish the UK Equities Process30/11/2018 11:15:00
GCHQ, and the National Cyber Security Centre, have a proud history of discovering and disclosing security weaknesses in all manner of technologies.
Top tips to shop safe online on Black Friday published as the NCSC encourages public to have a ‘cyber chat’23/11/2018 16:05:00
The NCSC is encouraging the public to have a 'cyber chat' to shop safely online during Black Friday.
NCSC to discuss drives to help cyber security thrive in Scotland23/11/2018 09:15:00
Security experts take part in multi-agency meetings to help cyber security thrive in Scotland.
Innovative cyber ideas chosen to benefit from NCSC Accelerator programme21/11/2018 09:15:00
The NCSC's Cyber Accelerator programme has announced the companies making up its third cohort.
NCSC’s advice in response to the increase in sextortion scams02/11/2018 12:15:00
Advice from the National Cyber Security Centre in response to the increase in sextortion scams.
Ciaran Martin's speech at the Annual Review 2018 launch17/10/2018 11:42:00
Ciaran Martin speaking at the launch event for the 2018 Annual Review (16th October)
NCSC deals with 1,100 cyber attacks in first two years17/10/2018 09:15:00
On its second anniversary, the NCSC has revealed it has defended the UK from an average of more than 10 attacks per week.