Professionalisation (7)

Will professionalisation prevent the next Veronica Theriault?

Professionalisation should stand on its own merits — not on the illusion that it will prevent the next fraud. If we build professionalisation on that fantasy, we are not protecting businesses or consumers — we are deceiving ourselves.

Continue reading →

Listening Before Leaping: AISA's Cautionary Path on Professionalisation

Professionalisation was explored, revisited, and reconsidered. AISA’s journey reflects not opposition, but the careful weighing of complex questions over time.

Continue reading →

Would professionalisation have stopped the Hacker from Hell?

A man faked his way into cybersecurity leadership — not because the system lacked rules, but because no one cared to check his credentials. Professionalisation won’t fix that.

Continue reading →

Only 6 out of 220 recommended professionalisation to Home Affairs

When six organisations out of 220 steer government policy, the question is not whether professionalisation is necessary — but whether it is legitimate.

Continue reading →

The Spectres of Cybersecurity Professionalisation

Professionalisation is haunted by spectres: contradictory evidence, uncertain promises, unresolved concerns, lingering doubts, incomplete solutions, false closure, unseen exclusions, and past scandals.

This essay aims to call out these spectres so they can be examined in themselves but more importantly so that their influence on how we’re approaching professionalisation can be properly examined.

We do not summon the spectres, and even if we choose to ignore them, they still exist.

Continue reading →

Professionalisation as the Profane Made Sacred

The cybersecurity industry is being overtaken by a push for professionalisation. Its proponents justify this push as a necessary step to better protect the public, businesses, and consumers. But a closer look reveals an ideology that elevates certain values, devalues others, and even excludes some values altogether.

What is the cost of this devaluation, and who pays the price? To answer this, we will look to a case study of the UK’s cybersecurity professionalisation scheme, specifically the UK Cyber Security Council Competence & Commitment (UK CSC SPC). We’ll refer to UK CSC as “the Council,” as that’s how its creators describe themselves.

My end goal is to encourage reflection and questioning throughout the industry. By thinking critically about professionalisation, we can reflect on our ethical responsibilities toward those who are devalued or excluded – and decide whether change is necessary.

Continue reading →

Who decides who is a cyber professional and why trust them?

Professionalisation is both the mechanism that enforces an economic model and the ideology that justifies it. In this essay, I set out to analyse the Grant Opportunity Guidelines published by the Australian Government and ask dangerous questions.

Continue reading →