Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

GCHQ's infosec arm bins advisor accreditation scheme

Too busy listening in to phone calls to listen to customers?

GCHQ's communications security arm, CESG, has been accused of leaving a gaping hole in the government security advisor profession by axing its accreditation scheme.

The CESG Listed Advisor Scheme (CLAS), the accreditation programme for private sector consultants providing information assurance advice to the public, is to be closed in January next year. It means that some 700 approved advisers will lose their accreditation and customers will have no way of verifying whether security advisers have the necessary government expertise.

The scheme is to be replaced with Certified Cyber Security Consultancy, which accredits companies rather than individuals. However, no companies have yet signed up.

A survey of CLAS customers seen by The Register suggested that the many still valued the scheme.

One government-accredited security advisor who asked not to be named said the new "companies scheme" is at odds with Whitehall's agenda of working with SMEs, as it squeezes out independent advisers in favour of larger suppliers.

He said: "We seem to be running the risk of losing substantial numbers of potentially key individuals in a Cabinet Office driven information assurance brain drain away from government work."

The source claimed there had been zero consultation or discussion between CESG and the CLAS practitioner community as to the right balance for future information assurance regimes in the UK public sector.

"Instead of using 700 consultants with, lets assume 10 years experience each in every sector of central and local government, as suppliers and client side, and with many former civil servants of decades standing in their midst, CESG have decided - for reasons surely only they can explain - to drop the scheme wholesale and chase new (as yet poorly defined) models or working."

Another security advisor said: "The business change has been handled so badly. Even now CESG is still promoting CLAS on its website." He added: "But soon customers will be in a position where they have no way of knowing if this person knows about government security."

Another joked: "CESG has some good people, but they are clearly too busy listening to people's phone conversations to listen to the profession and government customers."

He added: "Customers are confused and puzzled about why it has been discontinued. When the companies replacement gets off the ground, it'll only be the big system integrators who benefit."

A fourth practitioner, who also asked not to be named, acknowledged that the scheme had not been perfect, but said issues around a perceived deterioration of skills could have been addressed without disregarding the whole programme.

A spokeswoman from CESG said it has decided to close CLAS "because both our customers and the CLAS Members' Forum itself told us it was no longer delivering the consistent, high quality, value for money consultancy needed. The replacement - Certified Cyber Security Consultancy - tackles these issues and is open to independent consultants who can demonstrate that they have the skills needed for the cyber security challenges of today. ®

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like