Analysis of the competencies of information security consultants: Comparison between required level and retention level

Abstract

Recently, the increasing demand of information security consulting and securing workforce for information security consulting companies have emerged as major pending issues especially with the expansion information and communication infrastructures and the increase of instances of personal information leakage. This research aims to provide guidelines for successful information security consulting and training of information security consultants by looking into the core competencies of information security consultants and how much one possesses each competence. Thirty-five competency models were constructed by exploring previous researches, interviewing the experts in the field of information security consulting, and surveying information security consultants on the required and retention level of each competence. The results of the present research can provide useful information in improving the quality of information security consulting services by understanding the differences between required and retention level of competencies among information security consultants.