Track Talk Th10

What is Information Assurance?

Declan O'Riordan

10:00-10:45 CEST Thursday 9th June

You know how to test if something works, but would you like to do more to test and reduce information risks? Do you know the difference between general risks and information risks? Welcome to the world of Information Assurance, or ‘IA’ (not to be confused with AI).

IA work includes IT Health Checks (specialised tests), supply chain risks, security, information management, use of legal expertise, setting policies, and delivering plain-language briefings to senior leadership. In fact, it’s everything from A for Authentication to Z for Zero-trust, with help and hinderance from various intelligence services (the modern spies) in-between. IA requires detective work and making decisions on fuzzy problems. It’s like testing, but rounder.

One of the significant challenges we face is the global shortage of IA specialists to meet the increasing workload, especially since our perimeters moved into the cloud. My career journey over the last decade has been from ‘ordinary’ testing into IA. I’d like to convince more testers to acquire IA skills, and apply them in the workplace.