There are already several different IT security certifications such as CISSP.
How does this differ or improve on the CISSP, and SANS GIAC certifications?
Certainly independent certifications are better than product specific ones but is this
really independent? What is the purpose of this certification? Is this a theoretical
one, a practitioner's one or a manager's one?
Although TruSecure (n�e ICSA n�e NCSA) has a fairly strong reputation, it still is a
commercial organisation without an academic backing in certification. On what basis
should I believe that a certificate from ICSA will be recognised as denoting
competence?
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Frederick M Avolio
Sent: Sunday, December 10, 2000 13:42
To: opie san; [EMAIL PROTECTED]
Subject: Re: Worthy Security Certifications (Alphabet soup)
At 08:47 AM 12/10/00 +0000, opie san wrote:
>I've recently found out about a new (I think) set of certifications from
>ICSA that are geared towards network security.
I know quite a bit about this, as I have been contracted by TruSecure to
help develop them and roll them out. So, it may be obvious:
- I think there is a need for an independent security certification
- I think this one will be worthwhile
ICSA has certified products, and I've always found them to be thorough,
useful, and open (certification criteria have always been published an
industry input sought, etc.) Commercially they test and "certify" networks
and sites for clients. So, certifying professions seems a reasonable and
logical next step. (Also, people have contacted them to suggest this.)
Here's the state of things:
- The general criteria exists as it is in referenced web page.
- We are soon to announce an oversight board of industry professionals.
While TruSecure/ICSA is the certifying body, it is an expert driven and
guided certification.
- Testing will be announced in January.
- The certification requirements will be expanded to include requirements
for on-going re-certification. (I expect to include continuing education
credits, on-going work experience, and teaching or speaking with
satisfactory ratings for the ICSP certification.)
I'm happy to field any questions on it. I'm not really interested in
debating its worth doing, though I certainly expect some feel otherwise.
Fred
Avolio Consulting, Inc.
16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
+1 410-309-6910 (voice) +1 410-309-6911 (fax)
http://www.avolio.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
