I just read the transcript for the Security certifications: What they are, and why you need them webcast held on Jan. 30, 2001. A lot of water has flowed under the bridge since then, so would be grateful if you could reply to a couple of questions that I have.
1. What is the status of the ICSI certification vis-a-vis the SANS GIAC and CISSP? How do they compare now?
2. In response to a question, you had stated 'CISSP is older and a bit outdated right now.' Has the course content been updated since then, or is it still 'out of date'? If it is out-of-date, what certification would you recommend at this point of time?
In regard to your first question, I assume you mean the TICSA (TruSecure ICSA), because I don't recognize ICSI as a valid security cert acronym. The TICSA has now been available for 10 months but there are less than 1,000 certifiied individuals at present. I'm backing off on my recommendation of this credential because it doesn't seem to be all that popular in the marketplace -- which is too bad for me, because we just finished a book on the topic last month. Thus, I'm still much more in favor of the SANS and ISC-squared CISSP certs for the foreseeable future.
Indeed, the CISSP content has been significantly updated and in fact ISC-squared has made a public commitment to update the question bank yearly from here on out. That said, the CISSP remains a rather more theoretical and conceptual credential rather than a hands-on, nuts-and-bolts operational credential. It's still the most frequently mentioned or requested security certification by name in job postings and classified ads, so that's not to say the credential has lost value or cachet. It's just that if you want certification to help prepare you to work as a security practitioner, the SANS and various vendor security certs will better help prepare you for such a role in the workplace.
For more information on this topic, visit these other SearchSecurity.com resources:
Careers & Certification Tip: Update of vendor-specific security certifications
Careers & Certification Tip: Update of vendor-neutral security certifications
Webcast Archive: Careers, Certifications and Training
This was first published in October 2002