The Computer Emergency Response Team (CERT) is coming out with its first security certification, one aimed at helping companies deal with incident response and handling.
Perhaps few organizations are better suited to offer a Certified Computer Security Incident Handler certification than CERT, which is based at Carnegie Mellon University in Pittsburgh. The group is an independent clearinghouse of information about security vulnerabilities.
To complete the certification, candidates must pass four courses on a range of topics offered by the university's Software Engineering Institute, which manages CERT. One course focuses on creating a computer security incident-response team. Another focuses on managing such teams. Fundamental and advanced incident-handling courses are also required.
A fifth elective course on one of three topics -- computer forensics, intrusion detection or security audits -- can be taken at any accredited institution.
"We have offered courses on the subject for years," said Barbara Laswell, technical manager of practices, training and development at the institute. "We decided it was time to wrap a certification [around] it."
The certification is specific, but it should have broad appeal, Laswell said. For example, it's advanced enough for IT professionals already engaged in incident response. It is a good start for people wanting to implement incident-response teams at their companies. It would also be beneficial
In addition to the coursework, candidates much have three years' experience in incident handling, either in management or on the technical side. The candidate also needs a letter of recommendation from a manager. And candidates must pass a test administered by the Software Engineering Institute.
CERT's certification is a sign of things to come, as security becomes more specialized, said Peter Gregory, a consultant with the Woodinville, Wash.-based HartGregory Group. "I have seen that trend over the last year," he said.
Specifically, incident response is an area companies need to pay more attention to, Gregory said. Companies need to have people who can preserve forensic evidence but also get systems back up and running, he said.
"Only time will tell how good a job CERT will do administering the certification," Gregory added. "But CERT has a very good reputation, given its long-term participation in the security community."
FOR MORE INFORMATION
FEEDBACK: How likely are you to pursue a specific security certification like the one offered by CERT?
Send your feedback to the SearchSecurity.com news team.