Security certification landscape: Vendor-neutral certs abound

With the help of Kim Lindros, Ed Tittle updates SearchSecurity's semi-annual vendor-neutral certification survey.

The past six months have seen some additions to the vendor-neutral security certification landscape, providing organizations and individuals with an increasing range of options for training. Most notably, we witnessed the introduction of a potential major player in the intermediate- to senior-level: ISACA's Certified Information Security Manager (CISM) certification. In this semi-annual update to SearchSecurity's certification landscape...

series, we introduce you to the many vendor-neutral security certifications available, and we re-evaluate the importance of several older elements, as you'll read in part two.

This landscape features more security certifications than ever listed before -- a total of 56, counting each GIAC credential. This includes 13 new entries (indicated in bold) offset by no removals. While this article focuses on vendor-neutral certs, you can learn what is available by specific vendors in our accompanying article in this series.

Now, let's revisit this great big bowl of alphabet soup by exposing all the security-related certification programs -- and their inevitable acronyms -- that occupy this landscape.

  • AIS -- Security University's Advanced Information Security Certification
    Security University's AIS program combines coverage of key information security topics, tools and technologies with perhaps the best overall hands-on, lab-oriented learning and testing program around. To obtain AIS certification, security professionals must complete eight courses, including six tools-oriented classes on topics like network penetration testing; firewalls and VPNs; virus analysis, patch management and incident response; PKI; intrusion detection and computer forensics; plus two management classes on network security policy and architecture security. They must also take and pass a demanding exam.
    Source: Security University

  • BIS -- Brainbench Internet Security Certification
    The BIS seeks to identify individuals with a good working knowledge of Internet security practices, principles and technologies. It is aimed at full-time network or system administrators who must manage systems with Internet connections or access.
    Source: Brainbench

  • BNS -- Brainbench Network Security Certification
    The BNS seeks to identify individuals with a good working knowledge of network security practices, principles and technologies. It is aimed at full-time network administrators who must deal with external threats through boundary devices like routers, firewalls or intrusion-detection systems, as well as more typical internal threats.
    Source: Brainbench

  • C3C -- Certified Cyber-Crime Expert
    The C3C identifies computer forensics investigators, information technology and security personnel, law enforcement officials, lawyers and others who must have the knowledge and tools to effectively collect, handle, process and preserve computer forensic evidence. The certification requires successful completion of the Computer Forensic and Cyber Investigation course, and a practical and written exam.
    Source: eBusiness Process Solutions

  • CCCI -- Certified Computer Crime Investigator (Basic and Advanced)
    The CCCI is one of two computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field. Basic requirements include two years of experience (or a college degree and one year of experience), 18 months of investigations experience, 40 hours of computer crimes training and documented experience from at least 10 cases investigated. Advanced requirements bump experience to three years, four years of investigations, 80 hours of training and involvement as a lead investigator in 20 cases with involvement in over 60 cases overall.
    Source: High Tech Crime Network certifications

  • CCE -- Certified Computer Examiner
    The CCE, offered by the Southeast Cybercrime Institute at Kennesaw State University in partnership with Key Computer Service, seeks to identify individuals with appropriate computer forensics training or experience, which includes evidence gathering, handling and storage, and no criminal record. In addition, candidates must pass an online examination and successfully perform a hands-on examination on three test media.
    Source: Key Computer Service

  • CCFT -- Certified Computer Forensic Technician (Basic and Advanced)
    The CCFT is one of two computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field. Basic requirements include three years of experience (or a college degree and one year of experience), 18 months of forensics experience, 40 hours of computer forensics training and documented experience from at least 10 cases investigated. Advanced requirements include three years of experience (or a college degree and two years of experience), four years of investigations and 80 hours of training and involvement as a lead investigator in 20 cases with involvement in over 60 cases overall.
    Source: High Tech Crime Network certifications

  • CCISM -- Certified Counterespionage and Information Security Manager
    The purpose of CCISM is to prepare individuals to study potential sources of threat, defeat attacks and manage information security at an organizational level. CCISM is a management-level certification, where CCISMs generally manage, work with or consult IT organizations, technical specialists and other IT security professionals.
    Source: Espionage Research Institute

  • CCSA -- Certification in Control Self-Assessment
    The CCSA demonstrates knowledge of internal control self-assessment procedures, primarily aimed at financial and records controls. Its primary interest is with professionals who must evaluate IT infrastructures for possible threats to financial integrity, legal requirements for confidentiality and regulatory requirements for privacy.
    Source: Institute of Internal Auditors

  • CEECS -- Certified Electronic Evidence Collection Specialist Certification
    The CEECS identifies individuals who successfully complete the CEECS certification course. No prerequisites are required to attend the course, which covers the basics of evidence collection in addition to highly technical terminology, theories and techniques.
    Source: International Association of Computer Investigative Specialists

  • CEH -- Certified Ethical Hacker
    The CEH identifies security professionals capable of finding and detecting weaknesses and vulnerabilities in computer systems and networks by using the same tools and applying the same knowledge as a malicious hacker. Candidates must pass a single exam and prove knowledge of tools used both by hackers and security professionals.
    Source: EC-Council

  • CERI-ACFE -- Advanced Computer Forensic Examination
    The CERI-ACFE seeks to identify law enforcement officials with advanced computer crime investigation experience and training. Basic requirements include two years of computer investigation/debugging, two years of Microsoft platform analysis, two years of non-Microsoft platform analysis, 80 hours of approved training, a written exam and successful completion of hands-on exercises.
    Source: Cyber Enforcement Resources, Inc.

  • CERI-ACSS -- Advanced Computer System Security
    The CERI-ACSS seeks to identify law enforcement officials with advanced computer crime investigation experience and training. Basic requirements include two years of computer investigation/debugging, three years of Microsoft platform analysis, one year of non-Microsoft platform analysis, 40 hours of approved training, a written exam and successful completion of hands-on exercises.
    Source: Cyber Enforcement Resources, Inc.

  • CERI-CFE -- Computer Forensic Examination
    The CERI-CFE seeks to identify law enforcement officials with basic computer crime investigation experience and training. Basic requirements include two years of computer investigation/debugging, one year of Microsoft platform analysis, six months of non-Microsoft platform analysis, 40 hours of approved training, a written exam and successful completion of hands-on exercises.
    Source: Cyber Enforcement Resources, Inc.

  • CFC -- Computer Forensics Certificate
    Candidates who successfully complete the five-day Computer Forensics and Security Risk course through New Technologies Inc. (NTI) are eligible for Oregon State University's Computer Forensics Certificate. The NTI course focuses on hands-on experience with computer incident response, computer evidence collection and processing methods, and expert witness testimony.
    Source: Oregon State University Professional Programs

  • CFCE -- Certified Forensic Computer Examiner
    One of a growing number of law enforcement related forensic IT credentials, the International Association of Computer Investigative Specialists (IACIS) offers this credential to law enforcement and private industry personnel alike. Candidates must have broad knowledge, training or experience in computer forensics, including forensic procedures and standards, as well as ethical, legal and privacy issues. Certification includes both hands-on performance-based testing as well as a written exam.
    Source: International Association of Computer Investigative Specialists

  • CFE -- Certified Fraud Examiner
    The CFE demonstrates ability to detect financial fraud and other white-collar crimes. It is of primary interest to full-time security professionals in law, law enforcement or those who work in organizations with legal mandates (such as banking, securities trading or classified operations) to audit for possible fraudulent or illegal transactions and activities.
    Source: Association of Certified Fraud Examiners

  • CHFI -- Computer Hacking Forensic Investigator
    The CHFI is geared toward personnel in law enforcement, defense, military, information technology, law, banking and insurance, among others. To obtain CHFI certification, a candidate must successfully complete one exam, which is currently under development.
    Source: EC-Council

  • CIA -- Certified Internal Auditor
    The Certified Internal Auditor demonstrates knowledge of professional financial auditing practices. It is of primary interest to financial professionals responsible for auditing IT practices and procedures, as well as standard accounting practices and procedures to insure the integrity and correctness of financial records, transaction logs and other records relevant to commercial activities.
    Source: Institute of Internal Auditors

  • CIFI -- Certified Information Forensics Investigator
    Obtaining the credential of Certified Information Forensics Investigator requires adherence to a code of ethics, passing a rigorous exam and fulfillment of specific experience requirements. Aimed at full-time professional practitioners, this certification is both vendor neutral and devoid of sponsored training requirements, or the use or purchase of specific products.
    Source: International Information Systems Forensics Association

  • CISA -- Certified Information Systems Auditor
    The CISA demonstrates knowledge of IS auditing for control and security purposes. It's of primary interest to IT security professionals responsible for auditing IT systems, practices and procedures to make sure organizational security policies meet governmental and regulatory requirements, conform to best security practices and principles, and meet or exceed requirements stated in an organization's security policy.
    Source: Information Systems Audit and Control Association

  • CISM -- Certified Information Security Manager
    The CISM demonstrates knowledge of information security for IT professionals responsible for handling security matters, issues and technologies. It is of primary interest to IT professionals responsible for managing IT systems, networks, policies, practices and procedures to make sure organizational security policies meet governmental and regulatory requirements, conform to best security practices and principles, and meet or exceed requirements stated in an organization's security policy.
    Source: Information Systems Audit and Control Association

  • CISSP -- Certified Information Systems Security Professional
    The CISSP demonstrates knowledge of network and system security principles, safeguards and practices. It is of primary interest to full-time IT security professionals who work in internal security positions or who consult with third parties on security matters. CISSPs are capable of analyzing security requirements, auditing security practices and procedures, designing and implementing security policies and managing and maintaining an ongoing and effective security infrastructure. CISSP candidates must have four years of experience (or a college degree and three years of experience).
    Source: International Information Systems Security Certifications Consortium (aka (ISC)2, pronounced "ISC-squared")

  • CIW-SA: Certified Internet Webmaster -- Security Analyst
    Individuals who take and pass the CIW-Security Professional (CIW-SP) exam, and who hold one of the following certifications qualify as a CIW-Security Analyst (CIW-SA):
    • Microsoft Certified Systems Administrator (MCSA)
    • Microsoft Certified Systems Engineer (MCSE) 4
    • Microsoft Certified Systems Engineer (MCSE) 2000
    • Certified Novell Engineer (CNE) 4
    • Certified Novell Engineer (CNE) 5
    • Cisco Certified Network Associate (CCNA)
    • Cisco Certified Network Professional (CCNP)
    • Cisco Certified Internetwork Expert (CCIE)
    • Linux Professional Institute (LPI) Level 2
    Individuals who hold this credential can carry out security policy, identify and handle security threats, and apply countermeasures using firewalls, intrusion detection and related systems. The program's Web focus also includes coverage of online payments, transaction processing and related security matters.
    Source: Prosoft Training

  • CIW-SP -- Certified Internet Webmaster -- Security Professional
    The CIW-SP demonstrates knowledge of Web- and e-commerce-related security principles and practices. It is of primary interest to Web administrators who must implement and manage a secure and working Web presence that may also include e-commerce capabilities.
    Source: Prosoft Training, Inc.

  • CPP -- Certified Protection Professional
    The CPP demonstrates a thorough understanding of physical, human and information security principles and practices. The most senior and prestigious IT security professional certification covered in this article, the CPP requires extensive on-the-job experience (nine years or seven years with a college degree), as well as a profound knowledge of technical and procedural security topics and technologies. Only those who have worked with and around security for some time will be able to qualify for this credential.
    Source: American Society for Industrial Security (ASIS)

  • CSFA -- CyberSecurity Forensic Analyst
    The CSFA, expected to fully debut in January 2004, aims to identify individuals who are interested in information technology security issues, especially at the hardware level. Prerequisites include at least one certification in computer and software support, networking or security (such as CompTIA's A+, Microsoft's MCSA or MCSE, or Cisco's CCNA), successful completion of an introductory and an advanced computer forensics course offered through the CyberSecurity Institute and no criminal record.
    Source: CyberSecurity Institute

  • CWA -- Certified Wireless Administrator
    The CWA requires working knowledge and skills in concepts and technologies related to wireless data networking. Completion of a GlobalNet training course is a prerequisite for the CWA exam.
    Source: GlobalNet Training

  • CWSE -- Certified Wireless Security Expert
    The CWSE requires a strong working knowledge of security risks associated with deploying and using wireless networks, and how to apply appropriate considerations, tools and methodologies to mitigate and manage such risks. Candidates must be able to design, deploy and maintain secure wireless networking infrastructures. Completion of the CWA certification is a prerequisite, and candidates must also take and complete the GlobalNet CWP course to be eligible to take the CWSE certification exam.
    Source: GlobalNet Training

  • Certified Web Professional (CWP) Security Specialist
    This vendor-neutral, Web-oriented program includes a CWP Security Specialist credential. Obtaining this credential requires passing the CIW Security Professional exam and meeting additional work experience requirements. See the CIW-SP listing for more information.
    Source: International Webmasters' Association (IWA)

  • FCSS -- Field Certified Security Specialist
    This certification permits individuals to specialize in Cisco, Check Point or cross-platform topics (which is why we list it in both the vendor-specific -- although the parent organization points out that these certs are "vendor-independent" -- and vendor-neutral surveys). Candidates must pass a hands-on, performance-based test to obtain FCSS certification. This credential is still under development and should be ready in 2004.
    Source: Field Certified Professional Association

  • GIAC -- Global Information Assurance Certification
    This cert demonstrates knowledge of and the ability to manage and protect important information systems and networks. The SANS organization is well known for its timely, focused and useful security information and certification program. A shining star on this landscape, the GIAC is aimed at serious, full-time security professionals responsible for designing, implementing and maintaining a state-of-the-art security infrastructure that may include incident handling and emergency response team management. Two new credentials have been added to this program since the last update. Certifications available include the following:

    Entry-level/basic pre-requisite:

  • GIAC Information Security Fundamentals+ (GISF+)
  • GIAC Security Essentials Certification (GSEC)

    Mid-level specializations:

  • GIAC Certified Firewall Analyst (GCFW)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Windows Security Administrator (GCWN)
  • GIAC Certified UNIX Security Administrator (GCUX)
  • GIAC Information Security Officer (GISO)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC IT Security Audit Essentials (GSAE)

    Senior-level (all specializations, plus additional exams and work):

  • GIAC Security Engineer (GSE) track

    Role-oriented credentials:

  • GIAC Information Security Officer -- Basic (GISO -- Basic)
  • GIAC Certified Security Leadership Certificate (GSLC)
  • GIAC Solaris Gold Standard Certificate (GGSC-0200)
  • GIAC Systems and Network Auditor (GSNA)
  • GIAC Windows 2000 Gold Standard Certificate (GGSC-0100)

    Source: Global Information Assurance Certification

  • IT Security Certificate Program
    An entry-level credential for basic and advanced internetworking security technologies, this program aims to certify general IT security knowledge and ability. It is aimed primarily at network and system administrators with some (but not heavy) security responsibilities.
    Source: Colorado Computer Training Institute (CCTI)

  • NSCP -- Network Security Certified Professional
    The NSCP demonstrates ability to design and implement organizational security strategies, securing the network perimeter and component systems. It is an intermediate-level IT security certification aimed at network or systems administrators with heavy security responsibilities or those who work full-time on IT security matters.
    Source: Learning Tree International

  • PCI -- Professional Certified Investigator
    This is a high-level certification from the American Society for Industrial Security (also home to the CPP and PSP certifications) for those who specialize in investigating potential cybercrimes. Thus, in addition to technical skills, this certification concentrates on testing individuals' knowledge of legal and evidentiary matters required to present investigations in a court of law, including case management, evidence collection and case presentation. Requires seven to nine years of investigation experience, with at least three years in case management (a bachelor's degree or higher counts for up to two years of such experience) and a clean legal record for candidates.
    Source: ASIS International: Certified Protection Professional

  • PSP -- Physical Security Professional
    Another high-level security certification from ASIS, this program focuses on matters relevant to maintaining security and integrity of the premises and access controls over the devices and components of an IT infrastructure. The key topics covered include physical security assessment, and selection and implementation of appropriate integrated physical security measures. Requirements include five years of experience in physical security, a high school diploma (or GED) and a clean criminal record.
    Source: ASIS International: Physical Security Professional

  • SCNA -- Security Certified Network Architect
    This is a mid- to senior-level security certification that focuses on concepts, planning and implementation of PKI and biometric authentication and identification systems. Individuals who attain this certification will be able to implement either or both of these technologies within organizations or as consultants to such organizations.
    Source: Security Certified Program

  • SCNP -- Security Certified Network Professional
    This is an entry- to mid-level security certification that focuses on two primary topics: firewalls and intrusion detection. Related curriculum and exams cover network security fundamentals and network defense and countermeasures. Individuals who attain this certification will be able to work as full-time IT security professionals with an operations focus.
    Source: Security Certified Program

  • Security+
    This is an entry-level security certification that focuses on important security fundamentals related to security concepts and theory but also related to best operational practices as well. In addition to functioning as a standalone exam for CompTIA, Microsoft accepts the Security+ as an alternative to one of the specialization exams for the MCSA and MCSE Messaging and Security specializations. For an excellent review of this exam, check out Robert Shimonski's Security Study Guide at www.cramsession.com.
    Source: CompTIA Security+ Certification Overview

  • SSCP -- Systems Security Certified Professional
    The SSCP is the entry-level precursor to the ISC-squared's CISSP covered previously in this survey. The SSCP exam covers seven of the 10 domains in the CISSP Common Body of Knowledge and focuses more on operational and administrative issues relevant to information security and less on information policy design, risk assessment details and other business analysis skills more germane to a senior IT security professional (and less so to a day-to-day security administrator, which is where the SSCP is really focused).
    Source: (ISC)2 SSCP Certification

  • TICSA -- TruSecure ICSA Certified Security Associate
    TICSA demonstrates basic familiarity with vendor-neutral system and network security principles, practices and technologies. It is an entry-level security certification for network or system administrations and for those interested in climbing the first rung in a security certification ladder suitable for full-time IT security work.
    Source: TruSecure ICSA Practitioner Certification

    For an analysis of the certifications and recommendations for climbing a security certification ladder, read part two. Stay tuned next month for our survey of vendor-specific security certs.

    About the authors
    Ed Tittel is the president of LANWrights, Inc., a wholly owned subsidiary of iLearning.com. Ed has been working in the computing industry for 20-plus years and has worked as a software developer, manager, writer and trainer. As an expert on SearchSecurity.com, he answers your infosec training and certification questions in our Ask the Expert feature.

    Kim Lindros has more than 10 years of experience in the computer industry, from technical support specialist to network administrator to project editor of IT-related books at LANWrights. She has edited more than 25 books, and co-authored two certification books and numerous online articles with Ed.


    For more information on this topic, visit these resources:


  • This was first published in November 2003

    Dig deeper on Security Industry Certifications

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close