(ISC)2 recently partnered with the Cloud Security Alliance (CSA) to develop a new security certification specifically for cloud, the Certified Cloud Security Professional (CCSP) certification, and (ISC)2 executive director David Shearer had only good things to say about the experience.
"The industry is starting to collaborate more, which I think is a very healthy development," Shearer said. "Maybe two or three years ago we wouldn't have looked at the Cloud Security Alliance and (ISC)2 in the same space, but in working with them, we saw strengths that they had that were weaknesses for us."
In this interview at the 2015 RSA Conference -- where the two organizations introduced the new certification -- Shearer discussed the CCSP certification, as well as the gold standard among the security industry, the CISSP. While the value of the CISSP could falter with the movement to fill the hiring and skills gap plaguing the industry, Shearer isn't worried.
"CISSP has had a long-standing success rate. But frankly, (ISC)2 has a lot of other really, really good credentials. I think the success of the CISSP, to some degree, has dwarfed the other part of our portfolio," Shearer said. "We're extremely proud of CISSP, but I think there's a broader set of skills that are starting to emerge and we're making an attempt to fill the need to the best of our ability. We know we're not the only game in town; there are lots of other good organizations doing meaningful work in the space."
But with such a high demand for security talent -- that stands to grow for the foreseeable future -- could the CISSP become irrelevant? Shearer and (ISC)2 don't think so. "The CISSP is a pretty high bar; it's a long test, people aren't just passing that examination easily. I do think it's a differentiator within the industry." And according to Shearer, the skills gap and resulting demand for talent is "a big problem and (ISC)2 isn't going to solve it by ourselves. We're working with colleges and universities and other organizations. At the end of the day, it might be through their curriculum that they inspire a safe and secure cyberworld, which is our vision, but we're happy just to have a touch point in it or build momentum to drive it. It doesn't have to be all about (ISC)2."