W. Hord Tipton, CISSP- ISSEP, CAP, CISA (ISC)² Executive Director.

Slides:

Advertisements

Similar presentations

Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

Advertisements

ACT-200 4/24/20151 PROJECT MANAGEMENT INSTITUTE’S (PMI TM ) CERTIFICATION REQUIREMENTS Briefing for ACT Managers FAA WJHTC.

February 2014 What is a CNL ® ? The Clinical Nurse Leader SM (CNL) is a fast emerging nursing role developed by the American Association of Colleges.

Successful Practices Network Career & Technical Education CTE Program Approval NYS Board of Regents Approved New Regulations for Career.

The Certified Meeting Professional (CMP) Process.

1 Presented by Mark D’Ermes Director of Recruiting Wednesday May 16 th, 2012 Managing Your InfoSec Career An Employers Perspective This document is confidential.

C ERTIFIED F INANCIAL P LANNER ™ Certification Insert presenter’s name, Institution name & Date of presentation.

Security and Personnel

CISA/CISM Programs DoD and Component Overview June 29, 2006.

© Copyright 2009 TEM Consulting, LP - All Rights Reserved Presentation To Travis County, TX - May 27, 2009Rev 1 – 05/22/09 - HSB US Voting System Conformity.

IGP Certification: The Next Step in Your Career

The Prevention Specialist Certification Board of Washington.

CIT 694 Introduction. CISSP Certified Information Systems Security Professional “The credential for professionals who develop policies and procedures.

CBAP and BABOK Presented to the Albany Capital District Chapter of the IIBA February 3, 2009.

Security Certification

The CMA Program IMA St. Louis Chapter March 9th, 2010.

Security Certifications

- NextNine Confidential - Subject: Infrastructure for Automated Remote Support 1 Secure Software Development Lifecycle The WH Questions Guilad Regev VP.

Neil Reichenberg, CAE Executive Director IPMA-HR.

What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT.

Why Red Hat Authorized Training? April 2008 Unitek Education / Red Hat Training & Certification.

CSSLP Deconstructed The And other topics related to Software Security

Certification and Training Presented by Sam Jeyandran.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

Software Development: The Next Security Frontier Glenn Johnson Certification Consultant (ISC)2 Americas James E. Molini,

2004 District 12 Leadership Conference Hotel Westminster – Nice (France) Education resources and opportunities Charlotta Johnsson District Education Chair.

WHERE WE ARE 22 member associations in 20 countries Over 4300 individual members who are responsible for risk management and/or insurance in their organisations.

Security Certifications: How they Impact Your Security Program and Your Graduates.

PREVENTION CERTIFICATION: WHAT IS THE BIG DEAL? Pam Rush, CSPP Axis I Center of Barnwell, SC IC&RC Products Chair.

PROJECT MANAGEMENT PROFESSIONAL (PMP ® ) CERTIFICATION BRIEFING 19 MAY 2010 Society of American Military Engineers 19 May SAME- PMP Certification.

Diploma of Project Management Project Management Profession & Standards Course Number Qualification Code BSB51507.

Prevention Specialist Certification Board of Washington (PSCBW)

Server Virtualization: Navy Network Operations Centers

Cybersecurity nexus (CSX)

(ISC)2 SecureLondon 2009, London, United Kingdom This information is not intended, and should not be construed, as an offer to sell, or as a solicitation.

Certification and Mentoring system for Internal Auditors in Estonia Evelin Pungas Financial Control Department Internal Control Coordination Unit (CHU)

Federal Information System Security Educators Association

Certificate IV in Project Management Introduction to Project Management Course Number Qualification Code BSB41507.

The Guide to the Software Engineering Body of Knowledge

Certified Software Development Associate. Slide 2 What Is the IEEE Computer Society? l The IEEE CS was established in 1946, has nearly 100,000 members.

Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.

CISSP Thomas Moore. Thomas Moore, Ph.D., EMBA BCSA BCSP LCNAD CISM CISSP LMNOP (Licensed Microsoft Network Operations Professional) B.S. No, really, in.

NACHI Membership It’s more than just an association. It’s, education, camaraderie, and exposure.

Information Security: A Growth Career Lynn McNulty, CISSP Director of Government Affairs (ISC) 2 September 27, 2007.

Building Individual Professionalism in Construction Since A Valid, Reliable & Fair Direct or Indirect Measure for ACCE Construction Program Student.

Information Systems Audit and Control Association ( ISACA ) – Certified Information Security Manager (CISM ) ITEC 6324 Instructor: Dr. E. Crowley Name:

2 Information System Security Association ISSA Buffalo Niagara Introduction to CISSP Study Sessions.

The Clinical Nurse Leader SM (CNL) is a fast emerging nursing role developed by the American Association of Colleges of Nursing. The CNL is a master’s.

CSCE 727 Industry Certifications in IA. Global IA Workforce Trends A Frost & Sullivan Market Survey Sponsored by (ISC) 2® Prepared by Robert Ayoub, CISSP,

CSODP Certified Senior Organization Development Professional September 2015.

Vienna 14 March 2006 Andrew J. Popham Vice-President of FEE Partner, PricewaterhouseCoopers LLP The New Directive on Statutory Audit in the EU.

Programme Description The Duke CE Advanced Certificate in Management for Oil and Gas (NQF Level 8) is aimed at Middle Managers making a transition to Senior.

Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge.

Certified Government Auditing Professional® (CGAP®)

8 Nobermer, 2010 Sungsoo Chun, MPH, PhD, Easton Reid, PhD, Mi-Kyung Kim Korean Institute on Alcohol Problems School of Health and Welfare, Sahmyook University,

2 Overview With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA)

MS in IT Auditing, Cyber Security, and Risk Assessment

IS4680 Security Auditing for Compliance

CISSP-ISSEP® - Certified Information Systems Security Professional

312-50v9: Certified Ethical Hacker Exam V9

CEH vs CISSP Course, Advantage, Career, Salary, Demand!

Software Development: The Next Security Frontier

Springhill Group South Korea, Springhill Group: Learn What A CFE Can Do For You Group of Springhill South Korea.

ISA 400 Management Information Security

CompTIA Project+ PK0-004 Project Management Skills that Produce Results

International Society of Safety Professionals

Getting Your PMP.

Desktop App Assure Service Microsoft Representative Name June 7, 2019

What’s Happening with DCS?

Presentation transcript:

W. Hord Tipton, CISSP- ISSEP, CAP, CISA (ISC)² Executive Director

Global leaders in certifying and educating information security professionals with the CISSP ® and related concentrations, CAP ® and SSCP ®. Established in 1989 – not-for-profit consortium of industry leaders. More than 60,000 certified professionals in over 135 countries. Board of Directors - top information security professionals worldwide. All of our information security credentials are accredited ANSI/ISO/IEC Standard and were the first technology-related credentials to receive this accreditation.

Over 70% of breaches of security vulnerabilities exist at the application level.* * Gartner Group, 2005

What is the CSSLP? Certified Secure Software Lifecycle Professional (CSSLP) Base credential Professional certification program Takes a holistic approach to security in the software lifecycle Tests candidates competency (KSAs) to significantly mitigate the security concerns

Purpose The purpose of the Certification is to provide a credential that speaks to the individual’s understanding of and ability to deliver secure software through the use of best practices. The target professionals for this Certification would be anyone who is directly and in some cases indirectly, involved in the Software Lifecycle.

Software Lifecycle Stakeholder Chart Top Management IT Manager Business Unit Heads Developers/ Coders Client Side PM Industry Group Delivery Heads Business Analysts Quality Assurance Managers Technical Architects Project Managers/ Team Leads Software Lifecycle Stakeholders Secondary Target Primary Target Influencers Application Owners Security Specialists Auditors

Market Drivers Security is everyone’s responsibility Software vulnerabilities have emerged as a major concern Off shoring of software development Software is often not developed with security in mind Desire to meet growing industry needs

Certified Secure Software Lifecycle Professional (ISC)² CSSLP CBK Domains Secure Software Concepts Secure Software Requirements Secure Software Design Secure Software Implementation/Coding Secure Software Testing Software Acceptance Software Deployment, Operations, Maintenance, and Disposal

CSSLP Certification Requirements By Experience Assessment: Experience Assessment will be open until March 31, 2009 Candidate will be required to submit: –Experience Assessment Application –Signed candidate agreement and adherence to (ISC)² Code of Ethics –Detailed resume of experience –Four essay responses (Between words) detailing experience in four of the following knowledge areas Applying Security concepts to Software Development Software Design Software Implementation/Coding Software Testing Software Acceptance Software Deployment, Operations, Maintenance, and Disposal –Fee of $650

CSSLP Certification Requirements By Examination: The first public exam will be held at the end of June 2009 Candidate will be required to submit: –Completed examination registration form –Signed candidate agreement and adherence to the (ISC)² Code of ethics –Proof of 4 years of FTE experience in the Software Development Lifecycle (SDLC) Process or 3 years plus 1 year waiver of experience for degree in an IT related field –Fee of $549 early-bird and $599 standard Candidate will be required to –Pass the official (ISC)² CSSLP certification examination –Complete the endorsement process The Associate of (ISC)² Program will apply to those who have passed the exam but still need to acquire the necessary minimum experience requirements

Key Players While there is no indication that the other organizations in this space are addressing the knowledge areas in the same manner as CSSLP, the following are addressing software development and/or security in the software lifecycle: –I–IEEE: CSDA and CSDP (Software development) –S–SANS: GSSP-C, GSSP-J (Language specific/secure coding) –I–ISSECO: CSSE (Entry level education program with certificate of completion –D–DHS: Software Assurance Initiative (Awareness Program/Forum) –V–Vendor-Specific (ex: Microsoft, Symantec) based on internal lifecycle processes/technology specific

CSSLP (ISC)² Professional Certification Program CSSLP CBK Overlap between other Certifications/Programs CSDA (IEEE) Associate Level Status CSDP (IEEE) Professional Certification Program GSSP-C (SANS) Software Coder Certification Program GSSP-J (SANS) Software Coder Certification Program Software Assurance Initiative (DHS) Awareness Effort CSSE (ISSECO) Entry-level Education Program Certificate of Completion Vendor- Specific Credentials

Future of CSSLP International Marketing Efforts ANSI/ISO/IEC17024 accreditation Maintenance activities Cert Education Program

For more information, please contact: Tony Baratta, (ISC)² Director of Professional Programs OR Vehbi Tasar, (ISC)² Manager of Professional Programs