Download presentation
Presentation is loading. Please wait.
Published byAlexandrina Atkinson Modified over 9 years ago
1
1 © (ISC) 2, 2002 INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Andreja Satran, (ISC)2 & ITIL Manager qSTC - (ISC)2 Certified Partner
2
2 © (ISC) 2, 2002 (ISC) 2, “INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC.” *The International Standard for Information Security* ( INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC.) n Not-for-profit chartered in 1989 to provide an international standard for professional certification n Established to aggregate a Common Body of Knowledge (CBK), train, test and certify n Led by a Board of top IS professionals representing a broad cross-section of industries n Professionally managed with offices in the United States, Europe and Asia ABOUT (ISC)2
3
3 © (ISC) 2, 2002 International Information Systems Security Certification Consortium, Inc. Partnership Relation Palsit d.o.o. Nova Gorica, Uradni Promotional Partner for (ISC) 2 v Sloveniji QSTC Solutions Training Center Uradni Certified Partner for (ISC)2 za države: Slovenija, Hrvaška, Srbija in Črno Gora in Turčija
4
4 © (ISC) 2, 2002 International Information Systems Security Certification Consortium, Inc.; Partnership Relation Background and Authorization; Founded in 1998 as business unit of computer systems reseller as Compaq Authorized Training Center/ CTEC for EMEA region Hewlett-Packard Certified Training Center in EMEA Hewlett-Packard Education Services Training Partner in EEM Microsoft Certified Technical Education Centre MCT Veritas Authorized Training Center Authorized CAT& Prometric Partner (ISC)2 Certified Partner
5
5 © (ISC) 2, 2002 International Information Systems Security Certification Consortium, Inc.; Partnership Relation Location: Ljubljana, Slovenia Serving Central and Eastern Europe 2 classrooms, Storage Lab Location: Johannesburg, South Africa Serving Sub Sahara 1classroom, Storage Lab Location: Istanbul, Turkey Serving Middle East 2 classrooms, Storage Lab Location: Belgrade, Serbia&Montenegro, Serving Middle East 2 classrooms, Storage Lab
6
6 © (ISC) 2, 2002 Why Get Certified? n Professional certification is a symbol of status and credibility in any profession. n The CISSP certification is a public acknowledgment that the professional has devoted himself or herself to the field of information security or a closely related field, and passed a rigorous examination that encompasses all major elements of the industry’s accepted and recognized information system security Common Body of Knowledge (CBK).
7
7 © (ISC) 2, 2002 Threats to Systems Today Employee Error New Technology - Wireless Hackers New Regulations CustomerExpectations Vendors Increased Complexity
8
8 © (ISC) 2, 2002 IT Security Growth
9
9 © (ISC) 2, 2002 Filling the Need for Security n IT Security Professionals who Understand Vulnerabilities and Weaknesses n IT Security Policy Makers Who Can Develop Strategies to Mitigate Risk n Improved Security of IT Infrastructures through policies, standards, guidelines, and procedures What Is Needed?
10
10 © (ISC) 2, 2002 n ( ISC) 2 – CISSP, SSCP, ISSEP, ISSAP, ISSMP n CPP – American Society for Industrial Security (ASIS) n CompTIA – Security + n Certified Internal Auditor, Institute of Internal Auditors n ISACA – Certified Information Systems Auditor –Certified Information Systems Manager (CISM) n DRI – Certified Business Continuity Planner (CBCP) Vendor Neutral Certifications Certification Options
11
11 © (ISC) 2, 2002 Vendor Specific Certifications Certification Options SCSE – Symantec Certified Security Practitioner CCSA – Checkpoint Certified Security Professional CCIE – Security – Cisco Certified Internetworking Expert/Security RSA – RSA Certified Security Systems Engineer
12
12 © (ISC) 2, 2002 CERTIFICATION SELECTION What makes (ISC)² certifications valuable? –Industry Recognition –International Common Body of Knowledge Integrity –Longevity –Prestigious constituency –Certification must be maintained via Continuing Professional Education (CPE) –Not for profit
13
13 © (ISC) 2, 2002 What is (ISC)2’s CBK based on ?? Who’s Standards ?? Q: Is (ISC)2’s Common Body of Knowledge (CBK) based primarily on U.S. government standards? A: Initially, a few components of the CBK, upon which both training and the CISSP exam are based, featured U.S. law and standards. Beginning in 1998, (ISC)2 invested significant effort and resources to “internationalize” the CISSP certification by removing references to U.S. law and policy and incorporating international standards such as BS7799. This effort was implemented by the international committee led by Corey Schou of Idaho State University in conjunction with numerous international security professionals.
14
14 © (ISC) 2, 2002 TYPES OF CERTIFICATION Professional (CISSP)Practitioner (SSCP)
15
15 © (ISC) 2, 2002 (CISSP) CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL Tailored for experienced information security professionals Minimum three years cumulative experience in at least one of the 10 CBK domains Undergraduate degree or life experience required(effective Jan.1 2003) Subscribe to (ISC) 2 Code of Ethics Certification maintained through continuing education (CPE)
16
16 © (ISC) 2, 2002 CISSP Content Security Management Security Architecture Access Control Applications Cryptography Telecommunication & Network Security Law Investigation & Ethics Business Continuity Planning Operations Physical Security
17
17 © (ISC) 2, 2002 CISSP Examination Format –250 multiple choice questions –Up to 6 hours to complete Scheduling –Major Information Security Conferences –CBK Review Seminar Locations –Hosted Events
18
18 © (ISC) 2, 2002 (SSCP) SYSTEMS SECURITY CERTIFIED PRACTITIONER Tailored for systems security practitioners Minimum one year cumulative work experience in at least one of the CBK domains Subscribe to (ISC) 2 Code of Ethics Certification maintained through continuing education
19
19 © (ISC) 2, 2002 Access Control Administration Audit and Monitoring Risk, Response and Recovery Cryptography Data Communications Malicious Code/Malware SSCP Content Security Transcends Technology
20
20 © (ISC) 2, 2002 Benefits for the Professional and Enterprise
21
21 © (ISC) 2, 2002 IT Business Requirements Organizational/Business Requirements Security must address the business requirements, not just a blanket where one size fits all.
22
22 © (ISC) 2, 2002 BENEFITS TO THE ENTERPRISE Knowledge of best practices Solutions-orientation, not specialization Broad understanding of the CBK The rigor and regimen adds to credibility A business and technology orientation to risk management Networking with global and domain experts (ISC)² certifications help reflect to your market that your organization takes info-security seriously and also a properly and consistently trained IT professional staff
23
23 © (ISC) 2, 2002 Recent World-wide Statistics Individuals tested for the CISSP, year to date: 4,311 188 events in 21 countries this year Currently more than 15,000 CISSPs world-wide Projected end of year CISSPs world-wide will total: 18,500 We have certified more people in April of this year than all of 1999
24
24 © (ISC) 2, 2002 International Information Systems Security Certification Consortium, Inc.; Partnership Relation qSTC Partnership Suport; (ISC)2 promotion activity and events Organization the Seminars and Exam event Provide suport to all Partners and Customers qSTC Registration suport sistem Invoicing Help and inform all candidates with certification Schedule for 2003; 28.10.2003Promotion Event – One day CISSP revue seminar 24.11.-28.11.2003CISSP CBK seminar 13.12.2003Exam for CISSP and SSCP All information on; www.qstc.com/isc2, tel.; 01 234 53 25www.qstc.com/isc2
25
25 © (ISC) 2, 2002 QUESTIONS AND ANSWERS Achieve the Highest Standard For More Information: www.qstc.com www.isc2.org
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.