At the risk of looking like I am running away, I'm heading out of town for
a day on business, but will be back in my office Tuesday. I will spell
things out in more detail when I am back home on Tuesday. (Just explaining
why I mentioned this all and then won't be responding in detail for a day.)
Also, I am going to attempt to answer multiple questions with one or two
postings -- but on Tuesday.
Fred
At 09:48 PM 12/10/00 -0500, Bill Royds wrote:
>There are already several different IT security certifications such as CISSP.
>How does this differ or improve on the CISSP, and SANS GIAC certifications?
>Certainly independent certifications are better than product specific ones
>but is this really independent? What is the purpose of this certification?
>Is this a theoretical one, a practitioner's one or a manager's one?
>Although TruSecure (n�e ICSA n�e NCSA) has a fairly strong reputation, it
>still is a commercial organisation without an academic backing in
>certification. On what basis should I believe that a certificate from ICSA
>will be recognised as denoting competence?
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Frederick M Avolio
>Sent: Sunday, December 10, 2000 13:42
>To: opie san; [EMAIL PROTECTED]
>Subject: Re: Worthy Security Certifications (Alphabet soup)
>
>
>At 08:47 AM 12/10/00 +0000, opie san wrote:
> >I've recently found out about a new (I think) set of certifications from
> >ICSA that are geared towards network security.
>
>I know quite a bit about this, as I have been contracted by TruSecure to
>help develop them and roll them out. So, it may be obvious:
>
> - I think there is a need for an independent security certification
> - I think this one will be worthwhile
>
>ICSA has certified products, and I've always found them to be thorough,
>useful, and open (certification criteria have always been published an
>industry input sought, etc.) Commercially they test and "certify" networks
>and sites for clients. So, certifying professions seems a reasonable and
>logical next step. (Also, people have contacted them to suggest this.)
>
>Here's the state of things:
>
>- The general criteria exists as it is in referenced web page.
>
>- We are soon to announce an oversight board of industry professionals.
>While TruSecure/ICSA is the certifying body, it is an expert driven and
>guided certification.
>
>- Testing will be announced in January.
>
>- The certification requirements will be expanded to include requirements
>for on-going re-certification. (I expect to include continuing education
>credits, on-going work experience, and teaching or speaking with
>satisfactory ratings for the ICSP certification.)
>
>
>I'm happy to field any questions on it. I'm not really interested in
>debating its worth doing, though I certainly expect some feel otherwise.
>
>
>Fred
>Avolio Consulting, Inc.
>16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
>+1 410-309-6910 (voice) +1 410-309-6911 (fax)
>http://www.avolio.com/
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
