Top Certifications for Industry Pros

When deciding if you need more certification or training in good years, it's an easy decision. Now in an economic tsunami, information security pros seek shelter from possible downsizing or elimination of their positions.

Here's what industry recruitment experts and information security pros are saying will keep you afloat during the wild adventures that face the industry in 2009:

CSSLP - Certified Secure Software Lifecycle Professional, is a certification new from ISC2 that addresses Application Vulnerabilities. Earning this new certification would be one way for an information security pro to begin validating their understanding of Application Security. Application Security has been hot for some time. As companies put more and more applications on the web, they're opening their organizations up to more and more potential vulnerabilities. Knowing how to identify and remediate these types of vulnerabilities should keep a security professional gainfully employed.

CIPP - The Certified Information Privacy Professional, a certification offered by the International Association of Privacy Professionals (IAPP) will bulk up a resume and will be needed in the new data privacy movement that is growing by leaps and bounds with the passage of the Massachusetts and Minnesota privacy bills, to name two. It's also recommended to have when applying for Chief Privacy Officer positions too.

GIAC - The Global Information Assurance Certification isn't a "silver bullet" certification (there is not one) but GIAC's program is a respected series of certifications that demonstrate the knowledge and skills needed for success in areas within security administration, management, operations, legal, audit and software security.

CISM - Certified Information Security Manager or CGEIT, Certified in the Governance of Enterprise IT, both from ISACA, are valued because they provide hiring organizations the assurance that the candidate has both the knowledge and experience to be successful.

CISA - Certified Information Systems Auditor - is another ISACA certification that is beginning to carry some weight again as GRC (governance risk compliance) begins to heat up.

CISSP - Certified Information Systems Security Professional is generally the most recognized internationally and is still coveted by information security professionals. Recruiters in the financial services industry are just beginning to see companies require certifications for positions. By holding this certification, one shows a dedication to the profession, which by anyone's measure is a good thing.

See also:


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network