Computer Forensics and Board Certification
There are numerous computer forensics certifications available in today’s marketplace, of both vendor-neutral and vendor-specific varieties. You can, for example, find a somewhat dated survey on such certs (“Plentiful resources, certifications for combating cybercrime, ” 11/6/2002) from yours truly at SearchSecurity (http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci861783,00.html). Forensics expert John Seither (http://www.compuforensics.com) reminded me that none of the many options available has garnered official endorsement or backing from law enforcement or national security agencies here in the U.S. or elsewhere.
With strong and growing interest in the subject matter, increasing numbers of IT professionals are turning to professional training on computer forensics, where certifications may be available as part and parcel of such offerings, or for a small extra fee. Given Seither’s observation, it’s worthwhile to ask two questions:
1. What value do such certifications have nowadays?
2. How might computer forensic certification obtain law enforcement or security agency endorsements or recognition?
The answer to the first question requires a form of tap-dancing familiar to all IT professionals who hold second-tier or no-name certifications. That is, they have to be prepared to explain their credentials, sell their value, and to tell prospective employers or customers what they know and can do (presumably as a consequence of holding such credentials). This requires extra effort and a willingness to sit through the tap-dancing that isn’t always possible. Alas, the real answer to question one thus becomes “Not as great as it would be if the credential was recognized or endorsed by its primary consumers.”
The answer to the second question hinges on a concept that Dian Shaffhauser presents in a recent (10/14/2003) editorial for MCP Magazine entitled “MCP Board Certification?” Here she presents the notion that the most senior level Microsoft certification could involve examination and management from a board of examiners and practicing professionals to make doubly sure that those who obtain such certification know their subject matter sufficiently to take on serious responsibilities. This is akin to board certifications for nuclear power plant operators, airline pilots, ship’s captains, and other individuals who must demonstrate the skills and knowledge necessary to should serious responsibilities in other walks of life.
I don’t think that without serious involvement and engagement of representatives from the communities whose endorsements, approval, or recognition is sought, efforts to obtain the same can possibly succeed. This argues strongly that board certification for computer forensics is the best way to create a strong, viable, and valuable set of related credentials. In the meantime, experts and training companies can offer all the certifications they want, but they’ll remain small, fragmented, and poorly recognized.