Microsoft unveiled an enhanced Security Solutions Competency within its partner program last week that includes third-party validation from two well-known vendor-neutral information security organizations. In this arrangement, the company’s partner program will work with security professionals to endorse their certifications through the Information Systems Audit and Control Association (ISACA) and the International Information Systems Security Certification Consortium (ISC)2.
Microsoft partnered with these programs to improve partners’ expertise and business opportunities, as well as promote more standardized approaches to key problems in information security. “I’ve always been focused on how we can get better value for our partners,” said Thomas Dawkins, a group product manager at Microsoft and head of the company’s security strategy for partners. “We heard a lot from our partners. I think Microsoft has a reputation for not listening. Well, we listened.”
As a result of this active listening, Microsoft devised two new specializations to the competency. The first involves what the company termed a “technology agnostic” approach to security, which covers subjects like governance, compliance, and risk assessment and management. The second, which focuses on security infrastructure, is more for the technical purists. Another central aspect of this revamp is a suite of new benefits for partners, including webcasts, whitepapers and news alerts pertaining to up-to-date topics in the security profession.
Dow Williamson, (ISC)2’s director of corporate development, said he perceives the announcement as the beginning of the second phase in his organization’s two-year relationship with Microsoft. “Phase one was when Microsoft came to us and said they wanted to show their commitment to information security,” he said. “They wanted to get as many people certified with the CISSP credential as they could. Now Microsoft has something like 500 CISSPs on staff. Through this relationship and Microsoft embracing the need for an information security workforce, we started talking about what else we could do together. This seemed like a natural follow-on to what they had been doing internally.”
Additionally, ISACA is enthusiastic about the partnership. Kent Anderson, managing director of Network Risk Management LLC and a member of the Certified Information Security Manager (CISM) certification board, said the arrangement augers well for the security sector and credentials in this field. “The whole area of security and certification is getting a lot of attention right now,” he said. “I see this as a positive step forward for the security profession.”
For more information, see http://www.microsoft.com.