Ask the Expert: Starting Down the Infosec Cert Trail
As a faculty advisor in IT at a local community college here in Manhasset, NY, I’m often asked what information security certification is best for students to start out with. I’ve read your various vendor-neutral and vendor-specific infosec surveys and find myself wondering which of the many available options make the most sense? Please help!
You’re absolutely right to observe that there is a plethora of potential options for those seeking an entry-level information security certification–over half a dozen vendor-neutral credentials, and at least two vendor-specific credentials conceivably qualify as entry level in this area. But further inspection shows that of all these options two or three are probably the most worthwhile, as follows (I list them in order of frequency of testing or popularity, highest/most first):
- CompTIA’s Security+ is ramping up quite quickly, and is now recommended, required, or accepted in other half a dozen cert programs from IBM (Tivoli), Microsoft, ISACA, ISFA, and Planet3 Wireless (see my recent blog for InformIT.com on this subject). Visit www.comptia.com/certification/security/ for details.
- SANS Global Information Assurance Certifications (GIAC) include the GIAC Security Essentials Certification, or GSEC. Although not referenced in other cert programs, this is a well-known, high-quality entry-level credential. Visit http://www.giac.org/certifications.php for more information on this cert.
- TruSecure ICSA Computer Security Associate (TICSA) is an entry-level cert from a leading information security vendor/organization. Although it hasn’t lived up to early expectations for market dominance, the credential itself is pretty sound. See http://www.trusecure.com/knowledge/ticsa/ for more information.
If you look further into these programs, you’ll also find that it’s relatively easy to find course materials and textbooks, so that you could even offer courses at your institution to help students prepare for the exams involved.