The International Information Systems Security Certification Consortium or (ISC)2, is a non-profit organization headquartered in Palm Harbor, Florida that educates[1] and certifies information security professionals throughout their careers. The most widely known certification offered by the organization is the Certified Information Systems Security Professional (CISSP). Marking its 20th anniversary in 2009, (ISC)2 has more than 63,000 certified members in 138 countries with offices in London, Hong Kong and Tokyo.
Contents |
Background
Governed by a member-elected board of directors[2], (ISC)2 is managed by a professional staff. The board is composed of information security professionals representing a variety of countries and organizations. Board members determine policies, develop procedures, and provide strategic direction for the organization. Regional advisory boards composed of additional information security leaders also provide counsel to the organization.[3]
(ISC)2’s stated mission[4] is to “make the cyber world a safe place through the elevation of information security to the public domain and through the support and development of information security professionals around the world.”
History
In the early 1980s, organizations began to recognize that connected PCs in various locations were much more vulnerable than a mainframe locked away in a single building. These organizations began seeking qualified individuals responsible for selecting, recommending and implementing security policy and procedures. However, few schools were offering information security curricula, much less academic degrees, and organizations would have to take an IT professional at his or her word that they knew how to manage information security for the entire enterprise.
The need for a professional certification to maintain and validate a common knowledge, values, and ethics for individuals in the industry became a growing concern. Several IT professional societies recognized that a certification program attesting to the qualifications of information security personnel was needed.
In 1989, these associations formed (ISC)2 to develop an accepted industry standard for the practice of information security and a certification that would validate the understanding of these best practices among security practitioners. In return for yielding their individual certification claims, the organizations were granted membership to an advisory board commissioned to administer the creation of a global information security certification process.
Publications
- Global Resource Guide for Today’s Information Security Professional [5] providing information on the latest educational resources and worldwide events.[6]
- (ISC)2 Journal [7],an insider’s review dealing with the ever-changing security environment and its inherent challenges.
- Infosecurity Professional, a digital quarterly magazine focusing on professional development and career issues in the information security field.
Certifications
(ISC)2 offers a collection of professional information security certifications as well as concentrations that cover specific disciplines within the information security field. (ISC)2 certifications encompass a broad scope of knowledge.
All certifications are based on the (ISC)2 CBK [8], a compendium of information security topics. The CBK is a critical body of knowledge that defines global industry standards, serving as a common framework of terms and principles that allows professionals worldwide to discuss, debate, and resolve matters pertaining to the field. Subject matter experts retained by (ISC)2 continually review and update the CBK.
Although requirements vary from certification to certification, such as the minimum number of years of relevant work experience and areas of domain knowledge, all candidates applying for (ISC)2 certifications must pass a rigorous exam, be endorsed by a current (ISC)2 member, adhere to the (ISC)2 Code of Ethics[9] and obtain annual continuing professional education (CPE) units to maintain certification.
(ISC)2 certifications include:
- Certified Information Systems Security Professional (CISSP)
- Information Systems Security Architecture Professional (ISSAP)
- Information Systems Security Management Professional (ISSMP)
- Information Systems Security Engineering Professional (ISSEP)
- Certification and Accreditation Professional (CAP)
- Systems Security Certified Practitioner (SSCP)
- Certified Secure Software Lifecycle Professional (CSSLP)
Education
(ISC)2 offers Official CBK Review Seminars around the world designed to provide prospective candidates with information across all domains covered by the CISSP, CSSLP, SSCP, CAP and CISSP concentration exams.
All of (ISC)2’s core credentials have been accredited by the International Organization for Standardizations (ISO) United States representative, the American National Standards Institute (ANSI) under ANSI ISO/IEC Standard 17024, a national and global benchmark for the certification of personnel.
Industry Resources
In accordance with its mission to promote the information security profession, (ISC)2 offers the following free industry resources:
- Decoding the Information Security Profession[10], a 40-page booklet and career guide for high school and college students that includes information on what the profession is and how it benefits society, what career opportunities are available, listings of universities with information security curriculum, and advice from experts in the field on what is needed to be successful;
- HR Center[11], containing materials such as the “Hiring Guide to the Information Security Profession” to assist HR professionals in better understanding the unique dynamics of the information security profession;
- (ISC)2 Information Security Scholarship[12] program, which offers a total of up to $100,000 to deserving recipients;
- Cyber Exchange[13], an online security awareness resource center launched in support of Cyber Security Awareness Month in October, whereby member-provided security awareness materials are uploaded to a repository for free public download;
- Safe & Secure Online, an (ISC)2 program in partnership with Childnet International[14] to teach cyber safety to children aged 11–14. Already operating in the UK and Hong Kong, a U.S. pilot program is currently underway.[15]
References
- ^ https://www.isc2.org/reviewseminars/default.aspx
- ^ http://www.isc2.org/board-of-directors.aspx
- ^ http://www.pr.com/press-release/136074
- ^ http://www.isc2.org/aboutus/default.aspx
- ^ https://www.isc2.org/resourceguide/default.aspx
- ^ http://www.securecomputing.net.au/News/136358,isc%C2%B2-publishes-security-resource-guide-online.aspx
- ^ https://www.isc2.org/isc2-journal.aspx
- ^ https://www.isc2.org/cbk/default.aspx
- ^ . https://www.isc2.org/ethics/default.aspx
- ^ https://www.isc2.org/careerguide/default.aspx
- ^ https://www.isc2.org/hiringguide/default.aspx
- ^ https://www.isc2.org/scholarship/default.aspx
- ^ http://cyberexchange.isc2.org/
- ^ http://www.childnet-int.org
- ^ http://www.tradingmarkets.com/.site/news/Stock%20News/2204777/
External links
This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)
