Which certification is right for you or your job requirement?
Recently I came across an request to advice on training requirement on security certification for furnishing one of our customer job requirement, The training team came up with some name, since some of the certification name were not exactly related, this made me to do some quick research and come up with the certification and their respective objective and focus.
A thought came in mind and I felt that this research was very necessary as whenever any organization think about developing their resource do they conduct the assessment of certification that are available in market and map them to various business needs.
Do they maintain this information?
Do they identify how this will boost business delivery while supplementing it to someones career?
In my personal opinion the biggest challenge and vulnerability in information world is human factor, security training should not be looked as a cost to company or an optional business requirement , if you have this mindset then be prepared for data breaches, compromises and eventually reputation loss, loss of trust and legal suits.
More over as I am a big promoter of the concept that its all about people, "by the people for the people" and hence business need to focus on building a culture where security is by design in the delivery and development itself.
This is just a brief intro on several certification, I am planning to come up with more certifications and mappings and guidance
CIPP - Certified Information Privacy Professional
CIPP is the privacy industry’s leading credential. It is focused on privacy regulations and laws of specific 5 regions.
CIPP is offered for more than 10 years since 2004 by IAPP (International Association of Privacy Professionals)
When you earn a CIPP credential, it means you’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including:
OSWAP - Open Web Application Security Project
OWASP does not offer any certifications of products or services. Please note that any vendor claiming to have an "OWASP certification" is mistaken. These do not exist.
OWASP operates as a non-profit and is not affiliated with any technology company.
OWASP issues software tools and knowledge-based documentation on application security. All of its articles, methodologies and technologies are made available free of charge to the public.
OWASP maintains roughly 100 local chapters and counts thousands of members. OWASP was started on September 9, 2001. It Is focused on secure Web coding and Practices
Recently I came across an request to advice on training requirement on security certification for furnishing one of our customer job requirement, The training team came up with some name, since some of the certification name were not exactly related, this made me to do some quick research and come up with the certification and their respective objective and focus.
A thought came in mind and I felt that this research was very necessary as whenever any organization think about developing their resource do they conduct the assessment of certification that are available in market and map them to various business needs.
Do they maintain this information?
Do they identify how this will boost business delivery while supplementing it to someones career?
In my personal opinion the biggest challenge and vulnerability in information world is human factor, security training should not be looked as a cost to company or an optional business requirement , if you have this mindset then be prepared for data breaches, compromises and eventually reputation loss, loss of trust and legal suits.
More over as I am a big promoter of the concept that its all about people, "by the people for the people" and hence business need to focus on building a culture where security is by design in the delivery and development itself.
This is just a brief intro on several certification, I am planning to come up with more certifications and mappings and guidance
CIPP - Certified Information Privacy Professional
CIPP is the privacy industry’s leading credential. It is focused on privacy regulations and laws of specific 5 regions.
CIPP is offered for more than 10 years since 2004 by IAPP (International Association of Privacy Professionals)
When you earn a CIPP credential, it means you’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including:
- Jurisdictional laws.
- Regulations and enforcement models.
- Essential privacy concepts and principals.
- Legal requirements for handling and transferring data and more.
OSWAP - Open Web Application Security Project
OWASP does not offer any certifications of products or services. Please note that any vendor claiming to have an "OWASP certification" is mistaken. These do not exist.
OWASP operates as a non-profit and is not affiliated with any technology company.
OWASP issues software tools and knowledge-based documentation on application security. All of its articles, methodologies and technologies are made available free of charge to the public.
OWASP maintains roughly 100 local chapters and counts thousands of members. OWASP was started on September 9, 2001. It Is focused on secure Web coding and Practices
Exam Fee = NA
CISA - Certified Information Security Auditor
IT is a globally recognized certification for IS audit control, assurance and security professionals.
It is focused on auditing practices and methodologies, risk management.
CISA is awarded by ISACA
Exam Fee= $415 to $ 595
CEH - Certified Ethical Hacker
It is focused more on ethical hacking and penetration testing at basic level
CEH is awarded by EC-Counsil
Exam Fee = $500
CISSP - Certified Information Systems Security Professional
It is focused more on information security Terms, Principles, governance, policies, process, compliance, Security implementation etc,
CISSP is globally recognized certification, (ISC)² was formed in mid-1989 as a non-profit organization.
Awarded by ISC2
Exam fee = $599
CRISC - Certified in Risk and Information Systems Control
It is focused on enterprise risk management, risk design, Measure etc.
Awarded by ISACA.
Exam Fee = $ 600 to $750
CSSLP - Certified Secure Software Lifecycle Professional.
It is focuses on application security within the software development lifecycle (SDLC).
Awarded by ISC2
Exam Fee = $595
SWADLP - Secure Web Application Development Lifecycle Practitioner
It is focused on Application Security Challenges, Threats, Standards, Best Practices and Assurance methodologies along with hands-on implementation level knowledge and skill-sets.
SWADLP is awarded by Hack2Secure
Exam Fee = NA
CISA - Certified Information Security Auditor
IT is a globally recognized certification for IS audit control, assurance and security professionals.
It is focused on auditing practices and methodologies, risk management.
CISA is awarded by ISACA
Exam Fee= $415 to $ 595
CEH - Certified Ethical Hacker
It is focused more on ethical hacking and penetration testing at basic level
CEH is awarded by EC-Counsil
Exam Fee = $500
CISSP - Certified Information Systems Security Professional
It is focused more on information security Terms, Principles, governance, policies, process, compliance, Security implementation etc,
CISSP is globally recognized certification, (ISC)² was formed in mid-1989 as a non-profit organization.
Awarded by ISC2
Exam fee = $599
CRISC - Certified in Risk and Information Systems Control
It is focused on enterprise risk management, risk design, Measure etc.
Awarded by ISACA.
Exam Fee = $ 600 to $750
CSSLP - Certified Secure Software Lifecycle Professional.
It is focuses on application security within the software development lifecycle (SDLC).
Awarded by ISC2
Exam Fee = $595
SWADLP - Secure Web Application Development Lifecycle Practitioner
It is focused on Application Security Challenges, Threats, Standards, Best Practices and Assurance methodologies along with hands-on implementation level knowledge and skill-sets.
SWADLP is awarded by Hack2Secure
Exam Fee = NA
Comments
Post a Comment