Can a mastery certification in IT security lead to a career?
Malware hits the Mac but is it worth worrying about?
I recently spoke with a US-based not for profit trade association whom I had been introduced to previously as it rolled out a new certification in IT security.
As with technology, other certifications are available, but the security arena seems to be a new one for Comptia. R&D and sales director Rick Bauer said it offered training in IT across many skills, but its move into security was a first with "a new level of complexity".
He said it was gratifying to get security practitioners to collaborate and create an industry-wide credential.
“This is a wonderful opportunity to improve those skills, we are working with the storage industry to create ‘Storage +' as people want to learn how to get from being a server admin to a storage admin. We talk to people and are trying to create certificates,” he said.
“You cannot simply go back to university, a professional cannot do that to make the next move to a larger environment and a better job opportunity.”
As well as the mastery certificate, Bauer also said that a programme called ‘Security +' is offered, while more modules, including one for mobile app development, are being developed.
Speaking specifically on the mastery level in security, Bauer told me that Comptia has had 450 professionals apply for it so far. He said: “There is a gap in the middle with guys who have ten years' experience in delivering cyber security with their eyes set on a CISO career, but who are missing the key skills.
“The US government approached us to do something for security at the network and do enterprise-level research and development across borders. There is a skills gap, most people do not realise that 85 per cent of federal government networks are managed by contractors.
“We are now all digital so can be managed more effectively, but now, in some cases, it is about exposure to the global internet, and this is increasingly a worry for the Department of Homeland Security – how do you get people at school level to think about cyber security?”
Bauer said the key area of the mastery certificate is that it is specifically for individuals with five to seven years' experience in security, and it can be completed offline or in a week intensively.
The exam covers security skills and techniques in enterprise security; risk management; research and analysis; and integration of computing, communications and business disciplines.
When we spoke, the second winner of the Cyber Security Challenge UK had just been announced as 19-year-old Cambridge University computer science student Jonathan Millican. I asked Bauer what he felt of this system with its more social view to entry and keen interest in participation from the entrants.
He said: “I think it is wonderful, the US Cyber Challenge is sponsored by universities and corporates and we sponsor the Cyber Olympics. We realise people have gaming ability, so we say why not take it into security.
“We will see a sea change in IT skills, the new way is to make decisions based on how to do it and why. One of the more innovative points of the exam is we have simulators and the student has to go in and operate the simulator, so we have to try and figure out how to score their performance.”
Bauer said Comptia plans to look more at security in the future, and its Open University-style approach to learning is likely to win fans on both sides of the Atlantic.