By Muthoga Kioni
Information security is only growing in importance. Whatever an organisation’s mission, product or service, its information security is paramount.
Many readers of this column have asked me about IT security courses and certifications, Which is the most suitable and whether these courses are available locally. I will list three essential IT security certifications.
These security certifications can significantly bolster your curriculum vitae and assist in job retention. Generally, choosing a certification is dependent on career road map you have outlined.
Once you have decided that you want to specialise on IT security, it is important to appreciate that the best certification depends on education, skills and goals. For this reason, when pursuing any professional accreditation you should give much care and thought to your experience, skills, goals, education and desired career path.
One of the pre-eminent IT security accreditations is the Certified Information Systems Security Professional (CISSP). This certification is administered by the International Information Systems Security Certification Consortium, commonly known as (ISC)_. It is a global not-for-profit organisation that provides various information security certification programs.
Course requirements
CISSP is a globally respected designed for security industry professionals with at least five years of full-time experience. It is internationally recognised for validating a candidate’s expertise with operations, network and physical security, as well as the ability to manage risk and understand legal compliance and other security related elements.
The exam is particularly daunting. It consists of 250 questions with four options each and is six hours long. You can obtain more information from www.isc2.org.
Another accreditation worth pursuing is Security+ offered by the Computing Technology Industry Association (CompTIA). This certification is vendor neutral and recommends at least two years on-the-job technical networking experience. It validates knowledge on organisational security, cryptography, assessments and audits, access control security systems, access control and network infrastructure.
You can find out more about Security+ from www.comptia.org. There are of course other security certifications out there. The Certified Information Security Manager (CISM) is for security professionals who manage, design, oversee and/or assess an organisation’s information security. CISM is offered by ISACA. The website is www.isaca.org.
Certification in itself is not the end. These certifications should instead be pursued with the aim of enhancing IT security skills and providing an additional competitive advantage that sets you apart from the crowded IT field.
The writer is an ICT Security and Forensic Specialist. Email: bmuthoga@hotmail.com
