The information security certification prospect has become a confusing alphabet soup of competing credentials. A few of the early certifications, like the CISSP from (ISC)2, have become identical for information security professionals both inside and outside of the field. Many in the industry doubt the value of certifications because of their great expectations for InfoSec professionals and their experience with poor performing certified individuals. Certifications are often overestimated, as they cannot replace individual experience and are not a precise measurement of individual skills. Their value is much more explicit when perceived as an educational tool like a college degree.
Global Information Assurance Certification (GIAC) has introduced yet another information security certification, called the GIAC Critical Controls Certification (GCCC), into this already loaded marketplace. This tip will review this new certification — particularly, what it emphasis on, how it corresponds with other prominent InfoSec certs like CISSP and CISA/CISM, and who, if anyone, should think to earn it.
Reasons why GIAC Certifications are In Demand
The top reasons behind the increasing demand for these certifications include:
Higher Usage and Dependency on Digital Devices
We constantly use a computer and other digital mobile devices for making calls, texting messages, surfing the internet, paying bills, accessing email and bank accounts, watching videos and more.
“For better or worse, our lives and our personal/private data are now recorded on these devices moment-by-moment,” says Rob Lee, Curriculum Lead for Digital Forensic Training at the SANS Institute and Director of Mandiant, a major provider of information security consulting services and software to Fortune 500 organizations and the U.S. Government. As a result, offenses, civil litigation matters, and incidents exploiting saved data depend on these devices are increasing.
Rising Security Incidents and Fraud
Incidents such as TJX, Hannaford, Heartland, and this past Independence Day breach are consistently in the news. Security data breach damages are in the millions of dollars. Being able to respond, investigate, and eventually manage these situations effectively is becoming both essential and crucial.
Insider threat is an increasing criminal activity, notably in the event of organizations merging, being hired, and employees being dismissed.
“In today’s economy more people are working remotely, which provides greater opportunities for malicious employees to create harmful attacks,” says Paul Henry, SANS Institute certified instructor in Forensics and cybercrime and President of Forensics & Recovery LLC, an independent network breach and computer forensics investigative company situated in Florida.
Expanding use of Electronically Stored Evidence
Civil lawsuits are observing an increase in the utilization of electronically saved evidence. For criminal cases, it is becoming the standard to collect the subject or victim’s computer, cell phone, and other electronic gadgets in order to help resolve the crime maintains protection.
Easy Operation of Attack Tools: “Also, attack tools have become as easy to use as a point and click cameras,” and organizations more and more are beginning to understand the importance of responding to security incidents, says Frisk.
Overview of the Three Most Sough-After GIAC Certifications
There are over 4,000 GCIH certification holders presently. These professionals have the understanding, skills, and expertise to handle incidents; to recognize common attack techniques and tools, and to protect against and/or respond to such attacks when they happen. GCIH certification holders are qualified to respond to a wide variety of security incidents, extending from unplanned internal security violations at the smaller companies to major international incidents involving governments and Fortune 100 companies.
Individuals accountable for incident handling/incident response; individuals who need an understanding of the current threats to systems and networks, along with efficient countermeasures, are commonly the target audience for GIAC GCIH certification.
“GCIH certified individuals know how to use the same tools and techniques that attackers do and learn to think like an attacker,” says Christopher Carboni, Deputy Technical Director for GIAC. “GIAC-certified individuals, in particular, GCIH, possess the know-how to handle advanced technology and security issues, work very independently and have a distinct self-confidence in handling incidents, which is remarkable in many ways,” says Clay Boswell, GCIH, GCFA, GSEC, CISSP, Information Security Director, Sealed Air Corporation a global manufacturer.
A GCIH certified professional is perfectly suitable for a variety of technical positions comprising incident responder, security operations center analyst, security analyst, security auditor and can often be a stepping stone for positions namely Security architect, director of security and technical director/deputy CISO.
All government federal and state agencies, financial and banking institutions, software vendor companies, advisory firms, intelligence community, IT, and security consulting companies are consistently looking for hiring these professionals.
GCFA is the leading vendor-neutral fall into digital forensic certification category, with more than 1,550 certified individuals. GIAC GCFAs have the skills, expertise, and abilities to execute advanced incidents, conduct incident investigations, legally collect and secure evidence, perform Electronic Evidence Discovery (EED), write forensic reports that can be utilized in litigation, and legally perform a forensic investigation of computers, networks, and hard drives. GCFA-certified personnel is able to present how commercial forensic tools function stepwise and can define the process in a court of law. They are proficient at both live and dead evidence acquisition, along with thorough deep-dive forensic analysis. In addition, certified analysts are capable of articulating and ensuring a definite legal and forensically sound method is practiced in the event that they will require to testify in court.
“We test not only for core computer forensic knowledge, but we also cover areas cutting edge in the field,” says Lee. These areas include memory collection and analysis, restore point examination, registry analysis, and volume shadow analysis. The SANS Institute combines the most advanced techniques to the material multiple times every year. “For example, some elements for Windows 7 are already covered in our material,” indicates Lee.
Job Roles Include:
- Information Security Crime Investigator/Forensic Expert: This professionals analyzes how criminals breached the infrastructure in order to recognize additional systems/networks that have been settled.
- Forensic Analyst: emphasis on collecting and analyzing data from computer systems to track user-based activity that could be utilized internally or in civil/criminal litigation.
- Incident Responder : the first-line defense during the breach.
Three broad industries require qualified digital forensic expertise on a daily basis.
- Information Security: to stop hackers, computer-based attacks, and restore from data breach incidents.
- Legal: Win civil and criminal cases involving electronically stored evidence.
- Law Enforcement/Defense Industrial Base: Arrest and prosecute criminals/Deter enemies
3. GIAC Certified Intrusion Analyst (GCIA)
The GCIA certification has served the needs of the industry since 2000. There are more than 2,000 certified GCIA professionals currently. A holder of the GCIA credential is certain to have a complete understanding of network protocols, traffic and network theory, including normal and malicious fragmentation, abnormal stimulus-response, and TCP/IP fundamentals. They are familiar with attacks against NIDS, network infrastructure, computer systems, and the. They are able to inspect common network traffic patterns and delve into packets when more information is required.
The GCIH addresses individuals responsible for network and host monitoring, intrusion detection, and traffic analysis.
“It is the first and only certification for individuals who monitor networks using Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs),” says, Jeff Pike Technical Director for GIAC.
“There is no other security credential like the GCIA currently being offered by any other certification bodies.” The skills required to complete the GCIA successfully have been in great demand since the certification was introduced, he adds.
Job Roles Include:
Information Security Crime Investigator, Malware Analyst, Network Security Engineer, Incident Responder, Security Analyst, Computer Crime Investigator, Security Operations Center Analyst, and Intrusion Analyst.
All government federal and state agencies, software vendor companies, financial and banking institutions, network and solution hosting companies, pharmaceutical and health service organizations, intelligence community, retail operations, advisory firms, IT and security consulting companies all have a strong requirement for these professionals.